From e9ab07574f4dd656881067de41841cc169037daf Mon Sep 17 00:00:00 2001 From: Noah Eisen Date: Mon, 21 Nov 2016 17:56:44 -0800 Subject: [PATCH 1/2] Add new flags to go stress client Stress client can now handle connections with TLS. It can also use the custom ca file in the new testdata file. --- stress/client/main.go | 35 ++++++++++++++++++++++++++++-- stress/client/testdata/ca.pem | 15 +++++++++++++ stress/client/testdata/server1.key | 16 ++++++++++++++ stress/client/testdata/server1.pem | 16 ++++++++++++++ 4 files changed, 80 insertions(+), 2 deletions(-) create mode 100644 stress/client/testdata/ca.pem create mode 100644 stress/client/testdata/server1.key create mode 100644 stress/client/testdata/server1.pem diff --git a/stress/client/main.go b/stress/client/main.go index 89df93d2..bfa73cba 100644 --- a/stress/client/main.go +++ b/stress/client/main.go @@ -47,6 +47,7 @@ import ( "golang.org/x/net/context" "google.golang.org/grpc" "google.golang.org/grpc/codes" + "google.golang.org/grpc/credentials" "google.golang.org/grpc/grpclog" "google.golang.org/grpc/interop" testpb "google.golang.org/grpc/interop/grpc_testing" @@ -60,6 +61,12 @@ var ( numChannelsPerServer = flag.Int("num_channels_per_server", 1, "Number of channels (i.e connections) to each server") numStubsPerChannel = flag.Int("num_stubs_per_channel", 1, "Number of client stubs per each connection to server") metricsPort = flag.Int("metrics_port", 8081, "The port at which the stress client exposes QPS metrics") + useTLS = flag.Bool("use_tls", false, "Connection uses TLS if true, else plain TCP") + testCA = flag.Bool("use_test_ca", false, "Whether to replace platform root CAs with test CA as the CA root") + tlsServerName = flag.String("server_host_override", "foo.test.google.fr", "The server name use to verify the hostname returned by TLS handshake if it is not empty. Otherwise, --server_host is used.") + + // The test CA root cert file + testCAFile = "testdata/ca.pem" ) // testCaseWithWeight contains the test case type and its weight. @@ -242,7 +249,7 @@ func performRPCs(gauge *gauge, conn *grpc.ClientConn, selector *weightedRandomTe func logParameterInfo(addresses []string, tests []testCaseWithWeight) { grpclog.Printf("server_addresses: %s", *serverAddresses) grpclog.Printf("test_cases: %s", *testCases) - grpclog.Printf("test_duration-secs: %d", *testDurationSecs) + grpclog.Printf("test_duration_secs: %d", *testDurationSecs) grpclog.Printf("num_channels_per_server: %d", *numChannelsPerServer) grpclog.Printf("num_stubs_per_channel: %d", *numStubsPerChannel) grpclog.Printf("metrics_port: %d", *metricsPort) @@ -257,6 +264,30 @@ func logParameterInfo(addresses []string, tests []testCaseWithWeight) { } } +func getChannel(address string, useTLS, testCA bool, tlsServerName string) (*grpc.ClientConn, error) { + var opts []grpc.DialOption + if useTLS { + var sn string + if tlsServerName != "" { + sn = tlsServerName + } + var creds credentials.TransportCredentials + if testCA { + var err error + creds, err = credentials.NewClientTLSFromFile(testCAFile, sn) + if err != nil { + grpclog.Fatalf("Failed to create TLS credentials %v", err) + } + } else { + creds = credentials.NewClientTLSFromCert(nil, sn) + } + opts = append(opts, grpc.WithTransportCredentials(creds)) + } else { + opts = append(opts, grpc.WithInsecure()) + } + return grpc.Dial(address, opts...) +} + func main() { flag.Parse() addresses := strings.Split(*serverAddresses, ",") @@ -271,7 +302,7 @@ func main() { for serverIndex, address := range addresses { for connIndex := 0; connIndex < *numChannelsPerServer; connIndex++ { - conn, err := grpc.Dial(address, grpc.WithInsecure()) + conn, err := getChannel(address, *useTLS, *testCA, *tlsServerName) if err != nil { grpclog.Fatalf("Fail to dial: %v", err) } diff --git a/stress/client/testdata/ca.pem b/stress/client/testdata/ca.pem new file mode 100644 index 00000000..6c8511a7 --- /dev/null +++ b/stress/client/testdata/ca.pem @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICSjCCAbOgAwIBAgIJAJHGGR4dGioHMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMTBnRlc3RjYTAeFw0xNDExMTEyMjMxMjla +Fw0yNDExMDgyMjMxMjlaMFYxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0 +YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDzANBgNVBAMT +BnRlc3RjYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwEDfBV5MYdlHVHJ7 ++L4nxrZy7mBfAVXpOc5vMYztssUI7mL2/iYujiIXM+weZYNTEpLdjyJdu7R5gGUu +g1jSVK/EPHfc74O7AyZU34PNIP4Sh33N+/A5YexrNgJlPY+E3GdVYi4ldWJjgkAd +Qah2PH5ACLrIIC6tRka9hcaBlIECAwEAAaMgMB4wDAYDVR0TBAUwAwEB/zAOBgNV +HQ8BAf8EBAMCAgQwDQYJKoZIhvcNAQELBQADgYEAHzC7jdYlzAVmddi/gdAeKPau +sPBG/C2HCWqHzpCUHcKuvMzDVkY/MP2o6JIW2DBbY64bO/FceExhjcykgaYtCH/m +oIU63+CFOTtR7otyQAWHqXa7q4SbCDlG7DyRFxqG0txPtGvy12lgldA2+RgcigQG +Dfcog5wrJytaQ6UA0wE= +-----END CERTIFICATE----- diff --git a/stress/client/testdata/server1.key b/stress/client/testdata/server1.key new file mode 100644 index 00000000..143a5b87 --- /dev/null +++ b/stress/client/testdata/server1.key @@ -0,0 +1,16 @@ +-----BEGIN PRIVATE KEY----- +MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAOHDFScoLCVJpYDD +M4HYtIdV6Ake/sMNaaKdODjDMsux/4tDydlumN+fm+AjPEK5GHhGn1BgzkWF+slf +3BxhrA/8dNsnunstVA7ZBgA/5qQxMfGAq4wHNVX77fBZOgp9VlSMVfyd9N8YwbBY +AckOeUQadTi2X1S6OgJXgQ0m3MWhAgMBAAECgYAn7qGnM2vbjJNBm0VZCkOkTIWm +V10okw7EPJrdL2mkre9NasghNXbE1y5zDshx5Nt3KsazKOxTT8d0Jwh/3KbaN+YY +tTCbKGW0pXDRBhwUHRcuRzScjli8Rih5UOCiZkhefUTcRb6xIhZJuQy71tjaSy0p +dHZRmYyBYO2YEQ8xoQJBAPrJPhMBkzmEYFtyIEqAxQ/o/A6E+E4w8i+KM7nQCK7q +K4JXzyXVAjLfyBZWHGM2uro/fjqPggGD6QH1qXCkI4MCQQDmdKeb2TrKRh5BY1LR +81aJGKcJ2XbcDu6wMZK4oqWbTX2KiYn9GB0woM6nSr/Y6iy1u145YzYxEV/iMwff +DJULAkB8B2MnyzOg0pNFJqBJuH29bKCcHa8gHJzqXhNO5lAlEbMK95p/P2Wi+4Hd +aiEIAF1BF326QJcvYKmwSmrORp85AkAlSNxRJ50OWrfMZnBgzVjDx3xG6KsFQVk2 +ol6VhqL6dFgKUORFUWBvnKSyhjJxurlPEahV6oo6+A+mPhFY8eUvAkAZQyTdupP3 +XEFQKctGz+9+gKkemDp7LBBMEMBXrGTLPhpEfcjv/7KPdnFHYmhYeBTBnuVmTVWe +F98XJ7tIFfJq +-----END PRIVATE KEY----- diff --git a/stress/client/testdata/server1.pem b/stress/client/testdata/server1.pem new file mode 100644 index 00000000..f3d43fcc --- /dev/null +++ b/stress/client/testdata/server1.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICnDCCAgWgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJBVTET +MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ +dHkgTHRkMQ8wDQYDVQQDEwZ0ZXN0Y2EwHhcNMTUxMTA0MDIyMDI0WhcNMjUxMTAx +MDIyMDI0WjBlMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNV +BAcTB0NoaWNhZ28xFTATBgNVBAoTDEV4YW1wbGUsIENvLjEaMBgGA1UEAxQRKi50 +ZXN0Lmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOHDFSco +LCVJpYDDM4HYtIdV6Ake/sMNaaKdODjDMsux/4tDydlumN+fm+AjPEK5GHhGn1Bg +zkWF+slf3BxhrA/8dNsnunstVA7ZBgA/5qQxMfGAq4wHNVX77fBZOgp9VlSMVfyd +9N8YwbBYAckOeUQadTi2X1S6OgJXgQ0m3MWhAgMBAAGjazBpMAkGA1UdEwQCMAAw +CwYDVR0PBAQDAgXgME8GA1UdEQRIMEaCECoudGVzdC5nb29nbGUuZnKCGHdhdGVy +em9vaS50ZXN0Lmdvb2dsZS5iZYISKi50ZXN0LnlvdXR1YmUuY29thwTAqAEDMA0G +CSqGSIb3DQEBCwUAA4GBAJFXVifQNub1LUP4JlnX5lXNlo8FxZ2a12AFQs+bzoJ6 +hM044EDjqyxUqSbVePK0ni3w1fHQB5rY9yYC5f8G7aqqTY1QOhoUk8ZTSTRpnkTh +y4jjdvTZeLDVBlueZUTDRmy2feY5aZIU18vFDK08dTG0A87pppuv1LNIR3loveU8 +-----END CERTIFICATE----- From 87da90422fcd8cd34e5a5e4ec93737b3d6fbb76b Mon Sep 17 00:00:00 2001 From: Noah Eisen Date: Mon, 28 Nov 2016 17:06:54 -0800 Subject: [PATCH 2/2] Add logging of new flags --- stress/client/main.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/stress/client/main.go b/stress/client/main.go index bfa73cba..99e164b5 100644 --- a/stress/client/main.go +++ b/stress/client/main.go @@ -253,6 +253,9 @@ func logParameterInfo(addresses []string, tests []testCaseWithWeight) { grpclog.Printf("num_channels_per_server: %d", *numChannelsPerServer) grpclog.Printf("num_stubs_per_channel: %d", *numStubsPerChannel) grpclog.Printf("metrics_port: %d", *metricsPort) + grpclog.Printf("use_tls: %t", *useTLS) + grpclog.Printf("use_test_ca: %t", *testCA) + grpclog.Printf("server_host_override: %s", *tlsServerName) grpclog.Println("addresses:") for i, addr := range addresses { @@ -264,7 +267,7 @@ func logParameterInfo(addresses []string, tests []testCaseWithWeight) { } } -func getChannel(address string, useTLS, testCA bool, tlsServerName string) (*grpc.ClientConn, error) { +func newConn(address string, useTLS, testCA bool, tlsServerName string) (*grpc.ClientConn, error) { var opts []grpc.DialOption if useTLS { var sn string @@ -302,7 +305,7 @@ func main() { for serverIndex, address := range addresses { for connIndex := 0; connIndex < *numChannelsPerServer; connIndex++ { - conn, err := getChannel(address, *useTLS, *testCA, *tlsServerName) + conn, err := newConn(address, *useTLS, *testCA, *tlsServerName) if err != nil { grpclog.Fatalf("Fail to dial: %v", err) }