Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 21:47:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 117
fleet/infrastructure/loadtesting/terraform/osquery_perf
History
Jorge Falcon 75f79dc866
Loadtest osquery perf workflow wording and enroll.sh remainder updates (#43762) 
- Updates wording in `.github/workflows/loadtest-osquery-perf.yml` 
  - `4098` -> `4096`
- Removes: `(should be a multiple of 8, if setting
loadtest_containers_starting_index)`
- Updates `infrastructure/loadtesting/terraform/osquery_perf/enroll.sh`
to handle values that are not multiples of 8. If the value is not a
multiple of 8, logic has been added to apply the remainder.

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

## Release Notes

* **Documentation**
* Updated load testing workflow configuration input descriptions for
improved clarity of parameters and their usage examples.

* **Bug Fixes**
* Fixed container count allocation logic in the load testing process to
ensure the final target count is always properly applied, even when
using increment values that don't divide evenly into the specified total
range.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-04-20 12:01:23 -04:00
..
.header.md Loadtest (new) - MDM Updates (#37420) 2025-12-17 17:55:13 -05:00
.terraform-docs.yml Loadtesting IAC updates (#32629) 2025-10-08 15:31:37 -04:00
docker.tf Loadtest (new) - MDM Updates (#37420) 2025-12-17 17:55:13 -05:00
enroll.sh Loadtest osquery perf workflow wording and enroll.sh remainder updates (#43762) 2026-04-20 12:01:23 -04:00
locals.tf Loadtest - osquery_perf - Removal of fleet_image requirement (#35365) 2025-11-10 16:16:20 -05:00
main.tf Loadtest - osquery_perf scaling fixes (#35798) 2025-11-17 10:21:18 -05:00
outputs.tf Loadtesting IAC updates (#32629) 2025-10-08 15:31:37 -04:00
providers.tf Loadtesting - osquery_perf docker image build fixes (#34901) 2025-10-29 08:33:46 -04:00
README.md Loadtest (new) - MDM Updates (#37420) 2025-12-17 17:55:13 -05:00
variables.tf Loadtest internal alb logging and osquery-perf scaling updates (#42581) 2026-03-31 11:15:07 -04:00

README.md

Deploy osquery perf to a Loadtest environment

Before we begin

Although deployments through the github action should be prioritized, for manual deployments you will need.

Deploy with Github Actions

  1. Navigate to the github action

  2. On the top right corner, select the Run Workflow dropdown.

  3. Fill out the details for the deployment.

    Note: For mdm testing, where a SCEP CHALLENGE secret is required, you will need to fetch the details from the database using this script and passing it in as an extra_flag when triggering an osquery_perf deployment.

    Requires:

    • VPN connection
    • Database access

    Example:

    ["--mdm_scep_challenge", "<value>"]

    Additional parameters can be passed in (and not limited to):

    ["--logger_tls_period", "120s", "--orbit_prob", "0.0", "--http_message_signature_prob", "0.0", "--mdm_prob", "1.0", "--os_templates", "<value>", "--mdm_scep_challenge", "<value>"]

IMPORTANT: osquery_perf needs to be destroyed before the infrastructure

  1. After all details have been filled out, you will hit the green Run Workflow button, directly under the inputs. For terraform_action select Plan, Apply, or Destroy.
    • Plan will show you the results of a dry-run
    • Apply will deploy changes to the environment
    • Destroy will destroy your environment

Deploy osquery perf manually

  1. Clone the repository

  2. Initialize terraform

    terraform init

  3. Create a new the terraform workspace or select an existing workspace for your environment. The terraform workspace will be used in different area's of Terraform to drive uniqueness and access to the environment.

    Note: The workspace from the infrastructure deployment will not be carried over to this deployment. A new or existing workspace, specifically for osquery perf must be used.

    Your workspace name must match the workspace name that was used for the infrastructure deployment. Failure to use a matching workspace name can lead to deployments in another environment.

    terraform workspace new <workspace_name>

    or, if your workspace already exists

    terraform workspace list
terraform workspace select <workspace_name>

  4. Ensure that your new or existing workspace is in use.

    terraform workspace show

  5. Deploy the environment (will also trigger migrations automatically)

    Note: Terraform will prompt you for confirmation to trigger the deployment. If everything looks ok, submitting yes will trigger the deployment.

    terraform apply -var=git_tag_branch=fleet-v4.76.0

    or, you can add the additional supported terraform variables, to overwrite the default values. You can choose which ones are included/overwritten. If a variable is not defined, the default value configured in ./variables.tf is used.

    Note: For mdm testing, where a SCEP CHALLENGE secret is required, you will need to fetch the details from the database using this script and passing it in as an extra_flag when triggering an osquery_perf deployment.

    Requires:

    • VPN connection
    • Database access

    Example with the SCEP CHALLENGE secret as an extra_flag:

    terraform apply -var=git_tag_branch=fleet-v4.76.0 -var=extra_flags=["--mdm_scep_challenge", "<value>"]

    Example with all available variables.

    terraform apply -var=git_tag_branch=fleet-v4.76.0 -var=loadtest_containers=20 -var=extra_flags=["--orbit_prob", "0.0"]

  6. If you'd like to deploy osquery_perf tasks in batches, you can now run the original enroll.sh script, from the osquery_perf directory. The script will deploy in batches of 8, every 60 seconds, so it's recommended to set your starting index and max number of osquery perf containers as a multiple of 8.

    ./enroll.sh <branch_or_tag_name> <starting index> <max number of osquery_perf containers> <sleep_time>

Destroy osquery perf manually

IMPORTANT: osquery_perf needs to be destroyed before the infrastructure

  1. Clone the repository (if not already cloned)

  2. Initialize terraform

    terraform init

  3. Select your workspace

    terraform workspace list
terraform workspace select <workspace_name>

  4. Destroy the environment

    terraform destroy

Delete the workspace

Once all resources have been removed from the terraform workspace, remove the terraform workspace.

terraform workspace delete <workspace_name>

Requirements

Name Version
aws >= 5.68.0
docker ~> 3.6.0
git 2025.10.10

Providers

Name Version
aws 6.23.0
docker 3.6.2
git 2025.10.10
random 3.7.2
terraform n/a

Modules

Name Source Version
osquery_perf github.com/fleetdm/fleet-terraform//addons/osquery-perf tf-mod-addon-osquery-perf-v1.2.1

Resources

Name Type
aws_ecr_repository.loadtest resource
aws_kms_key.main resource
docker_image.loadtest resource
docker_registry_image.loadtest resource
random_pet.rand_image_key resource
aws_caller_identity.current data source
aws_ecr_authorization_token.token data source
aws_ecr_repository.fleet data source
aws_region.current data source
git_repository.tf data source
terraform_remote_state.infra data source
terraform_remote_state.shared data source

Inputs

Name Description Type Default Required
extra_flags Comma delimited list (string) for passing extra flags to osquery-perf containers list(string) 
[
  "--orbit_prob",
  "0.0"
]
 no
git_tag_branch The tag or git branch to use to build loadtest containers. string n/a yes
loadtest_containers Number of loadtest containers to deploy number 1 no
task_size n/a 
object({
    cpu    = optional(number, 256)
    memory = optional(number, 1024)
  })
 
{
  "cpu": 256,
  "memory": 1024
}
 no

Outputs

Name Description
osquery_perf n/a