diff --git a/test/performance/Ratelimit-README.md b/test/performance/Ratelimit-README.md new file mode 100644 index 000000000..6144a3cdd --- /dev/null +++ b/test/performance/Ratelimit-README.md @@ -0,0 +1,45 @@ +# Performance Testing Guide for APK with Rate Limiting + +Refer to the README.md file in the test/performance directory for general information on performance testing and environment setup. + +This guide outlines the steps to configure the environment and conduct performance tests for the APK product with rate limiting enabled. + +## Install APK and Setup APIs + +### Sample values.yaml for Rate Limiting +When installing APK, refer to the sample helm/values-cpu2-ratelimit.yaml file. + +Ensure the following configurations are updated in the values.yaml file: +- Redis URL and Keys: Set the appropriate Redis URL and authentication keys. + +### Sample Secret for Redis Authentication + +Apply the helm/secrets.yaml file to the cluster after updating it with the necessary Redis credentials. + +### Configure Rate Limiter Service (Headless) + +In the helm-charts/templates/data-plane/gateway-components/ratelimiter/ratelimiter-service.yaml file, set the clusterIP to None to make the service headless: + +```yaml +spec: + clusterIP: None +``` + +### Configure Rate Limiter Deployment + +In the helm-charts/templates/data-plane/gateway-components/ratelimiter/ratelimiter-deployment.yaml file, set the following environment variables: + +```yaml +- name: LOG_LEVEL + value: "WARN" +- name: REDIS_TLS_SKIP_HOSTNAME_VERIFICATION + value: "true" +``` + +### Setup APIs + +Apply the API resources from the ratelimitAPIArtifacts/ directory to the cluster. + +## Set Up Azure Redis Cache + +Create an Azure Redis Cache (Standard C3) instance in the same region as the Kubernetes cluster. \ No newline at end of file diff --git a/test/performance/helm/secrets.yaml b/test/performance/helm/secrets.yaml new file mode 100644 index 000000000..5d5d9785f --- /dev/null +++ b/test/performance/helm/secrets.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: apk-redis-secret + namespace: apk-integration-test +type: Opaque +data: + redisKey: diff --git a/test/performance/helm/values-cpu2-ratelimit.yaml b/test/performance/helm/values-cpu2-ratelimit.yaml new file mode 100644 index 000000000..d06752cbc --- /dev/null +++ b/test/performance/helm/values-cpu2-ratelimit.yaml @@ -0,0 +1,455 @@ +# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved. +# +# WSO2 LLC. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +wso2: + subscription: + imagePullSecrets: "" + + apk: + helmHooks: + webhooksCleanupEnabled: true + webhooks: + validatingwebhookconfigurations: true + mutatingwebhookconfigurations: true + conversionwebhookconfigurations: true + auth: + enabled: true + enableServiceAccountCreation: true + enableClusterRoleCreation: true + serviceAccountName: wso2apk-platform + roleName: wso2apk-role + listener: + hostname: "api.am.wso2.com" + port: 9095 + # secretName: "idp-tls" + idp: + issuer: "https://idp.am.wso2.com/token" + usernameClaim: "sub" + organizationClaim: "organization" + groupsClaim: "groups" + consumerKeyClaim: "clientId" + # organizationResolver: "controlPlane" # controlplane,none + # tls: + # secretName: "wso2apk-idp-certificates" + # fileName: "idp.crt" + # signing: + # jwksEndpoint: "https://idp.am.wso2.com:9095/oauth2/jwks" + # secretName: "wso2apk-idp-signing" + # fileName: "idp.crt" + # cp: + # enabledSubscription: true + # host: "apim-apk-agent-service.apk.svc.cluster.local" + # skipSSLVerification: true + # skipSSLVerification: false + # persistence: + # type: "K8s" + dp: + enabled: true + redis: + type: "single" + poolSize: 2000 + url: "XXXX.redis.cache.windows.net:6380" + auth: + enabled: true + certificatesSecret: "apk-redis-secret" + secretKey: "redisKey" + tls: true + gateway: + listener: + hostname: "gw.wso2.com" + service: {} + # secretName: "idp-tls" + # partitionServer: + # enabled: false + # host: "https://control-plane-wso2-apk-partition-server.control-plane.svc.cluster.local" + # serviceBasePath: "/api/publisher/v1" + # partitionName: "default" + # hostnameVerificationEnable: true + # tls: + # secretName: "partition-server-cert" + # fileName: "certificate.crt" + # headers: + # - name: "apiKey" + # value: "123-456-789" + configdeployer: + enabled: true + deployment: + resources: + requests: + memory: "512Mi" + cpu: "200m" + limits: + memory: "1024Mi" + cpu: "500m" + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + livenessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + strategy: RollingUpdate + replicas: 1 + imagePullPolicy: Always + image: wso2/apk-config-deployer-service:1.2.0 + # debug: true + # configs: + # tls: + # secretName: "my-secret" + # certKeyFilename: "tls.key" + # certFilename: "certchain.crt" + adapter: + deployment: + resources: + requests: + memory: "500Mi" + cpu: "500m" + limits: + memory: "500Mi" + cpu: "500m" + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + livenessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + strategy: RollingUpdate + replicas: 1 + imagePullPolicy: Always + image: wso2/apk-adapter:1.2.0 + security: + sslHostname: "adapter" + logging: + level: "DEBG" # LogLevels can be "DEBG", "FATL", "ERRO", "WARN", "INFO", "PANC" + # # logFormat: "TEXT" # Values can be "JSON", "TEXT" + configs: + enableGatewayClassController: false + # apiNamespaces: + # - "apk-v12" + # tls: + # secretName: "adapter-cert" + # certKeyFilename: "" + # certFilename: "" + commonController: + deployment: + redis: + host: "XXX.redis.cache.windows.net" + port: 6380 + username: "XXXXX" + password: "XXXXX" + tlsEnabled: true + resources: + requests: + memory: "64Mi" + cpu: "50m" + limits: + memory: "128Mi" + cpu: "200m" + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + livenessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + strategy: RollingUpdate + replicas: 1 + imagePullPolicy: Always + image: wso2/apk-common-controller:1.2.0 + security: + sslHostname: "commoncontroller" + # configs: + # apiNamespaces: + # - "apk-v12" + ratelimiter: + enabled: true + requestTimeoutInMillis: 10000 + deployment: + resources: + requests: + memory: "1000Mi" + cpu: "2000m" + limits: + memory: "1000Mi" + cpu: "2000m" + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + livenessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + strategy: RollingUpdate + replicas: 5 + imagePullPolicy: Always + image: wso2/apk-ratelimiter:1.2.0 + security: + sslHostname: "ratelimiter" + # configs: + # tls: + # secretName: "ratelimiter-cert" + # certKeyFilename: "" + # certFilename: "" + # certCAFilename: "" + gatewayRuntime: + service: + annotations: + service.beta.kubernetes.io/azure-load-balancer-internal: "true" + service.beta.kubernetes.io/azure-load-balancer-internal-subnet: "default" + deployment: + replicas: 5 + router: + resources: + requests: + memory: "1000Mi" + cpu: "2000m" + limits: + memory: "1000Mi" + cpu: "2000m" + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + livenessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + strategy: RollingUpdate + imagePullPolicy: Always + image: wso2/apk-router:1.2.0 + # configs: + # tls: + # secretName: "router-cert" + # certKeyFilename: "" + # certFilename: "" + # logging: + # wireLogs: + # enable: true + # accessLogs: + # enable: true + env: + TRAILING_ARGS: "--log-level warn" + enforcer: + resources: + requests: + memory: "2000Mi" + cpu: "1000m" + limits: + memory: "2000Mi" + cpu: "1000m" + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + livenessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + strategy: RollingUpdate + imagePullPolicy: Always + image: wso2/apk-enforcer:1.2.0 + security: + sslHostname: "enforcer" + # logging: + # level: DEBUG + configs: + javaOpts: "-Dhttpclient.hostnameVerifier=AllowAll -Xms1500m -Xmx1500m -XX:MaxRAMFraction=2" + authService: + maxMessageSize: 1000000000 + maxHeaderLimit: 8192 + keepAliveTime: 600 + threadPool: + coreSize: 400 + maxSize: 1000 + keepAliveTime: 600 + queueSize: 2000 + # tls: + # secretName: "router-cert" + # certKeyFilename: "" + # certFilename: "" + # JWKSClient: + # skipSSLVerification: false + # hostnameVerifier: "AllowAll" + + metrics: + enabled: false + # configDSBalHost: 0.0.0.0 + # idpDSBalHost: 0.0.0.0 + # statsd: + # image: + # repository: prom/statsd-exporter + # tag: v0.26.0 + # imagePullPolicy: Always + # resources: + # limits: + # memory: 128Mi + # requests: + # cpu: 0.1 + # memory: 64Mi +idp: + enabled: true + listener: + hostname: "idp.am.wso2.com" + # secretName: "idp-tls" + database: + driver: "org.postgresql.Driver" + url: "jdbc:postgresql://wso2apk-db-service:5432/WSO2AM_DB" + host: "wso2apk-db-service" + port: 5432 + databaseName: "WSO2AM_DB" + username: "wso2carbon" + secretName: "apk-db-secret" + secretKey: "DB_PASSWORD" + validationQuery: "SELECT 1" + validationTimeout: 250 + idpds: + configs: + issuer: "https://idp.am.wso2.com/token" + keyId: "gateway_certificate_alias" + hostname: "idp.am.wso2.com" + loginPageURl: "https://idp.am.wso2.com:9095/authenticationEndpoint/login" + loginErrorPageUrl: "https://idp.am.wso2.com:9095/authenticationEndpoint/error" + loginCallBackURl: "https://idp.am.wso2.com:9095/authenticationEndpoint/login-callback" + deployment: + resources: + requests: + memory: "512Mi" + cpu: "200m" + limits: + memory: "1024Mi" + cpu: "500m" + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + livenessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + strategy: RollingUpdate + replicas: 1 + imagePullPolicy: Always + image: wso2/apk-idp-domain-service:1.2.0 + idpui: + deployment: + resources: + requests: + memory: "64Mi" + cpu: "50m" + limits: + memory: "256Mi" + cpu: "100m" + readinessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + livenessProbe: + initialDelaySeconds: 20 + periodSeconds: 20 + failureThreshold: 5 + strategy: RollingUpdate + replicas: 1 + imagePullPolicy: Always + image: wso2/apk-idp-ui:1.2.0 + configs: + idpLoginUrl: "https://idp.am.wso2.com:9095/commonauth/login" + idpAuthCallBackUrl: "https://idp.am.wso2.com:9095/oauth2/auth-callback" + +gatewaySystem: + enabled: true + enableServiceAccountCreation: true + enableClusterRoleCreation: true + serviceAccountName: gateway-api-admission + applyGatewayWehbhookJobs: true + deployment: + image: registry.k8s.io/gateway-api/admission-server:v1.0.0 + imagePullPolicy: Always + +certmanager: + enabled: true + enableClusterIssuer: true + enableRootCa: true + rootCaSecretName: "apk-root-certificate" + +postgresql: + enabled: true + fullnameOverride: "wso2apk-db-service" + auth: + database: WSO2AM_DB + postgresPassword: wso2carbon + username: wso2carbon + password: wso2carbon + primary: + extendedConfiguration: | + max_connections = 400 + initdb: + scriptsConfigMap: postgres-initdb-scripts-configmap + user: wso2carbon + password: wso2carbon + service: + ports: + postgresql: 5432 + podSecurityContext: + enabled: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + enabled: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsUser: null + + image: + debug: true + +redis: + enabled: false + architecture: standalone + fullnameOverride: redis + primary: + service: + ports: + redis: 6379 + master: + resources: + requests: + memory: "512Mi" + cpu: "1000m" + limits: + memory: "512Mi" + cpu: "1000m" + podSecurityContext: + enabled: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + containerSecurityContext: + enabled: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] + runAsUser: null + auth: + enabled: false + image: + debug: true diff --git a/test/performance/ratelimitAPIArtifacts/api.yaml b/test/performance/ratelimitAPIArtifacts/api.yaml new file mode 100644 index 000000000..571ffe27b --- /dev/null +++ b/test/performance/ratelimitAPIArtifacts/api.yaml @@ -0,0 +1,25 @@ +--- +kind: "API" +apiVersion: "dp.wso2.com/v1alpha2" +metadata: + name: "default-api-definition-endpoint-test" + labels: + api-name: "cd66352292ca1b9f45d6d490f8ae612a962ac112" + api-version: "983b34771fb7185d04c9603559c9e46f4b70496d" + organization: "7505d64a54e061b7acd54ccd58b49dc43500b635" + managed-by: "apk" + annotations: + wso2apk/api-uuid: "default-api-definition-endpoint-test" +spec: + apiName: "APIDefinitionEndpointDefault" + apiType: "REST" + apiVersion: "3.14" + basePath: "/test-definition-default/3.14" + organization: "default" + definitionFileRef: "default-api-definition-endpoint-test-definition" + production: + - routeRefs: + - "01ee3d7a-36d0-176e-aee2-6b601948eb64" + sandbox: null + apiProperties: [] +status: null \ No newline at end of file diff --git a/test/performance/ratelimitAPIArtifacts/backend.yaml b/test/performance/ratelimitAPIArtifacts/backend.yaml new file mode 100644 index 000000000..6c031365c --- /dev/null +++ b/test/performance/ratelimitAPIArtifacts/backend.yaml @@ -0,0 +1,74 @@ +--- +apiVersion: "dp.wso2.com/v1alpha2" +kind: "Backend" +metadata: + name: "backend-65bb2c47600834c7bb4b8a405b1cfe3921fc7d74-api" + labels: + api-name: "cd66352292ca1b9f45d6d490f8ae612a962ac112" + api-version: "983b34771fb7185d04c9603559c9e46f4b70496d" + organization: "7505d64a54e061b7acd54ccd58b49dc43500b635" + managed-by: "apk" +spec: + services: + - host: "backend" + port: 80 + basePath: "/anything" + protocol: "http" +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: netty-backend +spec: + replicas: 1 + selector: + matchLabels: + app: netty-backend + template: + metadata: + labels: + app: netty-backend + spec: + containers: + - name: netty-backend + image: renukafernando/netty-http-echo-service:0.4.6-ubuntu-java8 + args: + - "-m" + - "1g" + imagePullPolicy: IfNotPresent + resources: + requests: + memory: "4096Mi" + cpu: "2000m" + limits: + memory: "6114Mi" + cpu: "2000m" + ports: + - containerPort: 8688 + livenessProbe: + tcpSocket: + port: 8688 + initialDelaySeconds: 10 + periodSeconds: 30 + readinessProbe: + tcpSocket: + port: 8688 + initialDelaySeconds: 8 + periodSeconds: 5 + restartPolicy: Always +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: backend + name: backend +spec: + type: NodePort + selector: + app: netty-backend + ports: + - name: http + port: 80 + targetPort: 8688 + protocol: TCP diff --git a/test/performance/ratelimitAPIArtifacts/custom-jwt-cm.yaml b/test/performance/ratelimitAPIArtifacts/custom-jwt-cm.yaml new file mode 100644 index 000000000..161aada4b --- /dev/null +++ b/test/performance/ratelimitAPIArtifacts/custom-jwt-cm.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +data: + wso2carboncustom.pem: | + -----BEGIN CERTIFICATE----- + MIIDUTCCAjmgAwIBAgIELEvnljANBgkqhkiG9w0BAQsFADBZMQswCQYDVQQGEwJV + UzEMMAoGA1UECBMDVVNBMQwwCgYDVQQHEwNVU0ExDTALBgNVBAoTBHdzbzIxCzAJ + BgNVBAsTAml0MRIwEAYDVQQDEwl0aGFyc2FuYW4wHhcNMjMwODE4MTE1MDE5WhcN + MjMxMTE2MTE1MDE5WjBZMQswCQYDVQQGEwJVUzEMMAoGA1UECBMDVVNBMQwwCgYD + VQQHEwNVU0ExDTALBgNVBAoTBHdzbzIxCzAJBgNVBAsTAml0MRIwEAYDVQQDEwl0 + aGFyc2FuYW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeS6hIZTRS + htqAmAjkbK0ZRltb1jr5xSU8lHSB9Lp8jgNSesIBu24JH/45UNPppzng5qwVGGlD + Lio1wiJStWsX5clPPZn2Xv6jjF/igboeafDg/8KrIGRe9r+KZHJtcdlYM69ir1QK + ozKU/qGydcjOWqkLt5GNiM7rlrHkGy34wmQHCZEC+P4djj1WgzR6NGBefmQCGy6S + ugQHxHIpjj3MKLebECsEzLPzs70u2e0RFCtwv2u+iLkGRlvmcphIAUO1B633vlLf + IXZHKAhbpUYc17J3XWHvmL+sogDwPCpBbCC4ekZNUvWuZ8Pf4cxuzUyjTpjWVP3i + Vu27pn1b6V4rAgMBAAGjITAfMB0GA1UdDgQWBBQedDozsJNWZOChc3eecnuLtTYM + zTANBgkqhkiG9w0BAQsFAAOCAQEATy/hIJnW8juNFQGUnHfzXmwPNmneODOutdym + ErI5TLeSN1oe94PQDYItPZlM5JLI+GoluVydHTrWgOp57GmOh0My839uROyS5U3C + n1F+KvfXCeHRJ5huUOO9nP+icdfKq3OOFGedkXbFP815VWtP3fpKUFEHdDxVBkyj + Q2m8xSCqrD8Lmgvmmqg3K9huddKNYaZI8j5dSmX/bjtsWWrJQp08BEE5HXVEckya + Zd0+uyNNgpFBvEtL6HkFEFl3LXw5f1NGi8Ar95BaUReKr2ZnBe5vWkSQV/WaumVz + s48mo2uOXtUFLnOR6wmyNP9/hMuCNL+pI2YyINUpiogP5Ga2ug== + -----END CERTIFICATE----- +kind: ConfigMap +metadata: + name: custom-jwt-cm diff --git a/test/performance/ratelimitAPIArtifacts/default-api-definition-cm.yaml b/test/performance/ratelimitAPIArtifacts/default-api-definition-cm.yaml new file mode 100644 index 000000000..2ebd4699e --- /dev/null +++ b/test/performance/ratelimitAPIArtifacts/default-api-definition-cm.yaml @@ -0,0 +1,11 @@ +kind: "ConfigMap" +apiVersion: "v1" +metadata: + name: "default-api-definition-endpoint-test-definition" + labels: + api-name: "cd66352292ca1b9f45d6d490f8ae612a962ac112" + api-version: "983b34771fb7185d04c9603559c9e46f4b70496d" + organization: "7505d64a54e061b7acd54ccd58b49dc43500b635" + managed-by: "apk" +binaryData: + definition: "H4sIAAAAAAAAAO1VwXLTQAz9lczCqQNxmnJgcoMhh8xwYOj01Olh41WSLevd7a4MmIz/HUmOnZRmSgnlRi6xV9KT3pNW3qoQweto1UxdjCfjc/VqpKxfBTXbKrTogAzvPi0+wMp6izb4uTcxWI90omuH7P8VUiaLQJy/US0dZUh8qmbXW1UnR6YNYpwVxVKXX8Cb2dtJoX2DG+vXDGEgl8lG7GAuJXp09fmjam8ErayTxUbgzC7x7PpGjFHjJnO5BVTRhQaAX9aAQkGvuQjVm16XwWMKzkFSHEzsk+asC0N5KWi+c8xKoJOuAHsinl7Iy5pOJHq8qyE1/JbgrrYJCARTDVwyNqLdKqSKHeA74RrY28sNVFpKbCI7ZkysRSucEuQYfAbhNZ1M+O++RDsVRr0n52Bu4IW3jtHZUpgVt5kjtg9T6pS0VG8RKkn1MsGKDC+KMlQES2C56MJy0StDJfLv0bawNYZ8Qgu0MUOina6Q8X0wDWM9meGTiTyH2GfF2YnZf6Mim4epLrb908K0nCXWJ+gLxuKhwMdHfJ9pGHW+Zo9OerYUBPdmfaVdPjrstD9gTfWRjS+Ixu7sYvpc8//PWiK7ypFgfy59F/df/L+4D60k6jH2SeRxfrD+d1TD8hZK+UbFxM1A27EiibklD5YvOXZNOGYhDeza606DYw5ZO52aA5uvq+UvQptQL92wenqul8yiK21gvCeha9xMBcWFb+LE3bal7RYhWUOyP6Swq+Fbm+lji7Q6x6SXkjEgATi4W9/tT3K9Dzr6BwAA" diff --git a/test/performance/ratelimitAPIArtifacts/http_route.yaml b/test/performance/ratelimitAPIArtifacts/http_route.yaml new file mode 100644 index 000000000..73328e92e --- /dev/null +++ b/test/performance/ratelimitAPIArtifacts/http_route.yaml @@ -0,0 +1,79 @@ +--- +apiVersion: "gateway.networking.k8s.io/v1beta1" +kind: "HTTPRoute" +metadata: + name: "01ee3d7a-36d0-176e-aee2-6b601948eb64" + labels: + api-name: "cd66352292ca1b9f45d6d490f8ae612a962ac112" + api-version: "983b34771fb7185d04c9603559c9e46f4b70496d" + organization: "7505d64a54e061b7acd54ccd58b49dc43500b635" + managed-by: "apk" +spec: + hostnames: + - "default.gw.wso2.com" + rules: + - matches: + - path: + type: "RegularExpression" + value: "/employee" + method: "GET" + filters: + - type: "URLRewrite" + urlRewrite: + path: + type: "ReplaceFullPath" + replaceFullPath: "/employee" + backendRefs: + - group: "dp.wso2.com" + kind: "Backend" + name: "backend-65bb2c47600834c7bb4b8a405b1cfe3921fc7d74-api" + - matches: + - path: + type: "RegularExpression" + value: "/employee" + method: "POST" + filters: + - type: "URLRewrite" + urlRewrite: + path: + type: "ReplaceFullPath" + replaceFullPath: "/employee" + backendRefs: + - group: "dp.wso2.com" + kind: "Backend" + name: "backend-65bb2c47600834c7bb4b8a405b1cfe3921fc7d74-api" + - matches: + - path: + type: "RegularExpression" + value: "/employee/(.*)" + method: "PUT" + filters: + - type: "URLRewrite" + urlRewrite: + path: + type: "ReplaceFullPath" + replaceFullPath: "/employee/\\1" + backendRefs: + - group: "dp.wso2.com" + kind: "Backend" + name: "backend-65bb2c47600834c7bb4b8a405b1cfe3921fc7d74-api" + - matches: + - path: + type: "RegularExpression" + value: "/employee/(.*)" + method: "DELETE" + filters: + - type: "URLRewrite" + urlRewrite: + path: + type: "ReplaceFullPath" + replaceFullPath: "/employee/\\1" + backendRefs: + - group: "dp.wso2.com" + kind: "Backend" + name: "backend-65bb2c47600834c7bb4b8a405b1cfe3921fc7d74-api" + parentRefs: + - group: "gateway.networking.k8s.io" + kind: "Gateway" + name: "wso2-apk-default" + sectionName: "httpslistener" diff --git a/test/performance/ratelimitAPIArtifacts/perf-test-tokenIssuer.yaml b/test/performance/ratelimitAPIArtifacts/perf-test-tokenIssuer.yaml new file mode 100644 index 000000000..b1c17bddc --- /dev/null +++ b/test/performance/ratelimitAPIArtifacts/perf-test-tokenIssuer.yaml @@ -0,0 +1,19 @@ +kind: TokenIssuer +apiVersion: dp.wso2.com/v1alpha1 +metadata: + name: perf-test-token-issuer +spec: + consumerKeyClaim: azp + issuer: https://idp1.com + name: idp-1 + organization: default + scopesClaim: scope + signatureValidation: + certificate: + configMapRef: + name: custom-jwt-cm + key: "wso2carboncustom.pem" + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: wso2-apk-default \ No newline at end of file diff --git a/test/performance/ratelimitAPIArtifacts/ratelimit.yaml b/test/performance/ratelimitAPIArtifacts/ratelimit.yaml new file mode 100644 index 000000000..ced017f05 --- /dev/null +++ b/test/performance/ratelimitAPIArtifacts/ratelimit.yaml @@ -0,0 +1,13 @@ +apiVersion: dp.wso2.com/v1alpha3 +kind: RateLimitPolicy +metadata: + name: api-ratelimit-policy +spec: + default: + api: + requestsPerUnit: 1000000 + unit: Minute + targetRef: + kind: API + name: default-api-definition-endpoint-test + group: gateway.networking.k8s.io