Skip to content
This repository has been archived by the owner on Dec 1, 2024. It is now read-only.

Commit

Permalink
FIX after review
Browse files Browse the repository at this point in the history
  • Loading branch information
@gabriel-farache
gabriel-farache committed Apr 25, 2022
1 parent 8328a4a commit 601e0db
Show file tree
Hide file tree
Showing 13 changed files with 243 additions and 266 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,3 +13,4 @@

# Dependency directories (remove the comment below to include it)
# vendor/
*.log
0 payload.json → ...es/edgedevice-registration-simple.json.in
View file
File renamed without changes.
16 changes: 10 additions & 6 deletions scripts/create_output_streams.sh
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,11 @@
#!/bin/bash
touch ${TEST_DIR}/${DEVICE_ID}_register.out
touch ${TEST_DIR}/${DEVICE_ID}_register.err
touch ${TEST_DIR}/${DEVICE_ID}_get_updates.err
touch ${TEST_DIR}/${DEVICE_ID}_get_updates.out
touch ${TEST_DIR}/${DEVICE_ID}_hearthbeat.out
touch ${TEST_DIR}/${DEVICE_ID}_hearthbeat.err
mkdir -p ${REGISTRATION_FOLDER}
mkdir -p ${GET_UPDATES_FOLDER}
mkdir -p ${HEARTBEAT_FOLDER}

touch ${REGISTRATION_FOLDER}/${DEVICE_ID}_register.out
touch ${REGISTRATION_FOLDER}/${DEVICE_ID}_register.err
touch ${GET_UPDATES_FOLDER}/${DEVICE_ID}_get_updates.err
touch ${GET_UPDATES_FOLDER}/${DEVICE_ID}_get_updates.out
touch ${HEARTBEAT_FOLDER}/${DEVICE_ID}_heartbeat.out
touch ${HEARTBEAT_FOLDER}/${DEVICE_ID}_heartbeat.err
11 changes: 8 additions & 3 deletions scripts/generate_certs.sh
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,13 @@
#!/bin/bash
if [[ -z "${CERTS_FOLDER}" ]]; then
export CERTS_FOLDER="${test_dir}/certs"
echo "CERTS_FOLDER no defined, setting it to ${CERTS_FOLDER}"
fi
mkdir -p $CERTS_FOLDER

# make get-certs
kubectl -n flotta get secrets flotta-ca --template="{{index .data \"ca.crt\" | base64decode}}" >${test_dir}/${DEVICE_ID}_ca.pem
kubectl -n flotta get secrets flotta-ca --template="{{index .data \"ca.crt\" | base64decode}}" > ${CERTS_FOLDER}/${DEVICE_ID}_ca.pem
export REG_SECRET_NAME=$(kubectl get secrets -n flotta -l reg-client-ca=true --sort-by=.metadata.creationTimestamp | tail -1 | awk '{print $1}')
kubectl -n flotta get secret ${REG_SECRET_NAME} --template="{{index .data \"client.crt\" | base64decode}}" > ${test_dir}/${DEVICE_ID}_cert.pem
kubectl -n flotta get secret ${REG_SECRET_NAME} --template="{{index .data \"client.key\" | base64decode}}" > ${test_dir}/${DEVICE_ID}_key.pem
kubectl -n flotta get secret ${REG_SECRET_NAME} --template="{{index .data \"client.crt\" | base64decode}}" > ${CERTS_FOLDER}/${DEVICE_ID}_cert.pem
kubectl -n flotta get secret ${REG_SECRET_NAME} --template="{{index .data \"client.key\" | base64decode}}" > ${CERTS_FOLDER}/${DEVICE_ID}_key.pem
# make get-certs END
12 changes: 6 additions & 6 deletions scripts/get_device_update.sh
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
#!/bin/bash

echo "curl -XGET \\
--cacert ${test_dir}/default_ca.pem \\
--cert ${test_dir}/${DEVICE_ID}.pem \\
--key ${test_dir}/${DEVICE_ID}.key -v \\
--cacert ${CERTS_FOLDER}/default_ca.pem \\
--cert ${CERTS_FOLDER}/${DEVICE_ID}.pem \\
--key ${CERTS_FOLDER}/${DEVICE_ID}.key -v \\
-H \"Content-Type: application/json\" \\
-H \"Cache-Control: no-cache\" \\
https://${HTTP_SERVER}:${HTTP_SERVER_PORT}/${REQUEST_PATH}"

curl -XGET \
--cacert ${test_dir}/default_ca.pem \
--cert ${test_dir}/${DEVICE_ID}.pem \
--key ${test_dir}/${DEVICE_ID}.key -v \
--cacert ${CERTS_FOLDER}/default_ca.pem \
--cert ${CERTS_FOLDER}/${DEVICE_ID}.pem \
--key ${CERTS_FOLDER}/${DEVICE_ID}.key -v \
-H "Content-Type: application/json" \
-H "Cache-Control: no-cache" \
https://${HTTP_SERVER}:${HTTP_SERVER_PORT}/${REQUEST_PATH}
Expand Down
149 changes: 0 additions & 149 deletions scripts/jmeter.log
View file

This file was deleted.

41 changes: 21 additions & 20 deletions scripts/register_device.sh
View file
Original file line number Diff line number Diff line change
@@ -1,48 +1,49 @@
#!/bin/bash
openssl ecparam -name prime256v1 -genkey -noout -out ${test_dir}/${DEVICE_ID}.key
openssl req -new -subj '/CN=${DEVICE_ID}' -key ${test_dir}/${DEVICE_ID}.key -out ${test_dir}/${DEVICE_ID}.csr
export CERTIFICATE_REQUEST=$(cat ${test_dir}/${DEVICE_ID}.csr | sed 's/$/\\n/' | tr -d '\n')
openssl ecparam -name prime256v1 -genkey -noout -out ${CERTS_FOLDER}/${DEVICE_ID}.key
openssl req -new -subj '/CN=${DEVICE_ID}' -key ${CERTS_FOLDER}/${DEVICE_ID}.key -out ${CERTS_FOLDER}/${DEVICE_ID}.csr
export CERTIFICATE_REQUEST=$(cat ${CERTS_FOLDER}/${DEVICE_ID}.csr | sed 's/$/\\n/' | tr -d '\n')
UUID=$(uuidgen)
echo "${PAYLOAD}" | sed -e 's/"content": {/"content": {\n "certificate_request": "$CERTIFICATE_REQUEST",/g' | envsubst > ${test_dir}/${DEVICE_ID}_payload.json

echo "${PAYLOAD}" | sed -e 's/"content": {/"content": {\n "certificate_request": "$CERTIFICATE_REQUEST",/g' | envsubst > ${REGISTRATION_FOLDER}/${DEVICE_ID}_payload.json

#Verify!
cat ${test_dir}/${DEVICE_ID}_payload.json | jq .
cat ${REGISTRATION_FOLDER}/${DEVICE_ID}_payload.json | jq .

if [ $? -ne 0 ]; then
echo "Error when checking ${test_dir}/${DEVICE_ID}_payload.json"
echo "Error when checking ${REGISTRATION_FOLDER}/${DEVICE_ID}_payload.json"
exit -1
fi
echo "curl \
--cacert ${test_dir}/default_ca.pem \\
--cert ${test_dir}/default_cert.pem \\
--key ${test_dir}/default_key.pem -v \\
-d @${test_dir}/${DEVICE_ID}_payload.json \\
--cacert ${CERTS_FOLDER}/default_ca.pem \\
--cert ${CERTS_FOLDER}/default_cert.pem \\
--key ${CERTS_FOLDER}/default_key.pem -v \\
-d @${REGISTRATION_FOLDER}/${DEVICE_ID}_payload.json \\
-X POST \\
-H \"Content-Type: application/json\" \
-o ${test_dir}/${DEVICE_ID}_response.json \\
-o ${REGISTRATION_FOLDER}/${DEVICE_ID}_response.json \\
https://${HTTP_SERVER}:${HTTP_SERVER_PORT}/api/flotta-management/v1/data/${DEVICE_ID}/out"

curl \
--cacert ${test_dir}/default_ca.pem \
--cert ${test_dir}/default_cert.pem \
--key ${test_dir}/default_key.pem -v \
-d @${test_dir}/${DEVICE_ID}_payload.json \
--cacert ${CERTS_FOLDER}/default_ca.pem \
--cert ${CERTS_FOLDER}/default_cert.pem \
--key ${CERTS_FOLDER}/default_key.pem -v \
-d @${REGISTRATION_FOLDER}/${DEVICE_ID}_payload.json \
-X POST \
-H "Content-Type: application/json" \
-o ${test_dir}/${DEVICE_ID}_response.json \
-o ${REGISTRATION_FOLDER}/${DEVICE_ID}_response.json \
https://${HTTP_SERVER}:${HTTP_SERVER_PORT}/api/flotta-management/v1/data/${DEVICE_ID}/out
if [ $? -ne 0 ]; then
echo "Error when sending registration request, see ${test_dir}/${DEVICE_ID}_register.out"
echo "Error when sending registration request, see ${REGISTRATION_FOLDER_dir}/${DEVICE_ID}_register.out"
exit -1
fi

cat ${test_dir}/${DEVICE_ID}_response.json | jq '.content.certificate' | sed -e 's/\\n/\n/g' | sed -e 's/"//g' > ${test_dir}/${DEVICE_ID}.pem
cat ${REGISTRATION_FOLDER}/${DEVICE_ID}_response.json | jq '.content.certificate' | sed -e 's/\\n/\n/g' | sed -e 's/"//g' > ${CERTS_FOLDER}/${DEVICE_ID}.pem


#openssl x509 -in ${test_dir}/${DEVICE_ID}.pem --text
#openssl x509 -in ${CERTS_FOLDER}/${DEVICE_ID}.pem --text

if [ $? -ne 0 ]; then
echo "Error when extracting ${test_dir}/${DEVICE_ID}_response.json to ${test_dir}/${DEVICE_ID}.pem"
echo "Error when extracting ${REGISTRATION_FOLDER}/${DEVICE_ID}_response.json to ${CERTS_FOLDER}/${DEVICE_ID}.pem"
exit -1
fi

Expand Down
12 changes: 6 additions & 6 deletions scripts/request_operator.sh
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
#!/bin/bash

echo "curl -XPOST \\
--cacert ${test_dir}/default_ca.pem \\
--cert ${test_dir}/${DEVICE_ID}.pem \\
--key ${test_dir}/${DEVICE_ID}.key -v \\
--cacert ${CERTS_FOLDER}/default_ca.pem \\
--cert ${CERTS_FOLDER}/${DEVICE_ID}.pem \\
--key ${CERTS_FOLDER}/${DEVICE_ID}.key -v \\
-H \"Content-Type: application/json\" \\
--data ${POST_BODY} \\
https://${HTTP_SERVER}:${HTTP_SERVER_PORT}/${REQUEST_PATH}"

curl -XPOST \
--cacert ${test_dir}/default_ca.pem \
--cert ${test_dir}/${DEVICE_ID}.pem \
--key ${test_dir}/${DEVICE_ID}.key -v \
--cacert ${CERTS_FOLDER}/default_ca.pem \
--cert ${CERTS_FOLDER}/${DEVICE_ID}.pem \
--key ${CERTS_FOLDER}/${DEVICE_ID}.key -v \
-H "Content-Type: application/json" \
--data ${POST_BODY} \
https://${HTTP_SERVER}:${HTTP_SERVER_PORT}/${REQUEST_PATH}
Expand Down
54 changes: 19 additions & 35 deletions scripts/run_test_plan.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ while getopts "c:d:e:f:g:h:i:j:k:l:m:n:o:p:q:r:s:t:u:v" option; do
l) LOG_LEVEL=${OPTARG};;
m) MUST_GATHER=${OPTARG};;
n) TEST_ID=${OPTARG};;
o) edgeworkloadMENT_CONCURRENCY=${OPTARG};;
o) EDGEWORKLOAD_CONCURRENCY=${OPTARG};;
p) EDGE_DEPLOYMENTS_PER_DEVICE=${OPTARG};;
q) NAMESPACES_COUNT=${OPTARG};;
r) RAMP_UP_TIME=${OPTARG};;
Expand Down Expand Up @@ -86,9 +86,9 @@ if [[ -z $REPLICAS ]]; then
echo "INFO: Number of replicas not specified. Using default value: $REPLICAS"
fi

if [[ -z $edgeworkloadMENT_CONCURRENCY ]]; then
edgeworkloadMENT_CONCURRENCY=5
echo "INFO: Edge deployment concurrency not specified. Using default value: $edgeworkloadMENT_CONCURRENCY"
if [[ -z $EDGEWORKLOAD_CONCURRENCY ]]; then
EDGEWORKLOAD_CONCURRENCY=5
echo "INFO: Edge deployment concurrency not specified. Using default value: $EDGEWORKLOAD_CONCURRENCY"
fi

if [[ -z $TEST_ID ]]; then
Expand Down Expand Up @@ -229,7 +229,10 @@ echo "Before test: There are $edgedevices edge devices and $edgeworkload edge wo

run_test()
{
echo "INFO: Running test"
SCRIPT=$(readlink -f "$0")
SCRIPT_DIR=$(dirname "$SCRIPT")

echo "INFO: Running test located in ${SCRIPT_DIR}"
JVM_ARGS="-Xms4g -Xmx64g -Xss250k -XX:MaxMetaspaceSize=1g" $JMETER_HOME/bin/jmeter.sh -n -l $test_dir/results.csv \
-f -e -o $test_dir/results/ -t $TEST_PLAN \
-JEDGE_DEVICES_COUNT=$EDGE_DEVICES_COUNT \
Expand All @@ -241,7 +244,11 @@ JVM_ARGS="-Xms4g -Xmx64g -Xss250k -XX:MaxMetaspaceSize=1g" $JMETER_HOME/bin/jmet
-JHTTP_SERVER=$HTTP_SERVER \
-JHTTP_SERVER_PORT=$HTTP_SERVER_PORT \
-JTEST_DIR=$test_dir \
-JSCRIPTS_DIR=`pwd` \
-JSCRIPTS_DIR=$SCRIPT_DIR \
-JCERTS_FOLDER=$CERTS_FOLDER \
-JREGISTRATION_FOLDER="${logs_dir}/registration" \
-JGET_UPDATES_FOLDER="${logs_dir}/get_updates" \
-JHEARTBEAT_FOLDER="${logs_dir}/heartbeat" \
-JNAMESPACES_COUNT=$NAMESPACES_COUNT|& tee -a $test_dir/summary.txt
}

Expand Down Expand Up @@ -299,7 +306,7 @@ kubectl patch cm -n flotta flotta-operator-manager-config --type merge --patch '
"LOG_LEVEL": "'$LOG_LEVEL'",
"OBC_AUTO_CREATE": "false",
"MAX_CONCURRENT_RECONCILES": "'$MAX_CONCURRENT_RECONCILES'",
"edgeworkloadMENT_CONCURRENCY": "'$edgeworkloadMENT_CONCURRENCY'",
"EDGEWORKLOAD_CONCURRENCY": "'$EDGEWORKLOAD_CONCURRENCY'",
"NAMESPACES_COUNT": "'$NAMESPACES_COUNT'"}
}'

Expand Down Expand Up @@ -394,15 +401,16 @@ kubectl scale --replicas=$REPLICAS deployment flotta-operator-controller-manager
kubectl wait --for=condition=available -n flotta deployment.apps/flotta-operator-controller-manager

count=0
export CERTS_FOLDER="${test_dir}/certs"
DEVICE_ID='default'
DEVICE_ID=$DEVICE_ID sh generate_certs.sh
echo "Waiting for HTTP server to be ready at $HTTP_SERVER"
until [[ count -gt 100 ]]
do
curl \
--cacert ${test_dir}/${DEVICE_ID}_ca.pem \
--cert ${test_dir}/${DEVICE_ID}_cert.pem \
--key ${test_dir}/${DEVICE_ID}_key.pem -v \
--cacert ${CERTS_FOLDER}/${DEVICE_ID}_ca.pem \
--cert ${CERTS_FOLDER}/${DEVICE_ID}_cert.pem \
--key ${CERTS_FOLDER}/${DEVICE_ID}_key.pem -v \
-m 5 -s -i \
https://${HTTP_SERVER}:${HTTP_SERVER_PORT} | grep 404 > /dev/null
if [ "$?" == "1" ]; then
Expand Down Expand Up @@ -430,35 +438,11 @@ kubectl top pods -n flotta --use-protocol-buffers
} >> $test_dir/summary.txt
}

setup()
{
sysctl -w net.core.somaxconn=50000
sysctl -w net.core.netdev_max_backlog=50000
sysctl -w net.ipv4.tcp_max_syn_backlog=50000
sysctl -w net.ipv4.ip_local_port_range="15000 65000"
sysctl -w net.ipv4.tcp_fin_timeout=10
sysctl -w vm.max_map_count=999999
sysctl -w kernel.threads-max=4113992

if [ -z $(grep "* soft nofile 999999" "/etc/security/limits.conf") ]; then
cat "* soft nofile 999999" >> /etc/security/limits.conf
fi

if [ -z $(grep "* hard nofile 999999" "/etc/security/limits.conf") ]; then
cat "* hard nofile 999999" >> /etc/security/limits.conf
fi


ifconfig br-ex txqueuelen 5000
ifconfig cni-podman0 txqueuelen 5000
ifconfig ens3 txqueuelen 5000
ifconfig ens4 txqueuelen 5000
ifconfig ovn-k8s-mp0 txqueuelen 5000
}

parse_args "$@"
log_run_details
setup
sh setup
patch_flotta_operator
log_pods_details
run_test
Expand Down
16 changes: 0 additions & 16 deletions scripts/service.yaml
View file

This file was deleted.

Loading

0 comments on commit 601e0db

Please sign in to comment.