bcgov / DITP-DevOps

Digital Identity and Trust Program Team's DevOps Documentation Repository
Apache License 2.0
2 stars 6 forks source link

Run a Formal OpenShift Traction/Mediator Load Test #149

Closed esune closed 9 months ago

esune commented 10 months ago

Once the OpenShift Traction/Mediator environment is setup and useful, coordinate with @WadeBarnes to run a formal load test. In doing that:

Once the test is complete, document the findings, including what bottlenecks were found, what transaction rates were achieved before hitting bottlenecks, what intermittent errors occurred, what are recommended next steps, and so on.

If the limit was found to be the load generator (yay!!) we'll next define ways to increase the load, such as adding load through other Locust generators, or moving to AWS. If the limit was found to be the OpenShift/Traction/ACA-Py environment, we'll need to investigate where the bottlenecks were found, and what to do about them.

Gavinok commented 10 months ago

As of now we are limited by my PC. To work around this we will make use of multiple systems at a time. Here is the current .env file used for running the initial attempt at a load test.

# -*- mode:shell-script; -*-
# docker-compose.yml commands won't work out of the box -
# please make sure to update the command according to your environment.
MEDIATION_URL=<mediator_url>

# If clustered environment
MASTER_HOST= # external ip
MASTER_PORT=8089
AGENT_IP= # external ip (load balancer if clustered)

# Period an agent will wait before running another ping
LOCUST_MIN_WAIT=0.05
LOCUST_MAX_WAIT=0.1

ISSUER_URL=https://traction-sandbox-tenant-proxy.apps.silver.devops.gov.bc.ca
# Needs to be a bearier entry using the encoded JWT
ISSUER_HEADERS={"Authorization":"Bearer <JWT-HERE>"}
VERIFIER_URL=https://traction-sandbox-tenant-proxy.apps.silver.devops.gov.bc.ca
# Needs to be a bearier entry using the encoded JWT to another tenant
VERIFIER_HEADERS={"Authorization":"Bearer <JWT-HERE>"}

CRED_DEF=LjFT93n4TcoUZZ8b5CcwMp:3:CL:249336:default # anchor cred def
LEDGER=bcovrin # or candy or whichever ledger is your preference
# lookup in project for bcovern
CRED_ATTR='[{"mime-type": "text/plain","name": "score","value": "test"}]'
SCHEMA="LjFT93n4TcoUZZ8b5CcwMp:2:load_testing_prefs:1.0" # anchor schema
VERIFIED_TIMEOUT_SECONDS=60 # seconds for verified: true

WITH_MEDIATION=True
#LOCUST_FILES=locustMediatorPing.py
#LOCUST_FILES=locustMediatorMsg.py
LOCUST_FILES=locustMediatorIssue.py
# LOCUST_FILES=locustMediatorPresentProof.py

# Increase the END_PORT if you want to run a lot of agents in parallel
# If doing large clustering, it is recommended to increase ports exposed
START_PORT=10000
END_PORT=10100

MESSAGE_TO_SEND="Lorem ipsum dolor sit amet consectetur, adipiscing elit nisi aptent rutrum varius, class non nullam etiam. Ac purus donec morbi litora vivamus nec semper suscipit vehicula, aliquet parturient leo mollis in mauris quis nisi tincidunt, sociis accumsan senectus pellentesque erat cras sociosqu phasellus augue, posuere ligula scelerisque tempus dapibus enim torquent facilisi. Imperdiet gravida justo conubia congue senectus porta vivamus netus rhoncus nec, mauris tristique semper feugiat natoque nunc nibh montes dapibus proin, egestas luctus sollicitudin maecenas malesuada pharetra eleifend nam ultrices. Iaculis fringilla penatibus dictumst varius enim elementum justo senectus, pretium mauris cum vel tempor gravida lacinia auctor a, cursus sed euismod scelerisque vivamus netus aenean. Montes iaculis dui platea blandit mattis nec urna, diam ridiculus augue tellus vivamus justo nulla, auctor hendrerit aenean arcu venenatis tristique feugiat, odio pellentesque purus nascetur netus fringilla. S."

# Mediator Configuration
MEDIATOR_DNS=mediator

# Aca-py configuration
ACAPY_GENESIS_URL=http://test.bcovrin.vonx.io/genesis
ACCOUNT="test"
PASSWORD="test"
ADMIN_ACCOUNT="test"
ADMIN_PASSWORD="test"
WadeBarnes commented 10 months ago

@Gavinok, What's the general process of acquiring the JWTs for the issue and verifier?

Gavinok commented 10 months ago

If you need to refresh the JWT simply login as one of the tenants and navigate to the Developer view under the JWT Token copy the Encoded JWT