Add a CNI focussed variants of kubelet-density (kube-burner#152)

This commit adds two new kinds of kubelet-density like workloads that are focussed on CNI performance. 1. kubelet-density-cni: This creates deployments of node.js webservers fronted by services and another deployment of pods that run curl against the webserver service for readiness probe. This ensures that the curl pods only go into ready when they are able to reach the webserver srvice. kube-burner accordingly accounts for this delay in the podready metrics. 2. kubelet-density-cni-networkpolicy: This is similar to above workload except a deny-all policy is created in the namespace to begin with and later a newotk policy to allow http on 8080 is introduced when the pods/services are created. This also ensures that the curl pods' readiness probe only succeeds when the flows dictated by the network policy are applied. kube-burner podready metrics now account for propagation of this network policy. Closes: kube-burner#151 Signed-off-by: Sai Sindhur Malleni <[email protected]>
rsevilla87 · Feb 7, 2022 · 7f5bad2 · 7f5bad2
1 parent 233a726
commit 7f5bad2
Show file tree

Hide file tree

Showing 10 changed files with 268 additions and 0 deletions.
diff --git a/examples/workloads/kubelet-density-cni-networkpolicy/kubelet-density-cni-networkpolicy.yml b/examples/workloads/kubelet-density-cni-networkpolicy/kubelet-density-cni-networkpolicy.yml
@@ -0,0 +1,50 @@
+---
+global:
+  writeToFile: true
+  metricsDirectory: collected-metrics
+  indexerConfig:
+    enabled: true
+    esServers: [http://elastic-elk.apps.rsevilla.kube-burner.com]
+    insecureSkipVerify: true
+    defaultIndex: kube-burner
+    type: elastic
+  measurements:
+    - name: podLatency
+      esIndex: kube-burner
+
+jobs:
+  - name: deny-all-policy
+    jobIterations: 1
+    qps: 1
+    burst: 1
+    namespacedIterations: false
+    namespace: kubelet-density-cni-networkpolicy
+    jobPause: 1m
+    objects:
+
+      - objectTemplate: templates/deny-all.yml
+        replicas: 1
+
+  - name: kubelet-density-cni-networkpolicy
+    jobIterations: 100
+    qps: 25
+    burst: 25
+    namespacedIterations: false
+    namespace: kubelet-density-cni-networkpolicy
+    waitWhenFinished: true
+    podWait: false
+    preloadImages: true
+    preLoadPeriod: 2m
+    objects:
+
+      - objectTemplate: templates/webserver-deployment.yml
+        replicas: 1
+
+      - objectTemplate: templates/webserver-service.yml
+        replicas: 1
+
+      - objectTemplate: templates/allow-http.yml
+        replicas: 1
+
+      - objectTemplate: templates/curl-deployment.yml
+        replicas: 1
diff --git a/examples/workloads/kubelet-density-cni-networkpolicy/templates/allow-http.yml b/examples/workloads/kubelet-density-cni-networkpolicy/templates/allow-http.yml
@@ -0,0 +1,12 @@
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: allow-{{.Replica}}-{{.Iteration}}
+spec:
+  podSelector:
+    matchLabels:
+      name: webserver-{{.Replica}}-{{.Iteration}}
+  ingress:
+  - ports:
+    - protocol: TCP
+      port: 8080
diff --git a/examples/workloads/kubelet-density-cni-networkpolicy/templates/curl-deployment.yml b/examples/workloads/kubelet-density-cni-networkpolicy/templates/curl-deployment.yml
@@ -0,0 +1,40 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: curl-{{.Replica}}-{{.Iteration}}
+spec:
+  template:
+    metadata:
+      labels:
+        name: curl-{{.Replica}}-{{.Iteration}}
+    spec:
+      nodeSelector:
+        node-role.kubernetes.io/worker: ""
+      containers:
+      - name: curlapp
+        image: quay.io/cloud-bulldozer/curl:latest
+        command: ["sleep", "inf"]
+        env:
+        - name: WEBSERVER_HOSTNAME
+          value: webserver-{{.Replica}}-{{.Iteration}}
+        - name: WEBSERVER_PORT
+          value: "8080"
+        imagePullPolicy: IfNotPresent
+        securityContext:
+          privileged: false
+        readinessProbe:
+          exec:
+            command: 
+              - "/bin/sh"
+              - "-c"
+              - "curl ${WEBSERVER_HOSTNAME}:${WEBSERVER_PORT}"
+          periodSeconds: 1
+      restartPolicy: Always
+  replicas: 1
+  selector:
+    matchLabels:
+      name: curl-{{.Replica}}-{{.Iteration}}
+  triggers:
+  - type: ConfigChange
+  strategy:
+    type: RollingUpdate
diff --git a/examples/workloads/kubelet-density-cni-networkpolicy/templates/deny-all.yml b/examples/workloads/kubelet-density-cni-networkpolicy/templates/deny-all.yml
@@ -0,0 +1,7 @@
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: deny-by-default
+spec:
+  podSelector: {}
+  ingress: []
diff --git a/examples/workloads/kubelet-density-cni-networkpolicy/templates/webserver-deployment.yml b/examples/workloads/kubelet-density-cni-networkpolicy/templates/webserver-deployment.yml
@@ -0,0 +1,30 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: webserver-{{.Replica}}-{{.Iteration}}
+spec:
+  template:
+    metadata:
+      labels:
+        name: webserver-{{.Replica}}-{{.Iteration}}
+    spec:
+      nodeSelector:
+        node-role.kubernetes.io/worker: ""
+      containers:
+      - name: webserver
+        image: quay.io/cloud-bulldozer/sampleapp:latest
+        ports:
+        - containerPort: 8080
+          protocol: TCP
+        imagePullPolicy: IfNotPresent
+        securityContext:
+          privileged: false
+      restartPolicy: Always
+  replicas: 1
+  selector:
+    matchLabels:
+      name: webserver-{{.Replica}}-{{.Iteration}}
+  triggers:
+  - type: ConfigChange
+  strategy:
+    type: RollingUpdate
diff --git a/examples/workloads/kubelet-density-cni-networkpolicy/templates/webserver-service.yml b/examples/workloads/kubelet-density-cni-networkpolicy/templates/webserver-service.yml
@@ -0,0 +1,12 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: webserver-{{.Replica}}-{{.Iteration}}
+spec:
+  selector:
+    name: webserver-{{.Replica}}-{{.Iteration}}
+  ports:
+  - protocol: TCP
+    port: 8080
+    targetPort: 8080
+  type: ClusterIP
diff --git a/examples/workloads/kubelet-density-cni/kubelet-density-cni.yml b/examples/workloads/kubelet-density-cni/kubelet-density-cni.yml
@@ -0,0 +1,35 @@
+---
+global:
+  writeToFile: true
+  metricsDirectory: collected-metrics
+  indexerConfig:
+    enabled: true
+    esServers: [http://elastic-elk.apps.rsevilla.kube-burner.com]
+    insecureSkipVerify: true
+    defaultIndex: kube-burner
+    type: elastic
+  measurements:
+    - name: podLatency
+      esIndex: kube-burner
+
+jobs:
+  - name: kubelet-density-cni
+    jobIterations: 100
+    qps: 25
+    burst: 25
+    namespacedIterations: false
+    namespace: kubelet-density-cni
+    waitWhenFinished: true
+    podWait: false
+    preloadImages: true
+    preLoadPeriod: 2m
+    objects:
+
+      - objectTemplate: templates/webserver-deployment.yml
+        replicas: 1
+
+      - objectTemplate: templates/webserver-service.yml
+        replicas: 1
+
+      - objectTemplate: templates/curl-deployment.yml
+        replicas: 1
diff --git a/examples/workloads/kubelet-density-cni/templates/curl-deployment.yml b/examples/workloads/kubelet-density-cni/templates/curl-deployment.yml
@@ -0,0 +1,40 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: curl-{{.Replica}}-{{.Iteration}}
+spec:
+  template:
+    metadata:
+      labels:
+        name: curl-{{.Replica}}-{{.Iteration}}
+    spec:
+      nodeSelector:
+        node-role.kubernetes.io/worker: ""
+      containers:
+      - name: curlapp
+        image: quay.io/cloud-bulldozer/curl:latest
+        command: ["sleep", "inf"]
+        env:
+        - name: WEBSERVER_HOSTNAME
+          value: webserver-{{.Replica}}-{{.Iteration}}
+        - name: WEBSERVER_PORT
+          value: "8080"
+        imagePullPolicy: IfNotPresent
+        securityContext:
+          privileged: false
+        readinessProbe:
+          exec:
+            command: 
+              - "/bin/sh"
+              - "-c"
+              - "curl ${WEBSERVER_HOSTNAME}:${WEBSERVER_PORT}"
+          periodSeconds: 1
+      restartPolicy: Always
+  replicas: 1
+  selector:
+    matchLabels:
+      name: curl-{{.Replica}}-{{.Iteration}}
+  triggers:
+  - type: ConfigChange
+  strategy:
+    type: RollingUpdate
diff --git a/examples/workloads/kubelet-density-cni/templates/webserver-deployment.yml b/examples/workloads/kubelet-density-cni/templates/webserver-deployment.yml
@@ -0,0 +1,30 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: webserver-{{.Replica}}-{{.Iteration}}
+spec:
+  template:
+    metadata:
+      labels:
+        name: webserver-{{.Replica}}-{{.Iteration}}
+    spec:
+      nodeSelector:
+        node-role.kubernetes.io/worker: ""
+      containers:
+      - name: webserver
+        image: quay.io/cloud-bulldozer/sampleapp:latest
+        ports:
+        - containerPort: 8080
+          protocol: TCP
+        imagePullPolicy: IfNotPresent
+        securityContext:
+          privileged: false
+      restartPolicy: Always
+  replicas: 1
+  selector:
+    matchLabels:
+      name: webserver-{{.Replica}}-{{.Iteration}}
+  triggers:
+  - type: ConfigChange
+  strategy:
+    type: RollingUpdate
diff --git a/examples/workloads/kubelet-density-cni/templates/webserver-service.yml b/examples/workloads/kubelet-density-cni/templates/webserver-service.yml
@@ -0,0 +1,12 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: webserver-{{.Replica}}-{{.Iteration}}
+spec:
+  selector:
+    name: webserver-{{.Replica}}-{{.Iteration}}
+  ports:
+  - protocol: TCP
+    port: 8080
+    targetPort: 8080
+  type: ClusterIP