[READ-ONLY] Mirror of https://github.com/FoxxMD/crowdsecBench. Benchmark Crowdsec CPU usage with concurrent requests
benchmark cpu-usage crowdsec docker k6 monitoring visualization
0

Configure Feed

Select the types of activity you want to include in your feed.

TypeScript 99.5%
Shell 0.5%
21 1 0

Clone this repository

https://tangled.org/foxxmd.dev/crowdsecBench https://tangled.org/did:plc:mtxqvks6cxft2thojnblhc5f
git@tangled.org:foxxmd.dev/crowdsecBench git@tangled.org:did:plc:mtxqvks6cxft2thojnblhc5f

For self-hosted knots, clone URLs may differ based on your setup.



README.md

Crowdsec Benchmark#

This docker stack can be used to benchmark an out-of-the-box crowdsec installation. It contains:

  • Traefik reverse proxy
    • Configured with Access Logs that Crowdsec can consume
    • Wired to serve mendhak/http-https-echo, a simple web server that accepts any paths and echos back the request as JSON
  • Crowdsec
    • Configured to consume Traefik logs
    • With Collections required for parsing those logs and basic web traffic
  • k6 load testing tool
    • Configured to generate concurrent requests and duration of load using ENVs
    • Randomized path (RANDOMIZE=true)
    • Randomized User-Agent
  • forked goeffel for capturing process activity

Additionally, the bash script bench.sh can be used to orchestrate the load call, monitor the crowdsec process, and create a .png plot of CPU using goeffel.

Usage#

Run Load#

Using bench.sh#

./bench.sh

After the run has finished an image [date]_crowdsec-web-traffic-load-[unix_timestamp].png will be generated in ./data/goeffel directory.

Additional graphs can be plotted from the generated hdf5 file using goeffel-analysis.

Manually#

  1. Start docker services required to run the load
docker compose up traefik echo crowdsec -d
  1. Start any monitoring/profiling software for crowdsec

Using the goeffel container EX:

docker compose run --rm --no-TTY goeffel goeffel --pid MY_COOL_PROGRAM_PID
  1. Run load
docker compose up k6

(Optional) Customize Load with .env#

Use the sample .env.example to create an .env for your scenario.

  • TARGET = number of concurrent requests to make per second
  • DURATION = number of seconds to run load (the s at the end is important)
  • RANDOMIZE = randomize url path -- true or false

Benchmark Results#

See the bench-results folder for some benchmarks run on my own hardware.