just keep functioning
play

Just keep functioning Testing, monitoring, and debugging FaaS apps - PowerPoint PPT Presentation

Aug 14, 2023 •161 likes •483 views

Just keep functioning Testing, monitoring, and debugging FaaS apps Ace Nassri Developer Programs Engineer @ Google October 4th, 2018 Agenda Ops CI/CD Serverless Testing 1 Testing: a background An overview of testing strategies

  1. Just keep functioning Testing, monitoring, and debugging FaaS apps Ace Nassri Developer Programs Engineer @ Google October 4th, 2018

  2. Agenda Ops CI/CD Serverless Testing

  3. 1 Testing: a background An overview of testing strategies

  4. Testing: the what A high-level definition: does my code work - and does it work well? Lower level questions we might ask: Does my code work according to language and style guidelines? - Does my code work with the latest dependencies ? - Does my code work when subjected to extreme loads? - Does my code work when provided edge cases, malicious data, or other invalid input? -

  5. Testing: does my code work? System tests Unit tests Integration tests Faster Slower Specific Comprehensive Nice-to-have Essential Unit Unit ≈ Integration ≈ Unit Unit System Integration Unit Unit (We’ll explain what each test consists of later.)

  6. Testing: does my code work well? Static tests - test your code for various things (such as style) without running it Load tests - system test that tests your code against (un)expected loads Fuzz tests / Vulnerability Scanners - test your code’s handling of potentially malicious input

  7. Testing: the why Testing is an insurance policy against potential bugs and their associated business impact Goal #1: reduce the likelihood of software errors happening Goal #2: verify code correctness on an ongoing basis Stretch goal: quickly identify errors caught by tests Impact of testing Google’s OSS security testing discovered >250 potential security issues in ~5 months 1 ● Inadequate software testing costs the US up to ~1% of annual GDP 2 ● 1: https://testing.googleblog.com/2017/05/oss-fuzz-five-months-later-and.html 2: https://www.nist.gov/sites/default/files/documents/director/planning/report02-3.pdf

  8. 2 Hello Serverless! Testing strategies for FaaS

  9. Unit tests Verify that the minutiae of your code work as expected (such as edge case checking) No reliance (or verification!) whatsoever on external dependencies (such as libraries or APIs) Use mocking frameworks (such as Sinon/Proxyquire in Node.js) to fake external dependencies Good at isolating causes of known problems, but bad at detecting unanticipated ones Very quick to run, and rarely require billed resources Feature API Mock

  10. Sample HTTP function 1: const storage = require(`@google-cloud/storage` )(); 2: 3: exports.createBucket = (req, res) => { 4: return storage.createBucket(req.body.name) 5: .then(res.send('Success!')) 6: .catch(err => res.send('Error:', err)); 7: }

  11. Sample function unit test 1: // {proxyquire, sinon, ava} are libraries - imports omitted 2: const storageMock = { createBucket : sinon.stub().resolves() }; 3: const program = proxyquire('..', // Mock Cloud Storage library 4: { '@google-cloud/storage' : sinon.stub().returns(storageMock) }); 5: 6: ava('should attempt to create a bucket' , t => { 7: const req = { body: { name: 'name' } }; // Fake 'req' object 8: const res = { send: sinon.stub() }; // Fake 'res' object 9: 10: program.createBucket(req, res); // Call tested function 11: t.deepEqual(storageMock.createBucket.firstCall.args, [ 'name']); 12: });

  12. Integration tests Verify that parts of your code fit together as expected Run locally on a development machine, using the Node.js emulator or a shim Can either use mocking or rely on external dependencies directly Required dependencies are usually quick (< 1 second) to use, so tests are moderately quick to run May require small amounts of billed resources Balances detection and isolation of problems; can detect unanticipated problems in some cases Feature Feature

  13. Sample function integration test 1: // {uuid, ava, request-promise-native} are libraries - imports omitted 2: const storage = require('@google-cloud/storage' )(); 3: 4: ava('should create a real bucket' , async t => { 5: const name = `serverless-test- ${uuid.v4()}`; // Make test runs unique 6: const url = `${ process.env.BASE_URL }/createBucket` ; 7: await requestPromiseNative. post(url, { name : name }); // Eventually consistent 8: await setTimeout(() => { return Promise.resolve() }, 1000); // Ideal: exponential backoff 9: const exists = await storage.bucket(name).exists(); 10: t.is(exists, true); 11: }

  14. System tests Verify that your code works as a system Heavy reliance on external dependencies, which can slow down the test itself Require moderate amounts of billed resources Great for detecting problems, including unanticipated ones and those residing outside your codebase Bad at isolating problems and their root causes Caveat: state matters when testing cloud-based dependencies State dependence may introduce eventual consistency and/or shared resource issues

  15. Sample function system test 1: // {uuid, ava, request-promise-native} are libraries - imports omitted 2: const storage = require('@google-cloud/storage' )(); 3: 4: ava('should create a real bucket' , async t => { 5: const name = `serverless-test- ${uuid.v4()}`; // Make test runs unique 6: const url = `${ process.env.BASE_URL }/createBucket` ; 7: await requestPromiseNative. post(url, { name : name }); // Eventually consistent 8: await setTimeout(() => { return Promise.resolve() }, 1000); // Ideal: exponential backoff 9: const exists = await storage.bucket(name).exists(); 10: t.is(exists, true); 11: }

  16. Static tests Verify your code follows language/style conventions and dependency management best-practices Many are free to install and quick to use Linters detect (and may fix) style issues in your code (e.g. prettier for Node.js, pylint for Python) Dependency management tools check for issues with dependencies (e.g. Snyk for Node.js) Major con: narrow focus 1 let a, b = null; 1 let a; 2 2 let b = null; 3 console.log(a, b); // undefined, null 3 4 console.log(a == b); // true 4 console.log(a, b) ; // undefined, null 5 console.log(a == = b) ; // false Before linting After fixing linter errors

  17. Load tests Verify that your entire system (including non-autoscaled components) keeps up with user demand Heavy reliance on external dependencies Required dependencies may be slow to access, which can slow down the test itself Tools themselves are typically free, but test runs can require large amounts of billed resources Helps protect against a “hug of death” or other sudden (and possibly beneficial) spike in traffic Examples: Apache Bench ( ab on most Mac/Linux systems ), Apache JMeter

  18. DEMO: Apache Bench 18

  19. Security testing Verify your code (and dependencies) work with potentially malicious input Motivation: US businesses lost $67 billion due to cyberattacks (in 2005) 1 Can be part of unit, system, integration, and/or static tests Tools are often free to install, but may cost money if billed resources are involved Examples: Zed Attack Proxy, Snyk.io, the Big List of Naughty Strings, Google’s oss-fuzz Caveat #1: no automated tool is perfect - if security matters, do your research and find a consultant Caveat #2: may damage the target application environment 1: https://www.gillibrand.senate.gov/imo/media/doc/Sen.%20Gillibrand%20CyberSecurity%20Report.pdf

  20. 3 Continuous Deployment Syncing your codebase and the Cloud

  21. Keeping deployments up-to-date For many developers, git branches are the source of truth Many Serverless providers require manual CLI invocation to test + re-deploy code Continuous Integration + Deployment (CI/CD) systems automate this process Many different CI/CD platforms available Cloud Build is Google Cloud Platform's built-in CI/CD platform Several other Cloud-agnostic hosted options out there Basic CI/CD systems for Serverless deployments are fairly easy to set up

  22. Example Cloud Build config (Node.js) steps: - name: 'gcr.io/cloud-builders/npm' # Install dependencies args: ['install'] - name: 'gcr.io/cloud-builders/npm' # Run tests args: ['test'] - name: 'gcr.io/cloud-builders/gcloud' # Deploy if previous steps pass args: ['functions', 'deploy', '[FUNCTION_NAME]', '[TRIGGER]']

  23. DEMO: Cloud Build 23

  24. 4 (O)ops! Keeping deployments healthy

  25. Serverless Operationalization 101 Tests can only detect problems out of production What about problems in production? Stackdriver - tools for monitoring + debugging code on Google Cloud Platform/Amazon Web Services Azure’s equivalent - App Insights - The most useful tools for Serverless developers Monitoring + Metrics - Is my code broken? - Logging + Error Reporting - Where is my code broken? -

  26. Logging + Error reporting Logging automatically stores + indexes logs from functions Error Reporting aggregates logs into meaningful error reports

  27. Monitoring + Metrics: a crash course Monitoring + metrics tools help detect unhealthy code in production quickly Goal: catch as many errors as we can with the least setup possible Simple config: alert if log entries of a certain severity (e.g. error) occur too frequently (>1% of invocations) More complex config: alert if execution {time, count} or memory substantially (>2-3x) exceed normal limits Pros: simple to configure, determines if production code is broken, covers any function and/or app Cons: requires good logging statement coverage, not always helpful when locating broken code Additional checks: HTTP[S] uptime checks can be used with HTTP[S]-triggered functions

  28. DEMO: Stackdriver Monitoring 28

  29. Recap

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Principles Principles Principles Principles of a well of a well of a well of a well- - -

Principles Principles Principles Principles of a well of a well of a well of a well- - -

High quality independent research into competition policy and regulation Principles Principles Principles Principles of a well of a well of a well of a well- - - -functioning functioning functioning functioning retail energy retail

495 views • 7 slides
Background: Ecological communities: Structure, Stability &amp; Functioning Understand

Background: Ecological communities: Structure, Stability &amp; Functioning Understand

Background: Ecological communities: Structure, Stability &amp; Functioning Understand community structure, Networks of stability and functioning networks Food web ecology Predict community responses to Temporal perturbation

418 views • 3 slides
Objectives of science in functioning of Objectives of science in functioning of Regional

Objectives of science in functioning of Objectives of science in functioning of Regional

Document SPRFMO- -I I I I I I - -SWG SWG - Document SPRFMO -19 19 Objectives of science in functioning of Objectives of science in functioning of Regional Fisheries Management Regional Fisheries Management Organizations in relation to the

242 views • 22 slides
Symptoms Duration Impact on functioning Numbness,

Symptoms Duration Impact on functioning Numbness,

Dr. Lori Triano-Antidormi Dr. Jane Storrie OPA Annual Conference February 21, 2015 Symptoms Duration Impact on functioning Numbness,

241 views • 9 slides
High Level Forum for a better functioning food supply chain (HLF) High Level Forum for a Better

High Level Forum for a better functioning food supply chain (HLF) High Level Forum for a Better

High Level Forum for a better functioning food supply chain (HLF) High Level Forum for a Better Functioning Food Supply Chain GROW - DG Internal Market, Industry, Entrepreneurship and SMEs Associated DG: AGRI - DG Agriculture and Rural

510 views • 11 slides
Metacognition and the Learner Strategies for better academic functioning, thinking &amp;

Metacognition and the Learner Strategies for better academic functioning, thinking &amp;

Metacognition and the Learner Strategies for better academic functioning, thinking &amp; learning Presented by B.OT; M.OT; PDME 12 March 2016 Metacognitive Occupational therapist therapeutic for 36 years intervention process

980 views • 97 slides
Introduction to IO Study the functioning of markets. 1 Historical development of IO 2 waves:

Introduction to IO Study the functioning of markets. 1 Historical development of IO 2 waves:

Introduction to IO Study the functioning of markets. 1 Historical development of IO 2 waves: 1. Harvard Tradition (J. Bain (1956, 1959) and E. Mason (1939, 1949)) is more empirical. Structure - Conduct - Performance paradigm.

462 views • 14 slides
Particularity and relevance of the framework in relation to the organization and functioning of

Particularity and relevance of the framework in relation to the organization and functioning of

Webinar on: GOVERNANCE ROLES AND CAPACITIES OF MoH FRAMEWORK: A PRACTIONER'S PERSPECTIVE Particularity and relevance of the framework in relation to the organization and functioning of the MOH in particular in LMICs A. Belghiti Alaoui MD.MPH.

515 views • 13 slides
Hippocampal calcifications: risk factors and association with cognitive functioning E.J.M. de

Hippocampal calcifications: risk factors and association with cognitive functioning E.J.M. de

Hippocampal calcifications: risk factors and association with cognitive functioning E.J.M. de Brouwer, R. Kockelkoren, J.J. Claus, A. de Jonghe, M. Geerlings, T.E.F. Jongsma, W.P.Th.M. Mali, J. Hendrikse, P.A. de Jong, H.L. Koek University of

535 views • 28 slides
International Classification of Functioning, Disability and Health (ICF) Stien Hennaert

International Classification of Functioning, Disability and Health (ICF) Stien Hennaert

Linking of the Integration von Menschen mit Behinderungen in die Arbeitswelt (IMBA) to the International Classification of Functioning, Disability and Health (ICF) Stien Hennaert (GTB) Saskia Decuman (NIHDI) Dominique Van de Velde

800 views • 23 slides
Emotional Well-Being What Defines Optimal Mental Health? Healthy functioning is when one

Emotional Well-Being What Defines Optimal Mental Health? Healthy functioning is when one

Emotional Well-Being What Defines Optimal Mental Health? Healthy functioning is when one spontaneously experiences and expresses emotions appropriate to the situation and their developmental stage Appropriateness of Affect In

382 views • 24 slides
Fa Family Functioning, En Entrepreneurship and Performance: Th The case of family y

Fa Family Functioning, En Entrepreneurship and Performance: Th The case of family y

Fa Family Functioning, En Entrepreneurship and Performance: Th The case of family y businesses Matt Allen, Jim Davis, Albert James, Bill Worthington PR PRIMARY FOCUS OF STEP Fa Family Business &amp; Entrepreneurship Family is

304 views • 29 slides
Resilience Engineering (RE) A system is resilient if it can adjust its functioning prior to,

Resilience Engineering (RE) A system is resilient if it can adjust its functioning prior to,

Resilience Engineering (RE) A system is resilient if it can adjust its functioning prior to, during, or following events (changes, disturbances, and opportunities), and thereby sustain required operations under both expected and unexpected

488 views • 14 slides
Assessing Capacity 1. Is there impairment of, or disturbance in, the functioning of the

Assessing Capacity 1. Is there impairment of, or disturbance in, the functioning of the

Assessing Capacity 1. Is there impairment of, or disturbance in, the functioning of the persons mind or brain? 2. Is the impairment or disturbance sufficient that the person lacks the capacity to make that particular decision at a

239 views • 4 slides
How well does performance predict self-reported functioning in Europe? A cross-country comparison

How well does performance predict self-reported functioning in Europe? A cross-country comparison

How well does performance predict self-reported functioning in Europe? A cross-country comparison among 14 European countries using SHARE data. Maria Bilo 1 , Eileen Crimmins 2 1 Dipartimento di Scienze Statistiche, Sapienza Universit di Roma,

611 views • 18 slides
and impact on their functioning Marie Guittonny, Professor at the Research Institute on Mines and

and impact on their functioning Marie Guittonny, Professor at the Research Institute on Mines and

Root colonization in mine covers and impact on their functioning Marie Guittonny, Professor at the Research Institute on Mines and the Environment of Universit du Qubec en Abitibi-Tmiscamingue (UQAT) 43rd CLRA/ACRSD National Conference and

533 views • 22 slides
1 Performance testing Security Testing Is data/access safe from those who should Test for

1 Performance testing Security Testing Is data/access safe from those who should Test for

Test Specifications Quality Assurance: What questions do I want to answer about this code? Think of this as experiment design Test Development &amp; Execution In what dimensions will I ask these questions? CSE 403 Functionality

380 views • 8 slides
Fast Forward Reflecting on a Life of Watching Movies and a Career in Security Jason Chan VP,

Fast Forward Reflecting on a Life of Watching Movies and a Career in Security Jason Chan VP,

Fast Forward Reflecting on a Life of Watching Movies and a Career in Security Jason Chan VP, Information Security @ Netflix @chanjbs Credit: @LoulouHoltz So . . . what does this have to do with security? Credit: @matt_tesauro Back to the

1.08k views • 73 slides
Chapter 3 Instruction-Level Parallelism and its Exploitation (Part 3) ILP vs. Parallel

Chapter 3 Instruction-Level Parallelism and its Exploitation (Part 3) ILP vs. Parallel

Chapter 3 Instruction-Level Parallelism and its Exploitation (Part 3) ILP vs. Parallel Computers Dynamic Scheduling (Section 3.4, 3.5) Dynamic Branch Prediction (Section 3.3, 3.9, and Appendix C) Hardware Speculation and Precise Interrupts

656 views • 28 slides
The Lurch Project A word processor that checks your math Nathan Carter Bentley University

The Lurch Project A word processor that checks your math Nathan Carter Bentley University

The Lurch Project A word processor that checks your math Nathan Carter Bentley University Classic board game Modern game Modern game Modern game Modern game Contrast Classic board Modern video games games require reading and teach

674 views • 33 slides
Project Report Guidelines Written report due Dec 9, midnight Kalev Kask ICS 271 Fall 2018

Project Report Guidelines Written report due Dec 9, midnight Kalev Kask ICS 271 Fall 2018

Project Report Guidelines Written report due Dec 9, midnight Kalev Kask ICS 271 Fall 2018 271-fall 2018 Programming Project One (written) report per team Grading is based on Quality of work (50%) Quality of report (50%)

85 views • 6 slides
THE LARGEST SHIFT IN THE WAY WE LIVE - EVER AT THE SAME TIME BIRTHRATES Demographic shift. It is a

THE LARGEST SHIFT IN THE WAY WE LIVE - EVER AT THE SAME TIME BIRTHRATES Demographic shift. It is a

THE LARGEST SHIFT IN THE WAY WE LIVE - EVER AT THE SAME TIME BIRTHRATES Demographic shift. It is a COLLAPSE WORLDWIDE remarkable thing. We are experiencing the most rapid change in the nature of human habitat ever seen. Within the next five

368 views • 33 slides
Impact of the Rule Implementation March 6, 2009 James R. Meister Vice President, Operations

Impact of the Rule Implementation March 6, 2009 James R. Meister Vice President, Operations

Impact of the Rule Implementation March 6, 2009 James R. Meister Vice President, Operations Support Exelon Nuclear 1 Major Impacts Intrusion detection and assessment capability at all times Codify the requirements for play

89 views • 7 slides
COMP 516 Research Methods in Computer Science Dominik Wojtczak Department of Computer Science

COMP 516 Research Methods in Computer Science Dominik Wojtczak Department of Computer Science

COMP 516 Research Methods in Computer Science Dominik Wojtczak Department of Computer Science University of Liverpool 1 / 23 COMP 516 Research Methods in Computer Science Lecture 14: Project planning (2) and Risk management Dominik Wojtczak

395 views • 23 slides

More recommend