Merge pull request #2292 from AndrewSirenko/scale-tests-pre-allocated

Create EBS CSI Driver scale-test tool

Author: k8s-ci-robot

hack/ebs-scale-test/README.md

@@ -0,0 +1,77 @@
+# EBS CSI Driver Scalability Tests
+
+EBS uses EBS CSI Driver scalability tests to validate that each release of our driver can manage EBS volume lifecycle for large-scale clusters. 
+
+Setup and run an EBS CSI Driver scalability test with our `scale-test` tool:  
+
+```shell
+# Set scalability parameters
+export CLUSTER_TYPE="pre-allocated"
+export TEST_TYPE="scale-sts"
+export REPLICAS="1000"
+
+# Setup an EKS scalability cluster and install EBS CSI Driver. 
+./scale-test setup
+
+# Run a scalability test and export results.
+./scale-test run
+
+# Cleanup all AWS resources related to scalability cluster. 
+./scale-test cleanup
+```
+
+Results will be exported to a local directory (`$EXPORT_DIR`) and an S3 Bucket in your AWS account (`$S3_BUCKET`).
+
+Note: Any `ebs-csi-controller` pod(s) will be restarted at the beginning of every scale run to clear metrics/logs.  
+
+## Pre-requisites
+
+You will need access to an AWS account role where you have [eksctl's minimum IAM policies](https://eksctl.io/usage/minimum-iam-policies/) and have permission to sync your `$S3_BUCKET`. 
+
+Additionally, please install the following commandline tools:
+- [gomplate](https://github.com/hairyhenderson/gomplate) - used to render configuration files based on environment variables.
+- [aws cli v2](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html)
+- [eksctl](https://eksctl.io/installation/)
+- [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl)
+
+## Overridable parameters
+
+You can modify the kind of scalability cluster test run, or the names of script artifacts, through environment variables.
+
+Note: The environment variables set when you run `scale-test setup` must remain the same for future `scale-test run`/`scale-test clean` commands on that scalability cluster.  
+
+```sh
+# Affect test
+CLUSTER_TYPE              # Type of scalability cluster to create.
+TEST_TYPE                 # Type of scale test to run.
+REPLICAS                  # Number of StatefulSet replicas to create.
+DRIVER_VALUES_FILEPATH    # Custom values file passed to EBS CSI Driver Helm chart.
+
+# Names
+CLUSTER_NAME              # Base name used by `eksctl` to create AWS resources.
+EXPORT_DIR                # Where to export scale test metrics/logs locally.
+S3_BUCKET                 # Name of S3 bucket used for holding scalability run results.
+SCALABILITY_TEST_RUN_NAME # Name of test run. Used as name of directory for adding run results in $S3_BUCKET.
+
+# Find default values at top of `scale-test` script. 
+```
+
+## Types of scalability tests
+
+Set the `CLUSTER_TYPE` and `TEST_TYPE` environment variables to set up and run different scalability tests. 
+
+- `CLUSTER_TYPE` dictates what type of scalability cluster `scale-test` creates and which nodes are used during a scalability test run. Options include: 
+  - 'pre-allocated': Additional worker nodes are created during cluster setup. By default, we pre-allocate 1 `m7a.48xlarge` EC2 instance for every 100 StatefulSet replicas.
+
+- `TEST_TYPE` dictates what type of scalability test we want to run. Options include: 
+  - 'scale-sts': Scales a StatefulSet to `$REPLICAS`. Waits for all pods to be ready. Delete Sts. Waits for all PVs to be deleted. Exercises the complete dynamic provisioning lifecycle for block volumes. 
+
+You can mix and match `CLUSTER_TYPE` and `TEST_TYPE`.
+
+## Contributing scalability tests
+
+`scale-test` parses arguments and wraps scripts and configuration files in the `helpers` directory. These helper scripts manage the scalability cluster and test runs. 
+
+The `helpers` directory includes:
+- `/helpers/cluster-setup`: Holds scripts and configuration for cluster setup/cleanup.
+- `/helpers/scale-test`: Holds directory for each scale test. Also holds utility scripts used by every test (like exporting logs/metrics to S3).

hack/ebs-scale-test/helpers/cluster-setup/manage-cluster.sh

@@ -0,0 +1,69 @@
+#!/bin/bash
+# Copyright 2025 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+### Helper script to create/delete eks ebs-scale-test clusters and install add-ons.
+
+set -euo pipefail
+
+# We expect this helper script is sourced from hack/ebs-scale-test
+path_to_cluster_setup_dir="${BASE_DIR}/helpers/cluster-setup/"
+
+## Cluster
+
+create_cluster() {
+  if eksctl get cluster --name "$CLUSTER_NAME" --region "$AWS_REGION" >/dev/null 2>&1; then
+    echo "EKS cluster '$CLUSTER_NAME' already up in $AWS_REGION."
+    aws eks update-kubeconfig --name "$CLUSTER_NAME" --region "$AWS_REGION"
+  else
+    echo "Deploying EKS cluster. See configuration in $EXPORT_DIR/cluster-config.yaml"
+    gomplate -f "$path_to_cluster_setup_dir/scale-cluster-config.yaml" -o "$EXPORT_DIR/cluster-config.yaml"
+    eksctl create cluster -f "$EXPORT_DIR/cluster-config.yaml"
+  fi
+}
+
+cleanup_cluster() {
+  eksctl delete cluster "$CLUSTER_NAME"
+}
+
+## Misc
+
+check_lingering_volumes() {
+  lingering_vol_count=$(aws ec2 describe-volumes \
+    --filters "Name=tag-key,Values=ebs-scale-test" \
+    --query 'length(Volumes[*])' \
+    --output text)
+
+  [[ lingering_vol_count -ne 0 ]] && echo "WARNING: detected $lingering_vol_count lingering ebs-scale-test EBS volumes in $AWS_ACCOUNT_ID. Please run \`aws ec2 describe-volumes --filters 'Name=tag-key,Values=ebs-scale-test'\` and audit their AWS resource tags. Note these volumes may belong to a different scalability run than $SCALABILITY_TEST_RUN_NAME"
+}
+
+## EBS CSI Driver
+
+deploy_ebs_csi_driver() {
+  path_to_chart="${BASE_DIR}/../../charts/aws-ebs-csi-driver"
+  echo "Deploying EBS CSI driver from chart $path_to_chart"
+
+  # We use helm install instead of upgrade to ensure the release does not already exist
+  helm install aws-ebs-csi-driver \
+    --namespace kube-system \
+    --values "$DRIVER_VALUES_FILEPATH" \
+    --wait \
+    --timeout 15m \
+    "$path_to_chart"
+}
+
+(return 0 2>/dev/null) || (
+  echo "This script is not meant to be run directly, only sourced as a helper!"
+  exit 1
+)

hack/ebs-scale-test/helpers/cluster-setup/scale-cluster-config.yaml

@@ -0,0 +1,41 @@
+# Copyright 2025 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: eksctl.io/v1alpha5
+kind: ClusterConfig
+metadata:
+  name: {{ .Env.CLUSTER_NAME }}
+  version: {{ .Env.K8S_VERSION }}
+  region: {{ .Env.AWS_REGION }}
+  tags:
+    karpenter.sh/discovery: {{ .Env.CLUSTER_NAME }}
+
+iam:
+  withOIDC: true
+  podIdentityAssociations:
+    - namespace: kube-system
+      serviceAccountName: ebs-csi-controller-sa
+      wellKnownPolicies:
+        ebsCSIController: true
+
+managedNodeGroups:
+{{- if eq ( getenv "CLUSTER_TYPE" ) "pre-allocated" }}
+  - instanceType: m7a.48xlarge
+    amiFamily: AmazonLinux2
+    name: pre-allocated-ng
+    desiredCapacity: {{ .Env.PRE_ALLOCATED_NODES }}
+{{- end }}
+
+addons:
+  - name: eks-pod-identity-agent

hack/ebs-scale-test/helpers/cluster-setup/scale-driver-values.yaml

@@ -0,0 +1,29 @@
+# Copyright 2025 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values.yaml for ebs-scale-test installation of aws-ebs-csi-driver
+image:
+  pullPolicy: Always
+controller:
+  logLevel: 7
+  # Having one controller simplifies metrics collection and helps track restarts
+  replicaCount: 1
+  enableMetrics: true
+sidecars:
+  provisioner:
+    additionalArgs: ["--http-endpoint=:8081"]
+  resizer:
+    additionalArgs: ["--http-endpoint=:8082"]
+  attacher:
+    additionalArgs: ["--http-endpoint=:8084"]

hack/ebs-scale-test/helpers/scale-test/collect-and-export-metrics.sh

@@ -0,0 +1,81 @@
+#!/bin/bash
+# Copyright 2025 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+### Helper script for exporting EBS CSI Driver metrics to S3 bucket
+
+set -euo pipefail
+
+collect-and-export-metrics() {
+  export CONTROLLER_POD_NAME
+  CONTROLLER_POD_NAME=$(kubectl get pod -n kube-system -l app=ebs-csi-controller -o jsonpath='{.items[0].metadata.name}')
+  export METRICS_FILEPATH="$EXPORT_DIR/metrics.txt"
+
+  collect_metrics
+  clean_metrics
+
+  echo "Collecting ebs-plugin logs"
+  kubectl logs "$CONTROLLER_POD_NAME" -n kube-system >"$EXPORT_DIR/ebs-plugin-logs.txt"
+
+  echo "Collecting ebs-csi-controller Deployment and ebs-csi-node Daemonset yaml"
+  kubectl get deployment ebs-csi-controller -n kube-system -o yaml >"$EXPORT_DIR/ebs-csi-controller.yaml"
+  kubectl get daemonset ebs-csi-node -n kube-system -o yaml >"$EXPORT_DIR/ebs-csi-node.yaml"
+
+  echo "Exporting everything in $EXPORT_DIR to S3 bucket s3://$S3_BUCKET/$SCALABILITY_TEST_RUN_NAME"
+
+  aws s3 sync "$EXPORT_DIR" "s3://$S3_BUCKET/$SCALABILITY_TEST_RUN_NAME"
+  echo "Metrics exported to s3://$S3_BUCKET/$SCALABILITY_TEST_RUN_NAME/"
+}
+
+collect_metrics() {
+  echo "Port-forwarding ebs-csi-controller containers"
+  kubectl port-forward "$CONTROLLER_POD_NAME" 3301:3301 -n kube-system &
+  kubectl port-forward "$CONTROLLER_POD_NAME" 8081:8081 -n kube-system &
+  kubectl port-forward "$CONTROLLER_POD_NAME" 8082:8082 -n kube-system &
+  kubectl port-forward "$CONTROLLER_POD_NAME" 8084:8084 -n kube-system &
+
+  echo "Collecting metrics"
+  for port in 3301 8081 8082 8084; do
+    curl "http://localhost:${port}/metrics" >>"$METRICS_FILEPATH" && continue
+    echo "Failed to collect metrics from port ${port}, retrying after 5s..."
+    sleep 5
+    curl "http://localhost:${port}/metrics" >>"$METRICS_FILEPATH" && continue
+    echo "Failed to collect metrics from port ${port} AGAIN, retrying after 10s..."
+    sleep 10
+    curl "http://localhost:${port}/metrics" >>"$METRICS_FILEPATH" && continue
+    echo "Failed to collect metrics from port ${port} THRICE, retrying one more time after 20s..."
+    sleep 20
+    echo "WARNING: Could not collect metrics from port ${port}. Something may be wrong in cluster."
+  done
+}
+
+clean_metrics() {
+  echo "Generating clean version of exported data at $EXPORT_DIR/cleaned_data.txt"
+  cat "$METRICS_FILEPATH" |
+    grep -e "+Inf" -e "total" |
+    grep -v "workqueue" |
+    grep -v "go_" |
+    grep -v "Identity" |
+    grep -v "Capabili" |
+    grep -v "TYPE" |
+    grep -v "HELP" |
+    grep -v "cloudprovider" |
+    grep -v "promhttp" |
+    grep -v "registered_metrics" >"$EXPORT_DIR/cleaned_data.txt"
+}
+
+(return 0 2>/dev/null) || (
+  echo "This script is not meant to be run directly, only sourced as a helper!"
+  exit 1
+)

hack/ebs-scale-test/helpers/scale-test/pre_test_validation.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+# Copyright 2025 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Checks/creates $S3_BUCKET and that there hasn't been a run with $SCALABILITY_TEST_RUN_NAME
+pre_test_validation() {
+  if ! aws s3 ls "s3://$S3_BUCKET"; then
+    aws s3 mb "s3://$S3_BUCKET" --region "${AWS_REGION}"
+  fi
+
+  result=$(aws s3api list-objects-v2 --bucket "$S3_BUCKET" --prefix "$SCALABILITY_TEST_RUN_NAME" --query 'Contents[]')
+  if [[ "$result" != "null" ]]; then
+    echo "ERROR: Your S3 bucket already contains directory with name \$SCALABILITY_TEST_RUN_NAME: 's3://$S3_BUCKET/$SCALABILITY_TEST_RUN_NAME'. Please pick a unique SCALABILITY_TEST_RUN_NAME."
+    exit 1
+  fi
+
+  echo "Updating kubeconfig and restarting ebs-csi-controller pod"
+  aws eks update-kubeconfig --name "$CLUSTER_NAME"
+  kubectl delete pod -n kube-system -l app=ebs-csi-controller
+}

hack/ebs-scale-test/helpers/scale-test/scale-sts-test/scale-sts.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+# Copyright 2025 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+### Helper script for running EBS-backed StatefulSet scaling test
+
+# We expect this helper script is sourced from hack/ebs-scale-test
+path_to_scale_test_dir="${BASE_DIR}/helpers/scale-test/scale-sts-test"
+
+sts_scale_test() {
+  manifest_path="$path_to_scale_test_dir/scale-sts.yaml"
+  export_manifest_path="$EXPORT_DIR/scale-manifest.yaml"
+
+  echo "Applying $manifest_path. Exported to $export_manifest_path"
+  gomplate -f "$manifest_path" -o "$export_manifest_path"
+  kubectl apply -f "$export_manifest_path"
+
+  echo "Scaling StatefulSet $REPLICAS replicas"
+  kubectl scale sts --replicas "$REPLICAS" ebs-scale-test
+  kubectl rollout status statefulset ebs-scale-test
+
+  echo "Deleting StatefulSet"
+  kubectl delete -f "$export_manifest_path"
+
+  echo "Waiting for all PVs to be deleted"
+  wait_for_pvs_to_delete
+}
+
+wait_for_pvs_to_delete() {
+  while true; do
+    pv_count=$(kubectl get pv --no-headers | wc -l)
+    if [ "$pv_count" -eq 0 ]; then
+      echo "No PVs exist in the cluster, proceeding..."
+      break
+    else
+      echo "$pv_count PVs still exist, waiting..."
+      sleep 5
+    fi
+  done
+}
+
+(return 0 2>/dev/null) || (
+  echo "This script is not meant to be run directly, only sourced as a helper!"
+  exit 1
+)