How to debug k6 load testing scripts with Tom Miseur (k6 Office Hours #25)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello and welcome to another k6 office hours i am nicole van der hooven and today i'm joined by my colleague tom masseur hello tell us about yourself when did you join k6 what do you do sure yeah i joined k6 about six months ago um i've been in the load testing arena for for quite a while now and uh yeah really excited to be here um and looking forward to share some tips and tricks that i've i've learned in the in the time i've uh since i've been here so yeah yeah so tom is actually a performance tester by background and um at k6 i think you do a bunch of different things sometimes you answer some customer support questions as well but you also go on actual engagements with kasich's right yep so we provide professional services so you know sometimes our customers either don't have the time themselves to to create scripts or perhaps they're looking to just offload um everything from script creation through to test execution and results analysis so we we obviously have a lot of experience with that um because it's what we do all the time so um we're able to uh to help pretty pretty quickly as well you know we're able to get scopes right up and running quickly so if you're in a hurry and need and need testing done quickly then that's definitely something we provide i also think that it's it's really different because when we we provide the tool and we provide support for the tool but how to use k6 is very different from how to run a load testing project or you know we can we can help you normally um with with questions about how to do something how to implement your testing plan in k-6 or if you have an idea already of your workload model but sometimes we get customers who don't really have the the capacity or the experience within their teams to do load testing and that's where tom comes in yeah how do you like it so far it's been great yeah i really enjoy enjoy working for k-6 and seeing what kinds of things are our customers are testing you know um uh yeah it's uh never a dull moment yeah i was really happy when when i got to know you because i i was happy to have another performance tester on the team and i think that we we got to talking about a lot of the same problems that we both had when we were starting to use k6 i think and correct me if i'm wrong but i think you and i were both from the same world where we have certain expectations of a load testing tool and at least for me k6 was was very different from other tools that i tried before would you say the same yep yeah that's true you know there's pros and cons to different different tools what i really liked about k6 was you know the fact that we have k6 cloud where you have a really nice web ui for looking at your tests when they're running and looking at the results there as well so easy to share results with others you know you can create these magic links and just send that to someone that can see exactly what you see as well and also the ability of having you know multiple people able to uh see the same test as it is running it's it's particularly useful if you're running into problems uh you know that the devs can be looking at the results in in real time as well and so they can also then look at what's happening on the server side to see if they can figure out why there's a sudden spike in in performance when you reach 2000 virtual users so it's it's a it makes it really convenient yeah i i definitely i mean we we always like to talk about the good things about k-6 but we're also not afraid to talk about areas where maybe we could improve a little bit sometimes it's a case of k-6 the tool itself needing improvement sometimes it's about educating people how to on how to use k-6 and i think one of the things that makes kasich so performant is the fact that we are very vigilant about what we allow in 2k6 because we've seen from other load testing tools where they try to add all the features which is great because you can support more more people and more use cases but that's also that's always at a cost right every little bit that you add adds extra overhead because everybody who uses k6 is going to be downloading that binary regardless of whether they use those extra features so i think the philosophy of the team and mihail who is one of the k-6 oss developers has been on previous office hours as well and he said that he really wants to keep it contained and and composable and able to work with with other extensions or other technologies yep yeah yeah actually we're seeing a bit of a shift i feel like um you know where the industry as a whole seems to be tired of proprietary protocols and shifting to to open protocols you know um gone are the days of uh applications like sap using their own uh you know binary proprietary protocol that you can't make any sense of if you're if you're recording you know the network packets or you know it it they get really messy really fast and there's uh load testing tools out there that support these archaic protocols and um i won't name name the one i'm thinking of but you know it's sounding like some of these protocols are being dropped in favor of becoming uh you know yeah basically yeah and it's it's a lot of bloats yeah and it's uh and it's a pain to maintain as well um so so yeah we're in a good place with with k6 with our support for http uh web socket and grpc so and yeah that's why we have xk6 as well as mustafa says we we have the ability to incorporate other protocols when when it's appropriate so that's great and james leatherman says oh the thing says code that's certainly the the trend these days um so when when i first started when i ran k6 for the first time and i think that's actually on my week of testing videos i think i kept that part in but there was a moment where i ran the test and a bunch of text flew by and was i was like what what does that mean did it did it pass where's the i'm i'm used to seeing um a lot more feedback and k-6 is meant to be to cut out all of the extra things that maybe not everybody really wants and so an initial struggle for me was how do i figure out what actually happened in my script i know it ran but how did it go did you have the same experience yeah actually yeah um you know we i think i'm trying to remember we we made some changes fairly recently that uh that really highlighted um you know unexpected uh status quotes for um but i remember running a script and you know it ran through to completion but i i i knew that there was something not right with it and i i seem to recall that the default output didn't really um highlight it as much as i would imagine uh it might um so you know these days i think you know we have um we will notify you if there's any status codes received in the 400 to 500 range and so that's at least you know some hint that something's going uh going wrong um but yeah i find myself um using a function that prints out the response body typically when when there's an unexpected status code and so i just i have a function that i reuse all over the place that that allows me to do that easily we'll have a look at that later if there's time oh is in the chat as well who is normally my co-host but is on vacation apparently not enough of a vacation because he's still watching this on a friday night afternoon but hi simeon um okay so the reason that i i wanted i was excited to have you come on the show because i definitely wanted to talk about debugging and i think that when you if you use a any sort of automated testing tool in in a project you'll realize very quickly that there are just some weird feature weird um errors or or sometimes there's not even any error that makes you think i wish i knew exactly what was happening exactly what the response returns um there's also the problem that recording isn't foolproof so a lot of of testers including me like to start off with a recording especially if if it's like a full website where you want all of the requests all of the embedded resources but the problem is that that recording is not always replayable yep that's right yeah um i find myself using recordings quite a lot uh you know it's it's sort of the source of truth there's no ambiguity about you know what your script should be doing you have a recording of the traffic and then you have something then to compare against and that that becomes really useful for the the trickier flows you might encounter and and one that's coming up more and more frequently at least in my world with professional services is uh saml single sign-on so you know uh that the saml exchange could be fairly complex there's the sequence of easily you know 10 to 15 http requests if you're recording from the browser and all of these requests will have dynamic values flowing between them so there's a lot of correlation that needs to be done and uh yeah that that can be pretty tricky to do and and and under understand if you're if you're just you know using things like console log statements it can still take quite a while to uh to debug that yeah so there's this a lot of dynamic view states that are there for security measures and those things are i mean it's always there's always something that slips through the cracks in a recorder right no recorder is perfect and so it sometimes it's handy to just see okay what was the request what was the response and then what exactly did that response and body entail so it's not just 200 you know but it's like did it say was it a 200 but in the in the response body it says error yep yep it could definitely happen um i so worth pointing out that uh we did just post a a blog post that that kind of mirrors some of the things we'll be uh talking about in this session as well i guess we might make sense to uh put the link to that up so just go find it yeah sure i i do have it it was posted just today actually a few hours ago let me post that in the chat um [Music] oh i think um floor who's also in the chat posted at the same time so now you have two links over there and tom wrote a really nice blog post about how to debug using a web proxy which is also what we're talking about today um so but before we talk about the the web proxy um how about we talk about things that you can ways that you can debug before then like just within the kasich script you already talked about being able to use console log statements one thing i do that all the time of course when i'm scripting one thing to keep in mind though is that you don't want to leave those turned on for the most part when you're doing a high load test because again that adds overhead yes that's right yeah i found myself using console.debug so typically you know the normal one you would use is console.log console.debug will i actually not output anything unless you're running the k6 command with the verbose flag and that really cuts down on the amount of messages that you then output it for you to actually run the test proper with multiple virtue users but yeah it's a it's very handy for that purpose sema has a question for you what is the coolest gig you've ever done as a consultant oh good um there's been some interesting ones i guess i guess my uh the most high profile one was probably uh load testing the uk's covet tracing app so you know these apps that uh use bluetooth in order to detect your distance from other uh users also using uh one of these apps um and then you know if they then later say they've uh had a positive test result you'll get pinged and so you know this was something run by the the uk government and uh therefore it was a pretty big deal it was all over the news and so um they had millions of people downloading the app on day one and it had to be able to handle that traffic uh otherwise the whole app would pretty much have been a failure you know people tweeting about the fact that it um you know it fell over on day one would not have been good for the app at all so that was that was quite a quite a fun little project and it all took place during the initial lockdown so i was just sitting at home and working on that it's pretty sobering to think that what we do as performance testers can actually affect people's lives yeah yep if only they'd uh realize that when they released the the healthcare gov website back in the day over here in the states uh that that was something that happened uh you know several years ago and uh unfortunately it seems like they didn't load tested it so as soon as people started using it it just keeled over and it was not good publicity for that yeah yeah actually here here in the netherlands i i think i wrote a blog post about it in dutch but i translated it to english as well but um on the day that they opened this telephone hotline for for being tested for the coronavirus i actually called because i was sick at the time i i got through after repeated attempts and and then when i finally got a hold of somebody they couldn't get their i don't know appointment system up so i we were just there stalling waiting for a site to load for her and then we got this connected and i thought you know the worst yeah this is this is a performance issue and it's not just the human it's not just the computer parts it's also the human parts because one of the issues with for the coronavirus was that for the coronavirus hotline was that appointments were made and they were very efficient you know in and out and five minutes kind of thing but it caused huge traffic jams around the testing centers that's still a performance issue that yes you should actually absolutely keep in mind when you're testing that whole application is it worthwhile to get the response time super fast if you're not if you're not going to be able to service the appointments it's an interesting interesting concept but anyway back to debug i'm sorry i just got carried away um another thing i really like that tip on the console log debug i've actually never thought of using that i just used console log and commented out but that is a way better thing to do so thank you for mentioning it um yeah in the early days uh you know i i i'd have a um is debug a boolean flag yes you know and if i'm in debug mode then it would just it would print out the console log statements otherwise you just wouldn't so yeah you can still sometimes i still do that but now i'll just use the debug pro tip yeah pro tip and also we were kind of talking earlier about adding text verification in so that you can verify that the response that is returned actually has the the text that you're looking for and i noticed when i was reading your blog post that you talked about this being very a very common mistake and testing e-commerce websites yeah you know the the sort of example where there might be an error within a status code 200 response is when um you know there's you're you're browsing an e-commerce site and you're trying to add a product to your cart and then it turns out the product is actually out of stock now that's actually you know a reasonable response that a server might send back to the client and it's not necessarily an error so it likely will be in http 200 and unless you're looking for something within that response body you wouldn't be able to tell the difference between items successfully added or out of stock and so uh the tricky part then is you know that in itself might not seem so bad but then you know imagine if your script is then also trying to check out a card well it's not going to be able to do that because there might not be any items in the cart and then then you'll probably see a legitimate error you know the server probably isn't able to handle a checkout where there's nothing to check out and it's not something you would necessarily be able to do through the the browser you know that the checkout button might be grayed out but as you're just sending the http you can still call the checkout endpoint and still post as well um so yeah that's when you might start seeing some some weird errors and then that's when you have to go digging through you know your previous responses in the script to see where where there could have been a problem yeah and there's a lot of value in stepping through the application manually because i've been in the situation where i did have text verification and after going to a product page i looked for add to cart and it was passing but when i looked at the actual response the text add to cart was there but the button as you said was disabled so you have to know whether that's the kind of application that you've got and sometimes you know just looking through the html for a specific thing won't give you the right response or the right um information about what's happening yep that's true yeah it's it's not uncommon for um you know uh users to write into support and say hey i ran my script there's no errors but this record or this thing my script was creating when i log on to the site afterwards i don't see you see it listed anywhere you know you're like creating an order but the order there's no reference to it anywhere on the site when you're expecting it to be there and that's when you start thinking well what's going on with my script and you know sometimes people assume that there's some kind of a problem with the tool k6 like that we're not able to um you know submit web forms or something like that which is uh not the case uh it is likely some difficult to find a problem within the script that needs to be fixed and it's usually you know dynamic ids or post data being sent in in unexpected format character encodings can sometimes mess things up you know you might end up with twice encoded uh url encoded values and all sorts of fun things like that and that that kind of issue is is very difficult sometimes to tell from uh within k6 you almost need like a third-party independent observer of the http con conversation that's not biased in any way and yeah that's that's exactly what a debugging proxy uh provides it's it's in effect looking at the conversation from from outside of it and and therefore you can you can see exactly what's going over the wire so to speak yeah let me actually share my screen because i also want to show sometimes how i i structure my script because when i'm when i'm in the debugging phase i sometimes it's difficult to tell sometimes which one is failing which transaction is failing in k6 so i don't know if you do this too but one way that that i like to use is instead of having normally you would have like a default function here for k6 to run but i i like to use the the functions to kind of separate transactions or we don't have the transactions in k6 are pretty amorphous they could be groups or they could be functions but one one good reason to do that is that if i have one action and one function then i can just keep adding them and then you know removing commenting out things so you could have different functions here and if you have them separated out in functions you can also use them in scenarios so here i've got um well actually let's go to this one which is a actually a chaos engineering one so you can see i've commented that out but now i've got two scenarios and each one of them is running a specific function so where that's useful is is that if you have many many requests in a single transaction and something fails how do you know that how do you determine which one was the one that um failed so i like to be able to just comment out that that function and kind of be more scientific about it and remove variables yeah another benefit um is if there was an error within any inside any of those functions the function name will appear in in the stack trace as well so you know if you were just using one massive long export default function um you know the stack trace might not be as uh as easy to interpret as if you you had things separated out by function okay so manjit is asking um where he can he or she i'm sorry um where they can find the the code for it i wasn't intending to share it but sure i can i can do that um it is on this is actually a script that i'm i'm working on right now i just happen to be working on it on it but it's a chaos engineering one and you can find it there but welcome um all right so i also wanted to show this cool new dashboard that is not even made by the by the k-6 team so this is called a k-6 reporter and it's by ben coleman in the uk and it is i just tried it earlier today i hadn't it was kind of on my list but i hadn't used it before and i love that it's pretty easy to to get started with so what you have to do is you i can't remember if i still have it in my script but yeah so you just have to put this line in and that just comes from from the readme and then you copy this one so two things that you you just have to copy and paste so then you paste it at the end here so i already have it there but it's exactly the same and then when you run your script so i had already run this i ran this while we were going just so i could run it for three minutes and have more data to show but it actually generates a summary file and it's an html one so i am going to have a look at that so there's the summary file and let me whoa so many windows let me show you what that looks like is this not awesome look at that it's so pretty this is completely free um and it just gives you a nice summary and it even color codes depending on the response time you can see other stats here even your checks are going to be here so this is a very nice friendly interface can you click on failed requests unfortunately not come on tom well that might be a nice uh feature addition to then drill down into those failed requests to see uh yes more information that would be awesome uh manjit is asking could you share email id i'll write you to find out how to start it the best place to to get started is the case x documentation so that's this https k6.io docs and if you want to ask maybe more questions that are more specific to your use case i would write to support casex dot io sometimes i get questions on like social media and and i don't mind but i also don't check social media as often as you know the k6 team supports the community as often as they check the community forum or the support email address which is support k6 dot io so um so yeah i would go there first because you'll get a faster response that way okay so that was my show and tell was there something that that you wanted to show as well yeah sure um let's see is that something you initiate oh right sorry of course i have to add to the stream sure okay yeah so i was just going to show um another repository that i maintain um i'm not able to post in comments but if you wouldn't mind uh dropping the link i sent in the chat um it's available on on github let's see i've also got a lot of tabs open so forgive me okay uh this is basically it it's just just a k6 example woocommerce so it's it's uh targeting this uh website here it's just a typical wordpress ecommerce uh woocommerce uh website with some you know default uh uh products uh loaded onto it and so um it's a it's a good um it's an example of of a set of scripts that are employing some good practice but some of it uh some of which we we've mentioned already um like uh nicole i've got my different steps or transactions or groups of related requests split out into different javascript files but unlike nicole's i'm just using an empty options object i haven't defined any options in this one and so i have an export default function that just goes through each of the different steps in order um you know good practice zoom in a little bit oh yes yes i do run on rather just for people who are on smaller screens i forget how it's done on the vs code oh well you're not on a mac on a mac is this command plus thank you there you go right i guess this is this is okay yes that's that's way better thanks cool yeah so i've got uh you know sleep statements after each uh user action that's being performed that's also you know a good way to to make the script realistic you know virtually a real user will probably wait a while after navigating to the home page before adding a product to the cart and i'm also using a range of values here as part of the sleep statement to make sure that we randomizing uh the load so you develop natural concurrency for from doing that and so if i have a look at one of these individual files it's a very straightforward get request to uh to navigate to the home page and it's encapsulated within a group uh because there's actually two requests that that happen as part of navigating to the home page and so i wanted to capture the the total time for for both of those requests as well as have the individual time for it for each one in here and then i've got this check status function that i mentioned earlier that's basically you know it accepts the response object that we get back from http.get um we're expecting this status code to be 200 so i'm also setting that and then i have to boolean flags essentially that uh determine whether or not i should print the response body if there's an error and also whether or not i should fail the script and so fail will stop execution of that particular iteration and start back from the beginning so that it's a useful one because um you know if you start seeing errors then subsequent requests you make will probably also error or receive unexpected responses so that just cuts out a bit of noise you're failing at the first unexpected uh uh situation as opposed to letting a whole bunch of them happen uh so if we look at uh what it's what that function actually looks like it's this guy here i think it's pretty much all on the screen so um the first part that happens is we're creating this this object uh that that gets fed into the uh the check function which is part of the the the k6 built-in api so every time check status runs it will also create a check that'll either pass or fail and if the check failed and if there was a response body we'll we'll print it out i originally had this with with this code here checking for that there was actually something in the body but sometimes there is actually no body like if there was a a timeout then then the the the body um object would be undefined and so if there's a response body will print it out to the con to the console and if we if we set to fail on error then we'll call the fail function and execution basically stops at this point and goes back to to the very beginning of your export default function uh so that's all that really does it's a fairly uh simple set of uh set of scripts just open my uh yeah i assume probably point out yes i'm a windows user i'm one of i think three people in the company that use that use windows but um i've been using windows since 3.1 and i just can't let it go so james is saying here that he does exactly the same function with the same name and the same argument i i think was he talking about the check status one well you know i noticed that your random in between is already in jslib but maybe you should put your check status one there too yeah i was thinking about that i think um we there is something in uh httpx which was something i believe powwow created that does something similar but in more of a functional sort of language where you have dot expect and dot is functions and things like that um yeah that that performs similar kind of steps but yeah you're right maybe maybe it's time for for this to go uh into the library the only uh slight problem with it currently is that um i'm putting the response.url in the check and and this can sometimes contain dynamic values and so you might end up with lots and lots of unique checks and you'll see when i run this in my terminal here there's a bit of output initially um debug output that just prints out all of the different products available on on the front page print out some security and checkout tokens and dynamic tokens but when it finishes this is the output i see so you've got each of the different groups the checks that take place within each group you'll see it's got the url in there but that means later on down here uh you know we've got an order received uh url here with a dynamic value two dynamic values in fact and so if you're running this with multiple virtual users you're going to end up with a lot of unique checks and that's typically not what you want so it it still needs a bit of improvement i've been tweaking it over time it's getting there but and there's probably still a couple of things that need to be added to it to make it really useful but it's still you know still good enough for the purposes here yeah uh so so that definitely helps you see straight away when something's not working as expected in this case everything ran successfully so there was no no output to show what i can do now though is i can actually cause this to fail so i think at some point navigate to checkout i'm extracting to two tokens in two different ways one one way is using find between which is something that is in the jslib it basically allows you to feed in the response body and then uh one string is the what's known as the left boundary um that's the the string that's immediately in front of the value you want to extract and then the other the last parameter there is the right boundary so a character immediately after the value you want to extract so it's an it's a dynamic value that i'm putting into security token and then later on when i submit checkout i think that's where that security token is used no maybe it's in yeah it's in this update address script so without that you know this update address script i happen to know that it it doesn't work so what we can do if i just find where it is again i'll just comment both of these out this will just be undefined so it doesn't matter if if i haven't actually set anything to these values but let's see what happens now it still runs the beginning of the script but now the security token and the checkout token are undefined we get a response that is just the string minus one and we also see that the check status function is output you know we received an unexpected status code it's a http 403 forbidden when we were expecting a 200 and because we're using um we've also got a nice stack trace that lets us know which particular function had the problem as well i'm guessing it's time to talk about debugging proxies all right so yeah yeah because i think the problem is that this is still this is still not as nice and user friendly sometimes i just need yeah a nice ui to be able to see the html rendered if that's the that's what's being returned you know i don't want to go through the gobbledygook and just see it all as text i want to see it actually rendered yep otherwise you might miss things like yeah the the add to cart button is disabled yep yeah it's uh it's just very convenient to be able to see you know all of the different components of a http request and response uh in the ui you have you have your headers you have your post data if you're dealing with um requests that post things to a server um with responses you'll have also the headers but also the response body and the response body can be in all sorts of different formats it might be some json it might be html um it could be xml hopefully not but and and so you know web debugging proxies typically provide some means of of displaying uh that data in a in a more beautiful format so the one i wanted to uh uh show today it is something that is uh windows specific at least for the the free version and it's called fiddler but there are other options available depending on which operating system you're using um the blog post that we talked about earlier that we linked uh has a few more examples in a table part way down into the blog post so pick one for your operating system and depending on your budget they're usually pretty pretty cheap though you know they it's uh like you buy one seat license and you can use that on on your machine for forever i think in most cases but uh this is fiddler and the win the fiddler classic as it's called so this is probably i mean this is what fiddler was originally nowadays they have a cross-platform uh version as well called fiddler everywhere i haven't used it myself to be honest but but anyway this is this is what the ui looks like it was fairly easy to to configure it to start listening in on http initially you might not see https you do need to go into the options https tab enable decryption of https traffic doing so prompts you to install a a root certificate that is what allows the proxy to become a certificate authority and long story short it allows you to to view https uh data as uh in the same way as you'd be able to view http data there's uh it's all been decrypted if you didn't have that certificate installed this would all be unreadable basically so yeah just starting it up fiddler modifies my host os proxy settings so it's immediately able to see all sorts of other traffic but that's not the case for k-6 so if i if i run my script again here i don't actually see any of my script traffic you know i see that i'm getting responses from the server but none of the requests appear in here so the way to do it with k6 is to supply an environment or to set an environment variable and they're also mentioned in the blog post but basically http underscore proxy or https underscore proxy because i'm on powershell i use this syntax to set it in my case the the whole website is http so i just use http proxy and by default fiddler listens on on my local machine it's running locally and it uses port 888 by default and so you know i can just set that right here and then i can run my k6 command again and now i should see uh my traffic coming through here so i'll just get rid of some of these previous entries here's a request to the home page you can see this is the add to cart look at this json you know trying to look at this in the console log might not be particularly appealing but if i render it at json then it starts to make a bit more sense um in this case it's json that contains html so it's it's not going to be pretty to look at whichever way you look at it but uh it's still some things you can't help yeah exactly um but yeah like you said some of these uh you know if there's an html response then we we also have this web view that attempts to you know parse the html into into a kind of kind of a viewer it doesn't load images i don't think it does any javascript but it has some you know styling going on but you can sort of get a feel for what this http response looks like if you were to look at it in the browser so we've got our products displayed here um i think maybe on the checkout there's you can also see that you're on the the that you're on the checkout page that we have a form that needs to be filled out and i think that might even yeah some of these uh don't have any meaningful content to show you know if you wanted to see what exactly went across the wire you can just go into the raw mode here so this this provides a a really nice uh view on on on the http conversation you know this this request failed with the 403 that that's the failure that happened as a result of coming and commenting out these uh the dynamic tokens so you can see the server is just sending back that minus one uh and then stopping at that point all of this other traffic is unrelated to the script one of the things you can also do is uh filter uh have it only just uh show non-browser traffic uh so that'll get rid of a lot of background noise but there will likely still be stuff popping up in here that isn't related to the system you're testing so that's something to be aware of um but yeah you know this is now a much nicer environment to to look at http requests and responses and it can be very useful when you're debugging that's great i can actually unless you want to show something else i'm i can also show some mac alternatives if you yeah yeah let's do it i'm curious i'd love to see uh what you got so for for mac it's it's this is the same script that i was using earlier but this script doesn't really matter it's in the running so same sort of idea that tom showed except this is the the syntax you just do http proxy and then put whatever port your tool wants to uh is going to be at so you just i'm just going to run that and i'll show you two tools one is charles proxy and this is not free but unlike fiddler so fiddler classic is a is free for windows but fiddler everywhere is a monthly subscription which is kind of the drawback um charles is a one-off fee so i i think it's a little bit better one thing that i like is so you you have the the normal thing where you get all of these and these are this is like a lot of pokemon pokemon information yeah so so same sort of thing you can see um the the contents oops so this is i believe this is jason that was a 200 though so this is what you might get back if you if you just output the entire thing in k6 but again because we're using a proxy here it's like a really nice more navigatable experience here and i also like that they do the structure thing so this is in chronological order but if you have many different domains that you're hitting uh or different endpoints then you can see it here or like how many times did i do a search for mu2 so you can also compare that oh i only did one for buffalo but three for mu2 is it really random you know just if if you start to see some patterns like that it's a good way to see that i've also this is another thing i've also got wireshark running in the background here for the same thing the problem with wireshark is it is a little overwhelming because look this is udp requests and tcp so it records everything it's not a proxy it's more like a sniffer so all network traffic goes through here so what you need to do is get a a filter that will cut out all the noise and that seems to be a common theme for proxies but in this case i'm looking for json in particular you could also do it for like a um a source or a destination if you if you just want a certain ip address um i think i had so let me let me actually close this one stop because there's just so much it's kind of freaking out with all of the all the packets that have have been through here but there so now we're getting the same the same information just you can go and look at any level so there's the tcp stuff if you want to see what what which pokemon this one is asking for you can look in the headers so this is looking for cloister and i mean this you can look at it here too but i rarely do you can you can just open up this oops you can just open up this json here if i can oops whoops navigate to it oh boy okay we've got an object you can see that there is a little bit of a problem with with wireshark it's powerful it's free it's cross-platform which is why i use it but it's not necessarily it doesn't have the nice interface that fidler and even charles do i mean i find this a lot easier to to go through um so we're not we're not really saying that one tool is better than the other here we're just kind of talking about a bunch of different ones and you you should choose the tool that your team is already using or the the tool that you have a budget for or the tool that works on your platform yeah this looks really nice actually i like the way it was um grouping uh the requests there yeah that structure one yeah so you can look at it chronologically but sometimes it's hard sometimes it's hard to catch it or like if you're looking for a specific thing then you don't necessarily want to have to wait for the script to get to that point you know so you can just look for the exact pokemon and yet you don't have to remember with you know the spelling of the pokemon or whatever you could just look through all of them that had been uh requested and see yep i will i will uh tell james uh i can't write in the chat but uh i wanted to let you know that it was in fact your check status function that i might have oh wow taken a lot of inspiration from oh okay so for context um james was saying that he also likes to add zero padded incrementing step numbers as a prefix which i totally do okay i don't do automatically incrementing once but i do label it as you know zero zero for tear down and then zero one home you know zero two for the next action that way it's just easier to sort regardless of which results visualization tool you're using a results analysis tool it's easier to sort when you have numbers there that's pretty cool i also want to um mention there were a couple of things that other people mentioned from the chat mustafa said burp sweet also has a powerful proxy although it's mostly used for security i've never used it it sounds awesome that's a great name yeah and naveen kumar was saying that it looks neat if we use fiddler everywhere yeah curious to try it out they do have a free trial so i might have to have a look at that to see how it compares to classic yeah i had a look at it i thought of of doing it it's 10 per license per user per month that's quite pricey yeah so it's it's best for certain situations it's otherwise you can just install the the free trial if you want like a a proof of concept or something the cool thing with these web debugging proxies is that at least some of them will allow you to generate a har file or export a har file from any captured sessions and so that can actually be used to generate the k6 script and it is also um you're able to point a mobile device to the proxy running on your laptop as well if you're on the same wi-fi um or same network your mobile will be on wi-fi you can tell it to use a proxy when you define the connection and that that's basically how you would go about capturing mobile device traffic mobile app traffic those scripts can be a bit more complicated because um there's a lot of things going on on these devices compared to what happens in the browser um so but it is definitely possible we've done that a few a few times in the past yeah and i think that there are there are a lot of emulators and simulators for mobile devices but sometimes it's still just just to verify sometimes i've used that trick so you just have to connect your your mobile device to the same network as your laptop for example have your proxy running on your laptop then you can set it up i i use an android phone so i don't know how to do it on on ios but there are settings there where you can change the proxy to to point it towards a certain port on your on your laptop you just need to use the local ip address and that way if you already have the app installed then you can just verify that that the requests that are being sent match with you know what you've been given by developers or what you expected to get because sometimes there are surprises and i also think that these proxies are well i guess let's let's also talk about other ways to to do to other proxies that you could use so we've already talked about fiddler charles wireshark fiddler everywhere burp suite from mustafa there's also mitm proxy which apparently means man in the middle proxy did you get a chance to to have a look at that i've never used it i did actually yeah i might be able to show it as well uh it comes with a web interface which is pretty good you need some kind of interface and then you can add you to add it to the stream uh sure let me see if i can get it get it running so i've just started it up here um unlike fiddler and my tm proxy uses oh oh so it has an interface i thought it was cli only nope i think it might be a relatively recent addition nice okay so yeah there we go so it's it's similar um you know you can see the request and response it is quite clean um free and free yeah it's open source yes we love it uh it doesn't quite have the same well i i think it yeah it does actually have different um uh ways of displaying data so it's auto detected that this is json likely because of this so it's it has actually shown this in a uh in a beautified prettified way which is nice so so yeah this is definitely an option as well um i did find that this install certificates from the menu didn't work for me um so it was a bit there was a few more steps one not to do uh here compared to fiddler with fiddler it's really just point and click and click click and you're done with this you know i had to kind of figure do a bit of googling to figure out how to install the certificate to allow https to appear but once that's there it's um yeah it's gives you what you want basically fiddler's also been around for a long time so it's i'd say it's probably the most fully featured of the ones that we've discussed unless well i guess wireshark is pretty fully featured too but in a different direction well the stuff is really calling out burp suites so i'm gonna have to maybe we should yeah um so i think one thing that i like to do once you get these um once you get the the proxy working is now so you have a copy of the requests and responses that k6 is sending and receiving right so that's what your loan script load testing script is getting and then what i like to do is if it's a website pull up chrome and navigate to your to the website while you have dev tools on and then you can go through it request by request it's like okay well this one has five requests how many requests does my my script make which headers are missing so then it's like you just do a diff like you just compare what's different and maybe that'll help you figure out what your script is missing if you're not getting the the the results that you were expecting yep it's uh definitely a nice feature that i hope will implement at some point in the future being able to compare the original recording with the replay of your script can can can give you a lot of hints as to why something might be failing when you when you replay it's very good at picking out things like dynamic values for example yeah and really i mean i i say devtools just because then you could have it in a different window but many of these proxies will pick up both so if you i know with fiddler um you can you can was it color or what i can't remember what what they called it but you can like highlight certain ones so you can have it all in the same proxy as well and then compare yeah i think you can yeah mark uh requests yeah yeah in different colors yeah which is actually pretty useful because then that's another variable that you're removing you know you're not removing differences between fiddler you are removing differences between fiddler and devtools and so the only other difference is what your load testing script is doing wrong yep that's correct okay so we are actually running out of time i feel like you should be on office hours more because i feel like we can keep going even just the same subject i think we could keep going on it for a while um but is there anything any parting words that you'd like to that you'd like to say oh yeah let us let us know um what you guys thought of this um if there's any proxies you've been using and feel that they're better than the ones we've shown let us know i will be looking for a burp suite demo soon from mustafa um yeah mark was saying proxy man which which was actually in your blog post now that i think about it yep but no mac os near me so i haven't been able to try it out myself but yeah i like the name must be good but no it looked pretty nice though the website was uh well designed and i think i saw some screenshots and does what it says on the tin which is what you want with these things yeah well thank you for for coming on to office hours um you should you should be on more if anybody is watching and would like to get a like a text instruction of the fit of how to set up something like fiddler or if you want to go through one of the one of the other proxies that we mentioned there are links in the description both to tom's blog post and to the different tools that we mentioned and we're not getting it's not affiliate links or anything we just use these things thank you everybody for watching i hope this was as interesting as as i thought it was and have a great weekend thanks guys bye

Info

Channel: k6

Views: 343

Rating: undefined out of 5

Keywords:

Id: Zln_TWOuoho

Channel Id: undefined

Length: 62min 47sec (3767 seconds)

Published: Fri Aug 20 2021