Configuring benchmarks
The benchmark tests with Gatling can be configured with various parameters.
This describes the command line options passed to the kcb.sh shell script.
To run the benchmarks, refer to Running benchmarks from the CLI.
Configuration Overview
The configuration allows running a benchmark against one or more Keycloak servers, realms, users and clients. All those entities need to exist before the test runs. See Preparing Keycloak for testing on how to do that.
If a configuration parameter allows multiple values (like, for example, the Keycloak server URL) or resolves to a range of values (like, for example, the realm name), those values are randomly assigned to each execution within a scenario.
General parameters
| CLI option | Default | Notes |
|---|---|---|
|
(not set) |
The URL of the Keycloak server. Specify multiple URLs separated with a blank to run the test against multiple server URLs:
|
|
false |
Enable sharing of connections among concurrent users within a scenario. This can be useful if the load generator host cannot handle as many TCP connections as are necessary. Note, using this option will produce less load on the target system than real world. Note, only scenarios that pause between steps allow sharing of connections.
|
|
false |
Since the test may involve tens of thousands of connections from a single testing system to a single host:port on a server, we may need to add additional addresses to increase the number of TCP connections we can make and this enables the use of those.
Should not be used when the target is
|
|
ClientSecret scenario |
The full classname of the scenario to run, for example |
(not set) |
A user can provide an increment value to run the incremental benchmark to find the limit of a given system under test for the assertions set within the simulation.
If the CLI option is set without a parameter, it defaults to an increment value of |
|
|
(not set) |
If Java remote debugging should be enabled for the Gatling process.
If the CLI option is set without a parameter, it defaults to port |
|
|
Open workload model: Numbers of users per second to be added to the simulation. Each user will execute the simulation once. Either |
|
(not set) |
Close workload model: Number of users executing the same scenario multiple times. Either |
|
|
Ramp up time to reach the full load. |
|
|
Measurement time of the test in seconds. |
|
|
User think time in seconds used in some scenarios. |
|
(not set) |
If set, will log all failed HTTP requests to the console. Enable this during testing and when analyzing problems. Never use it during a load test as it slows down Gatling. |
|
(not set) |
If set, will log all HTTP requests to the console. Will log a lot of information. Use this only during development. Never use it during a load test as it slows down Gatling. |
|
(not set) |
If set, will proxy all HTTP requests to a proxy tool of your choice and the current default proxy host and port are Never use it during a load test as it slows down Gatling to be able to proxy the requests to a proxy client and comes with the usual proxy nuances that we have to be careful, in general. |
|
|
Maximum percentage of requests to fail during a run. |
Running across multiple realms, users and clients
| CLI option | Default | Notes |
|---|---|---|
|
|
The number of realms available. Runs the test scenarios using realms from 0 to With the default of |
|
|
The number of users available in each realm. Runs the test scenarios using users from 0 to With the default of |
|
1 |
The number of clients available in each realm. Runs the test scenarios using clients from 0 to With the default of |
When running the CLI with the following example parameters:
--realm=10 --users-per-realm=10 --client-per-realm=10
This results in the following values being used in the scenarios:
| Entity | Values |
|---|---|
Realm |
|
Username |
|
User Password |
|
Client ID |
|
Client Secret |
|
Client Redirect URL |
The account console of the respective realm:
|
Overriding default values for realms, users and clients
| CLI option | Default | Notes |
|---|---|---|
|
Sets the prefix for the realm name.
With a value of If not set on the CLI, realm names use the |
|
|
(not set) |
If set, tests run using a single realm set in this parameter. If not set and assuming that |
|
(not set) |
If set, tests run using a single username set in this parameter. If not set, the usernames are numbered starting with |
|
(not set) |
If set, tests run using a single password set in this parameter. If not set, the passwords are numbered starting with |
|
(not set) |
If set, tests run using a single client ID set in this parameter. If not set, the client IDs are numbered starting with |
|
(not set) |
If set, tests run using a single client secret set in this parameter. If not set, the client IDs are numbered starting with |
|
(not set) |
If set, tests will run using a single client-redirect-URI set in this parameter. If not set, the redirect URL is the account console of the respective realm. |
(not set) |
A comma-separated list of scopes to be set when making authentication requests. If not set, the default scopes are |
Additional settings
These settings are only necessary if the scenario requires the settings. Please refer to the scenario overview to review the scenarios.
| CLI option | Default | Notes |
|---|---|---|
|
(not set) |
Username of the admin user in the |
|
(not set) |
Password of the admin user in the |
|
Percentage of users to log out at the end of the scenario. Used in Scenario AuthorizationCode. |
|
|
Period to wait between token refreshes. Used in Scenario AuthorizationCode. |
|
|
Number of token refreshes after logging in. Used in Scenario AuthorizationCode. |
|
|
|
Close the HTTP connection after a token refresh. Used in Scenario AuthorizationCode. |
(not set) |
URL to be called in the Scenario Get. |
Further reading
For a complete list of the available options, see Config.java.