Difference between revisions of "KeystonePerformance"
m (→Methodology) |
(Moved scripts to github) |
||
Line 54: | Line 54: | ||
===== Test scripts ===== | ===== Test scripts ===== | ||
− | + | Used scripts can be found there: https://github.com/TristanCacqueray/keystone-perfs/tree/master/src | |
− | + | Basically: | |
− | + | * User creation (perf-create-users.sh): | |
− | + | * Generate user's tokens list (perf-gen-tokens.sh): | |
− | + | * Token validation (perf-validate-tokens.sh): | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | Generate user's tokens list (perf-gen-tokens.sh): | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | Token validation (perf-validate-tokens.sh): | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
==== Performance data acquisition ==== | ==== Performance data acquisition ==== | ||
− | + | And the main script to automate the benchmark is bench.sh. | |
− | This | + | This will write real time (userland + kernelland) in /tmp/perf-test_name-TOKEN_FORMAT-BACKEND: |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
==== Performances results ==== | ==== Performances results ==== |
Revision as of 15:52, 19 December 2013
Contents
Keystone Performance
This is to track the performance work related to Keystone.
Work Items
Identify CPU, Disk, Memory, Database bottlenecks
Test #1, Create users in parallel and look for CPU, disk or memory bottleneck.
Methodology
- Install Havana Stable [1] on a bare metal.
- Create one instance of m1.medium flavor and other of type m1.large, so that we can have different CPU and memory config
- Install Keystone Manually on both of the above created instances
- Using python multiprocessing module create users in parallel using keystoneclient.v2_0 module on each one of them.
- key.users.create(<user>, "test", "test@test.com") where key = client.Client( .... )
- Collect the CPU, Disk, Memory and Database related stats while user creation is in progress.
Effect of caching - memcached
Effect of expired tokens
Overhead of syncing revocation list
Improvement with multi-core keystone service
Compare PKI vs UUID, SQL vs LDAP
Methodology
In this story we will be measuring keystone performance for those sequencial tests:
- User creation
- User token generation
- User token validation
Test setup
Devstack on ubuntu server 13.10, with most services disabled (beside keystone, mysql and ldap):
for service in g-api g-reg n-api n-crt n-obj n-cpu n-net n-cond \ cinder c-sch c-api c-vol n-sch n-novnc n-xvnc n-cauth \ horizon rabbit tempest; do echo disable_service $service >> localrc done
Added at the end of localrc:
ADMIN_PASSWORD=nomoresecrete SERVICE_TOKEN=ADMIN OFFLINE=True KEYSTONE_TOKEN_FORMAT=UUID KEYSTONE_IDENTITY_BACKEND=ldap enable_service ldap KEYSTONE_CLEAR_LDAP=yes LDAP_PASSWORD=ldappass
Test scripts
Used scripts can be found there: https://github.com/TristanCacqueray/keystone-perfs/tree/master/src Basically:
- User creation (perf-create-users.sh):
- Generate user's tokens list (perf-gen-tokens.sh):
- Token validation (perf-validate-tokens.sh):
Performance data acquisition
And the main script to automate the benchmark is bench.sh. This will write real time (userland + kernelland) in /tmp/perf-test_name-TOKEN_FORMAT-BACKEND:
Performances results
Note that this is a sequencial benchmarks (no parallel requests). After running the data acquisition several time, here is the average observed time in seconds for 100 items (users or tokens):
LDAP | SQL | |
UUID | user creation : 29.36 token generation: 27.74 token validation: 2.29 |
user creation : 31.35 token generation: 29.73 token validation: 2.32 |
PKI | user creation : 29.39 token generation: 30.40 token validation: 2.84 |
user creation : 31.34 token generation: 32.27 token validation: 2.86 |
First remarks:
- UUID token generation is faster than PKI (obviously).
- User creation does not depends on token type, and is faster on LDAP.
- Overall, LDAP performs better, even for token validation.