diff --git a/systemtest/benchtest/expvar/expvar.go b/systemtest/benchtest/expvar/expvar.go index 452e3ddf0bf..44e063affcf 100644 --- a/systemtest/benchtest/expvar/expvar.go +++ b/systemtest/benchtest/expvar/expvar.go @@ -20,6 +20,7 @@ package expvar import ( "context" "encoding/json" + "fmt" "net/http" "runtime" ) @@ -138,6 +139,7 @@ func doExpvar(req *http.Request, out *expvar) (string, error) { func WaitUntilServerInactive(ctx context.Context, server string) error { result := expvar{LibbeatStats: LibbeatStats{ActiveEvents: 1}} for result.ActiveEvents > 0 { + fmt.Printf("events count %d\n", result.ActiveEvents) select { case <-ctx.Done(): return ctx.Err() diff --git a/systemtest/cmd/moxy/.gitignore b/systemtest/cmd/moxy/.gitignore new file mode 100644 index 00000000000..48537ea034d --- /dev/null +++ b/systemtest/cmd/moxy/.gitignore @@ -0,0 +1 @@ +moxy diff --git a/systemtest/cmd/moxy/main.go b/systemtest/cmd/moxy/main.go index ed7c63d42c4..c1d546dbd66 100644 --- a/systemtest/cmd/moxy/main.go +++ b/systemtest/cmd/moxy/main.go @@ -3,6 +3,7 @@ package main import ( "bufio" "bytes" + "encoding/base64" "flag" "fmt" "io" @@ -19,6 +20,8 @@ func main() { "loglevel", zapcore.InfoLevel, "set log level to one of: DEBUG, INFO (default), WARN, ERROR, DPANIC, PANIC, FATAL", ) + username := flag.String("username", "elastic", "authentication username to mimic ES") + password := flag.String("password", "", "authentication username to mimic ES") flag.Parse() zapcfg := zap.NewProductionConfig() zapcfg.EncoderConfig.EncodeTime = zapcore.RFC3339TimeEncoder @@ -29,24 +32,59 @@ func main() { if err != nil { panic(err) } + if *username == "" || *password == "" { + logger.Fatal("both username and password are required") + } defer logger.Sync() s := http.Server{ Addr: ":9200", - Handler: handler(logger), + Handler: handler(logger, *username, *password), } if err := s.ListenAndServe(); err != nil { logger.Fatal("listen error", zap.Error(err)) } } -func handler(logger *zap.Logger) http.Handler { +func handler(logger *zap.Logger, username, password string) http.Handler { + expectedAuth := fmt.Sprintf("%s:%s", username, password) return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("X-Elastic-Product", "Elasticsearch") - first := true + auth := r.Header.Get("Authorization") + actualAuth, err := base64.StdEncoding.DecodeString(auth) + if err != nil || string(actualAuth) != expectedAuth { + logger.Error( + "authentication failed", + zap.Error(err), + zap.String("actual", string(actualAuth)), + zap.String("expected", expectedAuth), + ) + w.WriteHeader(http.StatusUnauthorized) + return + } switch r.URL.Path { + case "/": + // MIS doesn't use this route, but apm-server checks for cluster_uuid + w.Write([]byte(`{ + "name": "instance-0000000001", + "cluster_name": "eca3b3c3bbee4816bb92f82184e328dd", + "cluster_uuid": "cc49813b6b8e2138fbb8243ae2b3deed", + "version": { + "number": "8.15.1", + "build_flavor": "default", + "build_type": "docker", + "build_hash": "253e8544a65ad44581194068936f2a5d57c2c051", + "build_date": "2024-09-02T22:04:47.310170297Z", + "build_snapshot": false, + "lucene_version": "9.11.1", + "minimum_wire_compatibility_version": "7.17.0", + "minimum_index_compatibility_version": "7.0.0" + }, + "tagline": "You Know, for Search" + }`)) case "/_security/user/_has_privileges": w.Write([]byte(`{"username":"admin","has_all_requested":true,"cluster":{},"index":{},"application":{"apm":{"-":{"event:write":true}}}}`)) case "/_bulk": + first := true var body io.Reader switch r.Header.Get("Content-Encoding") { case "gzip": diff --git a/testing/benchmark/main.tf b/testing/benchmark/main.tf index 240ac11a4b6..42ae7d4c968 100644 --- a/testing/benchmark/main.tf +++ b/testing/benchmark/main.tf @@ -35,7 +35,9 @@ module "tags" { project = startswith(var.user_name, "benchci") ? "benchmarks" : var.user_name } -provider "ec" {} +provider "ec" { + apikey = "aaa" +} provider "aws" { region = var.worker_region @@ -127,7 +129,7 @@ module "benchmark_worker" { private_key = var.private_key tags = merge(local.ci_tags, module.tags.tags) - depends_on = [module.vpc] + depends_on = [module.moxy, module.ec_deployment] } module "moxy" { @@ -158,9 +160,9 @@ module "standalone_apm_server" { aws_provisioner_key_name = var.private_key elasticsearch_url = module.moxy[0].moxy_url - elasticsearch_username = "" - elasticsearch_password = "" + elasticsearch_username = "elastic" + elasticsearch_password = module.moxy[0].moxy_password tags = merge(local.ci_tags, module.tags.tags) - depends_on = [module.vpc] + depends_on = [module.moxy] } diff --git a/testing/benchmark/outputs.tf b/testing/benchmark/outputs.tf index d222ab4cf6b..079aea7e934 100644 --- a/testing/benchmark/outputs.tf +++ b/testing/benchmark/outputs.tf @@ -26,13 +26,13 @@ output "kibana_url" { } output "apm_secret_token" { - value = var.run_standalone ? module.standalone_apm_server[0].apm_server_url : module.ec_deployment[0].apm_url + value = var.run_standalone ? module.standalone_apm_server[0].apm_secret_token : module.ec_deployment[0].apm_secret_token description = "The APM Server secret token" sensitive = true } output "apm_server_url" { - value = var.run_standalone ? module.standalone_apm_server[0].apm_secret_token : module.ec_deployment[0].apm_secret_token + value = var.run_standalone ? module.standalone_apm_server[0].apm_server_url : module.ec_deployment[0].apm_url description = "The APM Server URL" sensitive = true } diff --git a/testing/benchmark/variables.tf b/testing/benchmark/variables.tf index fc12a72dd88..43c7cb86a97 100644 --- a/testing/benchmark/variables.tf +++ b/testing/benchmark/variables.tf @@ -1,12 +1,13 @@ ## General configuration variable "user_name" { + default = "test-kostya-vpc-bench-apm" description = "Required username to use for prefixes" type = string } variable "run_standalone" { - default = false + default = true description = "If set run benchmarks against standalone APM Server conneted to moxy" type = bool } diff --git a/testing/infra/terraform/modules/moxy/main.tf b/testing/infra/terraform/modules/moxy/main.tf index ffbeb9cb3cf..0429d76d164 100644 --- a/testing/infra/terraform/modules/moxy/main.tf +++ b/testing/infra/terraform/modules/moxy/main.tf @@ -83,8 +83,9 @@ resource "aws_instance" "moxy" { provisioner "remote-exec" { inline = [ "sudo cp ${local.bin_path} moxy", - "chmod +x moxy", - "./moxy &" + "sudo chmod +x moxy", + "screen -d -m ./moxy -password=${random_password.moxy_password.result}", + "sleep 1" ] } @@ -95,3 +96,9 @@ resource "aws_key_pair" "provisioner_key" { public_key = file("${var.aws_provisioner_key_name}.pub") tags = var.tags } + + +resource "random_password" "moxy_password" { + length = 16 + special = false +} diff --git a/testing/infra/terraform/modules/moxy/outputs.tf b/testing/infra/terraform/modules/moxy/outputs.tf index a9c9844a84b..89414843b6b 100644 --- a/testing/infra/terraform/modules/moxy/outputs.tf +++ b/testing/infra/terraform/modules/moxy/outputs.tf @@ -1,4 +1,10 @@ output "moxy_url" { value = "http://${aws_instance.moxy.public_ip}:${local.moxy_port}" - description = "The Moxy Server URL" + description = "The Moxy server URL" +} + +output "moxy_password" { + value = random_password.moxy_password.result + description = "The Moxy password for communication" + sensitive = true } diff --git a/testing/infra/terraform/modules/standalone_apm_server/main.tf b/testing/infra/terraform/modules/standalone_apm_server/main.tf index 47a2e129a89..c638a040808 100644 --- a/testing/infra/terraform/modules/standalone_apm_server/main.tf +++ b/testing/infra/terraform/modules/standalone_apm_server/main.tf @@ -202,9 +202,11 @@ resource "aws_instance" "apm" { "sleep 1", ] : [ "sudo cp ${local.bin_path} apm-server", - "chmod +x apm-server", + "sudo chmod +x apm-server", "sudo cp ${local.conf_path} apm-server.yml", - "./apm-server &" + "sudo mkdir -m 777 /var/log/apm-server", + "screen -d -m ./apm-server", + "sleep 1" ] ) }