teste de carga de um unico host and change the X-FORWARDED-FOR
18 views
Skip to first unread message
Guilherme Ferreira
Sep 1, 2023, 1:18:55 PMSep 1
to Keycloak User
Hi everyone, everything fine?
I performed some load tests using the Gatling tool in KeyCloak, both tests used the same settings using the same machines and realized that the calls made from a single host using multiple users the CPU usage was only a single core, when I did the same call but changing the Header X-FORWARDED-FOR in the call simulating several valid IPs the keycloak uses more CPU and more Memory.
Today my scenario would be most of my clients leaving a NAT network so they are all arriving with the same IP so this is a performance issue for me.
Could anyone help me with an idea of how I could solve this point?
ENV:
I performed some load tests using the Gatling tool in KeyCloak, both tests used the same settings using the same machines and realized that the calls made from a single host using multiple users the CPU usage was only a single core, when I did the same call but changing the Header X-FORWARDED-FOR in the call simulating several valid IPs the keycloak uses more CPU and more Memory.
Today my scenario would be most of my clients leaving a NAT network so they are all arriving with the same IP so this is a performance issue for me.
Could anyone help me with an idea of how I could solve this point?
Configuration of pod:
image:
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
repository: bitnami/keycloak-config-cli
tag: 5.6.1-debian-11-r39
ENV:
- name: KEYCLOAK_LOG_LEVEL
value: DEBUG
- name: KC_HOSTNAME_STRICT
value: "true"
- name: KEYCLOAK_PROXY_ADDRESS_FORWARDING
value: "true"
- name: KEYCLOAK_PRODUCTION
value: "true"
- name: KC_CACHE_STACK
value: kubernetes
- name: JAVA_OPTS
value: -Djgroups.dns.query=keycloak-headless
- name: CACHE_OWNERS_COUNT
value: "2"
- name: CACHE_OWNERS_AUTH_SESSIONS_COUNT
value: "2"
- name: KEYCLOAK_ENABLE_HTTPS
value: "false"
- name: KEYCLOAK_PROXY
value: edge
- name: KC_METRICS_ENABLED
value: "true"
- name: KC_HEALTH_ENABLED
value: "true"
- name: JAVA_OPTS_APPEND
value: -Xms8G -Xmx8G -Xmn2G -XX:+UseG1GC
resources:
limits:
memory: 12G
requests:
cpu: 2
memory: 8G
livenessProbe:
enabled: true
failureThreshold: 3
initialDelaySeconds: 300
periodSeconds: 1
successThreshold: 1
timeoutSeconds: 30
value: DEBUG
- name: KC_HOSTNAME_STRICT
value: "true"
- name: KEYCLOAK_PROXY_ADDRESS_FORWARDING
value: "true"
- name: KEYCLOAK_PRODUCTION
value: "true"
- name: KC_CACHE_STACK
value: kubernetes
- name: JAVA_OPTS
value: -Djgroups.dns.query=keycloak-headless
- name: CACHE_OWNERS_COUNT
value: "2"
- name: CACHE_OWNERS_AUTH_SESSIONS_COUNT
value: "2"
- name: KEYCLOAK_ENABLE_HTTPS
value: "false"
- name: KEYCLOAK_PROXY
value: edge
- name: KC_METRICS_ENABLED
value: "true"
- name: KC_HEALTH_ENABLED
value: "true"
- name: JAVA_OPTS_APPEND
value: -Xms8G -Xmx8G -Xmn2G -XX:+UseG1GC
resources:
limits:
memory: 12G
requests:
cpu: 2
memory: 8G
livenessProbe:
enabled: true
failureThreshold: 3
initialDelaySeconds: 300
periodSeconds: 1
successThreshold: 1
timeoutSeconds: 30
readinessProbe:
enabled: true
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 30
Best Regards,
enabled: true
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 30
Best Regards,
Reply all
Reply to author
Forward
0 new messages