Closed ashensw closed 10 months ago
Our initial step was conducting a competitive analysis [1], through which we identified the various aspects that require attention for scaling and recommending performance enhancements for the identity server.
We acknowledged that utilizing more graphical representations would provide better clarity, and metrics such as CPU utilization could assist in identifying bottlenecks. To accomplish this, we can utilize the Apache JMeter dashboard [2], coupled with the Merge Results JMeter plugin [3].
Response Times Over Time - SAML2 SSO Redirect Binding [2 Node 2 Core Deployment]
CPU Utilization Over Time - SAML2 SSO Redirect Binding [2 Node 2 Core Deployment]
The following information can be extracted using the aws cli [1][2] capabilities.
IS Instance 01 - CPU utilization (%)
IS Instance 02 - CPU utilization (%)
DB Instance - CPU utilization (%)
[1] Competitive Analysis [2] https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/US_SingleMetricPerInstance.html [3] https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/metrics_dimensions.html
Considering only critical path when publishing performance benchmarks for WSO2 Identity Server. Based on feedback from the SA team, we will remove throughput data from the benchmarks as it is not essential for capacity planning. Furthermore, as an improvement, we have introduced a random delay for the related test cases to simulate a real-world scenario. In real-world scenarios, there is usually a delay in the login page when the end user enters login credentials. By incorporating this delay, we can expect the response time to be more reflective of actual scenarios. Incorporated both 3-node and 4-node deployments and produced corresponding performance metrics. Incorporated burst traffic into our performance test plan to showcase how the system handles sudden increases in traffic.
For more information please refer to the mail thread - Presenting our performance results in an optimal way to do capacity planning for our customers
As per the requested changes the updated performance results were published for the following flows.
Next steps:
Onboard following scenarios based on priority
We have published performance results for a selected set of scenarios of IS 6.1.0 with the enhanced representation of the performance metrics. We have addressed all the requested suggestions and improved the representation.
Following are the selected set of performance test flows.
Additionally, we have identified that in the OIDC Auth Code Grant Redirect With Consent flow, when we request user attributes in the access token or the id token, the AWS RDS database goes to 100% CPU utilization even for 500 concurrency. Currently, we are tracking it in the issue [2] and will analyse it further.
summary-graph.md [1] file where we have provided the comparison performance plots of the tested flows.
Finalized Performance Test Flows - 7.0.0 Release
Finalized summary - https://github.com/wso2/performance-is/blob/performance-graphs/benchmarks/6.1.0/performance_visualization_v2/summary-graph.md
[1] https://github.com/wso2/product-is/issues/17060
Mail thread - Presenting our performance results in an optimal way to do capacity planning for our customers
Is your suggestion related to an experience? Please describe.
Based on different requirements, scaling and performance recommendations for WSO2 Identity Server must be properly evaluated and documented. Need to revisit the existing way of presenting the performance numbers in IS and make the required changes to make it more informative for the following scenarios.