From e25e7d7c5089973adf579003788b6bf3a348cfd6 Mon Sep 17 00:00:00 2001 From: cfillekes Date: Tue, 10 May 2022 07:42:39 -0400 Subject: [PATCH 01/22] changes necessary to run on IBM System Z --- prep-nodes.sh | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100755 prep-nodes.sh diff --git a/prep-nodes.sh b/prep-nodes.sh new file mode 100755 index 0000000..84ae09c --- /dev/null +++ b/prep-nodes.sh @@ -0,0 +1,14 @@ +#!/usr/bin/bash + +# need to label the nodes + +for i in `oc get no | grep worker | awk '{print $1}'` +do + oc label node $i test.role=workload + oc label node $i workload=${i} +done + +for i in `oc get no | grep worker | awk '{print $1}' | tail -1` +do + oc label node $i test.role=router --overwrite +done From ca2bfa177a02667d0b50685de90edfae48a4be56 Mon Sep 17 00:00:00 2001 From: cfillekes Date: Tue, 10 May 2022 07:43:50 -0400 Subject: [PATCH 02/22] changes necessary to run on IBM System Z --- clusterrole-fix.yaml | 15 +++++++++ hosts.mysetup | 72 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+) create mode 100644 clusterrole-fix.yaml create mode 100644 hosts.mysetup diff --git a/clusterrole-fix.yaml b/clusterrole-fix.yaml new file mode 100644 index 0000000..f6928fa --- /dev/null +++ b/clusterrole-fix.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: istio-sidecar-injector-istio-system + labels: + app: istio-sidecar-injector + release: istio + istio: sidecar-injector +rules: +- apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] +- apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch", "patch", "create" ] diff --git a/hosts.mysetup b/hosts.mysetup new file mode 100644 index 0000000..3cf3ea8 --- /dev/null +++ b/hosts.mysetup @@ -0,0 +1,72 @@ +[hyperfoil:children] +hyperfoil_controller +hyperfoil_agent + +[hyperfoil_controller] + +[hyperfoil_agent] +localhost + +[hyperfoil:vars] +hyperfoil_jfr=false + +[openshift] +localhost + +[openshift:vars] +proxy_cpu=200m +backend_cpu=300m +backend_type=java + +[compute] + +[all:vars] +oc_username=kubeadmin +#oc_token=sha256~THE-TOKEN +oc_password=THE-CLUSTER-PASSWORD +hyperfoil_deployer=k8s +hyperfoil_controller_protocol=https +hyperfoil_controller_host=hyperfoil.apps.test.perf-lab-myocp4.com +hyperfoil_controller_port=443 +hyperfoil_validate_certs=false +test_rampup_duration=120 +test_steady_duration=300 +test_name=closedmodel +#test_name=shardedwrk +fork=all +http2="true" + +# For open-model +test_users_per_sec=4500 +test_inc_users_per_sec=1500 +# For closed-model +#test_concurrent_users=12000 +#test_shared_connections=5376 +#test_shared_connections=60000 +test_concurrent_users=6000 +test_shared_connections=6000 + +pods_per_dc=1 +num_dc=40 +use_istio=true +#use_istio=false +record_envoy_stats=false +#namespace=plain-scale +#wildcard_domain=plain.apps.test.perf-lab-myocp4.com + +namespace=mesh-scale +control_plane=mesh-control-plane +wildcard_domain=mesh.apps.test.perf-lab-myocp4.com + +#namespace=istio-scale +#control_plane=istio-system +#wildcard_domain=istio.apps.test.perf-lab-myocp4.com + +policy_version=new + +target=gateways +#target=routers +#target=services + +expected_routers=0 +expected_gateways="1" From f0c0744eebc0197180257eeef0eb0090ffb54d7a Mon Sep 17 00:00:00 2001 From: cfillekes Date: Tue, 10 May 2022 08:01:10 -0400 Subject: [PATCH 03/22] Dockerfile and entrypoint script for re-based mannequin imate --- Dockerfile | 27 +++++++++++++++++++++++++++ java-runner.sh | 3 +++ 2 files changed, 30 insertions(+) create mode 100644 Dockerfile create mode 100644 java-runner.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..8baeeed --- /dev/null +++ b/Dockerfile @@ -0,0 +1,27 @@ +#### +# This Dockerfile is used in order to build a container that runs a +# Quarkus application in JVM mode on s390x architecture (IBM System Z) +# +# Before building the docker image run: +# +# mvn package +# +# Then, build the image with: +# +# podman build -f src/main/docker/Dockerfile.jvmZ -t quay.io//mannequin:0.0-z . +# +# Then run the container using: +# +# podman run -i --rm -p 8080:8080 quarkus/mannequin-jvm quay.io//mannequin:0.0-z . +# +# the instructions here are to put it in a public registry (e.g. quay.io) +# so that you can pull it into a pod deployment on OpenShift +# +### +FROM registry.access.redhat.com/ubi8/ubi:latest +RUN dnf -y update && dnf -y install java-1.8.0-openjdk-devel +ENV JAVA_OPTIONS=-Dquarkus.http.host=0.0.0.0 +COPY target/lib/* /deployments/lib/ +COPY target/*-runner.jar /deployments/app.jar +COPY ./java-runner.sh /deployments/java-runner.sh +ENTRYPOINT [ "/deployments/java-runner.sh" ] diff --git a/java-runner.sh b/java-runner.sh new file mode 100644 index 0000000..795d3f3 --- /dev/null +++ b/java-runner.sh @@ -0,0 +1,3 @@ +#!/usr/bin/bash + +java -cp '/deployments/lib/*' -jar /deployments/app.jar From e470e014214e7faa84290c7539f5060a5cb84767 Mon Sep 17 00:00:00 2001 From: cfillekes Date: Wed, 11 May 2022 08:26:54 -0400 Subject: [PATCH 04/22] create a yaml file for the sidecar injector role --- sidecar-injector.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 sidecar-injector.yaml diff --git a/sidecar-injector.yaml b/sidecar-injector.yaml new file mode 100644 index 0000000..f6928fa --- /dev/null +++ b/sidecar-injector.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: istio-sidecar-injector-istio-system + labels: + app: istio-sidecar-injector + release: istio + istio: sidecar-injector +rules: +- apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] +- apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch", "patch", "create" ] From d97d86cda703ea41b25c7a73c6b29079c3d23c24 Mon Sep 17 00:00:00 2001 From: cfillekes Date: Wed, 11 May 2022 14:00:42 -0400 Subject: [PATCH 05/22] reduce cpu allocation --- README.md | 49 +++++++++++++++++++++++++------------------------ dc.yaml.j2 | 5 ++++- setup.yaml | 2 +- smcp_v2.yaml | 2 +- 4 files changed, 31 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index ab7580b..378ae7c 100644 --- a/README.md +++ b/README.md @@ -1,32 +1,33 @@ # Istio/Maistra scalability tests -To get this benchmark running: +## Prerequisites -1. Install OCP and Ansible -2. Login to OCP: `oc login -u system:admin` -3. Install Istio: https://maistra.io/docs/getting_started/install/ +### OCP +### Ansible +### Hyperfoil +### Hyperfoil Ansible task + +```bash +git clone https://github.com/Hyperfoil/hyperfoil_setup.git +cd hyperfoil_setup +ansible-galaxy install hyperfoil.hyperfoil_setup +ansible-galaxy install hyperfoil.hyperfoil_shutdown +ansible-galaxy install hyperfoil.hyperfoil_test +``` + +### Firewall + +## Setup + +1. Install prerequisites +2. Run `prep_nodes.sh` to label the nodes. +3. Login to OCP: `oc login -u system:admin` +4. Install Istio: https://maistra.io/docs/getting_started/install/ - In `controlplane/basic-install` set `gateways.ior_enabled: true` and `mixer.telemetry.enabled: false` - I suggest locating `istio-system` pods on the infra node (the same where the `default/router` resides): `oc patch namespace istio-system -p '{"metadata":{"annotations":{"openshift.io/node-selector":"node-role.kubernetes.io/infra=true"}}}'` - - I had trouble with `clusterrole istio-sidecar-injector-istio-system` - this was not correctly created and I had to fix it manually, applying: -``` - apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: istio-sidecar-injector-istio-system - labels: - app: istio-sidecar-injector - release: istio - istio: sidecar-injector -rules: -- apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "list", "watch"] -- apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations"] - verbs: ["get", "list", "watch", "patch", "create" ] -``` -4. You might need to add the policies: + +5. You might need to add the policies: ``` oc adm policy add-scc-to-user anyuid -z istio-ingress-service-account -n istio-system oc adm policy add-scc-to-user anyuid -z default -n istio-system @@ -61,4 +62,4 @@ rules: * There seems to be a bug in IOR (MAISTRA-356) that is not resolved in the image I use. Therefore you have to manually fix the generated route: `oc get route -n istio-system -l maistra.io/generated-by=ior` `oc patch route -n istio-system app-gateway-xxxxx -p '{ "spec": { "port" : { "targetPort": 443 }}}'` TODO -oc get deployment istio-ingressgateway -o json | jq '.spec.template.spec.containers[].resources.requests={},.spec.template.spec.containers[].args += ["--proxy-concurrency", "4"]' \ No newline at end of file +oc get deployment istio-ingressgateway -o json | jq '.spec.template.spec.containers[].resources.requests={},.spec.template.spec.containers[].args += ["--proxy-concurrency", "4"]' diff --git a/dc.yaml.j2 b/dc.yaml.j2 index 299918f..d19b788 100644 --- a/dc.yaml.j2 +++ b/dc.yaml.j2 @@ -56,8 +56,11 @@ items: operator: Exists effect: NoExecute containers: +{% if backend_type == "java-Z" %} + - image: quay.io/cfilleke/mannequin:0.0-z +{% endif %} {% if backend_type == "java" %} - - image: quay.io/rvansa/mannequin:jvm-latest + - image: quay.io/cfilleke/mannequin:0.0-z {% endif %} {% if backend_type == "native" %} - image: quay.io/rvansa/mannequin:native diff --git a/setup.yaml b/setup.yaml index 7d477a7..240eedd 100644 --- a/setup.yaml +++ b/setup.yaml @@ -6,7 +6,7 @@ num_apps: "{{ (num_dc | int) / 5 }}" - name: Login when: oc_username is defined and oc_password is defined - command: "oc login --username={{ oc_username }} --password={{ oc_password }}" + command: "oc login --username={{ oc_username }} --password={{ oc_password }} --server=api.maistra-qez-49.maistra.upshift.redhat.com:6443" - name: Check namespace presence command: "oc get project {{ namespace }}" register: ns_exists diff --git a/smcp_v2.yaml b/smcp_v2.yaml index e88dadc..71079d9 100644 --- a/smcp_v2.yaml +++ b/smcp_v2.yaml @@ -41,7 +41,7 @@ spec: cpu: "256" memory: 256Gi requests: - cpu: "16" + cpu: "7" memory: 2Gi deployment: autoScaling: From 874a6cbf119f64ef5b1a914e210dd08d784a0bb9 Mon Sep 17 00:00:00 2001 From: Otto van der Schaaf Date: Thu, 29 Sep 2022 12:39:03 +0200 Subject: [PATCH 06/22] Save state Signed-off-by: Otto van der Schaaf --- .gitignore | 1 + dc.yaml.j2 | 2 +- hosts.quicklab | 75 ++++++++++++++++++++++++++++++ loop-namespaces.sh | 42 +++++++++++++++++ service-mesh-delete.sh | 1 + service-mesh-install.sh | 2 +- set_number_of_namespaces.sh | 93 +++++++++++++++++++++++++++++++++++++ setup.yaml | 3 +- smallsleepingpod.yaml | 11 +++++ smcp_v2.yaml | 5 +- test.yaml | 10 +++- 11 files changed, 239 insertions(+), 6 deletions(-) create mode 100644 hosts.quicklab create mode 100755 loop-namespaces.sh create mode 100755 set_number_of_namespaces.sh create mode 100644 smallsleepingpod.yaml diff --git a/.gitignore b/.gitignore index e3569bd..2928a7c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ results istioctl* +sampled_stats/* \ No newline at end of file diff --git a/dc.yaml.j2 b/dc.yaml.j2 index 299918f..edc94fb 100644 --- a/dc.yaml.j2 +++ b/dc.yaml.j2 @@ -47,7 +47,7 @@ items: topologySpreadConstraints: - maxSkew: 1 topologyKey: workload - whenUnsatisfiable: DoNotSchedule + whenUnsatisfiable: ScheduleAnyway labelSelector: matchLabels: app: scale-test diff --git a/hosts.quicklab b/hosts.quicklab new file mode 100644 index 0000000..4394ea5 --- /dev/null +++ b/hosts.quicklab @@ -0,0 +1,75 @@ +[hyperfoil:children] +hyperfoil_controller +hyperfoil_agent + +[hyperfoil_controller] +#hfc ansible_host=f20-h22-000-r620.rdu2.scalelab.redhat.com ansible_user=root + +[hyperfoil_agent] +worker-0.scaletest5.lab.upshift.rdu2.redhat.com ansible_user=quicklab ansible_ssh_private_key_file=~/.ssh/quicklab.key + +[hyperfoil:vars] +hyperfoil_jfr=false +#hyperfoil_log_config=/root/log4j2-trace-jgroups.xml +#hyperfoil_log_config=/home/benchuser/rvansa/log4j2-info.xml +#hyperfoil_controller_debug_port=0.0.0.0:5005 +#hyperfoil_agent_debug_port=0.0.0.0:5006 +#hyperfoil_agent_debug_suspend=y + +[openshift] +localhost + +[openshift:vars] +backend_cpu=300m +backend_type=java + +[compute] +#tbd + +[all:vars] +hyperfoil_distribution=/home/rvansa/workspace/Hyperfoil/distribution/target/distribution +hyperfoil_deployer=k8s +hyperfoil_controller_protocol=https +hyperfoil_controller_host=hyperfoil.apps.scaletest5.lab.upshift.rdu2.redhat.com +hyperfoil_controller_port=443 +hyperfoil_validate_certs=false +test_rampup_duration=120 +test_steady_duration=60 +test_name=closedmodel +#test_name=shardedwrk +fork=all +http2="true" +proxy_cpu=200m + +# For open-model +test_users_per_sec=4500 +test_inc_users_per_sec=1500 +# For closed-model +test_concurrent_users=600 +test_shared_connections=600 + +pods_per_dc=1 +num_dc=5 +use_istio=true +#use_istio=false +record_envoy_stats=false +#namespace=plain-scale +#wildcard_domain=plain.apps.ocp.scalelab + + +namespace=mesh-scale +control_plane=mesh-control-plane +wildcard_domain=mesh.apps.scaletest5.lab.upshift.rdu2.redhat.com + +#namespace=istio-scale +#control_plane=istio-system +#wildcard_domain=istio.apps.ocp.scalelab + +policy_version=new + +target=gateways +#target=routers +#target=services + +expected_routers=0 +expected_gateways="1" diff --git a/loop-namespaces.sh b/loop-namespaces.sh new file mode 100755 index 0000000..3108fdf --- /dev/null +++ b/loop-namespaces.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +set -e +set +x + +# Assumes an up and running openshift install: +# I have worked up to 200 namespaces on my quicklab instance/install which consists of: +# 3 masters - 4cores/28GB, 3workers - 4cores/30GB + +# +# First, install hyperfoil through operatorhub. +# Then, create hyperfoil namespace & deploy hyperfoil to it +# NOTE: last time I have had to replace "hyperfoil.apps.mycloud.example.com" with the real wildcard postfix hyperfoil.apps.scaletest5.lab.upshift.rdu2.redhat.com in the yaml view of "create hyperfoil" +# Now update hyperfoil_agent in the hosts.scalelab file to point the the node that runs this instance (worker-0 usually, it seems) +# (otherwise the ' Upload benchmark template' step in test.yaml will fail) +# e.g. I ended up with +# worker-0.scaletest5.lab.upshift.rdu2.redhat.com ansible_user=quicklab ansible_ssh_private_key_file=~/.ssh/quicklab.key +# +# now assign roles for running the gateway (router) and workload (workload): + +# oc label node/worker-1.scaletest5.lab.upshift.rdu2.redhat.com test.role=router +# oc label node/worker-2.scaletest5.lab.upshift.rdu2.redhat.com test.role=workload + +# You also need to set up ansible for hyperfoil, by running: +# $ ansible-galaxy collection install hyperfoil.hyperfoil_test +# $ ansible-galaxy install hyperfoil.hyperfoil_test +# $ ansible-galaxy install hyperfoil.hyperfoil_setup + +# This will make the gateway run on worker-1 and the app workload on worker-2. +# (if you don't do this, gateway deployment and app deployment will hang) + + +# TODO: Add 2.2 +VERSION=2.1 ./service-mesh-install.sh +ansible-playbook -v -i hosts.quicklab setup.yaml + +for num_namespaces in 200 100 0 ; do + ansible-playbook -e num_namespaces=$num_namespaces -v -i hosts.quicklab test.yaml +done + +./service-mesh-delete.sh + diff --git a/service-mesh-delete.sh b/service-mesh-delete.sh index 15cb23b..9cbe623 100755 --- a/service-mesh-delete.sh +++ b/service-mesh-delete.sh @@ -29,6 +29,7 @@ oc delete validatingwebhookconfiguration openshift-operators.servicemesh-resourc # Operator itself seems to persist oc delete deployment -n openshift-operators istio-operator +oc delete daemonset -n openshift-operators istio-cni-node oc delete daemonset -n openshift-operators istio-node oc delete sa -n openshift-operators istio-operator oc delete sa -n openshift-operators istio-cni diff --git a/service-mesh-install.sh b/service-mesh-install.sh index 546d692..2c23403 100755 --- a/service-mesh-install.sh +++ b/service-mesh-install.sh @@ -33,7 +33,7 @@ do done fi if [ $((RETRY%12)) -eq 11 ]; then - oc delete csv kiali-operator.v1.36.6 -n openshift-operators + oc delete csv kiali-operator.v1.36.6 -n openshift-operators || true fi sleep 5 RETRY=$((RETRY + 1)) diff --git a/set_number_of_namespaces.sh b/set_number_of_namespaces.sh new file mode 100755 index 0000000..a52238c --- /dev/null +++ b/set_number_of_namespaces.sh @@ -0,0 +1,93 @@ +#!/bin/bash + +NUM_NS=${1:-0} +MEASURE_PERIOD=${MEASURE_PERIOD:-120} + +NS_PREFIX=foobar-ns-perftest +EXISTING_PROJECTS=( $(oc projects --short | grep $NS_PREFIX) ) +EXPECTED_PROJECTS=() +CREATED_PROJECTS=() +DELETED_PROJECTS=() + +set -e +# set -x + +function sample_stats() { + echo "sample stats for $2 seconds" + sleep $2 + echo "get and store statistics" + mkdir -p sampled_stats/ + pushd sampled_stats > /dev/null + START=$(date +%s) + END=$(( $START+ $2*1000 )) + STEP="60" + # cpu + oc exec -n openshift-monitoring prometheus-k8s-0 -c prometheus -it -- curl "http://127.0.0.1:9090/api/v1/query_range?start=${START}&end=${END}&step=${STEP}&query=%0A++++++sum%28%0A++++++++kube_pod_resource_request%7Bresource%3D%22cpu%22%7D%0A++++++++*%0A++++++++on%28node%29+group_left%28role%29+%28%0A++++++++++max+by+%28node%29+%28kube_node_role%7Brole%3D%7E%22.%2B%22%7D%29%0A++++++++%29%0A++++++%29%0A++++" > $1_cpu.json + # memory + oc exec -n openshift-monitoring prometheus-k8s-0 -c prometheus -it -- curl "http://127.0.0.1:9090/api/v1/query_range?start=${START}&end=${END}&step=${STEP}&query=%0A++++++sum%28%0A++++++++%28node_memory_MemTotal_bytes+-+node_memory_MemAvailable_bytes%29%0A++++++++*%0A++++++++on%28instance%29+group_left%28role%29+%28%0A++++++++++label_replace%28max+by+%28node%29+%28kube_node_role%7Brole%3D%7E%22.%2B%22%7D%29%2C+%22instance%22%2C+%22%241%22%2C+%22node%22%2C+%22%28.*%29%22%29%0A++++++++%29%0A++++++%29%0A++++" > $1_memory.json + # network rx bandwidth rx + oc exec -n openshift-monitoring prometheus-k8s-0 -c prometheus -it -- curl "http://127.0.0.1:9090/api/v1/query_range?start=${START}&end=${END}&step=${STEP}&query=%0A++++++sum%28%0A++++++++instance%3Anode_network_receive_bytes_excluding_lo%3Arate1m%0A++++++++*%0A++++++++on%28instance%29+group_left%28role%29+%28%0A++++++++++label_replace%28max+by+%28node%29+%28kube_node_role%7Brole%3D%7E%22.%2B%22%7D%29%2C+%22instance%22%2C+%22%241%22%2C+%22node%22%2C+%22%28.*%29%22%29%0A++++++++%29%0A++++++%29%0A++++" > $1_bandwidth_rx.json + # network tx bandwith + oc exec -n openshift-monitoring prometheus-k8s-0 -c prometheus -it -- curl "http://127.0.0.1:9090/api/v1/query_range?start=${START}&end=${END}&step=${STEP}&query=%0A++++++sum%28%0A++++++++instance%3Anode_network_transmit_bytes_excluding_lo%3Arate1m%0A++++++++*%0A++++++++on%28instance%29+group_left%28role%29+%28%0A++++++++++label_replace%28max+by+%28node%29+%28kube_node_role%7Brole%3D%7E%22.%2B%22%7D%29%2C+%22instance%22%2C+%22%241%22%2C+%22node%22%2C+%22%28.*%29%22%29%0A++++++++%29%0A++++++%29%0A++++" > $1_bandwidth_tx.json + popd > /dev/null +} + +oc whoami > /dev/null + +echo "Ensuring that there will be ${NUM_NS} namespaces." + +for ((i=0;i<$NUM_NS;i++)) +do + EXPECTED_PROJECTS+=($NS_PREFIX-${i}) +done + +for value in "${EXISTING_PROJECTS[@]}" +do + if [[ ! " ${EXPECTED_PROJECTS[*]} " =~ " ${value} " ]]; then + echo "delete namespace ${value}" + DELETED_PROJECTS+=(${value}) + oc delete pod --all --namespace="${value}" && oc delete project "${value}" & + else + echo "namespace ${value} already exists, not deleting it" + fi +done + + +for value in "${EXPECTED_PROJECTS[@]}" +do + if [[ ! " ${EXISTING_PROJECTS[*]} " =~ " ${value} " ]]; then + echo "didn't find expected project ${value}" + CREATED_PROJECTS+=(${value}) + # we need to delay launches in order to avoid being rate limited, it seems. + sleep 1 + oc new-project --skip-config-write=true "${value}" && oc create --namespace "${value}" -f smallsleepingpod.yaml & + else + echo "expected namespace ${value} already exists, not creating it" + fi +done + +echo "projects updated, wait for background processes (if any)" +wait < <(jobs -p) +echo "projects updated, wait for project deletion to complete" + +for value in "${DELETED_PROJECTS[@]}" + do + echo "wait for deletion of namespace ${value} to complete" + until [ $( oc projects --short | grep "${value}" | wc -l ) == 0 ] + do + echo -n . + done +done + +for value in "${CREATED_PROJECTS[@]}" +do + echo "wait for newly created namespace ${value} to ready up" + oc wait --for=condition=Ready pods --all --namespace="${value}" +done + +if [ $MEASURE_PERIOD != "0" ]; then + sample_stats "$NUM_NS" "$MEASURE_PERIOD" +fi + +echo "done" +exit 0 diff --git a/setup.yaml b/setup.yaml index 7d477a7..d3ec20d 100644 --- a/setup.yaml +++ b/setup.yaml @@ -1,4 +1,5 @@ - hosts: openshift + connection: local gather_facts: false tasks: - name: Set number of apps @@ -83,7 +84,7 @@ command: "oc delete route --all -n {{ namespace }}" failed_when: false - name: Expose route - command: "oc create route reencrypt app-{{ item }} --cert=/home/rvansa/workspace/mannequin/src/main/resources/domain.crt --key=/home/rvansa/workspace/mannequin/src/main/resources/domain.key --service=app-{{ item }} --port=8443 --hostname=app-{{ item }}.{{ wildcard_domain }}" + command: "oc create route reencrypt app-{{ item }} --cert=/Users/ovanders/code/self-sign-certificate/domain.crt --key=/Users/ovanders/code/self-sign-certificate/domain.key --service=app-{{ item }} --port=8443 --hostname=app-{{ item }}.{{ wildcard_domain }}" loop: "{{ range(1, (num_apps | int) + 1, 1) | list }}" - name: Generate deployment configs include_tasks: generate-dc.yaml diff --git a/smallsleepingpod.yaml b/smallsleepingpod.yaml new file mode 100644 index 0000000..2349251 --- /dev/null +++ b/smallsleepingpod.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Pod +metadata: + name: myapp-pod + labels: + app: myapp +spec: + containers: + - name: myapp-container + image: envoyproxy/nighthawk-dev:latest + command: ['sh', '-c', 'echo The app is running! && sleep 3600'] diff --git a/smcp_v2.yaml b/smcp_v2.yaml index 53ea1dd..857e3e0 100644 --- a/smcp_v2.yaml +++ b/smcp_v2.yaml @@ -41,7 +41,7 @@ spec: cpu: "256" memory: 256Gi requests: - cpu: "16" + cpu: "0.5" memory: 2Gi deployment: autoScaling: @@ -49,6 +49,9 @@ spec: pod: nodeSelector: test.role: router + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists service: {} openshiftRoute: enabled: true diff --git a/test.yaml b/test.yaml index 08389e9..c6b572e 100644 --- a/test.yaml +++ b/test.yaml @@ -15,6 +15,9 @@ tasks: - set_fact: num_apps: "{{ (num_dc | int) // 5 }}" + - name: Check if oc is logged on + shell: "oc whoami" + register: "login_check_cmd" - name: Find workload nodes shell: "oc get node -l test.role=workload -o json | jq -r '.items[].metadata.name'" register: workload_cmd @@ -87,6 +90,9 @@ when: use_istio | bool shell: "oc get po -n {{ control_plane }} -l istio=ingressgateway -o name --no-headers | cut -f 2 -d '/'" register: gateway_pods + - name: Create additional namespaces + shell: "./set_number_of_namespaces.sh {{ num_namespaces }} 0" + register: create_namespaces - name: Get workload pod names shell: "oc get po -n {{ namespace }} -l app=scale-test -o name --no-headers | cut -f 2 -d '/'" register: workload_pods @@ -108,7 +114,7 @@ when: hyperfoil_deployer == "k8s" vars: # run_description: "{{ namespace }}%20R%3D{{ num_routers }}%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20VS%3D{{ virtualservices.stdout }}" - run_description: "sm2.1%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20{{ fork }}%20{{ (http2 == 'true') | ternary('http2', 'http1.1') }}" + run_description: "sm2.1%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20N%3D{{ num_namespaces }}%20{{ fork }}%20{{ (http2 == 'true') | ternary('http2', 'http1.1') }}" - name: Capture info after test when: (use_istio | bool) and (record_envoy_stats | bool) include_tasks: capture-envoy-info.yaml @@ -118,4 +124,4 @@ debug: msg: "Run ID was {{ test_runid }}" - name: Fetch Hyperfoil stats - shell: "curl -s -k {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}:{{ hyperfoil_controller_port}}/run/{{ test_runid }}/stats/all -H 'accept: application/json' > /tmp/hf_{{ test_runid }}_r{{ num_routers }}_g{{ num_gateways }}_d{{ num_dc }}.json" + shell: "curl -s -k {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}:{{ hyperfoil_controller_port}}/run/{{ test_runid }}/stats/all -H 'accept: application/json' > /tmp/hf_{{ test_runid }}_r{{ num_routers }}_g{{ num_gateways }}_n{{ num_namespaces }}_d{{ num_dc }}.json" From 9946f8fc1f888052c4f9a74693269dffa10d6816 Mon Sep 17 00:00:00 2001 From: Otto van der Schaaf Date: Tue, 4 Oct 2022 07:36:27 +0200 Subject: [PATCH 07/22] Update smmr when adding namespaces --- set_number_of_namespaces.sh | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/set_number_of_namespaces.sh b/set_number_of_namespaces.sh index a52238c..4cafa64 100755 --- a/set_number_of_namespaces.sh +++ b/set_number_of_namespaces.sh @@ -35,10 +35,12 @@ function sample_stats() { oc whoami > /dev/null echo "Ensuring that there will be ${NUM_NS} namespaces." +cp smmr.yaml smmr_with_added_namespaces.yaml for ((i=0;i<$NUM_NS;i++)) do EXPECTED_PROJECTS+=($NS_PREFIX-${i}) + echo " - $NS_PREFIX-${i}" >> smmr_with_added_namespaces.yaml done for value in "${EXISTING_PROJECTS[@]}" @@ -85,9 +87,15 @@ do oc wait --for=condition=Ready pods --all --namespace="${value}" done +# Include the current set of namespaces in the mesh, and wait for it to catch up +oc apply -f smmr_with_added_namespaces.yaml +oc wait --for condition=Ready -n mesh-control-plane smcp/basic-install --timeout 1800s +oc wait --for condition=Ready -n mesh-control-plane smmr/default --timeout 1800s + if [ $MEASURE_PERIOD != "0" ]; then sample_stats "$NUM_NS" "$MEASURE_PERIOD" fi -echo "done" +echo "done" +rm smmr_with_added_namespaces.yaml exit 0 From 62f7ea1403ec8a4ec749fb7ea1568fdc5d82bb8a Mon Sep 17 00:00:00 2001 From: Otto van der Schaaf Date: Wed, 1 Feb 2023 12:25:59 +0100 Subject: [PATCH 08/22] tweaks to get this to work again Signed-off-by: Otto van der Schaaf --- benchmarks/closedmodel.yaml.j2 | 6 +++--- hosts.quicklab | 7 +++---- loop-namespaces.sh | 30 +++++++++++++++++++----------- set_number_of_namespaces.sh | 2 +- setup.yaml | 2 +- 5 files changed, 27 insertions(+), 20 deletions(-) diff --git a/benchmarks/closedmodel.yaml.j2 b/benchmarks/closedmodel.yaml.j2 index bd30a8a..d264b02 100644 --- a/benchmarks/closedmodel.yaml.j2 +++ b/benchmarks/closedmodel.yaml.j2 @@ -54,7 +54,7 @@ phases: - test: - httpRequest: GET: /mersennePrime?p=${p} - authority: app-${hostIndex}.{{ wildcard_domain }}:443 + authority: app-${hostIndex}.{{ wildcard_domain }} headers: x-variant: fromVar: variant @@ -75,7 +75,7 @@ phases: - test: - httpRequest: GET: /proxy?p=${p}&url=http://app-${hostIndex}:8080/mersennePrime?p=${p} - authority: app-${hostIndex}.{{ wildcard_domain }}:443 + authority: app-${hostIndex}.{{ wildcard_domain }} headers: x-variant: fromVar: variant @@ -103,7 +103,7 @@ phases: max: 20 - httpRequest: GET: /db?p=${p}&host=app-${hostIndex}&size=${size} - authority: app-${hostIndex}.{{ wildcard_domain }}:443 + authority: app-${hostIndex}.{{ wildcard_domain }} headers: x-variant: fromVar: variant diff --git a/hosts.quicklab b/hosts.quicklab index 4394ea5..65dd912 100644 --- a/hosts.quicklab +++ b/hosts.quicklab @@ -6,8 +6,7 @@ hyperfoil_agent #hfc ansible_host=f20-h22-000-r620.rdu2.scalelab.redhat.com ansible_user=root [hyperfoil_agent] -worker-0.scaletest5.lab.upshift.rdu2.redhat.com ansible_user=quicklab ansible_ssh_private_key_file=~/.ssh/quicklab.key - +worker-2.scaletest.lab.psi.pnq2.redhat.com ansible_user=quicklab ansible_ssh_private_key_file=~/.ssh/quicklab.key [hyperfoil:vars] hyperfoil_jfr=false #hyperfoil_log_config=/root/log4j2-trace-jgroups.xml @@ -30,7 +29,7 @@ backend_type=java hyperfoil_distribution=/home/rvansa/workspace/Hyperfoil/distribution/target/distribution hyperfoil_deployer=k8s hyperfoil_controller_protocol=https -hyperfoil_controller_host=hyperfoil.apps.scaletest5.lab.upshift.rdu2.redhat.com +hyperfoil_controller_host=hyperfoil.apps.scaletest.lab.psi.pnq2.redhat.com hyperfoil_controller_port=443 hyperfoil_validate_certs=false test_rampup_duration=120 @@ -59,7 +58,7 @@ record_envoy_stats=false namespace=mesh-scale control_plane=mesh-control-plane -wildcard_domain=mesh.apps.scaletest5.lab.upshift.rdu2.redhat.com +wildcard_domain=mesh.apps.scaletest.lab.psi.pnq2.redhat.com #namespace=istio-scale #control_plane=istio-system diff --git a/loop-namespaces.sh b/loop-namespaces.sh index 3108fdf..c9d6942 100755 --- a/loop-namespaces.sh +++ b/loop-namespaces.sh @@ -3,40 +3,48 @@ set -e set +x -# Assumes an up and running openshift install: +# This script performs setup & execution of load test over a cluster with a +# decreasing amount of namespaces. + +# This documentation assumes an up and running openshift install: # I have worked up to 200 namespaces on my quicklab instance/install which consists of: # 3 masters - 4cores/28GB, 3workers - 4cores/30GB -# # First, install hyperfoil through operatorhub. -# Then, create hyperfoil namespace & deploy hyperfoil to it -# NOTE: last time I have had to replace "hyperfoil.apps.mycloud.example.com" with the real wildcard postfix hyperfoil.apps.scaletest5.lab.upshift.rdu2.redhat.com in the yaml view of "create hyperfoil" -# Now update hyperfoil_agent in the hosts.scalelab file to point the the node that runs this instance (worker-0 usually, it seems) +# Then, create a namespace called "hyperfoil" and deploy hyperfoil to it +# NOTE: last time I have had to replace "hyperfoil.apps.mycloud.example.com" with the +# real wildcard postfix hyperfoil.apps.scaletest5.lab.upshift.rdu2.redhat.com in the yaml view of "create hyperfoil" +# Now update hyperfoil_agent in the hosts.scalelab file to point the the node that runs this hyperfoil pod/instance # (otherwise the ' Upload benchmark template' step in test.yaml will fail) # e.g. I ended up with # worker-0.scaletest5.lab.upshift.rdu2.redhat.com ansible_user=quicklab ansible_ssh_private_key_file=~/.ssh/quicklab.key +# The quicklab.key file can be obtained from the quicklab cluster details web page. # # now assign roles for running the gateway (router) and workload (workload): # oc label node/worker-1.scaletest5.lab.upshift.rdu2.redhat.com test.role=router # oc label node/worker-2.scaletest5.lab.upshift.rdu2.redhat.com test.role=workload -# You also need to set up ansible for hyperfoil, by running: +# Ideally the load generator, workload and gateway are not competing for resources during test execution. +# This will make the gateway run on worker-1 and the app workload on worker-2. +# (if you don't do this, gateway deployment and app deployment may hang during test setup) + +# You may also need to set up ansible for hyperfoil, by running: # $ ansible-galaxy collection install hyperfoil.hyperfoil_test # $ ansible-galaxy install hyperfoil.hyperfoil_test # $ ansible-galaxy install hyperfoil.hyperfoil_setup -# This will make the gateway run on worker-1 and the app workload on worker-2. -# (if you don't do this, gateway deployment and app deployment will hang) - -# TODO: Add 2.2 +# Install OSSM VERSION=2.1 ./service-mesh-install.sh +# Set up the test prerequisites ansible-playbook -v -i hosts.quicklab setup.yaml -for num_namespaces in 200 100 0 ; do +# Iterate over a decreasing number of namespaces +for num_namespaces in 10 0 ; do ansible-playbook -e num_namespaces=$num_namespaces -v -i hosts.quicklab test.yaml done +# Clean up the mesh. ./service-mesh-delete.sh diff --git a/set_number_of_namespaces.sh b/set_number_of_namespaces.sh index 4cafa64..43d0988 100755 --- a/set_number_of_namespaces.sh +++ b/set_number_of_namespaces.sh @@ -97,5 +97,5 @@ if [ $MEASURE_PERIOD != "0" ]; then fi echo "done" -rm smmr_with_added_namespaces.yaml +rm smmr_with_added_namespaces.yaml || true exit 0 diff --git a/setup.yaml b/setup.yaml index d3ec20d..3df0acc 100644 --- a/setup.yaml +++ b/setup.yaml @@ -84,7 +84,7 @@ command: "oc delete route --all -n {{ namespace }}" failed_when: false - name: Expose route - command: "oc create route reencrypt app-{{ item }} --cert=/Users/ovanders/code/self-sign-certificate/domain.crt --key=/Users/ovanders/code/self-sign-certificate/domain.key --service=app-{{ item }} --port=8443 --hostname=app-{{ item }}.{{ wildcard_domain }}" + command: "oc create route reencrypt app-{{ item }} --cert=/home/oschaaf/self-sign-certificate/domain.crt --key=/home/oschaaf/self-sign-certificate/domain.key --service=app-{{ item }} --port=8443 --hostname=app-{{ item }}.{{ wildcard_domain }}" loop: "{{ range(1, (num_apps | int) + 1, 1) | list }}" - name: Generate deployment configs include_tasks: generate-dc.yaml From 1e2b7e5b330bfc28e6cc2658aa5ee1c727dd945f Mon Sep 17 00:00:00 2001 From: Ankita Sengupta Date: Wed, 6 Dec 2023 16:11:23 +0530 Subject: [PATCH 09/22] local test --- hosts.ankita | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++ setup.yaml | 2 +- 2 files changed, 73 insertions(+), 1 deletion(-) create mode 100644 hosts.ankita diff --git a/hosts.ankita b/hosts.ankita new file mode 100644 index 0000000..fa24abe --- /dev/null +++ b/hosts.ankita @@ -0,0 +1,72 @@ +[hyperfoil:children] +hyperfoil_controller +hyperfoil_agent + +[hyperfoil_controller] + +[hyperfoil_agent] +localhost + +[hyperfoil:vars] +hyperfoil_jfr=false + +[openshift] +localhost + +[openshift:vars] +proxy_cpu=200m +backend_cpu=300m +backend_type=java + +[compute] + +[all:vars] +oc_username=kubeadmin +#oc_token=sha256~THE-TOKEN +oc_password=THE-CLUSTER-PASSWORD +hyperfoil_deployer=k8s +hyperfoil_controller_protocol=https +hyperfoil_controller_host=hyperfoil-hyperfoil.apps.ocp1.tt.testing +hyperfoil_controller_port=443 +hyperfoil_validate_certs=false +test_rampup_duration=120 +test_steady_duration=300 +test_name=closedmodel +#test_name=shardedwrk +fork=all +http2="true" + +# For open-model +test_users_per_sec=4500 +test_inc_users_per_sec=1500 +# For closed-model +#test_concurrent_users=12000 +#test_shared_connections=5376 +#test_shared_connections=60000 +test_concurrent_users=6000 +test_shared_connections=6000 + +pods_per_dc=1 +num_dc=5 +use_istio=true +#use_istio=false +record_envoy_stats=false +#namespace=plain-scale +#wildcard_domain=plain.apps.test.ocp1.tt.testing + +namespace=mesh-scale +control_plane=mesh-control-plane +wildcard_domain=mesh.apps.test.ocp1.tt.testing + +#namespace=istio-scale +#control_plane=istio-system +#wildcard_domain=istio.apps.test.ocp1.tt.testing + +policy_version=new + +target=gateways +#target=routers +#target=services + +expected_routers=0 +expected_gateways="1" diff --git a/setup.yaml b/setup.yaml index c34b59e..1286bc7 100644 --- a/setup.yaml +++ b/setup.yaml @@ -7,7 +7,7 @@ num_apps: "{{ (num_dc | int) / 5 }}" - name: Login when: oc_username is defined and oc_password is defined - command: "oc login --username={{ oc_username }} --password={{ oc_password }} --server=api.maistra-qez-49.maistra.upshift.redhat.com:6443" + command: "oc login --username={{ oc_username }} --password={{ oc_password }} --server=api.ocp1.tt.testing:6443" - name: Check namespace presence command: "oc get project {{ namespace }}" register: ns_exists From 4a6788f5d3541ed9cb030ea6f6587dba7cddfc5c Mon Sep 17 00:00:00 2001 From: Ankita Sengupta Date: Wed, 6 Dec 2023 20:16:50 +0530 Subject: [PATCH 10/22] local test --- setup.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/setup.yaml b/setup.yaml index 1286bc7..433bd1e 100644 --- a/setup.yaml +++ b/setup.yaml @@ -84,12 +84,12 @@ command: "oc delete route --all -n {{ namespace }}" failed_when: false - name: Expose route - command: "oc create route reencrypt app-{{ item }} --cert=/home/oschaaf/self-sign-certificate/domain.crt --key=/home/oschaaf/self-sign-certificate/domain.key --service=app-{{ item }} --port=8443 --hostname=app-{{ item }}.{{ wildcard_domain }}" + command: "oc expose svc app-{{ item }}" loop: "{{ range(1, (num_apps | int) + 1, 1) | list }}" - name: Generate deployment configs include_tasks: generate-dc.yaml - name: Wait for pods to come up shell: "{{ playbook_dir }}/wait-for-pods.sh {{ namespace }} \"{{ pod_pattern }}\" {{ num_dc }}" -- hosts: hyperfoil_controller - roles: - - hyperfoil.hyperfoil_setup +# - hosts: hyperfoil_controller +# roles: +# - hyperfoil.hyperfoil_setup From feffa32debf0ff63d3e8d50b8e3be6b4395f2f30 Mon Sep 17 00:00:00 2001 From: Ankita Sengupta Date: Mon, 11 Dec 2023 11:06:04 +0530 Subject: [PATCH 11/22] changes for current ossm --- DeploymentExample.yml | 101 +++++++++++++++++++++++++++++++ dc.yaml.j2 => deployment.yaml.j2 | 12 +++- dr-auth.yml | 10 +++ generate-dc.yaml | 4 +- routing.yaml.j2 | 12 +++- 5 files changed, 134 insertions(+), 5 deletions(-) create mode 100644 DeploymentExample.yml rename dc.yaml.j2 => deployment.yaml.j2 (93%) create mode 100644 dr-auth.yml diff --git a/DeploymentExample.yml b/DeploymentExample.yml new file mode 100644 index 0000000..4de1dc3 --- /dev/null +++ b/DeploymentExample.yml @@ -0,0 +1,101 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: scale-test + version: "1.0" + name: app-2-n + namespace: mesh-scale +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: scale-test + app.index: application-1 + app.variant: stable + deploymentconfig: app-2 + version: "1.0" + strategy: + activeDeadlineSeconds: 21600 + recreateParams: + timeoutSeconds: 600 + resources: {} + type: Recreate + template: + metadata: + annotations: + sidecar.istio.io/concurrency: "1" + sidecar.istio.io/inject: "true" + sidecar.istio.io/proxyCPU: 200m + sidecar.istio.io/proxyCPULimit: 1000m + sidecar.istio.io/statsInclusionPrefixes: listener,cluster.outbound + creationTimestamp: null + labels: + app: scale-test + app.index: application-1 + app.variant: stable + deploymentconfig: app-2 + version: "1.0" + spec: + containers: + - env: + - name: NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: VARIANT + value: canary + - name: JAVA_OPTIONS + value: | + -Dvertx.logger-delegate-factory-class-name=io.vertx.core.logging.Log4j2LogDelegateFactory + image: quay.io/cfilleke/mannequin:0.0-z + imagePullPolicy: Always + name: mannequin + ports: + - containerPort: 8080 + protocol: TCP + readinessProbe: + exec: + command: + - curl + - localhost:8080/ + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 300m + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/certs + name: certs + dnsPolicy: ClusterFirst + nodeSelector: + test.role: workload + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: workload + operator: Exists + topologySpreadConstraints: + - labelSelector: + matchLabels: + app: scale-test + maxSkew: 1 + topologyKey: workload + whenUnsatisfiable: ScheduleAnyway + volumes: + - name: certs + secret: + defaultMode: 420 + secretName: app-1 + test: false + triggers: + - type: ConfigChange \ No newline at end of file diff --git a/dc.yaml.j2 b/deployment.yaml.j2 similarity index 93% rename from dc.yaml.j2 rename to deployment.yaml.j2 index 7c80443..f7e0813 100644 --- a/dc.yaml.j2 +++ b/deployment.yaml.j2 @@ -7,8 +7,8 @@ items: {% else %} {% set app_variant = "stable" %} {% endif %} -- apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig +- apiVersion: apps/v1 + kind: Deployment metadata: labels: app: scale-test @@ -17,6 +17,14 @@ items: namespace: {{ namespace }} spec: replicas: {{ pods_per_dc }} + selector: + matchLabels: + app: scale-test + deploymentconfig: app-{{ index }} + app.index: application-{{ (index + 4) // 5 }} + app.variant: {{ app_variant }} + # Kiali would complain if there were no version label + version: "1.0" strategy: type: Recreate template: diff --git a/dr-auth.yml b/dr-auth.yml new file mode 100644 index 0000000..91db2fc --- /dev/null +++ b/dr-auth.yml @@ -0,0 +1,10 @@ +apiVersion: "networking.istio.io/v1alpha3" +kind: "DestinationRule" +metadata: + name: "default" + namespace: "istio-system" +spec: + host: "*.local" + trafficPolicy: + tls: + mode: ISTIO_MUTUAL \ No newline at end of file diff --git a/generate-dc.yaml b/generate-dc.yaml index 8cc24a2..95c1b23 100644 --- a/generate-dc.yaml +++ b/generate-dc.yaml @@ -1,11 +1,11 @@ - name: Pick temp file tempfile: - prefix: dc- + prefix: deployment- suffix: .yaml register: resources - name: Generate deployment configs template: - src: dc.yaml.j2 + src: deployment.yaml.j2 dest: "{{ resources.path }}" - name: Apply resources command: "oc apply -f {{ resources.path }}" diff --git a/routing.yaml.j2 b/routing.yaml.j2 index 690a7d0..0740f74 100644 --- a/routing.yaml.j2 +++ b/routing.yaml.j2 @@ -185,4 +185,14 @@ items: portLevelMtls: 5432: mode: DISABLE -{% endif %} \ No newline at end of file +{% endif %} +- apiVersion: "networking.istio.io/v1alpha3" + kind: "DestinationRule" + metadata: + name: "default" + namespace: {{ control_plane }} + spec: + host: "*.local" + trafficPolicy: + tls: + mode: ISTIO_MUTUAL \ No newline at end of file From 9547358a06fe61c9bc0be77281e50182d9f4b6e6 Mon Sep 17 00:00:00 2001 From: Ankita Sengupta Date: Tue, 12 Dec 2023 16:01:28 +0530 Subject: [PATCH 12/22] run test for s390x --- benchmarks/closedmodel.yaml.j2 | 7 ++++--- test.yaml | 11 ++++++----- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/benchmarks/closedmodel.yaml.j2 b/benchmarks/closedmodel.yaml.j2 index d264b02..6069bfd 100644 --- a/benchmarks/closedmodel.yaml.j2 +++ b/benchmarks/closedmodel.yaml.j2 @@ -4,14 +4,15 @@ agents: extras: -XX:+UseShenandoahGC # -XX:StartFlightRecording=delay=30s,duration=150s,disk=true,filename=/tmp/recording.jfr,settings=profile #stop: false -{% for agent in groups[hyperfoil_agent_group] %} {% if hyperfoil_deployer == "k8s" %} {{ agent }}: - node: {{ agent }} + image: quay.io/ibm-z-performance/hyperfoil:0.25 + pod-cpu: "2000m" + pod-memory: "2Gi" + {% else %} {{ agent }}: {{ hostvars[agent]['ansible_host'] }}:{{ hyperfoil_agent_port }} {% endif %} -{% endfor %} threads: 50 http: {% for index in range(1, (num_apps | int) + 1) %} diff --git a/test.yaml b/test.yaml index 3c07b34..5f21cea 100644 --- a/test.yaml +++ b/test.yaml @@ -117,9 +117,9 @@ when: use_istio shell: "oc get po -n {{ control_plane }} -l istio=ingressgateway -o name --no-headers | cut -f 2 -d '/'" register: gateway_pods - - name: Create additional namespaces - shell: "./set_number_of_namespaces.sh {{ num_namespaces }} 0" - register: create_namespaces + # - name: Create additional namespaces + # shell: "./set_number_of_namespaces.sh {{ num_namespaces }} 0" + # register: create_namespaces - name: Get workload pod names shell: "oc get po -n {{ namespace }} -l app=scale-test -o name --no-headers | cut -f 2 -d '/'" register: workload_pods @@ -141,7 +141,8 @@ when: hyperfoil_deployer == "k8s" vars: # run_description: "{{ namespace }}%20R%3D{{ num_routers }}%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20VS%3D{{ virtualservices.stdout }}" - run_description: "sm2.1%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20N%3D{{ num_namespaces }}%20{{ fork }}%20{{ (http2 == 'true') | ternary('http2', 'http1.1') }}" +# run_description: "sm2.1%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20N%3D{{ num_namespaces }}%20{{ fork }}%20{{ (http2 == 'true') | ternary('http2', 'http1.1') }}" + run_description: "sm2.1%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20{{ fork }}%20{{ (http2 == 'true') | ternary('http2', 'http1.1') }}" - name: Capture info after test when: use_istio and record_envoy_stats include_tasks: capture-envoy-info.yaml @@ -151,4 +152,4 @@ debug: msg: "Run ID was {{ test_runid }}" - name: Fetch Hyperfoil stats - shell: "curl -s -k {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}:{{ hyperfoil_controller_port}}/run/{{ test_runid }}/stats/all -H 'accept: application/json' > /tmp/hf_{{ test_runid }}_r{{ num_routers }}_g{{ num_gateways }}_n{{ num_namespaces }}_d{{ num_dc }}.json" + shell: "curl -s -k {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}:{{ hyperfoil_controller_port}}/run/{{ test_runid }}/stats/all -H 'accept: application/json' > /tmp/hf_{{ test_runid }}_r{{ num_routers }}_g{{ num_gateways }}_d{{ num_dc }}.json" \ No newline at end of file From 7169d1a0e358834f2ec224c07f565a712add0553 Mon Sep 17 00:00:00 2001 From: Ankita Sengupta Date: Tue, 12 Dec 2023 16:15:37 +0530 Subject: [PATCH 13/22] run test for s390x --- test.yaml | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/test.yaml b/test.yaml index 5f21cea..b82bcc7 100644 --- a/test.yaml +++ b/test.yaml @@ -1,16 +1,5 @@ -# Gather facts -- hosts: hyperfoil - ignore_unreachable: true - tasks: [] -- hosts: hyperfoil_controller - tasks: - - name: Start test - include_role: - name: hyperfoil.hyperfoil_test - when: hyperfoil_deployer == "ssh" - vars: - test_name: test - hosts: openshift + connection: local tasks: - set_fact: http2: "{{ http2 | default('true', true) }}" From 98594654d95ffe862bb6867cbeb2b0f86690b80b Mon Sep 17 00:00:00 2001 From: root Date: Tue, 12 Dec 2023 17:44:34 +0100 Subject: [PATCH 14/22] changes for s390x testing --- benchmarks/closedmodel.yaml.j2 | 7 +- check-services.sh | 7 +- hosts.ankita | 23 +++--- roles/.DS_Store | Bin 0 -> 6148 bytes .../hyperfoil_test/benchmarks/example.yaml.j2 | 17 +++++ roles/hyperfoil_test/defaults/main.yml | 8 ++ roles/hyperfoil_test/meta/main.yml | 20 +++++ roles/hyperfoil_test/tasks/main.yml | 69 ++++++++++++++++++ roles/hyperfoil_test/templates/curl.j2 | 1 + setup.yaml | 2 +- test.yaml | 16 ++-- 11 files changed, 140 insertions(+), 30 deletions(-) create mode 100644 roles/.DS_Store create mode 100644 roles/hyperfoil_test/benchmarks/example.yaml.j2 create mode 100644 roles/hyperfoil_test/defaults/main.yml create mode 100644 roles/hyperfoil_test/meta/main.yml create mode 100644 roles/hyperfoil_test/tasks/main.yml create mode 100644 roles/hyperfoil_test/templates/curl.j2 diff --git a/benchmarks/closedmodel.yaml.j2 b/benchmarks/closedmodel.yaml.j2 index 6069bfd..92a27c8 100644 --- a/benchmarks/closedmodel.yaml.j2 +++ b/benchmarks/closedmodel.yaml.j2 @@ -1,15 +1,10 @@ name: closedmodel agents: - default: - extras: -XX:+UseShenandoahGC - # -XX:StartFlightRecording=delay=30s,duration=150s,disk=true,filename=/tmp/recording.jfr,settings=profile - #stop: false {% if hyperfoil_deployer == "k8s" %} {{ agent }}: image: quay.io/ibm-z-performance/hyperfoil:0.25 pod-cpu: "2000m" pod-memory: "2Gi" - {% else %} {{ agent }}: {{ hostvars[agent]['ansible_host'] }}:{{ hyperfoil_agent_port }} {% endif %} @@ -129,4 +124,4 @@ phases: forks: simple: *simple proxy: *proxy - db: *db \ No newline at end of file + db: *db diff --git a/check-services.sh b/check-services.sh index d094882..92aa5f6 100755 --- a/check-services.sh +++ b/check-services.sh @@ -3,10 +3,10 @@ DOMAIN=$1 NUM_APPS=$2 -REPLICAS=$(oc get deployment -n mesh-control-plane istio-ingressgateway -o json | jq -r .spec.replicas) +REPLICAS=$(oc get deployment -n istio-system istio-ingressgateway -o json | jq -r .spec.replicas) echo "Waiting for all gateways to come up" while true; do - RUNNING=$(oc get po -n mesh-control-plane -l app=istio-ingressgateway --field-selector 'status.phase=Running' --no-headers | wc -l) + RUNNING=$(oc get po -n istio-system -l app=istio-ingressgateway --field-selector 'status.phase=Running' --no-headers | wc -l) if [ $RUNNING -eq $REPLICAS ]; then break; fi sleep 1; done @@ -28,5 +28,4 @@ if [ $STATUS = "ok" ]; then fi echo "Deleting ingress gateway" -oc delete po -n mesh-control-plane -l app=istio-ingressgateway -exit 1; \ No newline at end of file +exit 1; diff --git a/hosts.ankita b/hosts.ankita index fa24abe..1675b91 100644 --- a/hosts.ankita +++ b/hosts.ankita @@ -16,35 +16,36 @@ localhost [openshift:vars] proxy_cpu=200m backend_cpu=300m -backend_type=java +backend_type=java-Z [compute] [all:vars] oc_username=kubeadmin #oc_token=sha256~THE-TOKEN -oc_password=THE-CLUSTER-PASSWORD +oc_password=**** hyperfoil_deployer=k8s -hyperfoil_controller_protocol=https +hyperfoil_controller_protocol=http hyperfoil_controller_host=hyperfoil-hyperfoil.apps.ocp1.tt.testing hyperfoil_controller_port=443 hyperfoil_validate_certs=false -test_rampup_duration=120 -test_steady_duration=300 +test_rampup_duration=10s +test_steady_duration=10s test_name=closedmodel #test_name=shardedwrk fork=all http2="true" +agent=agent-one # For open-model -test_users_per_sec=4500 -test_inc_users_per_sec=1500 +test_users_per_sec=10 +test_inc_users_per_sec=5 # For closed-model #test_concurrent_users=12000 #test_shared_connections=5376 #test_shared_connections=60000 -test_concurrent_users=6000 -test_shared_connections=6000 +test_concurrent_users=10 +test_shared_connections=10 pods_per_dc=1 num_dc=5 @@ -55,11 +56,11 @@ record_envoy_stats=false #wildcard_domain=plain.apps.test.ocp1.tt.testing namespace=mesh-scale -control_plane=mesh-control-plane +#control_plane=mesh-control-plane wildcard_domain=mesh.apps.test.ocp1.tt.testing #namespace=istio-scale -#control_plane=istio-system +control_plane=istio-system #wildcard_domain=istio.apps.test.ocp1.tt.testing policy_version=new diff --git a/roles/.DS_Store b/roles/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..f249570fe68aee1f3c7ecda3cb1b5662ea272668 GIT binary patch literal 6148 zcmeHKyG{c!5S)b+C()!#>0jUvtSEc|KLFvNIw?g+e-+=wr)Bn05FK=(iDsqs*y|lz zp5pcvfNf9XBd`WA&>ivR!_s`;ePMSMF(RF3oG{@N$MN_!EwX`0hG`eFioD<{I!68}z;)>xg&ZCzg zHV+Vc;he|_&5}w?s#S|&NoTxOUN4*zlMbuq!|G{{ hyperfoil_validate_certs }}<" +- name: Upload benchmark template + shell: + "{{ lookup('template', 'templates/curl.j2') }} -L --post302 {{ '-k' if not (hyperfoil_validate_certs | bool) else '' }} \ + {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}/benchmark" + register: curl_cmd + failed_when: curl_cmd.rc > 1 +- name: Start benchmark + uri: + url: "{{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}/benchmark/{{ test_name }}/start{{ ('?desc=' + run_description ) if run_description is defined else '' }}" + status_code: "202" + validate_certs: "{{ hyperfoil_validate_certs | bool }}" + register: test_run +- name: Set run ID + set_fact: + test_runid: "{{ test_run.location | urlsplit('path') | basename }}" +- name: Log run ID + debug: + msg: "Benchmark URI: {{ test_run.location }} -> {{ test_runid }}" +- name: Poll benchmark completion + uri: + url: "{{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}/run/{{ test_runid }}/stats/recent" + validate_certs: "{{ hyperfoil_validate_certs | bool }}" + return_content: true + register: test_status + # Ansible 2.7 does not support include_tasks in do-until loop so we need to inline the condition + # See https://github.com/ansible/ansible/issues/46203 for details + until: test_status | from_json | json_query('terminated') + delay: 5 + retries: 100000 + ignore_errors: true +- name: Test Status + debug: + msg: "Test Status {{ test_status }} " diff --git a/roles/hyperfoil_test/templates/curl.j2 b/roles/hyperfoil_test/templates/curl.j2 new file mode 100644 index 0000000..d092cce --- /dev/null +++ b/roles/hyperfoil_test/templates/curl.j2 @@ -0,0 +1 @@ +curl -f -X POST -F "benchmark=@{{ benchmark_file }};filename={{ benchmark_file }}" {% for upload in test_files %} -F "file{{loop.index}}=@{{upload}};filename={{upload}}" {% endfor %} \ No newline at end of file diff --git a/setup.yaml b/setup.yaml index 433bd1e..aef59e1 100644 --- a/setup.yaml +++ b/setup.yaml @@ -7,7 +7,7 @@ num_apps: "{{ (num_dc | int) / 5 }}" - name: Login when: oc_username is defined and oc_password is defined - command: "oc login --username={{ oc_username }} --password={{ oc_password }} --server=api.ocp1.tt.testing:6443" + command: "oc login --username={{ oc_username }} --password={{ oc_password }} --server=api.ocp1.ocp1.tt.testing:6443" - name: Check namespace presence command: "oc get project {{ namespace }}" register: ns_exists diff --git a/test.yaml b/test.yaml index b82bcc7..68fec22 100644 --- a/test.yaml +++ b/test.yaml @@ -54,12 +54,12 @@ when: "(max_pods | int) - (min_pods | int) > 1" fail: msg: "Unbalanced pods: min = {{ min_pods }}, max = {{ max_pods }} " - - name: Make sure all services are reachable - shell: "{{ playbook_dir }}/check-services.sh {{ wildcard_domain }} {{ num_apps }}" - register: services_result - until: services_result.rc == 0 - retries: 10 - delay: 10 +# - name: Make sure all services are reachable +# shell: "{{ playbook_dir }}/check-services.sh {{ wildcard_domain }} {{ num_apps }}" +# register: services_result +# until: services_result.rc == 0 +# retries: 10 +# delay: 10 - when: target == 'routers' block: - name: Find routers @@ -126,7 +126,7 @@ jid: "{{ item.ansible_job_id }}" - name: Start test include_role: - name: hyperfoil.hyperfoil_test + name: hyperfoil_test when: hyperfoil_deployer == "k8s" vars: # run_description: "{{ namespace }}%20R%3D{{ num_routers }}%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20VS%3D{{ virtualservices.stdout }}" @@ -141,4 +141,4 @@ debug: msg: "Run ID was {{ test_runid }}" - name: Fetch Hyperfoil stats - shell: "curl -s -k {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}:{{ hyperfoil_controller_port}}/run/{{ test_runid }}/stats/all -H 'accept: application/json' > /tmp/hf_{{ test_runid }}_r{{ num_routers }}_g{{ num_gateways }}_d{{ num_dc }}.json" \ No newline at end of file + shell: "curl -s -k {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}/run/{{ test_runid }}/stats/all -H 'accept: application/json' > /tmp/hf_{{ test_runid }}_r{{ num_routers }}_g{{ num_gateways }}_d{{ num_dc }}.json" From 3e5bbda1b701bcbdd4df99f3b1a953e9154f14be Mon Sep 17 00:00:00 2001 From: root Date: Wed, 13 Dec 2023 16:36:16 +0100 Subject: [PATCH 15/22] fix for exporting result --- roles/hyperfoil_test/tasks/main.yml | 6 +----- test.yaml | 2 +- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/roles/hyperfoil_test/tasks/main.yml b/roles/hyperfoil_test/tasks/main.yml index d61d81a..ccac2bb 100644 --- a/roles/hyperfoil_test/tasks/main.yml +++ b/roles/hyperfoil_test/tasks/main.yml @@ -60,10 +60,6 @@ register: test_status # Ansible 2.7 does not support include_tasks in do-until loop so we need to inline the condition # See https://github.com/ansible/ansible/issues/46203 for details - until: test_status | from_json | json_query('terminated') + until: test_status.json.status == "TERMINATED" delay: 5 retries: 100000 - ignore_errors: true -- name: Test Status - debug: - msg: "Test Status {{ test_status }} " diff --git a/test.yaml b/test.yaml index 68fec22..36e094a 100644 --- a/test.yaml +++ b/test.yaml @@ -141,4 +141,4 @@ debug: msg: "Run ID was {{ test_runid }}" - name: Fetch Hyperfoil stats - shell: "curl -s -k {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}/run/{{ test_runid }}/stats/all -H 'accept: application/json' > /tmp/hf_{{ test_runid }}_r{{ num_routers }}_g{{ num_gateways }}_d{{ num_dc }}.json" + shell: "curl -s -k -L {{ hyperfoil_controller_protocol }}://{{ hyperfoil_controller_host }}/run/{{ test_runid }}/stats/all -H 'accept: application/json' > /tmp/hf_{{ test_runid }}_r{{ num_routers }}_g{{ num_gateways }}_d{{ num_dc }}.json" From 2fd38aec07511690d5061dc933ad7d35a3081588 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 8 Jan 2024 16:36:26 +0100 Subject: [PATCH 16/22] changes for testing without ossm --- benchmarks/closedmodel-withoutossm.yaml.j2 | 73 +++++++++++++++++++++ hosts.ankita => hosts.withossm | 0 hosts.withoutossm | 74 ++++++++++++++++++++++ oc-routes.yaml.j2 | 27 ++++++++ setup.yaml | 23 +++++-- test.yaml | 28 ++++---- 6 files changed, 205 insertions(+), 20 deletions(-) create mode 100644 benchmarks/closedmodel-withoutossm.yaml.j2 rename hosts.ankita => hosts.withossm (100%) create mode 100644 hosts.withoutossm create mode 100644 oc-routes.yaml.j2 diff --git a/benchmarks/closedmodel-withoutossm.yaml.j2 b/benchmarks/closedmodel-withoutossm.yaml.j2 new file mode 100644 index 0000000..e73b5f8 --- /dev/null +++ b/benchmarks/closedmodel-withoutossm.yaml.j2 @@ -0,0 +1,73 @@ +name: closedmodel-withoutossm +agents: +{% if hyperfoil_deployer == "k8s" %} + {{ agent }}: + image: quay.io/ibm-z-performance/hyperfoil:0.25 + pod-cpu: "4000m" + pod-memory: "4Gi" +{% else %} + {{ agent }}: {{ hostvars[agent]['ansible_host'] }}:{{ hyperfoil_agent_port }} +{% endif %} +threads: 50 +http: +{% for index in range(1, (num_apps | int) + 1) %} +- host: https://app-{{ index }}.{{ wildcard_domain }} + allowHttp2: {{ http2 }} + sharedConnections: {{ (test_shared_connections | default(100, true)) // (num_apps | int) }} +{% endfor %} +phases: +- warmup: + always: + isWarmup: true + users: {{ test_concurrent_users }} + duration: {{ test_rampup_duration }} + forks: + simple: &simple + weight: {{ (fork == "simple" or fork == "all") | ternary(1, 0) }} + scenario: + - params: ¶ms + - set: p <- 1 + - randomInt: + toVar: hostIndex + min: 1 + max: {{ num_apps }} + - test: + - httpRequest: + GET: /mersennePrime?p=${p} + authority: app-${hostIndex}.{{ wildcard_domain }} + sla: + errorRatio: 0.1 + proxy: &proxy + weight: {{ (fork == "proxy" or fork == "all") | ternary(1, 0) }} + scenario: + - params: *params + - test: + - httpRequest: + GET: /proxy?p=${p}&url=http://app-${hostIndex}:8080/mersennePrime?p=${p} + authority: app-${hostIndex}.{{ wildcard_domain }} + sla: + errorRatio: 0.1 + db: &db + weight: {{ (fork == "db" or fork == "all") | ternary(1, 0) }} + scenario: + - params: *params + - test: + - randomInt: + toVar: size + min: 5 + max: 20 + - httpRequest: + GET: /db?p=${p}&host=app-${hostIndex}&size=${size} + authority: app-${hostIndex}.{{ wildcard_domain }} + sla: + errorRatio: 0.1 +- steady: + always: + users: {{ test_concurrent_users }} + duration: {{ test_steady_duration }} + startAfter: warmup + forks: + simple: *simple + proxy: *proxy + db: *db + diff --git a/hosts.ankita b/hosts.withossm similarity index 100% rename from hosts.ankita rename to hosts.withossm diff --git a/hosts.withoutossm b/hosts.withoutossm new file mode 100644 index 0000000..5450fdb --- /dev/null +++ b/hosts.withoutossm @@ -0,0 +1,74 @@ +[hyperfoil:children] +hyperfoil_controller +hyperfoil_agent + +[hyperfoil_controller] + +[hyperfoil_agent] +localhost + +[hyperfoil:vars] +hyperfoil_jfr=false + +[openshift] +localhost + +[openshift:vars] +proxy_cpu=200m +backend_cpu=300m +backend_type=java-Z + +[compute] + +[all:vars] +oc_username=kubeadmin +#oc_token=sha256~THE-TOKEN +oc_password=**** +hyperfoil_deployer=k8s +hyperfoil_controller_protocol=http +hyperfoil_controller_host=hyperfoil-hyperfoil.apps.ocp1.tt.testing +hyperfoil_controller_port=443 +hyperfoil_validate_certs=false +test_rampup_duration=10s +test_steady_duration=10s +test_name=closedmodel-withoutossm +#test_name=shardedwrk +fork=all +http2="true" +agent=agent-one +single_node=true + +# For open-model +test_users_per_sec=10 +test_inc_users_per_sec=5 +# For closed-model +#test_concurrent_users=12000 +#test_shared_connections=5376 +#test_shared_connections=60000 +test_concurrent_users=10 +test_shared_connections=200 + +pods_per_dc=1 +num_dc=5 +#use_istio=true +use_istio=false +record_envoy_stats=false +#namespace=plain-scale +#wildcard_domain=plain.apps.test.ocp1.tt.testing + +namespace=mesh-scale +#control_plane=mesh-control-plane +wildcard_domain=mesh.apps.test.ocp1.a3elp50.lnxero1.boe + +#namespace=istio-scale +control_plane=istio-system +#wildcard_domain=istio.apps.test.ocp1.tt.testing + +policy_version=new + +#target=gateways +target=routers +#target=services + +expected_routers="1" +expected_gateways="0" diff --git a/oc-routes.yaml.j2 b/oc-routes.yaml.j2 new file mode 100644 index 0000000..b3d3834 --- /dev/null +++ b/oc-routes.yaml.j2 @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: List +items: +{% for index in range(1, (num_apps | int) + 1) %} +- apiVersion: route.openshift.io/v1 + kind: Route + metadata: + annotations: + haproxy.router.openshift.io/balance: roundrobin + haproxy.router.openshift.io/disable_cookies: "true" + haproxy.router.openshift.io/x-variant: stable + labels: + app: scale-test + name: app-{{ index }} + namespace: {{ namespace }} + spec: + host: app-{{ index }}.{{ wildcard_domain }} + port: + targetPort: http-8080 + tls: + termination: edge + to: + kind: Service + name: app-{{ index }} + weight: 100 + wildcardPolicy: None +{% endfor %} diff --git a/setup.yaml b/setup.yaml index aef59e1..3a0f8a2 100644 --- a/setup.yaml +++ b/setup.yaml @@ -5,9 +5,9 @@ - name: Set number of apps set_fact: num_apps: "{{ (num_dc | int) / 5 }}" - - name: Login - when: oc_username is defined and oc_password is defined - command: "oc login --username={{ oc_username }} --password={{ oc_password }} --server=api.ocp1.ocp1.tt.testing:6443" + #- name: Login + # when: oc_username is defined and oc_password is defined + # command: "oc login --username={{ oc_username }} --password={{ oc_password }} --server=api.ocp1.a3elp50.lnxero1.boe:6443" - name: Check namespace presence command: "oc get project {{ namespace }}" register: ns_exists @@ -83,9 +83,20 @@ - name: Drop existing routes command: "oc delete route --all -n {{ namespace }}" failed_when: false - - name: Expose route - command: "oc expose svc app-{{ item }}" - loop: "{{ range(1, (num_apps | int) + 1, 1) | list }}" + - name: Get temporary route files + tempfile: + prefix: oc-routes- + suffix: .yaml + register: ocroutes + - name: Generate route CRs + template: + src: oc-routes.yaml.j2 + dest: "{{ ocroutes.path }}" + - name: Apply routes + command: "oc apply -f {{ ocroutes.path }}" + #- name: Expose route + # command: "oc expose svc app-{{ item }}" + # loop: "{{ range(1, (num_apps | int) + 1, 1) | list }}" - name: Generate deployment configs include_tasks: generate-dc.yaml - name: Wait for pods to come up diff --git a/test.yaml b/test.yaml index 36e094a..351cd88 100644 --- a/test.yaml +++ b/test.yaml @@ -15,13 +15,13 @@ loop: "{{ workload_cmd.stdout.split() }}" shell: "oc get pod -n {{ namespace }} --field-selector=spec.nodeName={{item}},status.phase=Running -o json | jq '.items | length'" register: workload_counts - - name: Calculate pod count difference - set_fact: - min_pods: "{{ workload_counts.results | map(attribute='stdout') | list | min }}" - max_pods: "{{ workload_counts.results | map(attribute='stdout') | list | max }}" - total_pods: "{{ workload_counts.results | map(attribute='stdout') | list | map('int') | sum }}" - record_envoy_stats: "{{ record_envoy_stats | default('false', true) | bool }}" - use_istio: "{{ use_istio | default('true', true) | bool }}" +# - name: Calculate pod count difference + # set_fact: + # min_pods: "{{ workload_counts.results | map(attribute='stdout') | list | min }}" + # max_pods: "{{ workload_counts.results | map(attribute='stdout') | list | max }}" + # total_pods: "{{ workload_counts.results | map(attribute='stdout') | list | map('int') | sum }}" + # record_envoy_stats: "{{ record_envoy_stats | default('false', true) | bool }}" + #use_istio: "{{ use_istio | default('true', true) | bool }}" - when: single_node is not defined block: - name: Find workload nodes @@ -55,11 +55,11 @@ fail: msg: "Unbalanced pods: min = {{ min_pods }}, max = {{ max_pods }} " # - name: Make sure all services are reachable -# shell: "{{ playbook_dir }}/check-services.sh {{ wildcard_domain }} {{ num_apps }}" -# register: services_result -# until: services_result.rc == 0 -# retries: 10 -# delay: 10 +# shell: "{{ playbook_dir }}/check-services.sh {{ wildcard_domain }} {{ num_apps }}" +# register: services_result +# until: services_result.rc == 0 +# retries: 10 +# delay: 10 - when: target == 'routers' block: - name: Find routers @@ -120,7 +120,7 @@ poll: 0 register: stats_reset - name: Wait for the info - when: use_istio and record_envoy_stats + when: use_istio and record_envoy_stats | bool loop: "{{ stats_reset.results }}" async_status: jid: "{{ item.ansible_job_id }}" @@ -133,7 +133,7 @@ # run_description: "sm2.1%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20N%3D{{ num_namespaces }}%20{{ fork }}%20{{ (http2 == 'true') | ternary('http2', 'http1.1') }}" run_description: "sm2.1%20G%3D{{ num_gateways }}%20P%3D{{ total_pods }}%20{{ fork }}%20{{ (http2 == 'true') | ternary('http2', 'http1.1') }}" - name: Capture info after test - when: use_istio and record_envoy_stats + when: use_istio and record_envoy_stats | bool include_tasks: capture-envoy-info.yaml vars: dest: "/tmp/envoy_{{test_runid}}_r{{ num_routers }}_g{{ num_gateways }}_d{{ num_dc }}.zip" From 18197d8593145505f2cfb074788d991879ac2043 Mon Sep 17 00:00:00 2001 From: ankitasgupta <150230442+ankitasgupta@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:18:04 +0530 Subject: [PATCH 17/22] Update README.md --- README.md | 55 ++++++++++++++++++++----------------------------------- 1 file changed, 20 insertions(+), 35 deletions(-) diff --git a/README.md b/README.md index 378ae7c..05038fb 100644 --- a/README.md +++ b/README.md @@ -5,15 +5,8 @@ ### OCP ### Ansible ### Hyperfoil -### Hyperfoil Ansible task -```bash -git clone https://github.com/Hyperfoil/hyperfoil_setup.git -cd hyperfoil_setup -ansible-galaxy install hyperfoil.hyperfoil_setup -ansible-galaxy install hyperfoil.hyperfoil_shutdown -ansible-galaxy install hyperfoil.hyperfoil_test -``` +https://github.ibm.com/Openshift-Addons-Performance/Openshift-performance-Docs-IBM-Z ### Firewall @@ -22,33 +15,25 @@ ansible-galaxy install hyperfoil.hyperfoil_test 1. Install prerequisites 2. Run `prep_nodes.sh` to label the nodes. 3. Login to OCP: `oc login -u system:admin` -4. Install Istio: https://maistra.io/docs/getting_started/install/ - - In `controlplane/basic-install` set `gateways.ior_enabled: true` and `mixer.telemetry.enabled: false` - - I suggest locating `istio-system` pods on the infra node (the same where the `default/router` resides): - `oc patch namespace istio-system -p '{"metadata":{"annotations":{"openshift.io/node-selector":"node-role.kubernetes.io/infra=true"}}}'` - -5. You might need to add the policies: - ``` - oc adm policy add-scc-to-user anyuid -z istio-ingress-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z default -n istio-system - oc adm policy add-scc-to-user anyuid -z prometheus -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-egressgateway-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-citadel-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-ingressgateway-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-cleanup-old-ca-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-mixer-post-install-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-mixer-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-pilot-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-sidecar-injector-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-galley-service-account -n istio-system - oc adm policy add-scc-to-user anyuid -z istio-security-post-install-account -n istio-system - ``` -5. Allow wildcard routes: `oc set env dc/router ROUTER_ALLOW_WILDCARD_ROUTES=true -n default` (not possible in OCP 4.1) -6. Create hosts.* according to your system -7. Run the setup (now everything should be automatized): - `ansible-playbook -i hosts.mysetup setup.yaml` -8. Start the test: - `ansible-playbook -i hosts.mysetup test.yaml` +4. Install Hyperfoil +## Test with OSSM + 1. Install Istio: https://maistra.io/docs/getting_started/install/ + - In `controlplane/basic-install` set `gateways.ior_enabled: true` and `mixer.telemetry.enabled: false` + - I suggest locating `istio-system` pods on the infra node (the same where the `default/router` resides): + `oc patch namespace istio-system -p '{"metadata":{"annotations":{"openshift.io/node-selector":"node-role.kubernetes.io/infra=true"}}}'` + 2. Create hosts.* according to your system + 3. Run the setup (now everything should be automatized): + `ansible-playbook -i hosts.withossm setup.yaml` + 4. Start the test: + `ansible-playbook -i hosts.withossm test.yaml` + +## Test without OSSM + 1. Create hosts.* according to your system + 2. Run the setup (now everything should be automatized): + `ansible-playbook -i hosts.withoutossm setup.yaml` + 3. Start the test: + `ansible-playbook -i hosts.withoutossm test.yaml` + ## Hints: From 26be2ed32a25bf0ad75d6872bb41a3887fa4ee54 Mon Sep 17 00:00:00 2001 From: ankitasgupta <150230442+ankitasgupta@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:18:34 +0530 Subject: [PATCH 18/22] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 05038fb..a7b7c88 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ https://github.ibm.com/Openshift-Addons-Performance/Openshift-performance-Docs-I 1. Install prerequisites 2. Run `prep_nodes.sh` to label the nodes. 3. Login to OCP: `oc login -u system:admin` -4. Install Hyperfoil + ## Test with OSSM 1. Install Istio: https://maistra.io/docs/getting_started/install/ - In `controlplane/basic-install` set `gateways.ior_enabled: true` and `mixer.telemetry.enabled: false` From 6c9de9fce97aeffdc5c45ecbd6ce9cce1455b9e6 Mon Sep 17 00:00:00 2001 From: ankitasgupta <150230442+ankitasgupta@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:19:39 +0530 Subject: [PATCH 19/22] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a7b7c88..7e2e397 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ https://github.ibm.com/Openshift-Addons-Performance/Openshift-performance-Docs-I 3. Login to OCP: `oc login -u system:admin` ## Test with OSSM - 1. Install Istio: https://maistra.io/docs/getting_started/install/ + 1. Install OSSM - In `controlplane/basic-install` set `gateways.ior_enabled: true` and `mixer.telemetry.enabled: false` - I suggest locating `istio-system` pods on the infra node (the same where the `default/router` resides): `oc patch namespace istio-system -p '{"metadata":{"annotations":{"openshift.io/node-selector":"node-role.kubernetes.io/infra=true"}}}'` From 6cd865762d7ab7a8e4fbcd91a4b584a233c51cf2 Mon Sep 17 00:00:00 2001 From: ankitasgupta <150230442+ankitasgupta@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:20:19 +0530 Subject: [PATCH 20/22] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 7e2e397..9e45cc7 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,9 @@ ## Prerequisites -### OCP -### Ansible -### Hyperfoil +### 1. OCP +### 2. Ansible +### 3. Hyperfoil https://github.ibm.com/Openshift-Addons-Performance/Openshift-performance-Docs-IBM-Z From 21d85c542119f090ada4b433c02bfb5202abc543 Mon Sep 17 00:00:00 2001 From: ankitasgupta <150230442+ankitasgupta@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:20:54 +0530 Subject: [PATCH 21/22] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9e45cc7..e7ed92c 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ https://github.ibm.com/Openshift-Addons-Performance/Openshift-performance-Docs-IBM-Z -### Firewall +### 4. Firewall ## Setup From 74f15ccee03d1d256240c3f5fd62196eeeb10ed7 Mon Sep 17 00:00:00 2001 From: ankitasgupta <150230442+ankitasgupta@users.noreply.github.com> Date: Tue, 7 May 2024 15:09:15 +0530 Subject: [PATCH 22/22] Update Dockerfile for java 11 --- Dockerfile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8baeeed..a9a24b9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ # # Then, build the image with: # -# podman build -f src/main/docker/Dockerfile.jvmZ -t quay.io//mannequin:0.0-z . +# podman build -f Dockerfile.Z -t quay.io//mannequin:0.0-z . # # Then run the container using: # @@ -18,10 +18,11 @@ # so that you can pull it into a pod deployment on OpenShift # ### -FROM registry.access.redhat.com/ubi8/ubi:latest -RUN dnf -y update && dnf -y install java-1.8.0-openjdk-devel +FROM registry.access.redhat.com/ubi9/ubi:latest +RUN yum install -y java-11-openjdk.s390x ENV JAVA_OPTIONS=-Dquarkus.http.host=0.0.0.0 COPY target/lib/* /deployments/lib/ COPY target/*-runner.jar /deployments/app.jar COPY ./java-runner.sh /deployments/java-runner.sh +RUN chmod a+x /deployments/java-runner.sh ENTRYPOINT [ "/deployments/java-runner.sh" ]