Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Go Benchmark for OPA filters #2896

Merged
merged 1 commit into from
Feb 19, 2024
Merged

Go Benchmark for OPA filters #2896

merged 1 commit into from
Feb 19, 2024

Conversation

mjungsbluth
Copy link
Collaborator

@mjungsbluth mjungsbluth commented Jan 31, 2024
edited
Loading

This PR adds basic benchmarks for the OPA filters

  • Baseline with a policy that always yields an allow
  • JWT token validation with a policy to compare against existing filters

Baseline results on a MacBook Air M1

BenchmarkAuthorizeRequest/authorize-request-minimal-8 45476 22514 ns/op 20789 B/op 388 allocs/op
BenchmarkAuthorizeRequest/authorize-request-jwt-validation-8 5868 195705 ns/op 55493 B/op 864 allocs/op

@mjungsbluth mjungsbluth added the minor no risk changes, for example new filters label Feb 5, 2024
@szuecs
Copy link
Member

szuecs commented Feb 6, 2024

@mjungsbluth do you miss something to add or why it's a draft?

@mjungsbluth
Copy link
Collaborator Author

mjungsbluth commented Feb 7, 2024
edited
Loading

@mjungsbluth do you miss something to add or why it's a draft?

@szuecs I think this is good as a baseline. Optimizations and adding caching can be done in a sub-sequent PR...

@mjungsbluth mjungsbluth marked this pull request as ready for review February 7, 2024 13:19
@szuecs
Copy link
Member

szuecs commented Feb 7, 2024

👍

AlexanderYastrebov
AlexanderYastrebov reviewed Feb 8, 2024
View reviewed changes
filters/openpolicyagent/opaauthorizerequest/opaauthorizerequest_test.go Outdated
f, err := createOpaFilter(opaControlPlane)
assert.NoError(b, err)

url, err := url.Parse("http://somehost/somepath")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It could be skipper.test or opa.test, see https://www.rfc-editor.org/rfc/rfc2606.html#section-3

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch. Changed...

@AlexanderYastrebov
Copy link
Member

AlexanderYastrebov commented Feb 8, 2024
edited
Loading

@mjungsbluth Could you include benchmark results into commit message please?

@RomanZavodskikh
Copy link
Member

Looks good to me, however, I agree with all small suggestions left by other folks here.

@RomanZavodskikh
Copy link
Member

👍

@mjungsbluth
Copy link
Collaborator Author

Could you include benchmark results into commit message please?

@AlexanderYastrebov yes, added those to the commit message...

@AlexanderYastrebov
Copy link
Member

👍

@szuecs
Copy link
Member

szuecs commented Feb 15, 2024
edited
Loading

@mjungsbluth there is a conflict
I guess rebase on master because the other pr was merged

@mjungsbluth
Initial benchmark for OPA filters
92e32a9 
Baseline on a Macbook Air M1:

BenchmarkAuthorizeRequest/authorize-request-minimal-8         	   45476	     22514 ns/op	   20789 B/op	     388 allocs/op
BenchmarkAuthorizeRequest/authorize-request-jwt-validation-8  	    5868	    195705 ns/op	   55493 B/op	     864 allocs/op

Signed-off-by: Magnus Jungsbluth <[email protected]>
@AlexanderYastrebov
Copy link
Member

👍

1 similar comment
@szuecs
Copy link
Member

szuecs commented Feb 19, 2024

👍

@szuecs szuecs added minor no risk changes, for example new filters major moderate risk, for example new API, small filter changes that have no risk like refactoring or logs and removed minor no risk changes, for example new filters major moderate risk, for example new API, small filter changes that have no risk like refactoring or logs labels Feb 19, 2024
@szuecs szuecs merged commit e626a2f into master Feb 19, 2024
18 of 19 checks passed
@szuecs szuecs deleted the opa_initial_bench branch February 19, 2024 19:17
@AlexanderYastrebov AlexanderYastrebov mentioned this pull request Feb 20, 2024
Merged
@RomanZavodskikh RomanZavodskikh mentioned this pull request Feb 23, 2024
Merged
@Pushpalanka Pushpalanka mentioned this pull request Mar 1, 2024
Merged
@zalando-teapot-robot zalando-teapot-robot mentioned this pull request Sep 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlexanderYastrebov AlexanderYastrebov AlexanderYastrebov left review comments

Assignees
No one assigned
Labels
minor no risk changes, for example new filters
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mjungsbluth @szuecs @AlexanderYastrebov @RomanZavodskikh