Axway Open Documentation Save PDF Selected topic Selected topic and subtopics All content Go to Amplify Platform getting started and onboarding roadmap Performance test multi-node HA scenarios Introduces the multi-node performance scenarios that were tested. 3 minute read Multi-node HA tests concentrate on the performance of API Manager. The following, more constrained set of scenarios is used to test the scalability. API Manager proxy scenarios The following scenarios test the performance of API Manager as a proxy in both multi-node configurations. The maximum number of nodes in all scenarios is six. API Manager proxy – pass through The purpose of this test is to assess the impact to transactions per second when invoking an unsecured API in API Manager. A back-end REST service is virtualized in API Manager and exposed as an API with the inbound security profile set to Pass Through. The traffic generator invokes the API, and API Manager proxies the traffic to the back-end. API Manager proxy – API key The purpose of this test is to measure the performance of invoking a single API secured with an API Key and virtualized in API Manager. The traffic generator invokes the API with the inbound security profile set to API Key in API Manager. API Manager validates the API Key and proxies the request to the back-end service. API Manager OAuth token generation and validation scenarios These scenarios tests OAuth token validation when the client application details are stored in the client application registry on API Manager. API Gateway is acting both as the authorization server and the resource server. APIs are configured to use the OAuth inbound security profile. In the token validation flow, a successful request is routed on to the back-end server like in a real-world scenario. Client credentials This test uses the OAuth client credentials grant type when invoking the APIs. Each generated token is reused 50 times. The traffic generator requests an OAuth token from API Gateway, and API Gateway returns the generated OAuth token to the traffic generator. The traffic generator then invokes the protected API in API Manager, the request header containing the OAuth Token. API Gateway validates the OAuth token and routes the request to the back-end service. Resource owner This test uses the OAuth resource owner grant type when invoking the APIs. Each generated token is reused 50 times. The traffic generator requests an OAuth token from API Gateway, and API Gateway returns the generated OAuth token to the traffic generator. The traffic generator the invokes the protected API in API Manager, the request header containing the OAuth Token. API Gateway validates the OAuth token and routes the request to the back-end service. JWT This test uses the OAuth JWT grant type when invoking the APIs. Each generated token is reused 50 times. The traffic generator generates a JWT bearer token and sends the token in a request to API Gateway that acts as the authorization server. API Gateway exchanges the JWT bearer token for an OAuth token and returns the OAuth token to the traffic generator. The traffic generator then invokes the protected API in API Manager, the request header containing the OAuth Token. API Gateway validates the OAuth token and routes the request to the back-end service. Last modified October 4, 2019: review migrated files, remove files not needed (8d7ece50) Related Links
Go to Amplify Platform getting started and onboarding roadmap Performance test multi-node HA scenarios Introduces the multi-node performance scenarios that were tested. 3 minute read Multi-node HA tests concentrate on the performance of API Manager. The following, more constrained set of scenarios is used to test the scalability. API Manager proxy scenarios The following scenarios test the performance of API Manager as a proxy in both multi-node configurations. The maximum number of nodes in all scenarios is six. API Manager proxy – pass through The purpose of this test is to assess the impact to transactions per second when invoking an unsecured API in API Manager. A back-end REST service is virtualized in API Manager and exposed as an API with the inbound security profile set to Pass Through. The traffic generator invokes the API, and API Manager proxies the traffic to the back-end. API Manager proxy – API key The purpose of this test is to measure the performance of invoking a single API secured with an API Key and virtualized in API Manager. The traffic generator invokes the API with the inbound security profile set to API Key in API Manager. API Manager validates the API Key and proxies the request to the back-end service. API Manager OAuth token generation and validation scenarios These scenarios tests OAuth token validation when the client application details are stored in the client application registry on API Manager. API Gateway is acting both as the authorization server and the resource server. APIs are configured to use the OAuth inbound security profile. In the token validation flow, a successful request is routed on to the back-end server like in a real-world scenario. Client credentials This test uses the OAuth client credentials grant type when invoking the APIs. Each generated token is reused 50 times. The traffic generator requests an OAuth token from API Gateway, and API Gateway returns the generated OAuth token to the traffic generator. The traffic generator then invokes the protected API in API Manager, the request header containing the OAuth Token. API Gateway validates the OAuth token and routes the request to the back-end service. Resource owner This test uses the OAuth resource owner grant type when invoking the APIs. Each generated token is reused 50 times. The traffic generator requests an OAuth token from API Gateway, and API Gateway returns the generated OAuth token to the traffic generator. The traffic generator the invokes the protected API in API Manager, the request header containing the OAuth Token. API Gateway validates the OAuth token and routes the request to the back-end service. JWT This test uses the OAuth JWT grant type when invoking the APIs. Each generated token is reused 50 times. The traffic generator generates a JWT bearer token and sends the token in a request to API Gateway that acts as the authorization server. API Gateway exchanges the JWT bearer token for an OAuth token and returns the OAuth token to the traffic generator. The traffic generator then invokes the protected API in API Manager, the request header containing the OAuth Token. API Gateway validates the OAuth token and routes the request to the back-end service. Last modified October 4, 2019: review migrated files, remove files not needed (8d7ece50)