|By Steve Weisfeldt||
|February 11, 2013 05:00 PM EST||
Load testing, perhaps more than any other form of testing, is one of those activities that you either choose to do well or risk a result that leaves you worse off than not doing it at all. Half-hearted attempts at load testing yield "results," but too often those results are inaccurate, leading to a false sense of security for anyone who trusts them. This, in turn, leads to the release of applications that are not adequately tested and that experience performance problems soon after entering production.
I was reminded of this not long ago, when I worked with a customer who related an experience that may sound familiar to many of you. This customer was a test engineer for a bank that had recently merged with another bank, effectively doubling their customer base. He was part of a team responsible for load testing a new web application that would serve customers from both of the original banks. Before the application was rolled out, they performed load tests and confirmed that the application could handle the expected number of users with acceptable response times. When the system went live, however, it was slow as molasses - even under user loads less than what the team had tested.
The problem, as you may have guessed, was that the team had not accurately modeled the load. The virtual users used in the testing were a homogenous group that interacted with the system in roughly the same way, from roughly the same geographic locations, at the same network speed. In reality, the customers who came from Bank A tended to perform certain transactions much more frequently than those who came from Bank B. Most of Bank B's customers lived in a different part of the country than those from Bank A. More important, customers from both banks were accessing the application at widely differing connection speeds across a range of browsers. None of these factors were modeled accurately in the load tests the team had performed. In some cases it was because the team simply had not considered them, in others it was because the load testing tool they were using provided no way to handle these differences. In either case, the result was the same; the team had given the "go live" signal to an application that was not ready, basing their decision on inaccurate load test results.
Too often, organizations take a short cut to load testing. They are focused on a single number: how many concurrent users their application will support. As a result they put little effort into script development, and they end up with an unrealistic test - one of little value. I encourage all load testers to think beyond the concurrent users metric and take a closer look at other factors that go into creating a realistic load that will yield more accurate results, including:
- Modeling user activity
- Modeling different connection speeds
- Modeling different browsers and mobile devices
- Modeling geographically distributed users
Parameterizing Scripts to Better Model User Activity
Scripts that simply record a typical user's interaction with a web application and then play it back are not going to yield accurate performance data. As an example, a script that emulates a user logging into a site, searching for a product, placing it in the cart, and checking out does little to test the performance of other user activities such as checking product reviews, accessing detailed specifications, or comparing products.
More important, if the script always logs in as the same user and orders the same product, caching effects will often skew the performance measurements, making response times shorter than they would be under a real-world load. Caching on the web server, application server, and database server all come into play, compounding any caching that is done on the client side.
To minimize caching and similar effects, scripts must be parameterized. In my example above, the script would play back different users searching for different products, and purchasing them via different methods. Ideally the script would use randomization or data customization to fill in every user editable or selectable element on each form of the web application. This script parameterization, combined with creating multiple scripts to address a variety of user interactions, produces a much more realistic user load, and it's a good idea to have a load testing tool that simplifies these tasks.
Generating a Load with a Mixture of Connection Speeds and Network Characteristics
Many testing teams use the fastest available network connections when load testing a server. The belief is that if the application performs well under those connections, it will be guaranteed to work well in production when many real-world users will have slower connections. This is a faulty assumption that leads to performance problems when the application is subjected to real-world users accessing it at a variety of network bandwidths.
Testing with only high-speed connections can mask performance problems that occur only when lower speed connections are used. Slower data speeds will require connections to the server to stay open longer, and eventually the server may reach its limit for the maximum number of open connections.
Of course, testing with only low-speed connections is equally problematic. What's needed is a reasonable mixture of virtual users accessing the server at connection speeds representative of everything from 56K modems for dial-up users to T3 lines.
With more and more users accessing the web via mobile devices, it makes sense to include 3G and 4G connection rates in the mix as well. It's also important to take into account disparities in signal strength that can cause packet loss and increased network latency. Built-in support for incorporating these factors in performance testing is increasingly important, particularly for web applications that serve a high percentage of mobile users.
Emulating Different Browsers and Native Mobile Apps
Interestingly enough (and often surprising to some), not all browsers support the same number of concurrent HTTP connections. This obviously needs to be thought of as well - if a load test models the entire user population accessing a web application with a single browser that supports four connections per server, it neglects the effects of browsers that use twice that number.
This leads to a situation similar to the one that arises with inaccurate modeling of connection speeds - with more concurrent connections, it is not unusual to see slowdowns as a server reaches its limit for simultaneous connections. To minimize these effects, load tests should apply a variety of browser profiles during playback, so that the tests identify the traffic as originating from a realistic mixture of different browsers, including mobile browsers.
Mobile devices, in fact, present a new set of challenges for load testers (see Best Practices for Load Testing Mobile Applications, Part 1 and Best Practices for Load Testing Mobile Applications, Part 2), aside from the network connection issues I've already covered. Many companies now have a separate mobile version of their site, with content tailored specifically for mobile users. Again, to perform a valid load test on such sites, a test engineer must be able to override the browser identification during playback so that the virtual user appears to be using a mobile browser.
What about native mobile applications? There is no browser involved, so you'll need a testing solution that can record, parameterize, and play back the network traffic originating from the mobile device. For some cases this can be done via a proxy, but for some apps this is not an available option. These apps may call for a tunneling approach in which the testing tool acts as a DNS server. Even if you're not facing this situation today, you may want to see if your testing tool supports this feature so you're prepared when you do need it.
Generating a Geographically Distributed Load
Unless your end-user community is accessing your application from a single location, initiating tests solely from inside your datacenter is unlikely to represent a realistic load. Such tests fail to take into account the effects of third-party servers and content delivery networks that may sit between your users and your web application.
Using the cloud to generate load as part of your testing can better model a geographically distributed user base, one that may include users from around the world, enabling test engineers to generate realistic, large-scale tests across multiple regions. Cloud testing complements internal, lab-based tests and ideally test scripts from one domain are reused in the other. With separate performance metrics for each geographic region in hand, engineers can see where performance issues are likely to arise on a region-by-region basis.
If users are accessing your web site from all over the world, load testing from the cloud helps you model that reality. When this capability is combined with tests that incorporate parameterized scripts, browser differences, support for mobile apps, and a variety of connection speeds and network effects, you can trust the accuracy of your test results.
The web app is agile. The REST API is agile. The testing and planning are agile. But alas, data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes that force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software organ...
Oct. 8, 2015 11:00 PM EDT Reads: 797
Between the compelling mockups and specs produced by analysts, and resulting applications built by developers, there exists a gulf where projects fail, costs spiral, and applications disappoint. Methodologies like Agile attempt to address this with intensified communication, with partial success but many limitations. In his session at DevOps Summit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, will present a revolutionary model enabled by new technologies. Learn how busine...
Oct. 8, 2015 10:45 PM EDT Reads: 272
With containerization using Docker, the orchestration of containers using Kubernetes, the self-service model for provisioning your projects and applications and the workflows we built in OpenShift is the best in class Platform as a Service that enables introducing DevOps into your organization with ease. In his session at DevOps Summit, Veer Muchandi, PaaS evangelist with RedHat, will provide a deep dive overview of OpenShift v3 and demonstrate how it helps with DevOps.
Oct. 8, 2015 10:15 PM EDT Reads: 639
JFrog has announced a powerful technology for managing software packages from development into production. JFrog Artifactory 4 represents disruptive innovation in its groundbreaking ability to help development and DevOps teams deliver increasingly complex solutions on ever-shorter deadlines across multiple platforms JFrog Artifactory 4 establishes a new category – the Universal Artifact Repository – that reflects JFrog's unique commitment to enable faster software releases through the first pla...
Oct. 8, 2015 10:00 PM EDT Reads: 620
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet condit...
Oct. 8, 2015 10:00 PM EDT Reads: 569
The last decade was about virtual machines, but the next one is about containers. Containers enable a service to run on any host at any time. Traditional tools are starting to show cracks because they were not designed for this level of application portability. Now is the time to look at new ways to deploy and manage applications at scale. In his session at @DevOpsSummit, Brian “Redbeard” Harrington, a principal architect at CoreOS, will examine how CoreOS helps teams run in production. Attende...
Oct. 8, 2015 09:45 PM EDT Reads: 1,244
The APN DevOps Competency highlights APN Partners who demonstrate deep capabilities delivering continuous integration, continuous delivery, and configuration management. They help customers transform their business to be more efficient and agile by leveraging the AWS platform and DevOps principles.
Oct. 8, 2015 09:30 PM EDT Reads: 229
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult - let alone tracking network connections or malicious activity. In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and li...
Oct. 8, 2015 09:30 PM EDT Reads: 201
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at @DevOpsSummit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
Oct. 8, 2015 09:15 PM EDT Reads: 217
Manufacturing has widely adopted standardized and automated processes to create designs, build them, and maintain them through their life cycle. However, many modern manufacturing systems go beyond mechanized workflows to introduce empowered workers, flexible collaboration, and rapid iteration. Such behaviors also characterize open source software development and are at the heart of DevOps culture, processes, and tooling.
Oct. 8, 2015 09:00 PM EDT Reads: 1,089
IT data is typically silo'd by the various tools in place. Unifying all the log, metric and event data in one analytics platform stops finger pointing and provides the end-to-end correlation. Logs, metrics and custom event data can be joined to tell the holistic story of your software and operations. For example, users can correlate code deploys to system performance to application error codes.
Oct. 8, 2015 06:45 PM EDT Reads: 207
Any Ops team trying to support a company in today’s cloud-connected world knows that a new way of thinking is required – one just as dramatic than the shift from Ops to DevOps. The diversity of modern operations requires teams to focus their impact on breadth vs. depth. In his session at DevOps Summit, Adam Serediuk, Director of Operations at xMatters, Inc., will discuss the strategic requirements of evolving from Ops to DevOps, and why modern Operations has begun leveraging the “NoOps” approa...
Oct. 8, 2015 06:00 PM EDT Reads: 137
Internet of Things (IoT) will be a hybrid ecosystem of diverse devices and sensors collaborating with operational and enterprise systems to create the next big application. In their session at @ThingsExpo, Bramh Gupta, founder and CEO of robomq.io, and Fred Yatzeck, principal architect leading product development at robomq.io, discussed how choosing the right middleware and integration strategy from the get-go will enable IoT solution developers to adapt and grow with the industry, while at th...
Oct. 8, 2015 06:00 PM EDT Reads: 2,162
In their session at DevOps Summit, Asaf Yigal, co-founder and the VP of Product at Logz.io, and Tomer Levy, co-founder and CEO of Logz.io, will explore the entire process that they have undergone – through research, benchmarking, implementation, optimization, and customer success – in developing a processing engine that can handle petabytes of data. They will also discuss the requirements of such an engine in terms of scalability, resilience, security, and availability along with how the archi...
Oct. 8, 2015 05:00 PM EDT Reads: 397
“All our customers are looking at the cloud ecosystem as an important part of their overall product strategy. Some see it evolve as a multi-cloud / hybrid cloud strategy, while others are embracing all forms of cloud offerings like PaaS, IaaS and SaaS in their solutions,” noted Suhas Joshi, Vice President – Technology, at Harbinger Group, in this exclusive Q&A with Cloud Expo Conference Chair Roger Strukhoff.
Oct. 8, 2015 05:00 PM EDT Reads: 438
DevOps has often been described in terms of CAMS: Culture, Automation, Measuring, Sharing. While we’ve seen a lot of focus on the “A” and even on the “M”, there are very few examples of why the “C" is equally important in the DevOps equation. In her session at @DevOps Summit, Lori MacVittie, of F5 Networks, will explore HTTP/1 and HTTP/2 along with Microservices to illustrate why a collaborative culture between Dev, Ops, and the Network is critical to ensuring success.
Oct. 8, 2015 04:45 PM EDT Reads: 127
Application availability is not just the measure of “being up”. Many apps can claim that status. Technically they are running and responding to requests, but at a rate which users would certainly interpret as being down. That’s because excessive load times can (and will be) interpreted as “not available.” That’s why it’s important to view ensuring application availability as requiring attention to all its composite parts: scalability, performance, and security.
Oct. 8, 2015 03:00 PM EDT Reads: 390
Saviynt Inc. has announced the availability of the next release of Saviynt for AWS. The comprehensive security and compliance solution provides a Command-and-Control center to gain visibility into risks in AWS, enforce real-time protection of critical workloads as well as data and automate access life-cycle governance. The solution enables AWS customers to meet their compliance mandates such as ITAR, SOX, PCI, etc. by including an extensive risk and controls library to detect known threats and b...
Oct. 8, 2015 03:00 PM EDT Reads: 207
Clearly the way forward is to move to cloud be it bare metal, VMs or containers. One aspect of the current public clouds that is slowing this cloud migration is cloud lock-in. Every cloud vendor is trying to make it very difficult to move out once a customer has chosen their cloud. In his session at 17th Cloud Expo, Naveen Nimmu, CEO of Clouber, Inc., will advocate that making the inter-cloud migration as simple as changing airlines would help the entire industry to quickly adopt the cloud wit...
Oct. 8, 2015 02:30 PM EDT Reads: 648
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
Oct. 8, 2015 02:00 PM EDT Reads: 163