I'm writing a monitor service for our EC2 based cluster, it task will be [connect via HTTP/S to our events servers each X(ms), verify they are alive, rest].
I need a toolkit that will be able to perform the Connect test itself and report success or failure. I've tried to do this with Apache HTTPClient but I'm getting too many false positives on failures which did not happen. I've also looked at JMeter which at first looked quite promising but after downloading a 15mb file with ~25 3rd party jars started to feel like a huge overkill.
The requirement is simple: Check that tested node replies correctly in a defined time frame on HTTP GET request.
Could you suggest a library that allows this service? It is crucial to keep the false positive rate into a bare minimum because hmmm... well that means our processing stops until a broken node is examined... (A no-no indeed :)
Thank you,
Maxim.
For something in a Unix environment (which I'm guessing is what you are using because you are using Apache), try Monit http://mmonit.com/monit/
You can use Monit to make requests to your services, expect certain content and then create alerts based on what it thinks the state of the service is. Here's an example of a config file that can be used to monitor Apache: http://mmonit.com/wiki/Monit/ConfigurationExamples#apache
You can install Monit on each of your boxes and then use M/Monit to monitor of your monitored boxes.
Related
Avoid restarting the server every time when tiny changes on integration tests
I'm new to Spring and feeling a lot of pain on writing integration tests on Spring.
For example, say I'm running an integration test and change the code below.
See, there's nothing related to the server code change.
To run the new updated integration test code, I have to launch the webserver and data seeding again which might take 5 minutes long.
Hard to imaging how people manage this way for development.
I'm not sure if it is possible to launch the webserver along by bootRun and the integration test should try to communicate the dedicate server without bothering to reboot the servers for running tests.
Usually, which part config file will define this behavior?
I took over this project and have to figure it out my own.
Before
serverResp.then()
.statusCode(203)
.body("query.startDateTime", equalTo("2018-07-01T00:00:00"))
After
serverResp.then()
.statusCode(200)
.body("query.endDateTime", equalTo("2020-07-01T00:00:00"))
There are many different way to do integration testing.
Spring has a built-in framework that runs the integration test in the same JVM as the real server.
If the application is heavy (usually relevant for monoliths) it indeed can take time to run it, the best you can do then is to "chose" which parts of the application to load that are relevant to the test. In spring there are ways to achieve this, the question is whether your application code allows such separation.
Then there is a way to write integration tests so that they indeed communicate with a remote server which is up-and-running "in advance". during the build this can be done once before a testing phase and then when the tests are done, the server should be shut down.
Usually tests like this have some ways to specify the server host/port for communications (I put aside the security, credentials, etc).
So you can check if there is some special flag/system property - read the host / port from there.
A good thing in this approach is that you won't need to restart the server before every test.
The bad thing is that it doesn't always allow to test easily: If your test deploys some test data, this test must also remove the data at the end of test.
Tests must be designed carefully.
A third approach is a kind of hybrid and generally not a mainstream IMO:
you can create a special setup that will run test in different JVM (externally) but once the test starts its bytecode gets uploaded to the running server (the server must have a backdoor for this) and the actual bytecode gets executed actually on the server. Again the server is up-and-running.
I wrote once a library to do this with Spock, but it was long time ago and we haven't used it after all (that project was closed).
Don't want to self-advertise or something, but you can check it out and maybe borrow technical ideas of how to do this.
Trying to use ZAP (2.4.3) in a continuos integration (CI) setting. I can run ZAP as a daemon, run all my Selenium tests (in Java) by using ZAP as a proxy, and then being able to use the REST api calling htmlreport to get a final report of the Passive Scanner. This works fine, but I would like to also use the Active Scanner.
Using the Active Scanner in CI is mentioned several times in ZAP's documentation, but haven't found any working example or tutorial about it... does any exist?
What I would like to achieve is something like: Run Active Scanner on all the pages visited by the Selenium regression suite, once it is finished to run.
Trying to look at ZAP's REST api, but is mostly undocumented:
https://github.com/zaproxy/zaproxy/wiki/ApiGen_Index
Ideally, it would be great to have something like:
Start Active Scan asynchronously on all visited urls
Poll to check if Active Scan run is completed
In the REST api it seems there is something related, but:
ascan/scan needs an url as input. Could call core/urls to see what the Selenium tests have visited, but then how to set the right authentication (logging credential)? What if the order in which the urls are visited is important? What if a page is only accessable with a specific credential?
there is an ascan/scanAsUser, but it is unclear how contextId and userId can be retrieved from ZAP. A cumbersome workaround would be to modify the Selenium tests to write on disk the urls they visit and which logging/password credentials they are using, and then, once all tests are finished, to read from disk such info to call ZAP. Is there any simpler way?
OK, so theres a lot of questions here:)
ZAP typically scans hierarchies of URLs, eg everything under https://www.example.com/app the top level url of your application. We kind of assume you know what that will be ;)
Authentication is non trivial to handle, see https://github.com/zaproxy/zaproxy/wiki/FAQformauth
The ascan/status call returns the completed %
You may find the ZAP User Group http://groups.google.com/group/zaproxy-users better for these sort of questions.
But yes, we do need to improve the API documentation :/
Cheers,
Simon (ZAP Project Lead)
I have created a web based application using JSP and Servlets and the application uses an SQL Server DB as its backend.
The architecture is like this:
I have all my business logic in a jar file
I have created my views using JSPs and am using servlets to interact with my business logic jar
The jar connects to the database to persist and hydrate information, which is relayed to the JSP by my servlets.
My web application runs on a remote Tomcat server.
Now, I have been given a new requirement. I have to create a command line interface, where I should be able to specify a list of commands and hit enter (or alternatively, create a set of commands and save it in a .bat file or something, and run it), so that my application performs the necessary actions. Basically, I have to create a command line interface, which can be used along with the GUI i already have (JSPs).
I am totally new to this. Can anyone throw light on where and how I can start?
Any little help is greatly appreciated.
EDIT
This is what my web application does. User can see a list of test scripts (written in Selenium WebDriver). He can choose script(s), choose a host on where to run them from, and click "Run", and the test executes on the said machines.
Now, I want a command line interface, which will eliminate the need for the GUI. Let's say, I simply want the user to be able to type a command like "execute My_Script_1", and the script should be executed.
The test scripts, the selenium drivers, everything reside on the App server.
My command line interface should be able to work on Windows command prompt.
Thank you.
Are you using Spring?
Can you specify, what exactly your CLI should do?
You may do, what Thomas said.
You also may use template engines like Velocity.. To form your output.
Use some kind of JavaCurses-like library to make your output... Look well.
Specifying commands...
Hm.. think about your business logic what exactly you are showing to user.
Remember webapp ui is webapp ui. Console ui is different. And user expects different behaviour
So commands like
show goods category="for kids"
Will be great.
Also don't forget about different help commands
yourJarName.jar --help / -h and etc
If your are want to write application with interactive mode... think about help command there.
You say you have your business logic in a JAR.
Why not starting another project with this JAR as a dependency and build it as an executable jar ?
Then simply use System.in and System.out to interact with the user.
EDIT :
So your application is hosted. Do you have an API like REST or SOAP or any other ?
Then you can build a client reading a string that the user has written, parsing it and calling the right service in your API.
I see two options:
Create a client-side CLI that generates the same data your server
receives. In other words, you don't modify your server code, and you create a
client-side CLI module (with jQuery for example) that parses the command lines and sends
exactly the same thing your actual GUI sends.
Set up a text area in your web app (decorated as a CLI) that reacts
on each Enter key pressed, and sends the line(s) to your server. On
your server, you can create a utility class (say CLIParser.java for
instance), and use Args4j to parse the received command,
validate it and run it.
Have you looked at Primefaces terminal? http://www.primefaces.org/showcase/ui/misc/terminal.xhtml
You data structure looks simple enough. Also you mentioned you designed your application the way the business logic is separated from the front end.
In this case you may consider exposing your business logic as a REST based WebService. It should not be that hard since you have layered structure in your application.
Looks like a few methods:
list scripts - returns a list of available scripts list hosts
returns a list of available hosts run script(scriptName, hostAddress)
runs script scriptName on a host with on address hostAddress possibly returns the results if your application supports this
All three look like a good candidates for GET methods.
You may consider Jersey or Resteasy or another framework.
You can find plenty tutorials for both of them. Take a look for example here.
From your command line application you can make calls to your web service in different ways. Just because I used to work with Jersey JAX-RS implementation most of the time, I found use of Jersey client(the latest stable version) the most convenient. Here you can find a short tutorial how you can do it from your command line application with Jersey client. JBoss also has a client API as a part of their framework(also fully certified JAX-RS implementation). You may even decide not to use any client API and do all the work manually utilizing HttpURLConnection, but I would not recommend. There is no big difference in using client API or do all the work manually with HttpURLConnection for the simple service, but you never know when your application becomes not that simple because of new requirements your client could not think of at the beginning.
Hope that helps
I've worked with jmeter a little before and have just downloaded jmeter 2.7.
Our web application has a questionnaire that each person fills out. Like most questionnaires, the questions that show up vary depending on answers to previous questions, so there are multiple paths and very rarely does one person see all of the questions.
What I'd like to do is create a control file that will specify a group of questionnaires which it will load and log those people into the system and fill out a questionnaire checking the path and results at the end to make sure the answers were stored properly.
I would like to have 25 simultaneous users of this. Eventually I'd like to have a few hundred.
How do I get starting setting all of this up through jmeter? I don't mean a walkthrough, but I'm a little familiar with a number of the jmeter components. Which components would I use to solve this problem and in what order?
Thanks.
First of all I recommend upgrading to the latest version of jMeter.
To start every test you should add a thread group(right click on the test plan):
Then you would specify number of users/threads to 25 by clicking on your thread group and filling in the number of threads field.
Since you're dealing with web you would add a http request to your thread group (I have many more samplers in my screenshot don't get confused, this is because it's possible to extend jmeter with anything you need really) :
Then after doing some web request you would validate those web requests by using i.e. response assertion :
I could go on for a long time really. Jmeter documentation is somewhat poor in my opinion but it's a great tool.
Without any specific questions this should be enough to get you started.
I've been searching for days but I have not found a clear answer. How would I go about writing a small jar file to give to my users that simply gets a jar file from a URL (with multiple classes in it) and run it. It would be great if the end user never actually has the jar on his computer at anytime. I am doing this as a small security measure.
If the user is going to execute your code, it must exist on their computer. It's just the way it works.
If you wanted to re-write your code to perform most of the work on your servers, that'd be one mechanism to combat piracy, but it does mean that you need to duplicate all the input verification checks: perform them once on the client side, for reasonable response time, and again on your own servers, to ensure that your users aren't trying to use your services improperly.
Another mechanism would be to run a VNC server on your servers, and ask your users to VNC in. The software executes completely on your servers. It is a draconian step though, one your users will likely detest.
I am not sure how you'd go about it, but I know that using Maven allows you to access things without having the jar locally. You can just specify the URL. So maybe look into how they do their repositories.
Another option would be to encrypt your JAR file and write a custom class loader that decrypts it on the fly on client machines. This won't prevent a power user from attaching a debugger to the JVM and examining your byte code, but it prevents the typical user from having access to your code.