Merge pull request kubernetes#2226 from dlapcevic/netpol-enforcement-…

…latency-test-client Network policy latency test clients v.0.0.1
sysdiglabs · Feb 6, 2023 · f9f2b21 · f9f2b21
2 parents 6b5893d + f22777b
commit f9f2b21
Show file tree

Hide file tree

Showing 21 changed files with 2,211 additions and 0 deletions.
diff --git a/network/tools/network-policy-enforcement-latency/Makefile b/network/tools/network-policy-enforcement-latency/Makefile
@@ -0,0 +1,27 @@
+REGISTRY ?= gcr.io/k8s-staging-perf-tests/network-policy-enforcement-latency
+
+POD_CREATION_IMAGE_NAME ?= pod-creation-reachability-latency
+POD_CREATION_PATH ?= $(POD_CREATION_IMAGE_NAME)
+POD_CREATION_VERSION ?= v0.0.1
+
+POLICY_CREATION_IMAGE_NAME ?= policy-creation-enforcement-latency
+POLICY_CREATION_PATH ?= $(POLICY_CREATION_IMAGE_NAME)
+POLICY_CREATION_VERSION ?= v0.0.1
+
+all: push_pod_creation push_policy_creation
+
+.PHONY: build_pod_creation
+build_pod_creation:
+	docker build -f ./$(POD_CREATION_PATH)/Dockerfile -t $(REGISTRY)/$(POD_CREATION_IMAGE_NAME):$(POD_CREATION_VERSION) .
+
+.PHONY: push_pod_creation
+push_pod_creation: build_pod_creation
+	docker push "$(REGISTRY)/$(POD_CREATION_IMAGE_NAME):$(POD_CREATION_VERSION)"
+
+.PHONY: build_policy_creation
+build_policy_creation:
+	docker build -f ./$(POLICY_CREATION_PATH)/Dockerfile -t $(REGISTRY)/$(POLICY_CREATION_IMAGE_NAME):$(POLICY_CREATION_VERSION) .
+
+.PHONY: push_policy_creation
+push_policy_creation: build_policy_creation
+	docker push "$(REGISTRY)/$(POLICY_CREATION_IMAGE_NAME):$(POLICY_CREATION_VERSION)"
diff --git a/network/tools/network-policy-enforcement-latency/README.md b/network/tools/network-policy-enforcement-latency/README.md
diff --git a/network/tools/network-policy-enforcement-latency/go.mod b/network/tools/network-policy-enforcement-latency/go.mod
@@ -0,0 +1,54 @@
+module k8s.io/perf-tests/network/tools/network-policy-enforcement-latency
+
+go 1.19
+
+require (
+	github.com/prometheus/client_golang v1.14.0
+	k8s.io/api v0.26.1
+	k8s.io/apimachinery v0.26.1
+	k8s.io/client-go v0.26.1
+	k8s.io/klog v1.0.0
+	k8s.io/klog/v2 v2.80.1
+)
+
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.9.0 // indirect
+	github.com/go-logr/logr v1.2.3 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.20.0 // indirect
+	github.com/go-openapi/swag v0.19.14 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/prometheus/client_model v0.3.0 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
+	golang.org/x/net v0.3.1-0.20221206200815-1e63c2f08a10 // indirect
+	golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
+	golang.org/x/sys v0.3.0 // indirect
+	golang.org/x/term v0.3.0 // indirect
+	golang.org/x/text v0.5.0 // indirect
+	golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
+	k8s.io/utils v0.0.0-20221107191617-1a15be271d1d // indirect
+	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
+)
diff --git a/network/tools/network-policy-enforcement-latency/go.sum b/network/tools/network-policy-enforcement-latency/go.sum
diff --git a/network/tools/network-policy-enforcement-latency/pkg/metrics/metrics.go b/network/tools/network-policy-enforcement-latency/pkg/metrics/metrics.go
@@ -0,0 +1,94 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package metrics
+
+import (
+	"net/http"
+	"sync"
+
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/promhttp"
+	"k8s.io/klog/v2"
+)
+
+var (
+	latencyBuckets = []float64{0.1, 0.5, 1, 3, 5, 10, 30, 60, 300, 600, 1800, 3600}
+
+	// PodCreationReachabilityLatency is measured by watching for pod creations
+	// and updates and immediately sending traffic to them, as soon as IP has been
+	// assigned, to get a timestamp of the first successful request.
+	// Pod's creationTimestamp (Start time).
+	// First successful request (End time).
+	// Reported time = End time - Start time.
+	PodCreationReachabilityLatency = prometheus.NewHistogram(
+		prometheus.HistogramOpts{
+			Name:    "pod_creation_reachability_latency_seconds",
+			Help:    "Latency (in seconds) for network policy to be enforced for new pods",
+			Buckets: latencyBuckets,
+		},
+	)
+	// PolicyEnforceLatencyPolicyCreation is measured by continuously sending
+	// requests to pods to get timestamps of the first successful request.
+	// Network policy's creationTimestamp (Start time).
+	// First successful request (End time).
+	// Reported time = End time - Start time.
+	PolicyEnforceLatencyPolicyCreation = prometheus.NewHistogram(
+		prometheus.HistogramOpts{
+			Name:    "policy_enforcement_latency_policy_creation_seconds",
+			Help:    "Latency (in seconds) for new network policy to be enforced for new network policies",
+			Buckets: latencyBuckets,
+		},
+	)
+	// PodIPAddressAssignedLatency is measured by watching for pod updates.
+	// Pod's creationTimestamp (Start time).
+	// The first pod update that has IP assigned (End time).
+	// Reported time = End time - Start time.
+	PodIPAddressAssignedLatency = prometheus.NewHistogram(
+		prometheus.HistogramOpts{
+			Name:    "pod_ip_address_assigned_latency_seconds",
+			Help:    "Latency (in seconds) for IP address to be assigned to a pod, after pod creation",
+			Buckets: latencyBuckets,
+		},
+	)
+)
+
+var register sync.Once
+
+// RegisterHistogramMetric registers the specified prometheus histogram metric.
+func RegisterHistogramMetric(metric prometheus.Histogram) {
+	register.Do(func() {
+		prometheus.MustRegister(metric)
+	})
+}
+
+// StartMetricsServer runs a Prometheus HTTP server that exposes metrics on the
+// specified port.
+func StartMetricsServer(listenAddr string) *http.Server {
+	http.Handle("/metrics", promhttp.Handler())
+	http.Handle("/healthz", http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+		w.WriteHeader(http.StatusOK)
+	}))
+	server := &http.Server{Addr: listenAddr}
+	go func(server *http.Server) {
+		klog.Infof("Starting HTTP server on %q.", listenAddr)
+		err := server.ListenAndServe()
+		if err != nil && err != http.ErrServerClosed {
+			klog.Fatalf("Metrics server failed to start, error: %v", err)
+		}
+	}(server)
+	return server
+}