Vegeta
Vegeta is a versatile HTTP load testing tool built out of a need to drill HTTP services with a constant request rate. It can be used both as a command line utility and a library.
Last updated
Was this helpful?
Vegeta is a versatile HTTP load testing tool built out of a need to drill HTTP services with a constant request rate. It can be used both as a command line utility and a library.
Last updated
Was this helpful?
Github : https://github.com/tsenart/vegeta
Get them here.
You can install Vegeta using the Homebrew package manager on Mac OS X:
You need go
installed and GOBIN
in your PATH
. Once that is done, run the command:
Both the library and the CLI are versioned with SemVer v2.0.0.
After v8.0.0, the two components are versioned separately to better isolate breaking changes to each.
CLI releases are tagged with cli/vMAJOR.MINOR.PATCH
and published on the Github releases page. As for the library, new versions are tagged with both lib/vMAJOR.MINOR.PATCH
and vMAJOR.MINOR.PATCH
. The latter tag is required for compatibility with go mod
.
See CONTRIBUTING.md.
-cpus
Specifies the number of CPUs to be used internally. It defaults to the amount of CPUs available in the system.
-profile
Specifies which profiler to enable during execution. Both cpu and heap profiles are supported. It defaults to none.
-version
Prints the version and exits.
attack
command-body
Specifies the file whose content will be set as the body of every request unless overridden per attack target, see -targets
.
-cert
Specifies the PEM encoded TLS client certificate file to be used with HTTPS requests. If -key
isn't specified, it will be set to the value of this flag.
-connections
Specifies the maximum number of idle open connections per target host.
-duration
Specifies the amount of time to issue request to the targets. The internal concurrency structure's setup has this value as a variable. The actual run time of the test can be longer than specified due to the responses delay. Use 0 for an infinite attack.
-format
Specifies the targets format to decode.
json format
The JSON format makes integration with programs that produce targets dynamically easier. Each target is one JSON object in its own line. The method and url fields are required. If present, the body field must be base64 encoded. The generated JSON Schema defines the format in detail.
http format
The http format almost resembles the plain-text HTTP message format defined in RFC 2616 but it doesn't support in-line HTTP bodies, only references to files that are loaded and used as request bodies (as exemplified below).
Although targets in this format can be produced by other programs, it was originally meant to be used by people writing targets by hand for simple use cases.
Here are a few examples of valid targets files in the http format:
Simple targets
Targets with custom headers
Targets with custom bodies
Targets with custom bodies and headers
Add comments to the targets
Lines starting with #
are ignored.
-h2c
Specifies that HTTP2 requests are to be sent over TCP without TLS encryption.
-header
Specifies a request header to be used in all targets defined, see -targets
. You can specify as many as needed by repeating the flag.
-http2
Specifies whether to enable HTTP/2 requests to servers which support it.
-insecure
Specifies whether to ignore invalid server TLS certificates.
-keepalive
Specifies whether to reuse TCP connections between HTTP requests.
-key
Specifies the PEM encoded TLS client certificate private key file to be used with HTTPS requests.
-laddr
Specifies the local IP address to be used.
-lazy
Specifies whether to read the input targets lazily instead of eagerly. This allows streaming targets into the attack command and reduces memory footprint. The trade-off is one of added latency in each hit against the targets.
-max-body
Specifies the maximum number of bytes to capture from the body of each response. Remaining unread bytes will be fully read but discarded. Set to -1 for no limit. It knows how to intepret values like these:
"10 MB"
-> 10MB
"10240 g"
-> 10TB
"2000"
-> 2000B
"1tB"
-> 1TB
"5 peta"
-> 5PB
"28 kilobytes"
-> 28KB
"1 gigabyte"
-> 1GB
-name
Specifies the name of the attack to be recorded in responses.
-output
Specifies the output file to which the binary results will be written to. Made to be piped to the report command input. Defaults to stdout.
-rate
Specifies the request rate per time unit to issue against the targets. The actual request rate can vary slightly due to things like garbage collection, but overall it should stay very close to the specified. If no time unit is provided, 1s is used.
-redirects
Specifies the max number of redirects followed on each request. The default is 10. When the value is -1, redirects are not followed but the response is marked as successful.
-resolvers
Specifies custom DNS resolver addresses to use for name resolution instead of the ones configured by the operating system. Works only on non Windows systems.
-root-certs
Specifies the trusted TLS root CAs certificate files as a comma separated list. If unspecified, the default system CAs certificates will be used.
-targets
Specifies the file from which to read targets, defaulting to stdin. See the -format
section to learn about the different target formats.
-timeout
Specifies the timeout for each request. The default is 0 which disables timeouts.
-workers
Specifies the initial number of workers used in the attack. The actual number of workers will increase if necessary in order to sustain the requested rate.
report
commandreport -type=text
The Requests
row shows:
The total
number of issued requests.
The real request rate
sustained during the attack.
The Duration
row shows:
The attack
time taken issuing all requests (total
- wait
)
The wait
time waiting for the response to the last issued request (total
- attack
)
The total
time taken in the attack (attack
+ wait
)
Latency is the amount of time taken for a response to a request to be read (including the -max-body
bytes from the response body).
mean
is the arithmetic mean / average of the latencies of all requests in an attack.
50
, 95
, 99
are the 50th, 95th an 99th percentiles, respectively, of the latencies of all requests in an attack. To understand more about why these are useful, I recommend this article from @tylertreat.
max
is the maximum latency of all requests in an attack.
The Bytes In
and Bytes Out
rows shows:
The total
number of bytes sent (out) or received (in) with the request or response bodies.
The mean
number of bytes sent (out) or received (in) with the request or response bodies.
The Success
ratio shows the percentage of requests whose responses didn't error and had status codes between 200 and 400 (non-inclusive).
The Status Codes
row shows a histogram of status codes. 0
status codes mean a request failed to be sent.
The Error Set
shows a unique set of errors returned by all issued requests. These include requests that got non-successful response status code.
report -type=json
report -type=hist
Computes and prints a text based histogram for the given buckets. Each bucket upper bound is non-inclusive.
encode
commandplot
commandApart from accepting a static list of targets, Vegeta can be used together with another program that generates them in a streaming fashion. Here's an example of that using the jq
utility that generates targets with an incrementing id in their body.
Whenever your load test can't be conducted due to Vegeta hitting machine limits such as open files, memory, CPU or network bandwidth, it's a good idea to use Vegeta in a distributed manner.
In a hypothetical scenario where the desired attack rate is 60k requests per second, let's assume we have 3 machines with vegeta
installed.
Make sure open file descriptor and process limits are set to a high number for your user on each machine using the ulimit
command.
We're ready to start the attack. All we need to do is to divide the intended rate by the number of machines, and use that number on each attack. Here we'll use pdsh for orchestration.
After the previous command finishes, we can gather the result files to use on our report.
The report
command accepts multiple result files. It'll read and sort them by timestamp before generating reports.
If you are a happy user of iTerm, you can integrate vegeta with jplot using jaggr to plot a vegeta report in real-time in the comfort of you terminal:
The library versioning follows SemVer v2.0.0. Since lib/v9.0.0, the library and cli are versioned separately to better isolate breaking changes to each component.
See Versioning for more details on git tag naming schemes and compatibility with go mod
.
There will be an upper bound of the supported rate
which varies on the machine being used. You could be CPU bound (unlikely), memory bound (more likely) or have system resource limits being reached which ought to be tuned for the process execution. The important limits for us are file descriptors and processes. On a UNIX system you can get and set the current soft-limit values for a user.
Just pass a new number as the argument to change it.
See LICENSE.
If you use and love Vegeta, please consider sending some Satoshi to 1MDmKC51ve7Upxt75KoNM6x1qdXHFK6iW2
. In case you want to be mentioned as a sponsor, let me know!