Enhancement Proposal - introduce comprehensive load testing framework for KGateway

[MayorFaj]

Change Type

/kind documentation

Changelog

NONE

[Copilot]

Pull Request Overview

A design proposal introducing a comprehensive load testing framework for KGateway, detailing core test scenarios, CI/CD integration, and test planning.

• Defines Attached Routes, Route Probe, and Route Change test scenarios based on gateway-api-bench patterns
• Describes integration into existing Ginkgo-based e2e tests and Makefile targets for local and CI usage
• Presents alternatives, open questions for thresholds, and technical implementation considerations

Comments suppressed due to low confidence (3)

design/11210.md:116

• [nitpick] Consider adding an explicit hyperlink to the gateway-api-bench repository (e.g., https://github.com/kubernetes-sigs/gateway-api-bench) so readers can quickly locate the benchmark source.

* **Integrated Benchmark Tests**: Run gateway-api-bench benchmarks as part of KGateway's test suite

design/11210.md:134

• [nitpick] It may help maintainers if the Go snippet includes the import path for load_testing (e.g., import "test/kubernetes/e2e/features/load_testing") so they know where NewTestingSuite is defined.

func KubeGatewaySuiteRunner() e2e.SuiteRunner {

design/11210.md:188

• [nitpick] The decision label for Alternative 2 is unbolded. For consistency, consider bolding both statuses (e.g., **Decision**: **REJECTED**) or matching formatting.

* **Decision**: **PROPOSED** - Leverages proven patterns within existing infrastructure

[shashankram]

@howardjohn will have good inputs for perf testing

[npolshakova]

We should only run the tests on 1) releases, 2) nightlys

[npolshakova]

Let's define bulk. vs. batched operations here (I'm guessing it's referring to applying all HTTPRoutes vs. batching groups of routes applied?).

I would use batch (ie. apply 100 routes at a time) for more fine-grained measurements and observability.

[npolshakova]

So all of our e2e tests are currently using testify instead of Ginkgo: https://github.com/kgateway-dev/kgateway/blob/main/test/kubernetes/e2e/suite.go#L7

What are the benefits of using Ginkgo here instead of testify?

[npolshakova]

I think we just want to focus on the performance baselines. We can add unit tests as needed but there already should be tests for the metrics collection, and resource handling.

For the load testing e2e tests, how are they different from the performance baselines? We want to focus on testing the control plane, not the data plane here.

[npolshakova]

There's some wip documentation here on the control plane metrics: kgateway-dev/kgateway.dev#296

We probably want to look at:

• kgateway_collection_transforms_total
• kgateway_collection_transform_duration_seconds
• kgateway_collection_resources
• kgateway_status_syncer_resources

[npolshakova]

Based on the https://github.com/howardjohn/gateway-api-bench it looks like kgateway had a setup time of 12s. We should measure the setup time though and also report if it's taking longer than expected.

[npolshakova]

The teardown in the blog for kgateway was about 16s. So I think it's reasonable to aim for under 30s for the setup and tear down. If it takes longer, we should trigger a regression alert and fail the test.

[npolshakova]

We should also test the multiple gateway scenario, but the setup/teardown threshold may be higher. Let's initially build a single gateway performance test in the first iteration, then add the multi-gateway setup in the followup.

[npolshakova]

Let's follow the blog and use the same scenario:

To simulate a large cluster, we run with 50 namespaces with 100 routes each (5,000 routes total)

[npolshakova]

If we go with the batch apply approach, thresholds can be per batch of applied routes (per 100 routes. E.g., ≤ 6s/100 routes, actual ranges will have to be figured out with testing)

[npolshakova]

Let's follow the "large cluster" scenario and run with 50 namespaces with 100 routes each (5,000 routes total)

[npolshakova]

Let's do a single gateway test and multi-gateway test with separate thresholds

[npolshakova]

Yep! In addition to the control plane metrics, we should look at the control plane cpu and memory. Looking at the data plane cpu/memory usage can be a follow up.

[npolshakova]

What to you mean by API server response time here? Response time for a request to go through the data plane?

[npolshakova]

This is a good question, if we want to only look at control plane metrics vs. track the full latency from HTTPRoute creation to first successful probe. @jmunozro has some experience here and might know?

[npolshakova]

Let's add a note that the performance tests will be run on a single node kind cluster (exact specs TBD, John used: 16-core AMD 9950x CPU with 96GB RAM)

[npolshakova]

I'm not sure if we want to measure request success rates/latency since we're focusing the performance testing on the control plane

[npolshakova]

Let's add a reference to the benchmarking repo to cite the source and give some background: https://github.com/howardjohn/gateway-api-bench

Also would be good to call out some notes in this background section:

• A single HTTPRoute may be attached to many Gateway's simultaneously.
• The Gateway object has a status message with the attachedRoutes which stores a count of the total successfully attached route objects.
• Setup time: time after the last route is created until the attachedRoutes is updated to the total route count.
• Teardown time: time after the last route is deleted until the status is reset back to zero.

[npolshakova]

Let's use a single-node kind cluster to help minimize noise, John's blog used 16-core AMD 9950x CPU with 96GB RAM, we can determine what makes sense in CI with some testing, but can start with the standard github runner we're using for the nightlys (ubuntu-22.04).

[npolshakova]

Do you mean using https://github.com/howardjohn/pilot-load to simulate clusters but no pods are scheduled onto any physical machine?

[npolshakova]

Let's start with a single worker for route creation, then add concurrent workers as needed.

[npolshakova]

These are great questions, but might make sense as a set of follow-up tasks. When running the performance tests locally, users should be able to use a granfana dashboard (something like https://github.com/howardjohn/pilot-load/blob/master/install/dashboard.json) to view the results.

[npolshakova]

Let's base the initial baselines based on the performance results from John's blog. For the patch applies, we'll need to experiment to find reasonable thresholds.

For the control plane status updates:

|                                | Cilium | Envoy Gateway | Istio | Kgateway | Nginx |
| ------------------------------ | ------ | ------------- | ----- | -------- | ----- |
| Setup time                     | 1s     | 10s           | 2s    | 17s      | 17s   |
| Teardown time                  | 27s    | 45s           | 27s   | 28s      | 28s   |
| Total Writes                   | 243    | 1484          | 73    | 15       | 128   |

CPU/Memory threshold max:

| Gateway       | Relative CPU Consumption | Relative Memory Usage |
 Kgateway      | 6.6x                     | 6.2x                 

For the load testing:

DEST           QPS     CONS  DUR  PAYLOAD  THROUGHPUT    P50       P90       P99
kgateway       0       1     30   0        36793.86qps   0.028ms   0.030ms   0.043ms
kgateway       15000   1     10   0        14998.28qps   0.028ms   0.036ms   0.089ms
kgateway       0       16    10   0        170469.20qps  0.085ms   0.144ms   0.227ms
kgateway       15000   16    10   0        14998.34qps   0.091ms   0.148ms   0.230ms
kgateway       100000  16    10   0        99997.92qps   0.046ms   0.119ms   0.225ms
kgateway       50000   16    10   4096     49998.15qps   0.043ms   0.064ms   0.148ms
kgateway       0       512   10   0        400687.22qps  1.215ms   2.254ms   3.575ms