Installation

This section discusses the hardware and software requirements as well as the process of installing the Benchmarking Suite.

CLI installation

The Benchmarking Suite is package and distributed through PyPI.

Important

The Benchmarking Suite requires Python 3.5+. If it is not the default version in you system, it is recommended to create a virtualenv:

virtualenv -p /usr/bin/python3.5 benchmarking-suite
source benchsuite/bin/activate

Let’s start by installing the command line tool and the standard library:

$ pip install benchsuite.stdlib benchsuite.cli

This will make available the benchsuite bash command and will copy the standard benchmark tests configuration into the default configuration location (located under ~/.config/benchmarking-suite/benchmarks).

Service installation

The Benchmarking Suite has also been packaged as a SaaS solution to fit different usage scenarios. This way, once installed on a server, all functionalities will be available through your web browser in a multi-tenant environment.

The Benchmarking Suite is distributed as a multi-container Docker application defined through Docker Compose. Individual components are shipped as Docker images, while the whole suite can be deployed and orchestrated through Docker Swarm.

For each individual service in the ‘docker-compose.yml’ here is the list of the variables to configure. A description of each service can be found in the next sections.

Note that the template ‘docker-compose.yml’ in the code repository references a ‘.env’ configuration file where all secrets are configured.

  1. Clone the repository:
git clone https://gitlab.res.eng.it/benchsuite/benchsuite-compose.git
  1. Create a .env file with the following content:
# Keycloak
DB_USER=keycloak-user
DB_PASSWORD=keycloak-pass
KEYCLOAK_USER=admin
KEYCLOAK_PASSWORD=admin

# Postgres (for Keycloak)
POSTGRES_USER=keycloak-user
POSTGRES_PASSWORD=keycloak-password

#Grafana
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET=<some temporary secret>

#Influx
INFLUXDB_ADMIN_USER=influx-user
INFLUXDB_ADMIN_PASSWORD=influx-password

#Benchsuite API
BENCHSUITE_OIDC_CLIENT_SECRET=<some temporary secret>
BENCHSUITE_DEV_KEY=aSecretDevKey
# AES_KEY must be 16 characters long!
AES_KEY=This_is_a_key123

# Syndication Client
MARKETPLACE_USER=marketplace-user
MARKETPLACE_PASSWORD=marketplace-password
MARKETPLACE_SYNDICATION_EVENT_SIGNATURE_TOKEN=marketplace-token
MARKETPLACE_BENCHSUITE_SKU=marketplace-sku
GRAFANA_USERNAME=grafana-admin-user
GRAFANA_PASSWORD=grafana-admin-password
KEYCLOAK_ADMIN_CLIENT_SECRET_KEY=<some temporary secret>

Further details about the Marketplace Syndication are available at: https://docs.cloudesire.com/docs/syndication.html

  1. Make sure that INFLUXDB_ADMIN_USER and INFLUXDB_ADMIN_PASSWORD match the values username and password in the storage.conf file
  2. Make sure that DB_USER and DB_PASSWORD match POSTGRES_USER and POSTGRES_PASSWORD
  3. Set stack name and network domain env variables:
$ export STACK_NAME=bes1

$ export NET_DOMAIN=benchsuite.acme.org
  1. Create the traefik.yaml file for the Traefik dynamic configuration:
tls:
  options:
    default:
      minVersion: VersionTLS12
      cipherSuites:
        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        - TLS_RSA_WITH_AES_256_GCM_SHA384
  1. Create an empty file with permission 600 called traefik-acme.json. It will contain the certificates generated by Traefik
  2. Deploy the stack
sudo NET_DOMAIN=$NET_DOMAIN STACK_NAME=$STACK_NAME docker stack deploy -c docker-compose.yml $STACK_NAME
  1. Setup Keycloak
    1. Access https://$NET_DOMAIN/auth/
    2. Create a realm named “benchsuite”
    3. Set frontend url in realm settings to “https://$NET_DOMAIN/auth/
    4. create a client named “grafana”
      1. set redirect uri to https://$NET_DOMAIN/charts/*
      2. make it ‘confidential’
      3. create roles admin, viewer and editor
      4. create a mapper for the role (type: “User Client Role”, token claim name: “roles”, json type: “string”)
    5. copy grafana client secret and set the env var
    6. create “benchsuite-api” client
      1. set redirect uri to “https://$NET_DOMAIN/*
      2. make it ‘confidential’
    7. create a user, assign grafana role
  2. Update the .env with client secrets as generated/set in Keycloak. The following variables must be set:
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET

BENCHSUITE_OIDC_CLIENT_SECRET

KEYCLOAK_ADMIN_CLIENT_SECRET_KEY
  1. Redeploy the stack
$ sudo docker stack rm $STACK_NAME

$ sudo NET_DOMAIN=$NET_DOMAIN STACK_NAME=$STACK_NAME docker stack deploy -c docker-compose.yml $STACK_NAME