update result docs for token refresh CPU usage

Closes #516 Co-authored-by: Alexander Schwartz <[email protected]>
keycloak · Sep 7, 2023 · d651d52 · d651d52
1 parent 0e80449
commit d651d52
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 2 deletions.
diff --git a/doc/benchmark/modules/ROOT/pages/configuration.adoc b/doc/benchmark/modules/ROOT/pages/configuration.adoc
@@ -251,6 +251,16 @@ Please refer to the xref:scenario-overview.adoc[scenario overview] to review the
 | Percentage of users to log out at the end of the scenario.
 Used in xref:scenario/authorization-code.adoc[].
 
+| [[refresh-token-period]][.nowrap]`--refresh-token-period`
+| `0`
+| Period to wait between token refreshes.
+Used in xref:scenario/authorization-code.adoc[].
+
+| [[refresh-token-count]][.nowrap]`--refresh-token-count`
+| `0`
+| Number of token refreshes after logging in.
+Used in xref:scenario/authorization-code.adoc[].
+
 | [[basic-url]][.nowrap]`--basic-url`
 | (not set)
 | URL to be called in the xref:scenario/basic-get.adoc[].

diff --git a/doc/benchmark/modules/ROOT/pages/report/rosa-benchmark-key-results.adoc b/doc/benchmark/modules/ROOT/pages/report/rosa-benchmark-key-results.adoc
@@ -6,8 +6,7 @@ Use them to perform a load testing in your environment.
 
 [WARNING]
 ====
-CPU usage for refreshing a token is currently missing.
-We hope to add this soon.
+Collecting the CPU usage for refreshing a token is currently performed manually and is expected to be automated in the near future (https://github.com/keycloak/keycloak-benchmark/issues/517[keycloak/keycloak-benchmark#517], https://github.com/keycloak/keycloak-benchmark/issues/518[keycloak/keycloak-benchmark#518]).
 ====
 
 == Data collection
@@ -81,6 +80,8 @@ Keycloak spends most of the CPU time hashing the password provided by the user.
 +
 Most CPU time goes into creating new TLS connections, as each client runs only a single request.
 
+* For each 350 refresh token requests per second, 1 vCPU per Pod in a three node cluster (tested with up to 435 refresh token requests per second).
+
 * Leave 200% extra head-room for CPU usage to handle spikes in the load.
 This ensures a fast startup of the node, and sufficient capacity to handle failover tasks like, for example, re-balancing Infinispan caches, when one node fails.
 Performance of Keycloak dropped significantly when its Pods were throttled in our tests.
@@ -193,6 +194,24 @@ cd ../../ansible
 --log-http-on-failure
 ----
 
+* Testing CPU usage for logins and refreshing tokens with a ratio of 10 refreshes per one login.
+Use the previous test to deduct the CPU usage of logins only to get the CPU usage of token refreshes.
++
+[source,bash,subs="+quotes"]
+----
+./benchmark.sh eu-west-1 \
+--scenario=keycloak.scenario.authentication.AuthorizationCode \
+--server-url=${KEYCLOAK_URL} \
+--realm-name=realm-0 \
+--users-per-sec=**<number of users per second>** \
+--ramp-up=20 \
+--logout-percentage=100 \
+--refresh-token-count=10 \
+--measurement=600 \
+--users-per-realm=100000 \
+--log-http-on-failure
+----
+
 * Testing CPU usage for client credential grants
 +
 [source,bash,subs="+quotes"]