Skip to content

3. Egress Only

What Will You Do

You will use the Workload Wizard to configure and deploy an egress only workload to a number of Kubernetes clusters managed by the Rafay Controller.

  • An egress only workload does not have the requirement to accept any inbound connections from external users or systems.

  • Rafay's "perftest" is a HTTPS performance reporting application written in golang. The "perftest" application will make HTTPS requests to your target website from a number of locations.

  • We will test the performance and user experience of the target application for users from different countries/regions.

  • A pre-built container image is available on Docker Hub and the source code is available from GitHub.

Egress Workload


Assumptions

  • You have already provisioned or imported one or more Kubernetes clusters using the Rafay Controller.

  • Your clusters have the ability to connect to Docker Hub and pull images.


Step 1: Create Workload

Login into the Rafay Console

  • Create a new workload
  • Provide a name
  • Select "Disable" for Inbound Traffic

Create Egress Workload Create


Step 2: Configure Container

  • In the Containers tab, select "New Container"
  • Provide a name for the container
  • Select "Public Docker Hub Registry" for the Container Registry
  • Type in the repository name and tag i.e. "rafaysystems/perftest:v5"
  • Select "Startup Configuration" and Add a New "Environment Variable"
  • Type in "PERFTEST_URL" for the name and the https URL for the target website.
  • Click "Save and Return to Container List"

In our example, we have used CNN's primary website (https://www.cnn.com).

Environment Variable


Step 3: Placement

  • In the Placement tab, ensure that the Specific Locations policy is selected
  • Select a few locations where you wish to deploy your workload
  • Click on "Save and Go To Publish"

In our example, we have picked "Atlanta, GA" (the HQ for CNN), "San Jose, CA" and "Seoul, South Korea" which is geographically distant from the United States.

Placement


Step 4: Publish Workload

  • Click on "Publish"

In our example, once the workload is published in the three locations, you should see something like the screenshot below.

Publish


Step 5: Review Performance Results

The "perftest" container prints the results of the https performance to stdout. We will be using the built in Debug and Diagnostics capabilities of the Rafay Platform to view log lines as they are generated by the container

  • On the Publish tab, click on the "Debug" button
  • Now, select a "location" and then review the log lines

In our specific example, we see that performance from Seoul is significantly worse compared to Atlanta. It is also obvious that the long pole in the tent is the time needed to establish a secure TLS handshake between the client and the server.

User Location Total Time TLS Time
Atlanta, GA ~15 ms ~4 ms
Seoul, Korea ~150 ms ~75 ms

Logs from Atlanta

Logs from Seoul


Recap

Congratulations! You configured and deployed the Rafay provided "perftest" container image to a number of Kubernetes clusters in the Rafay provided sandbox.

Users can optionally aggegate the stdout logs to a central location using Rafay's built in log aggregation capabilities. Users can also optionally configure the perftest application to send results directly to AWS CloudWatch as well.