Beruflich Dokumente
Kultur Dokumente
Executive Summary..................................................................................................... 3
1. eCommerce Characteristics.................................................................................. 4
5. Testing Tactics...................................................................................................... 10
6. Retail Examples.................................................................................................... 12
7. Security................................................................................................................. 14
Retailers competing in the high-pressure world of eCommerce have many challenges: not only do
they need to provide an interesting and compelling shopping experience; they need to make that
experience fast and reliable. Shoppers have proven to be discriminating and can easily move from
one online store to another.
A companys online presence has become as important as a physical store, and for some the online
store is their only sales channel.
Many of those responsible for the performance of retail web sites have come to realize that external
testing against the production infrastructure is the best way to get a true picture of capacity and
performance in the real world. Testing in production is the only way to ensure that online applica-
tions will perform as expected. Of course, this does not obviate the need or eliminate the benefits
of testing in a lab environment as well; and its important to have continuity between the two.
So, how can a company build confidence that their online store will provide a great shopping expe-
rience and withstand the traffic spikes caused by seasonal upswings, events and promotions? How
should a retailer measure success?
1. eCommerce Characteristics
Most retailers have brick and mortar stores to maintain, staff, and ensure are run profitably, in ad-
dition to an online site to complement their physical presence. The look and feel of the online site
typically mirrors the target market of their retail stores: discount, high-end womans shop, books
and gifts, big box electronics, etc.
As a result, balancing performance with the rich content often used to capture a specific design
goal can be a struggle. Marketing departments spend millions of dollars promoting events in-
tended to drive users to the site. Web developers build compelling sites to enable a visitor to easily
navigate between departments and effectively sift through a range of size, color, style and other
product attributes. While these content-rich sites are visually attractive and more easily understood
(hopefully!), they can also cause performance issues as traffic grows.
Third-party content is quite common on eCommerce sites, including ads, cross-promotions, and
relevant consumer information. This content can add functionality or information to a site, but it also
adds a layer of traffic and complexity that you may or may not control. Understanding the impact of
this content is critical to managing the overall performance of the site. And, of course, the goal of
any eCommerce site is to sell products. Back-end and third-party systems for payment processing,
authorization, inventory checking and more can also add performance challenges.
Retailers also know that site performance directly relates to revenue. Aberdeen Group found that
50% of companies lost revenue opportunities because of poorly performing applications and 32%
experienced damage to their brand reputation. With most users more than willing to share their ex-
perience on Facebook or Twitter, the news of a poorly performing site can spread around the globe
in minutes.
Without a doubt, much is riding on the performance of an eCommerce site. A retailer can position
themselves for success by following SOASTAs proven Load and Performance Methodology, which
is described on page 5.
Leveraging the Cloud to test at both typical and peak traffic levels, from hundreds of users to
millions
Responding to the acceleration of development cycle times by making agile performance testing
a realistic alternative
Generating geographically dispersed load to most accurately represent real-world traffic
Generating both internal and external load and against both the lab and production environments
for the most efficient and effective results
Analyzing performance intelligence in real-time to speed problem resolution
Tests are not executed until the latter half of the methodology. This is because a successful perfor-
mance test is the result of defining a strategy that is best for an eCommerce site, and then putting
the right people and processes in place.
SOASTAs production testing methodology helps identify the invisible walls that show up in archi-
tectures after they move out of the lab. Traditionally, testers have been limited to making extrapola-
tions over time about whether small tests on a few servers in a lab can support exponentially higher
amounts of load in production. Without proper testing, these types of assumptions always result in
unexpected barriers. There are many things that a production testing approach catches that cannot
be found with traditional test methods. These include:
Batch jobs that are not present in the lab (log rotations, backups, etc.) or the impact of other
online systems affecting performance
Load balancer performance issues such as misconfigured algorithm settings
Network configuration problems such as 100MB settings instead of 1GB on switches and routing
problems
Bandwidth constraints
Data pipe not configured as burstable to handle spikes in traffic
Latency between systems inside and outside of application bubbles
Misconfigured application servers or web servers
CDN not configured to serve up new content
Radically different performance depending on database size
6. Retail Examples
Are there retail companies that follow this methodology today? Yes! SOASTA works with several
retailers that test from lab to production and the results have been outstanding.
How could these tests be executed in production? Wasnt it afraid of affecting actual customers?
Naturally it was concerned about its customers. Hence, when tests were executed in production,
careful monitoring was conducted at several layers by both SOASTA and by its internal monitor-
ing systems. This served a dual purpose. First, any significant degradation in performance could
be immediately detected and the test stopped, if necessary. Second, it was a real-world test of the
systems that needed to be monitored, stopped or rebooted when Black Friday arrived. The team
tasked with ensuring the viability of the entire company infrastructure had great confidence going
AFTER PRODUCTION into Black Friday as they had already run more than 20 realistic tests.
TESTING, THE RETAILER
EXPERIENCED THEIR BEST The companys performance engineer observed, Due to the discrepancies between the lab and the
ONLINE RETAIL EVENT production environment, there is no guarantee that the application that is certified to be perform-
EVER. OPTIMAL PERFOR- ing well in the lab would perform the same way in production. Hence, we mandate that we test in
MANCE WAS MAINTAINED production, which enables us to test the application with even higher than expected load levels
DURING PEAK PERIODS. since there are different hardware constraints. This is the only way we can accurately test our load
THEY WERE ABLE TO
balancers, switches and third-party providers, which are generally not present in the lab.
EASILY HANDLE 3X THEIR
PREVIOUS HIGH VOLUME This testing allowed the retailer to place 6th in Catchpoint Systems rank of the top 50 retailers
DAY. when they tested Document Complete times.
7. Security
Of course, retail companies, like most enterprises, have specific considerations when it comes to
security, data integrity and systems management when testing their infrastructure.
THIS COMPANY HAS A Data security is one of the key concerns when it comes to performance testing. Companies do
CORPORATE MANDATE not want their corporate data outside corporate firewalls. SOASTA does not ask customers to
OF ALWAYS TESTING IN export data or their application outside their firewalls. We typically generate synthetic data or use
PRODUCTION. IN FACT, scrubbed data depending on the customers business and security requirements. CloudTest does
OVER 250 PERSONNEL, not save any response content on the CloudTest servers or in the result database. Only key http/
INCLUDING THE CTO, https metrics and statistical data are captured for reporting, analytic, and diagnostic purposes.
ATTENDED THE FINAL
LOAD TEST BEFORE Security is one of those things that no one notices until something goes wrong. Data is just sup-
THANKSGIVING, CER- posed to be secure. You rarely see a story on the news about how a company is doing a great job
TAINLY AN INDICATION of keeping their customer data secure. But you will see a story about a company letting customer
OF HOW IMPORTANT data slip into the wrong hands. With good reason, customers must be cautious about letting a
SUCH TESTING IS TO
company have their data unless they are sure it will be safe. To ensure that our customers data re-
THE ENTIRE ORGANIZA-
TION. mains safe, SOASTA has implemented a stringent security policy that meets the needs of our retail
customers.
SOASTA IBM
CloudTest
Rack-
GoGrid space SUT/AUT
Azure
Cloud Testing with SOASTA
provides completely distrib-
Firewall
uted architecture, automated
deployment and multiple cloud
providers to effectively evaluate
the System Under Test.
How are log files or other metrics that capture information about data handled?
SOASTA does not keep log files or other metrics that capture information about customer data dur-
ing load tests. But as previously noted, we do store this type of data during script creation.
Can test result data be exported from the cloud for offsite storage?
Yes. All results are exportable in XML format. Results can be exported from the cloud and moved
to a customer-defined location for safekeeping. Depending on the length of the test and amount
of performance data related to the test, it can take up to 24-48 hours to export the data from the
cloud and move to a secure location. Optionally, the results can then be deleted from the cloud as
well.
Contact us: To learn more visit: 2012 SOASTA. All rights reserved. SOASTA,
the SOASTA logo, and SOASTA CloudTest
866-344-8766 soasta.com
are trademarks of SOASTA. All other product
444 Castro St. or email us at or company names may be trademarks and/
Mountain View, CA 94041 info@soasta.com or registered trademarks of their respective
owners.
EST-1001-1-0512