search

falcosecurity / cncf-green-review-testing

Falco configurations intended for testing with the CNCF Green Reviews Working Group
Apache License 2.0
1 stars 2 forks source link

[Discussion] How to Deploy Synthetic Workloads for Falco Testing #3

Closed incertum closed 5 months ago

incertum commented 7 months ago

Related to https://github.com/falcosecurity/cncf-green-review-testing/issues/2

Unclear yet is how to deploy the https://github.com/falcosecurity/cncf-green-review-testing/tree/main/kustomize/synthetic-workloads (hosted in this repo) so that enough replicas run on each knode for each driver. The current setup is just to get us going and not what will work in the end.

Plus we also still don't know how to truly make them more realistic.

Please note that deploying the Google microservices demo we all already agreed upon is best done over the CNCF TAG repo as we can already reference a ready to use setup https://github.com/GoogleCloudPlatform/microservices-demo/tree/main/kustomize.

CC @nikimanoledaki

poiana commented 7 months ago

There is not a label identifying the kind of this issue. Please specify it either using /kind <group> or manually from the side menu.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
incertum commented 7 months ago

Please note that deploying the Google microservices demo we all already agreed upon is best done over the CNCF TAG repo as we can already reference a ready to use setup https://github.com/GoogleCloudPlatform/microservices-demo/tree/main/kustomize.

CC @nikimanoledaki

Noticing a related open PR already https://github.com/cncf-tags/green-reviews-tooling/pull/13

In addition, need to discuss how to generate traffic against such demo micro-services. k6 load testing framework was brought up in prior discussions.

nikimanoledaki commented 5 months ago

Some updates:

Noticing a related open PR already https://github.com/cncf-tags/green-reviews-tooling/pull/13

The microservice demo PR was merged today. We need to validate that the deployment is good to go. Then we'll open another PR to comment it out (#GitOps) so that Flux removes it so that it's not running as we gather metrics for idle Falco.

need to discuss how to generate traffic against such demo micro-services.

I wrote a +/- list for a GitHub Action workflow with self-hosted runners (using ARC) in the design doc, would really appreciate your feedback:

k6 load testing framework was brought up in prior discussions.

We're not quite there yet - we'll focus on this right after the metrics-gathering effort for idle Falco :) I'm conscious that the GCP microservice demo project doesn't have a client so we'll either have to use a rudimentary script with a loop of curl commands or use k6. A colleague create a handy demo of the later (using the k6 disruptor - not exactly what we will do but close enough): https://github.com/grafana/xk6-disruptor-demo/tree/main/demos/online-boutique#the-test-script

Now that all the infrastructure is setup and the necessary applications have been deployed, our immediate priority at the moment is to surface the right metrics from the environment, make sure contributors (such as yourself) have the right access to the metrics, and visualising these metrics in a Grafana dashboard.