mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-04-20 23:36:29 -04:00
add EKS to benchmark Readme
This commit is contained in:
Moritz Eckert
parent
d0ea6c93e0
commit
26d2e67fe7
84
.github/actions/e2e_benchmark/README.md
vendored
84
.github/actions/e2e_benchmark/README.md
vendored
@ -175,6 +175,88 @@ S3_PATH=s3://edgeless-artifact-store/constellation/benchmarks/<version>
|
||||
aws s3 cp benchmarks/GKE.json ${S3_PATH}/GKE.json
|
||||
```
|
||||
|
||||
### EKS
|
||||
|
||||
Create an EKS cluster of desired benchmarking settings (region, instance types). If comparing against Constellation clusters with CVM instances, make sure to select the matching instance type on EKS.
|
||||
For example ([AWS documentation](https://repost.aws/de/knowledge-center/eks-persistent-storage)):
|
||||
|
||||
```bash
|
||||
account_id=`aws sts get-caller-identity --query Account --output text`
|
||||
region="us-east-2"
|
||||
# create cluster
|
||||
eksctl create cluster --name benchmark --region $region --version 1.27 --node-type m6a.xlarge --node-volume-type gp3 --node-volume-size 30 --nodes 2
|
||||
# https://repost.aws/de/knowledge-center/eks-persistent-storage
|
||||
eksctl utils associate-iam-oidc-provider --region=$region --cluster=benchmark --approve
|
||||
oidc_id=$(aws eks describe-cluster --name $cluster_name --query "cluster.identity.oidc.issuer" --output text | cut -d '/' -f 5)
|
||||
sed "s/OIDCID/$oidc_id/g; s/ACCOUNTID/$account_id/g; s/REGION/$region/g" aws-ebs-csi-driver-trust-policy.json > trust-policy.json
|
||||
aws iam update-assume-role-policy --role-name AmazonEKS_EBS_CSI_Driver_Benchmark --policy-document file://"trust-policy.json"
|
||||
aws eks create-addon \
|
||||
--cluster-name benchmark \
|
||||
--addon-name aws-ebs-csi-driver \
|
||||
--service-account-role-arn arn:aws:iam::$account_id:role/AmazonEKS_EBS_CSI_Driver_Benchmark
|
||||
```
|
||||
|
||||
Once the cluster is ready, set up managing access via `kubectl` and take the benchmark:
|
||||
```bash
|
||||
# Setup knb``
|
||||
git clone https://github.com/InfraBuilder/k8s-bench-suite.git
|
||||
cd k8s-bench-suite
|
||||
install knb /usr/local/bin
|
||||
cd ..
|
||||
|
||||
# Setup kubestr
|
||||
case "$(go env GOOS)" in "darwin") HOSTOS="MacOS";; *) HOSTOS="$(go env GOOS)";; esac
|
||||
HOSTARCH="$(go env GOARCH)"
|
||||
KUBESTR_VER=0.4.37
|
||||
curl -fsSLO https://github.com/kastenhq/kubestr/releases/download/v${KUBESTR_VER}/kubestr_${KUBESTR_VER}_${HOSTOS}_${HOSTARCH}.tar.gz
|
||||
tar -xzf kubestr_${KUBESTR_VER}_${HOSTOS}_${HOSTARCH}.tar.gz
|
||||
install kubestr /usr/local/bin
|
||||
|
||||
# Clone Constellation
|
||||
git clone https://github.com/edgelesssys/constellation.git
|
||||
|
||||
# Create StorageClass
|
||||
cat <<EOF | kubectl apply -f -
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: gp3
|
||||
provisioner: kubernetes.io/aws-ebs
|
||||
volumeBindingMode: Immediate
|
||||
allowVolumeExpansion: true
|
||||
parameters:
|
||||
type: gp3
|
||||
fsType: ext4
|
||||
throughput: "1000"
|
||||
iops: "16000"
|
||||
EOF
|
||||
|
||||
# Run kubestr
|
||||
mkdir -p out
|
||||
kubestr fio -e "out/fio-EKS.json" -o json -s gp3 -z 400Gi -f constellation/.github/actions/e2e_benchmark/fio.ini
|
||||
|
||||
# Run knb
|
||||
# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html
|
||||
workers="$(kubectl get nodes --selector='!node-role.kubernetes.io/control-plane' -o name)"
|
||||
server="$(echo "$workers" | tail +1 | head -1 | cut -d '/' -f2)"
|
||||
client="$(echo "$workers" | tail +2 | head -1 | cut -d '/' -f2)"
|
||||
knb -f "out/knb-EKS.json" -o json --server-node "$server" --client-node "$client"
|
||||
|
||||
|
||||
# Parse
|
||||
mkdir -p benchmarks
|
||||
export BDIR=benchmarks
|
||||
export CSP=aws
|
||||
export EXT_NAME=EKS
|
||||
export BENCH_RESULTS=out/
|
||||
|
||||
python constellation/.github/actions/e2e_benchmark/evaluate/parse.py
|
||||
|
||||
# Upload result to S3
|
||||
S3_PATH=s3://edgeless-artifact-store/constellation/benchmarks/<version>
|
||||
aws s3 cp benchmarks/EKS.json ${S3_PATH}/EKS.json
|
||||
```
|
||||
|
||||
### Constellation
|
||||
The action updates the stored Constellation records for the selected cloud provider when running on the main branch.
|
||||
|
||||
@ -183,7 +265,7 @@ The action also contains the code to draw graphs as used in the [Constellation d
|
||||
The graphs compare the performance of Constellation to the performance of managed Kubernetes clusters.
|
||||
It expects the results of `[AKS.json, GKE.json, constellation-azure.json, constellation-gcp.json]` to be present in the `BDIR` folder.
|
||||
|
||||
Graphs can thne be created from using the `graphs.py` script:
|
||||
Graphs can then be created using the `graphs.py` script:
|
||||
|
||||
```bash
|
||||
BDIR=benchmarks
|
||||
|
||||
18
.github/actions/e2e_benchmark/aws-ebs-csi-driver-trust-policy.json
vendored
Normal file
18
.github/actions/e2e_benchmark/aws-ebs-csi-driver-trust-policy.json
vendored
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Effect": "Allow",
|
||||
"Principal": {
|
||||
"Federated": "arn:aws:iam::ACCOUNTID:oidc-provider/oidc.eks.REGION.amazonaws.com/id/OIDCID"
|
||||
},
|
||||
"Action": "sts:AssumeRoleWithWebIdentity",
|
||||
"Condition": {
|
||||
"StringEquals": {
|
||||
"oidc.eks.REGION.amazonaws.com/id/OIDCID:aud": "sts.amazonaws.com",
|
||||
"oidc.eks.REGION.amazonaws.com/id/OIDCID:sub": "system:serviceaccount:kube-system:ebs-csi-controller-sa"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user