Upgrade to Pro — share decks privately, control downloads, hide ads and more …

When Performance Matters – Effective Performanc...

When Performance Matters – Effective Performance Testing from the Ground Up

Slides from my talk at W-JAX 2018: https://jax.de/devops-continuous-delivery/when-performance-matters-effective-performance-testing-from-the-ground-up

The ever-increasing complexity of modern systems, modern DevOps and continuous delivery-centric workflows place new demands on performance and reliability testing approaches. When systems are comprised of many distributed components, each with its own performance and reliability characteristics, and when a misconfiguration that causes a cascading failure under load can be automatically deployed across environments all the way from dev to production in a matter of hours, you really need to make sure that a rigorous, well-understood, and easy-to-follow performance testing process is in place. In this talk, we will look at how an effective performance testing process can be implemented from the ground up (using the open-source Artillery.io toolkit) to be an integral part of an organization’s continuous delivery pipeline. This talk is for developers, QAs, and engineering managers who are working on a greenfield project with high performance and reliability requirements or working on production systems which are experiencing issues when under load.

hassy veldstra

November 08, 2018
Tweet

More Decks by hassy veldstra

Other Decks in Programming

Transcript

  1. WHAT THIS TALK IS NOT ABOUT • Writing performant code

    • Profiling code to make it faster
  2. WHAT THIS TALK IS NOT ABOUT • Writing performant code

    • Profiling code to make it faster • Benchmarking code
  3. WHAT THIS TALK IS ABOUT • Understanding where performance testing

    fits into delivery process • The people involved
  4. WHAT THIS TALK IS ABOUT • Understanding where performance testing

    fits into delivery process • The people involved • Understanding how an effective performance testing strategy may be implemented
  5. IOT

  6. QUESTIONS QUESTIONS How do we define performance goals & SLOs*

    for our services? Can we have those checked automatically in CI?
  7. SLOS Service Level Objectives, e.g.: • Support up to 2000

    TPS • 99% of all requests should be served in under 200ms • No more than 0.1% of requests should return a 5xx response https://landing.google.com/sre/sre-book/chapters/service-level-objectives/ For a detailed discussion, see Google SRE book:
  8. QUESTIONS QUESTIONS How do we organize our test suites? What

    are the best practices around structuring those tests?
  9. QUESTIONS QUESTIONS How do we pick which services to test?

    Do we need to test all of our microservices? What about testing different environments and configurations easily?
  10. QUESTIONS QUESTIONS How do we encourage collaboration on performance testing

    and involve everyone: developers, testers, SREs and product managers? (performance is everyone’s responsibility!)
  11. MAYBE SOME ANSWERS How to go from zero to a

    performance testing suite that’s:
  12. MAYBE SOME ANSWERS How to go from zero to a

    performance testing suite that’s: • Extensible & maintainable • Integrates into your CI/CD pipelines • Helps verify SLOs automatically • Works for developers, testers and SREs • Integrates with monitoring & reporting tools
  13. DEFINITIONS • Testing can suffer from lack of precision in

    terminology • What is “testing”? Several different dimensions to consider
  14. WHAT IS A TEST? An activity, automated or manual, which:

    1. Increases your confidence in some Thing
  15. WHAT IS A TEST? An activity, automated or manual, which:

    1. Increases your confidence in some Thing 2. Confirms that your understanding of a Thing or its behavior is still correct
  16. WHAT IS A TEST? An activity, automated or manual, which:

    1. Increases your confidence in some Thing 2. Confirms that your understanding of a Thing or its behavior is still correct 3. Increases your understanding of a Thing or its properties
  17. INCREASE CONFIDENCE • A/B tests • Canarying • Traffic replay

    • Load test to add traffic above base level
  18. CONFIRM UNDERSTANDING • Unit tests - known good/bad input, known

    good/ bad output • Contract-based / property-based testing • Load test on a known configuration that verifies some metrics afterwards (max response time <500ms)
  19. INCREASE UNDERSTANDING • Sprint 100m and take a heart rate

    reading • Try opening 10k concurrent connections and see what happens • Exploratory testing of all kinds • Chaos testing
  20. PERFORMANCE TESTING? any test that tests some performance-related property of

    a Thing. Often used interchangeably with “load testing”.
  21. OR A COMBINED API • Authenticate and get a token

    • Use the token to get geofiltering info
  22. ACCEPTANCE/FUNCTIONAL TESTING • Verify that a service (or another unit!)

    conforms to its contract • Verify that the results it produces make sense
  23. AUTH SERVICE • Produces JWTs and not just empty 2xx

    responses • The token contains expected fields
  24. • It’s possible to re-use the same test code for

    both acceptance tests and load tests if your tooling supports it
  25. • It’s possible to re-use the same test code for

    both acceptance tests and load tests if your tooling supports it • (Artillery does!)
  26. SMOKE TESTS • Main characteristic is their speed • A

    test that determines whether other tests should even run
  27. SMOKE TESTS • Main characteristic is their speed • A

    test that determines whether other tests should even run • Is anything obviously broken? If we plug this thing in and turn it on, is there any smoke?
  28. SMOKE TESTS • Main characteristic is their speed • A

    test that determines whether other tests should even run • Is anything obviously broken? If we plug this thing in and turn it on, is there any smoke? • Run a quick happy-path test case
  29. Early “write code” stage: help profile code or dependencies The

    rest typically is on a deployed service or API
  30. WHAT TYPES OF PERFORMANCE TESTS ARE THERE? • Load test

    in CI/CD to continuously verify SLOs (service or composite API) — pre-prod
  31. WHAT TYPES OF PERFORMANCE TESTS ARE THERE? • Load test

    in CI/CD to continuously verify SLOs (service or composite API) — pre-prod • Load testing to help capacity planning — pre-prod, manual
  32. CAPACITY PLANNING • Identify amount of resources an instance of

    a service needs • Identify the number of instances needed to meet a performance target
  33. CAPACITY PLANNING • Identify amount of resources an instance of

    a service needs • Identify the number of instances needed to meet a performance target • Identify whether current capacity is sufficient or some limits will need to be raised pre-prod
  34. WHAT TYPES OF PERFORMANCE TESTS ARE THERE? • Load test

    in CI/CD to continuously verify SLOs (service or composite API) — pre-prod • Load testing to help capacity planning — pre-prod, manual • Load test a service to better understand its scaling properties and tune configs — pre-prod, manual
  35. WHAT TYPES OF PERFORMANCE TESTS ARE THERE? • Load test

    in CI/CD to continuously verify SLOs (service or composite API) — pre-prod • Load testing to help capacity planning — pre-prod, manual • Load test a service to better understand its scaling properties and tune configs — pre-prod, manual • Stress test a service to find its limits & understand how it degrades — pre-prod, manual
  36. WHAT TYPES OF PERFORMANCE TESTS ARE THERE? • Load test

    in CI/CD to continuously verify SLOs (service or composite API) — pre-prod • Load testing to help capacity planning — pre-prod, manual • Load test a service to better understand its scaling properties and tune configs — pre-prod, manual • Stress test a service to find its limits & understand how it degrades — pre-prod, manual • In prod, manual or automatic — add extra traffic as a safety margin; a form of chaos testing
  37. HOW DO WE RUN THESE IN CI/CD? • Create a

    parameterized CI job that can run a load test against a $service in an $environment with a $load_profile and (optionally) verify $slos.
  38. HOW DO WE RUN THESE IN CI/CD? • Create a

    parameterized CI job that can run a load test against a $service in an $environment with a $load_profile and (optionally) verify $slos. • This can act as a stage in other pipelines
  39. HOW DO WE RUN THESE IN CI/CD? • Create a

    parameterized CI job that can run a load test against a $service in an $environment with a $load_profile and (optionally) verify $slos. • This can act as a stage in other pipelines • … or be used manually by a dev/tester for ad-hoc testing via a web UI or a CLI (e.g. on Jenkins or AWS CodeBuild)
  40. HOW DO WE RUN THESE IN CI/CD? • The tests

    don’t run on the CI server itself
  41. HOW DO WE RUN THESE IN CI/CD? • The tests

    don’t run on the CI server itself • Best to be able to run them on your own (cloud) infrastructure
  42. HOW DO WE RUN THESE IN CI/CD? • The tests

    don’t run on the CI server itself • Best to be able to run them on your own (cloud) infrastructure • Flexibility when it comes to VPCs or regions
  43. HOW DO WE RUN THESE IN CI/CD? • The tests

    don’t run on the CI server itself • Best to be able to run them on your own (cloud) infrastructure • Flexibility when it comes to VPCs or regions • Critical for testing internal microservices
  44. HOW DO WE RUN THESE IN CI/CD? • The tests

    don’t run on the CI server itself • Best to be able to run them on your own (cloud) infrastructure • Flexibility when it comes to VPCs or regions • Critical for testing internal microservices • More cost-effective too
  45. HOW DO WE RUN THESE IN CI/CD? • What about

    test frequency? • No one-size-fits-all approach
  46. HOW DO WE RUN THESE IN CI/CD? • What about

    test frequency? • No one-size-fits-all approach • Possible to test every change for microservices on the critical path, but probably excessive for most services
  47. HOW DO WE RUN THESE IN CI/CD? • What about

    test frequency? • No one-size-fits-all approach • Possible to test every change for microservices on the critical path, but probably excessive for most services • Run on a schedule (e.g. nightly) • Run before a final promotion of a change to prod
  48. DEFINING SLOS • Setting SLOs should be part of your

    team’s “creating a new microservice” checklist
  49. DEFINING SLOS • Setting SLOs should be part of your

    team’s “creating a new microservice” checklist • Documented alongside API specs, design docs (typically a Confluence/wiki page that follows a template)
  50. DEFINING SLOS • Setting SLOs should be part of your

    team’s “creating a new microservice” checklist • Documented alongside API specs, design docs (typically a Confluence/wiki page that follows a template) • Involve other teams that may rely on the service!
  51. DEFINING SLOS • Setting SLOs should be part of your

    team’s “creating a new microservice” checklist • Documented alongside API specs, design docs (typically a Confluence/wiki page that follows a template) • Involve other teams that may rely on the service! • Better to have some SLOs (& revise) than none at all
  52. WHICH SERVICES SHOULD WE TEST? • What could be tested?

    Anything with an API spec. • Individual services
  53. WHICH SERVICES SHOULD WE TEST? • What could be tested?

    Anything with an API spec. • Individual services • Composite APIs (that’s a “unit” with its own properties & behavior)
  54. WHICH SERVICES SHOULD WE TEST? • What could be tested?

    Anything with an API spec. • Individual services • Composite APIs (that’s a “unit” with its own properties & behavior) • Does a microservice have SLOs? Then it should have a performance test to verify those automatically.
  55. HOW DO WE ENCOURAGE COLLABORATION? • No magical solutions •

    Involve all functions in discussions about performance
  56. HOW DO WE ENCOURAGE COLLABORATION? • No magical solutions •

    Involve all functions in discussions about performance • Remove barriers:
  57. HOW DO WE ENCOURAGE COLLABORATION? • No magical solutions •

    Involve all functions in discussions about performance • Remove barriers: • Use tools that everyone has access to • Use tools that everyone can work with
  58. HOW DO WE ENCOURAGE COLLABORATION? • Monorepos help • Good

    tooling helps • Available to everyone, ideally open source
  59. HOW DO WE ENCOURAGE COLLABORATION? • Monorepos help • Good

    tooling helps • Available to everyone, ideally open source • Easy to install and get started with
  60. HOW DO WE ENCOURAGE COLLABORATION? • Monorepos help • Good

    tooling helps • Available to everyone, ideally open source • Easy to install and get started with • Uses a language that everyone is familiar with
  61. HOW DO WE ENCOURAGE COLLABORATION? • Monorepos help • Good

    tooling helps • Available to everyone, ideally open source • Easy to install and get started with • Uses a language that everyone is familiar with • Make load testing reports & findings available to everyone (e.g. on Confluence/your wiki or KB)
  62. ARTILLERY 101 • Available on npm: npm install -g artillery

    • The artillery CLI is used to run tests and create HTML reports
  63. ARTILLERY 101 • Available on npm: npm install -g artillery

    • The artillery CLI is used to run tests and create HTML reports • Tests are written in YAML and can be extended with Javascript
  64. ARTILLERY 101 • Supports HTTP, Socketio, WebSocket, Kinesis, HLS out

    of the box. • Third-party plugins for SQS, Lambda, SQL etc
  65. ARTILLERY 101 • Supports HTTP, Socketio, WebSocket, Kinesis, HLS out

    of the box. • Third-party plugins for SQS, Lambda, SQL etc • Supports plugins. Out of the box: Statsd/Datadog/ Librato integration.
  66. ARTILLERY 101 • Supports HTTP, Socketio, WebSocket, Kinesis, HLS out

    of the box. • Third-party plugins for SQS, Lambda, SQL etc • Supports plugins. Out of the box: Statsd/Datadog/ Librato integration. • Third-party plugins for other monitoring systems
  67. ARTILLERY 101 • Designed to allow for complex, multi-step virtual

    user behavior to be scripted • Support for randomizing requests and capturing data from responses and re-using it in other requests
  68. ARTILLERY 101 • Designed to allow for complex, multi-step virtual

    user behavior to be scripted • Support for randomizing requests and capturing data from responses and re-using it in other requests • Supports assertions on metrics such as HTTP latency — ie automated checking of SLOs
  69. ARTILLERY 101 • Runs well in Docker, easy to run

    on ECS or Kubernetes or in a CI/CD pipeline
  70. ARTILLERY 101 • Runs well in Docker, easy to run

    on ECS or Kubernetes or in a CI/CD pipeline • Can generate self-contained HTML reports with charts and graphs
  71. ARTILLERY 101 • Runs well in Docker, easy to run

    on ECS or Kubernetes or in a CI/CD pipeline • Can generate self-contained HTML reports with charts and graphs • Features for creating modular test suites
  72. CONFIG config: target: "" # we don't set a target

    by default environments: dev: target: "https://auth-service-dev.acme-corp.internal" defaults: headers: x-api-key: "0xcoffee" local: target: "http://localhost:8080" processor: “./functions.js" plugins: datadog: {} payload: - path: "./username-password.csv" fields: - username - password
  73. ONE OR MORE SCENARIOS scenarios: - name: Authenticate with valid

    credentials flow: - post: url: "/auth" json: username: "{{ username }}" password: "{{ password }}" expect: - statusCode: 200 - contentType: json
  74. ORGANIZING OUR TEST SUITE • Using a monorepo • Easier

    to get started with, extend & maintain
  75. ORGANIZING OUR TEST SUITE • Using a monorepo • Easier

    to get started with, extend & maintain • Easier to share across teams
  76. ORGANIZING OUR TEST SUITE • Using a monorepo • Easier

    to get started with, extend & maintain • Easier to share across teams • Helps code reuse
  77. ORGANIZING OUR TEST SUITE • Using a monorepo • Easier

    to get started with, extend & maintain • Easier to share across teams • Helps code reuse • Easier to work with in CI/CD pipelines
  78. ORGANIZING OUR TEST SUITE acme-corp-api-tests/ - services/ - auth-service/ -

    scenarios/ - config.yaml - functions.js - overrides.slo-response-time.json - package.json - common-config.yaml
  79. WHY THAT STRUCTURE? • Extensible: • can add a new

    service or API easily, or add a new scenario to an existing one • allows for service-specific config such as environment URLs or data from external CSVs • allows for service-specific custom code, e.g. to generate random data in a certain format • Can encode service-specific load phases and SLOs
  80. { "config": { "phases": [ { "duration": 120, "arrivalRate": 10,

    "rampTo": 20, "name": "Warm up the service" }, { "duration": 240, "arrivalRate": 20, "rampTo": 100, "name": "Ramp to high load" }, { "duration": 600, "arrivalRate": 100, "name": "Sustained high load" } ], "ensure": { "maxErrorRate": 0.1, "p99": 200 } } }
  81. RUNNING A TEST artillery run \ —config ./services/auth-service/config.yaml \ --overrides

    "$(cat ./services/auth-service/ overrides.slos.json)” \ --e dev ./services/auth-service/login.yaml
  82. RUNNING A TEST artillery run \ —config ./services/auth-service/config.yaml \ --overrides

    "$(cat ./services/auth-service/ overrides.slos.json)” \ --e dev ./services/auth-service/login.yaml
  83. RUNNING A TEST artillery run \ —config ./services/auth-service/config.yaml \ --overrides

    "$(cat ./services/auth-service/ overrides.slos.json)” \ --e dev ./services/auth-service/login.yaml Easy to parameterize in CI/CD - service name, load/ SLO override, environment and optionally a scenario
  84. RUNNING A TEST artillery run \ —config ./services/auth-service/config.yaml \ --overrides

    "$(cat ./services/auth-service/ overrides.slos.json)” \ --e dev ./services/auth-service/login.yaml Easy to parameterize in CI/CD - service name, load/ SLO override, environment and optionally a scenario Generic / reusable CI job!
  85. RUNNING A TEST • Reusable by other jobs / pipeline

    stages • Or via the UI for ad hoc testing - e.g. in Jenkins or AWS CodeBuild
  86. ORGANIZING OUR TEST SUITE acme-corp-api-tests/ - services/ - auth-service/ -

    scenarios/ - config.yaml - functions.js - overrides.slo-response-time.json - package.json - common-config.yaml
  87. WHERE TO START? • Pick one service • Write tests

    using the template & set up a CI job to run them
  88. WHERE TO START? • Pick one service • Write tests

    using the template & set up a CI job to run them • Show & tell to the rest of the team
  89. WHERE TO START? • A good candidate service: • Small

    API surface • Has experienced performance issues, or
  90. WHERE TO START? • A good candidate service: • Small

    API surface • Has experienced performance issues, or • On the critical path for other components, or
  91. WHERE TO START? • A good candidate service: • Small

    API surface • Has experienced performance issues, or • On the critical path for other components, or • Has high performance requirements
  92. WHERE TO START? • A good candidate service: • Small

    API surface • Has experienced performance issues, or • On the critical path for other components, or • Has high performance requirements • For example: an authentication service
  93. SO… WE’VE LOOKED AT • What performance testing is, and

    different types of performance tests • Where performance testing fits into the development, testing, and delivery process
  94. SO… WE’VE LOOKED AT • What performance testing is, and

    different types of performance tests • Where performance testing fits into the development, testing, and delivery process • Running performance tests in CI/CD pipelines
  95. SO… WE’VE LOOKED AT • What performance testing is, and

    different types of performance tests • Where performance testing fits into the development, testing, and delivery process • Running performance tests in CI/CD pipelines • Setting and verifying SLOs
  96. SO… WE’VE LOOKED AT • What performance testing is, and

    different types of performance tests • Where performance testing fits into the development, testing, and delivery process • Running performance tests in CI/CD pipelines • Setting and verifying SLOs • The mechanics of setting up a test suite with Artillery