Compare commits
No commits in common. "bf1573293537d3052d3899d288e9be808750f0e9" and "f35384c0f3b403fab4af40588bffebe6c9d37d72" have entirely different histories.
bf15732935
...
f35384c0f3
|
@ -24,7 +24,6 @@
|
|||
- [(FR) - Ajouter une authentification OpenID Connect](./fr/tutorials/add-oidc-authn-layer.md)
|
||||
- [(FR) - Amorçage d'un serveur Bouncer via la configuration](./fr/tutorials/bootstrapping.md)
|
||||
- [(FR) - Intégration avec Kubernetes](./fr/tutorials/kubernetes-integration.md)
|
||||
- [(FR) - Profilage](./fr/tutorials/profiling.md)
|
||||
|
||||
### Développement
|
||||
|
||||
|
|
|
@ -1,24 +1,10 @@
|
|||
# Étudier les performances de Bouncer
|
||||
|
||||
## In situ
|
||||
|
||||
Il est possible d'activer via la configuration de Bouncer de endpoints capable de générer des fichiers de profil au format [`pprof`](https://github.com/google/pprof). Par défaut, le point d'entrée est `.bouncer/profiling` (l'activation et la personnalisation de ce point d'entrée sont modifiables via la [configuration](../../../misc/packaging/common/config.yml)).
|
||||
|
||||
**Exemple:** Visualiser l'utilisation mémoire de Bouncer
|
||||
|
||||
```bash
|
||||
go tool pprof -web http://<bouncer_proxy>/.bouncer/profiling/heap
|
||||
```
|
||||
|
||||
L'ensemble des profils disponibles sont visibles à l'adresse `http://<bouncer_proxy>/.bouncer/profiling`.
|
||||
|
||||
## En développement
|
||||
|
||||
Le package `./internal` est dédié à l'étude des performances de Bouncer. Il contient une suite de benchmarks simulant de proxies avec différentes configurations de layers afin d'évaluer les points d'engorgement sur le traitement des requêtes.
|
||||
|
||||
Voir le répertoire `./internal/bench/testdata/proxies` pour voir les différentes configurations de cas.
|
||||
|
||||
### Lancer les benchmarks
|
||||
## Lancer les benchmarks
|
||||
|
||||
Le plus simple est d'utiliser la commande `make bench` qui exécutera séquentiellement tous les benchmarks. Il est également possible de lancer un benchmark spécifique via la commande suivante:
|
||||
|
||||
|
@ -33,7 +19,7 @@ Par exemple:
|
|||
go test -bench='BenchmarkProxies/basic-auth' -run='^$' ./internal/bench
|
||||
```
|
||||
|
||||
### Visualiser les profils d'exécution
|
||||
## Visualiser les profils d'exécution
|
||||
|
||||
Vous pouvez visualiser les profils d'exécution via la commande suivante:
|
||||
|
||||
|
@ -49,7 +35,7 @@ Par exemple:
|
|||
go tool pprof -web ./internal/bench/testdata/proxies/basic-auth.prof
|
||||
```
|
||||
|
||||
### Comparer les évolutions
|
||||
## Comparer les évolutions
|
||||
|
||||
```bash
|
||||
# Lancer un premier benchmark
|
||||
|
|
|
@ -6,7 +6,6 @@ import (
|
|||
"log"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/http/pprof"
|
||||
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/auth"
|
||||
"forge.cadoles.com/cadoles/bouncer/internal/auth/jwt"
|
||||
|
@ -156,34 +155,6 @@ func (s *Server) run(parentCtx context.Context, addrs chan net.Addr, errs chan e
|
|||
})
|
||||
}
|
||||
|
||||
if s.serverConfig.Profiling.Enabled {
|
||||
profiling := s.serverConfig.Profiling
|
||||
logger.Info(ctx, "enabling profiling", logger.F("endpoint", profiling.Endpoint))
|
||||
|
||||
router.Group(func(r chi.Router) {
|
||||
if profiling.BasicAuth != nil {
|
||||
logger.Info(ctx, "enabling authentication on metrics endpoint")
|
||||
|
||||
r.Use(middleware.BasicAuth(
|
||||
"profiling",
|
||||
profiling.BasicAuth.CredentialsMap(),
|
||||
))
|
||||
}
|
||||
|
||||
r.Route(string(profiling.Endpoint), func(r chi.Router) {
|
||||
r.HandleFunc("/", pprof.Index)
|
||||
r.HandleFunc("/cmdline", pprof.Cmdline)
|
||||
r.HandleFunc("/profile", pprof.Profile)
|
||||
r.HandleFunc("/symbol", pprof.Symbol)
|
||||
r.HandleFunc("/trace", pprof.Trace)
|
||||
r.HandleFunc("/{name}", func(w http.ResponseWriter, r *http.Request) {
|
||||
name := chi.URLParam(r, "name")
|
||||
pprof.Handler(name).ServeHTTP(w, r)
|
||||
})
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
router.Route("/api/v1", func(r chi.Router) {
|
||||
r.Group(func(r chi.Router) {
|
||||
r.Use(auth.Middleware(
|
||||
|
|
|
@ -35,15 +35,12 @@ func RunCommand() *cli.Command {
|
|||
logger.SetLevel(logger.Level(conf.Logger.Level))
|
||||
|
||||
projectVersion := ctx.String("projectVersion")
|
||||
|
||||
if conf.Proxy.Sentry.DSN != "" {
|
||||
flushSentry, err := setup.SetupSentry(ctx.Context, conf.Proxy.Sentry, projectVersion)
|
||||
flushSentry, err := setup.SetupSentry(ctx.Context, conf.Admin.Sentry, projectVersion)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not initialize sentry client")
|
||||
}
|
||||
|
||||
defer flushSentry()
|
||||
}
|
||||
|
||||
integrations, err := setup.SetupIntegrations(ctx.Context, conf)
|
||||
if err != nil {
|
||||
|
|
|
@ -30,15 +30,12 @@ func RunCommand() *cli.Command {
|
|||
logger.SetLevel(logger.Level(conf.Logger.Level))
|
||||
|
||||
projectVersion := ctx.String("projectVersion")
|
||||
|
||||
if conf.Proxy.Sentry.DSN != "" {
|
||||
flushSentry, err := setup.SetupSentry(ctx.Context, conf.Proxy.Sentry, projectVersion)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "could not initialize sentry client")
|
||||
}
|
||||
|
||||
defer flushSentry()
|
||||
}
|
||||
|
||||
layers, err := setup.GetLayers(ctx.Context, conf)
|
||||
if err != nil {
|
||||
|
|
|
@ -5,7 +5,6 @@ type AdminServerConfig struct {
|
|||
CORS CORSConfig `yaml:"cors"`
|
||||
Auth AuthConfig `yaml:"auth"`
|
||||
Metrics MetricsConfig `yaml:"metrics"`
|
||||
Profiling ProfilingConfig `yaml:"profiling"`
|
||||
Sentry SentryConfig `yaml:"sentry"`
|
||||
}
|
||||
|
||||
|
@ -16,7 +15,6 @@ func NewDefaultAdminServerConfig() AdminServerConfig {
|
|||
Auth: NewDefaultAuthConfig(),
|
||||
Metrics: NewDefaultMetricsConfig(),
|
||||
Sentry: NewDefaultSentryConfig(),
|
||||
Profiling: NewDefaultProfilingConfig(),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
package config
|
||||
|
||||
type ProfilingConfig struct {
|
||||
Enabled InterpolatedBool `yaml:"enabled"`
|
||||
Endpoint InterpolatedString `yaml:"endpoint"`
|
||||
BasicAuth *BasicAuthConfig `yaml:"basicAuth"`
|
||||
}
|
||||
|
||||
func NewDefaultProfilingConfig() ProfilingConfig {
|
||||
return ProfilingConfig{
|
||||
Enabled: true,
|
||||
Endpoint: "/.bouncer/profiling",
|
||||
BasicAuth: nil,
|
||||
}
|
||||
}
|
|
@ -10,7 +10,6 @@ type ProxyServerConfig struct {
|
|||
Debug InterpolatedBool `yaml:"debug"`
|
||||
HTTP HTTPConfig `yaml:"http"`
|
||||
Metrics MetricsConfig `yaml:"metrics"`
|
||||
Profiling ProfilingConfig `yaml:"profiling"`
|
||||
Transport TransportConfig `yaml:"transport"`
|
||||
Dial DialConfig `yaml:"dial"`
|
||||
Sentry SentryConfig `yaml:"sentry"`
|
||||
|
@ -28,7 +27,6 @@ func NewDefaultProxyServerConfig() ProxyServerConfig {
|
|||
Sentry: NewDefaultSentryConfig(),
|
||||
Cache: NewDefaultCacheConfig(),
|
||||
Templates: NewDefaultTemplatesConfig(),
|
||||
Profiling: NewDefaultProfilingConfig(),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -28,10 +28,10 @@ func NewDefaultSentryConfig() SentryConfig {
|
|||
Debug: false,
|
||||
FlushTimeout: NewInterpolatedDuration(2 * time.Second),
|
||||
AttachStacktrace: true,
|
||||
SampleRate: 0.2,
|
||||
SampleRate: 1,
|
||||
EnableTracing: true,
|
||||
TracesSampleRate: 0.2,
|
||||
ProfilesSampleRate: 0.2,
|
||||
ProfilesSampleRate: 1,
|
||||
IgnoreErrors: []string{},
|
||||
SendDefaultPII: false,
|
||||
ServerName: "",
|
||||
|
|
|
@ -8,7 +8,6 @@ import (
|
|||
"net"
|
||||
"net/http"
|
||||
"net/http/httputil"
|
||||
"net/http/pprof"
|
||||
"net/url"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
|
@ -147,34 +146,6 @@ func (s *Server) run(parentCtx context.Context, addrs chan net.Addr, errs chan e
|
|||
})
|
||||
}
|
||||
|
||||
if s.serverConfig.Profiling.Enabled {
|
||||
profiling := s.serverConfig.Profiling
|
||||
logger.Info(ctx, "enabling profiling", logger.F("endpoint", profiling.Endpoint))
|
||||
|
||||
router.Group(func(r chi.Router) {
|
||||
if profiling.BasicAuth != nil {
|
||||
logger.Info(ctx, "enabling authentication on metrics endpoint")
|
||||
|
||||
r.Use(middleware.BasicAuth(
|
||||
"profiling",
|
||||
profiling.BasicAuth.CredentialsMap(),
|
||||
))
|
||||
}
|
||||
|
||||
r.Route(string(profiling.Endpoint), func(r chi.Router) {
|
||||
r.HandleFunc("/", pprof.Index)
|
||||
r.HandleFunc("/cmdline", pprof.Cmdline)
|
||||
r.HandleFunc("/profile", pprof.Profile)
|
||||
r.HandleFunc("/symbol", pprof.Symbol)
|
||||
r.HandleFunc("/trace", pprof.Trace)
|
||||
r.HandleFunc("/{name}", func(w http.ResponseWriter, r *http.Request) {
|
||||
name := chi.URLParam(r, "name")
|
||||
pprof.Handler(name).ServeHTTP(w, r)
|
||||
})
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
router.Group(func(r chi.Router) {
|
||||
r.Use(director.Middleware())
|
||||
|
||||
|
|
|
@ -49,19 +49,6 @@ admin:
|
|||
# Mettre à null pour désactiver l'authentification
|
||||
basicAuth: null
|
||||
|
||||
# Profiling
|
||||
profiling:
|
||||
# Activer ou désactiver les endpoints de profiling
|
||||
enabled: true
|
||||
# Route de publication des endpoints de profiling
|
||||
endpoint: /.bouncer/profiling
|
||||
# Authentification "basic auth" sur les endpoints
|
||||
# de profiling
|
||||
# Mettre à null pour désactiver l'authentification
|
||||
basicAuth:
|
||||
credentials:
|
||||
prof: iling
|
||||
|
||||
# Configuration de l'intégration Sentry
|
||||
# Voir https://pkg.go.dev/github.com/getsentry/sentry-go?utm_source=godoc#ClientOptions
|
||||
sentry:
|
||||
|
@ -72,7 +59,7 @@ admin:
|
|||
sampleRate: 1
|
||||
enableTracing: true
|
||||
tracesSampleRate: 0.2
|
||||
profilesSampleRate: 0.2
|
||||
profilesSampleRate: 1
|
||||
ignoreErrors: []
|
||||
sendDefaultPII: false
|
||||
serverName: ""
|
||||
|
@ -112,19 +99,6 @@ proxy:
|
|||
credentials:
|
||||
prom: etheus
|
||||
|
||||
# Profiling
|
||||
profiling:
|
||||
# Activer ou désactiver les endpoints de profiling
|
||||
enabled: true
|
||||
# Route de publication des endpoints de profiling
|
||||
endpoint: /.bouncer/profiling
|
||||
# Authentification "basic auth" sur les endpoints
|
||||
# de profiling
|
||||
# Mettre à null pour désactiver l'authentification
|
||||
basicAuth:
|
||||
credentials:
|
||||
prof: iling
|
||||
|
||||
# Configuration de la mise en cache
|
||||
# locale des données proxy/layers
|
||||
cache:
|
||||
|
|
Loading…
Reference in New Issue