Merge #130998

130998: roachtest: Add LDAP conn. latency test via roachtest r=sanchit-CRL a=sanchit-CRL No test previously existed to compute and monitor LDAP connection latency Created a roachtest which leverages the workload to get the stats for LDAP connection latency The test provisions an openLDAP service and it's user `jdoe` which is authenticated on the CRDB via LDAP. The test * provisions openLDAP with TLS connection * Creates a user named jdoe into CRDB * Sets the HBA conf and custom CA into the cluster settings * runs the workload binary to compute the connection latency Epic: [CRDB-40412](https://cockroachlabs.atlassian.net/browse/CRDB-40412) Fixes: #127358 Release note: None Co-authored-by: Sanchit Khanna <[email protected]>
cockroachdb · Dec 18, 2024 · 5169369 · 5169369
2 parents 8e24b34 + 69b8862
commit 5169369
Show file tree

Hide file tree

Showing 5 changed files with 482 additions and 0 deletions.
diff --git a/pkg/cmd/roachtest/testdata/ldap_authentication_hba_conf b/pkg/cmd/roachtest/testdata/ldap_authentication_hba_conf
@@ -0,0 +1,3 @@
+host    all           roachprod           0.0.0.0/0          password
+host    all           all            all                 ldap ldapserver=%s ldapport=636 "ldapbasedn=OU=Users,DC=example,DC=com" "ldapbinddn=CN=John Doe,OU=Users,DC=example,DC=com" ldapbindpasswd=%s ldapsearchattribute=uid "ldapsearchfilter=(mail=*)"
+host    all           root           0.0.0.0/0          password
diff --git a/pkg/cmd/roachtest/testdata/ldap_base_structure.ldif b/pkg/cmd/roachtest/testdata/ldap_base_structure.ldif
@@ -0,0 +1,11 @@
+# Organizational Unit: Users
+dn: ou=Users,dc=example,dc=com
+objectClass: top
+objectClass: organizationalUnit
+ou: Users
+
+# Organizational Unit: Groups
+dn: ou=Groups,dc=example,dc=com
+objectClass: top
+objectClass: organizationalUnit
+ou: Groups
diff --git a/pkg/cmd/roachtest/testdata/ldap_user_group.ldif b/pkg/cmd/roachtest/testdata/ldap_user_group.ldif
@@ -0,0 +1,63 @@
+# User 1: John Doe
+dn: cn=John Doe,ou=Users,dc=example,dc=com
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+uid: jdoe
+cn: John Doe
+sn: Doe
+givenName: John
+displayName: John Doe
+mail: [email protected]
+uidNumber: 1001
+gidNumber: 5000
+homeDirectory: /home/jdoe
+loginShell: /bin/bash
+userPassword: {SSHA}UweAl2O1Zh95nijbT+SaQB5FuaHi7xnE
+
+# User 2: Alice Smith
+dn: cn=Alice Smith,ou=Users,dc=example,dc=com
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+uid: asmith
+cn: Alice Smith
+sn: Smith
+givenName: Alice
+displayName: Alice Smith
+mail: [email protected]
+uidNumber: 1002
+gidNumber: 5000
+homeDirectory: /home/asmith
+loginShell: /bin/bash
+userPassword: {SSHA}PK9Mq7jpwPR4hslWym9zFpGDyz92iiSs
+
+# User 3: Robert Brown
+dn: cn=Robert Brown,ou=Users,dc=example,dc=com
+objectClass: top
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+uid: rbrown
+cn: Robert Brown
+sn: Brown
+givenName: Robert
+displayName: Robert Brown
+mail: [email protected]
+uidNumber: 1003
+gidNumber: 5000
+homeDirectory: /home/rbrown
+loginShell: /bin/bash
+userPassword: {SSHA}WA/veP8/qFKW74DrCjTw+6DEGxm6Pqb9
+
+# Group: Developers
+dn: cn=Developers,ou=Groups,dc=example,dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: Developers
+description: Group for software development team members
+uniqueMember: cn=John Doe,ou=Users,dc=example,dc=com
+uniqueMember: cn=Alice Smith,ou=Users,dc=example,dc=com
+uniqueMember: cn=Robert Brown,ou=Users,dc=example,dc=com