Dariusz on Software Quality

23/05/2013

Server flood automatic detection

Filed under: en — Tags: , — dariusz.cieslak @

Mu current customer develops embedded devices used by many end users in Netherlands. In order to save server load devices use multicasts for downloading data: every device registers itself on multicast channel using IGMP and listens to UDP packets. No connections to be managed results in lower overhead.

However, some data (or some requests) cannot be downloaded from multicasts channels and HTTP/HTTPS must be used to interact with server. As the number of devices is very high special methods have been used in order not to overload backend servers (randomised delays, client software optimization).

Consequently, small bug in client software that will trigger more events than usual can be very dangerous to whole system stability (because the effect of thousands of devices – perfect DDOS may kill back-end). In order to catch such errant behaviour as soon as possible I’ve developed daily report that controls server usage in my customer office.

First of all, we need to locate the most “interesting” device by IP address from logs (we list top 20 IPs based on server usage):

    ssh $server "cat /path-to-logs/localhost_access_log.$date.log" | awk '
        {
            t[$1 " " $7]++
            ip[$1]++
        }
        END {
            for(a in t) { print t[a], a }
            max = 0
            max_ip = ""
            for(a in ip) { if(ip[a] > max) { max=ip[a]; max_ip=a; } }
            print max_ip > "/tmp/max_ip"
        }
    ' | sort -n | tail -20
    IP="`cat /tmp/max_ip`"

Then selected IP will be examined hour-by-hour to locate patterns in behavior:

(more…)

Google.com performance analysis over few years

Filed under: en — Tags: , , — dariusz.cieslak @

Time is money. No doubt about that. The more time your customer waits for your service response the less coins may hit your pocket. You may ask: why? If your page loading is too slow your “almost” customer hits back in his browser and selects another link from sponsored links Google provides him. You loose this customer in favour of another supplier.

What about Google? Was their service (no kidding, it is a sevrice that searches information, paid by ads) always so blazingly fast? Let’s check this site performance monitored from London server over few years:

As we can see there were some small problems in 2009 (~5% of requests required more than 1 second to be processed). Not so bad.

(more…)

01/05/2013

HTTP(S) exchange analysis using Wireshark

Filed under: en — Tags: — dariusz.cieslak @

Wireshark is a tool that allows to scan network packets and make analysis of network connection without direct access to server or client. Today we will show simple method to analyse TCP connections using this tool.

TCP connection is composed of many IP packets, connected by common strem index number. You can select particular TCP stream using Analyze / Follow TCP stream option or directly select given stream by it’s index:

tcp.stream eq 9

If you want track every opened connection you can check 1st packet of every TCP stream opened to particular server IP (213.75.34.114 in our example):

tcp.flags.syn==1 and tcp.flags.ack==0 and ip.dst == 213.75.34.114

Note that with HTTP/1.1 things may be more complicated as this protocol supports “Persistent/Keep Alive” mode that allows multiple requests over one connection, so you may see only one packet with “tcp.flags.syn==1 and tcp.flags.ack==0″. In order to scan full exchange you have to analyse protocol contents for request / response pairs.

Another complication is HTTPS (HTTP over SSL layer) – you won’t be able even to count requests (if using “Keep Alive” mode). In this scenario you have to check traffic after HTTPS node or just inspect server logs.

27/04/2013

Can you compete in crowded area?

Filed under: en — Tags: — dariusz.cieslak @

Can you compete in crowded area?

Below you will find two sample projects announced on guru.com. First: is hardware-related work, 2nd is a plain database:

Notice the difference in proposals counters. 1st project has no bids as it’s:

  • complicated: real time compression probably will require hardware support thus it requires pretty complicated embedding of  H264 encoder on FPGA chip
  • unpopular: I bet hardware guys are outnumbered by PHP programmers with ratio 1 to 1000
  • risky: you cannot work on high level of abstraction leaving all the ugly details (OS services, memory management, …) for lower layers

2nd project has many proposals and I bet there are many talented Hindi specialists that will do the job for 20% of offer you expect to earn. So you will loose with your bid (make no money).

The general idea is to find a niche that is not easy to reach by other software development companies to be able to compete in smaller market. Even if you have brilliant PHP programmers you have to limit your project budget expectations according to 100s others PHP-related companies around, the one with highest quality / cost will win.

 

21/04/2013

Automated tests reorgnization

Filed under: en — Tags: , — dariusz.cieslak @

My customer develops software for embedded devices using Linux. In the very beginning of this project we faced low stability of builds produced due to complicated nature of platform (C++, manual memory management, new APIs to learn). Of course QA located such bugs, but it was triggered before release on release branches.

In order to support QA and track current state of software stability I added automated random tests feature:

Every build produced by the build system hits testing devices automatically and crash / failed asserts  / warnings reports are published to developers (daily, in aggregated form).

(more…)

Older Posts »

Powered by WordPress