Injectors deployment
Find generic information about FrontLine injectors, and specific information about each support cloud provider
FrontLine enable users to configure either on demand or on-premises pools. In FrontLine, pools are instances cluster where you deploy Gatling instances and your simulations.
Valid characters for a pool name are letters, digits, spaces, dashes and underscores.
Injector requirements
Architecture
We currently only support AMD64 for both FrontLine and Gatling injectors.
We don’t support ARM at the moment.
Image
The hosts running the Gatling injectors must:
- run on Linux 64 bits, with Kernel >= 3.10
- have a JDK 8 or 11 installed AdoptOpenJDK is recommended)
- have a passphrase-less SSH key
/tmp
not mounted withnoexec
We recommend that you tune your OS for maximum performance. Please check the Gatling documentation.
We also recommend that you disable automatic updates and automatic package repositories listing updates. This could eventually lead to upgrading the JDK while running, which could break your simulation run.
Network
The hosts running Gatling injectors must be reachable from FrontLine:
- over SSH (port 22)
- over HTTP, on port 9999 (by default, configurable in frontline.conf)
CPU/Memory
Unless your simulation keeps huge amounts of data in memory (eg. for feeders with a lot of data), Gatling is mostly CPU-bound and IO-bound, and will take advantage of CPU and network-heavy hosts.
Therefore, we recommend the following instances:
- AWS:
c5.xlarge
(4 cores) orc5.2xlarge
(8 cores) - GCE:
n1-highcpu-4
(4 cores) orn1-highcpu-8
(8 cores) - Azure:
F4
(4 cores) orF8
(8 cores)
We strongly discourage the use of CPU-burstable instance types:
- AWS:
T2
/T3
instances - GCE:
f1-micro
,g1-small
- Azure:
Bs
instances
These instance types target light workloads, but sporadic peaks of activity where they can benefit from a temporary increase in CPU performance.
Gatling is more likely to use 100% of the CPU cores and will not benefit from CPU bursts.
Certified images
We provide certified, pre-built images for AWS, Azure, GCE & Docker. Those images are available for both JDK 8 & 11 and includes all recommended optimisations. If you can’t use our certified images, we provide the templates from which our certified images are built:
- For AWS & GCE: frontline-injector-playbook (requires Ansible & Packer)
- For Docker: frontline-injector-docker-image
Local
It’s possible to have FrontLine use a “Local” pool to deploy a single injector on the same host. This option is turned off by default and has to be enabled in the frontline.conf file:
frontline {
injector {
enableLocalPool = true
}
}
This option is only intended to be used for demos and as a quick start when evaluating FrontLine.
On-premises
It’s very easy to configure on-premises pools from FrontLine:
- Create a pool
- Create a host by providing hostname, username, credentials and optional custom working directory (default is
/tmp
). The working directory should be executable. - Assign the created pool to this host
On Demand
FrontLine is currently managing five different cloud providers: AWS, GCE, OpenStack and Microsoft Azure.
AWS (On-premises license & AWS marketplace)
Gatling Corp provides certified AMIs that you choose in the FrontLine AWS configuration. This AMI will be used as a base for your injectors. However, you can still build a custom one with a JDK from 8 to 11 installed, a key pair without password configured and the port 22 and 9999 opened.
You’ll also need to configure AWS API access keys on the FrontLine host using one of these methods:
- If you’ve installed FrontLine on AWS EC2, you can directly set a IAM Role to the instance.
- Environment Variables – AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
- Java System Properties – aws.accessKeyId and aws.secretKey
- The default credential and config files. See Set up AWS Credentials and Region for Development
AmazonEC2FullAccess
if you don’t care about fine-grained permissions):{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:Describe*",
"ec2:CreateTags",
"ec2:RunInstances",
"ec2:TerminateInstances",
"ec2:RequestSpotInstances",
"ec2:CancelSpotInstanceRequests",
"ec2:AllocateAddress",
"ec2:AssociateAddress",
"iam:GetInstanceProfile",
"iam:ListInstanceProfiles",
"iam:PassRole" <1>
],
"Effect": "Allow",
"Resource": "*"
}
]
}
<1> ONLY REQUIRED WHEN SETTING INSTANCE PROFILE ON INJECTORS
GCE (On-premises license only)
There are requirements before creating a GCE pool:
- Create a project from Google console
- Enable
Google Compute Engine API
from Google API Manager console - If not using Application Default credentials, create a Service Account key from Google console: API & Services => Credentials => Create credentials => Service account key (only JSON is supported).
instanceAdmin
role.OpenStack (On-premises license only)
There are requirements before creating a OpenStack pool:
- Get credentials information from
Access & Security
tab. - Create an image (snapshot) from an existing instance.
Microsoft Azure (On-premises license & Azure marketplace)
Gatling Corp provides certified images that you choose in the FrontLine Microsoft Azure configuration. This image will be used as a base for your injectors. However, you can still build a custom one with a JDK from 8 to 11 installed, a key pair without password configured and the port 22 and 9999 opened.
There are requirements before creating an Azure pool:
- Create a virtual network.
- Create an image by following the Azure documentation if not using certified images.
- Create and save a SSH key pair without password.
There are two ways to provide Azure credentials to your FrontLine instance:
- Get the credentials from Microsoft Azure: follow this link and save the subscription ID, tenant ID, client ID and client secret.
- Use User Assigned Managed Identities.
Contributor
permission.Create a User Assigned Managed Identity
Identities can be created using either the Azure Portal or the Azure CLI.
Here are the creation steps:
- Go to https://portal.azure.com/#create/Microsoft.ManagedIdentity, set resource name, resource group and location.
- Go to your subscription, click on Access Control (IAM), then Add role assignment.
- Role should be set to Contributor.
- Set “Assign access to” to User assigned managed identity and select the name of your Managed Identity.
- Go to the Virtual machine configuration, then go to the Identity tab of the Virtual Machine, assign the previous identity to your virtual machine.
Kubernetes / OpenShift
There are requirements before creating a Kubernetes/OpenShift pool:
- Docker Hub should be reachable from your infrastructure, otherwise you’ll need to build the injector image and push it to your private registry.
- A service account able to manage pods and services (either attached to FrontLine or for its token).
Additionally, if FrontLine is deployed outside Kubernetes/OpenShift:
- The Kubernetes API should be reachable by FrontLine.
- If using the NodePort mode, firewall rules must be added so that FrontLine can reach Kubernetes nodes on the configured Kubernetes NodePort range (by default, 30000-32767).
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: frontline-manage-injectors
rules:
- apiGroups: [""]
# "services" can be skipped if FrontLine is deployed inside Kubernetes
resources: ["pods", "pods/exec", "services"]
verbs: ["create","delete","get","list","patch","update","watch"]