Vegeta is a versatile HTTP load testing tool built out of a need to drill HTTP services with a constant request rate. It can be used both as a command line utility and a library.
Get them here.
You can install Vegeta using the Homebrew package manager on Mac OS X:
$ brew update && brew install vegetaYou need go installed and GOBIN in your PATH. Once that is done, run the
command:
$ go get -u github.com/tsenart/vegetaBoth the library and the CLI are versioned with SemVer v2.0.0.
After v8.0.0, the two components are versioned separately to better isolate breaking changes to each.
CLI releases are tagged with cli/vMAJOR.MINOR.PATCH and published on the Github releases page.
As for the library, new versions are tagged with both lib/vMAJOR.MINOR.PATCH and vMAJOR.MINOR.PATCH.
The latter tag is required for compatibility with go mod.
See CONTRIBUTING.md.
Usage: vegeta [global flags] <command> [command flags]
global flags:
-cpus int
Number of CPUs to use (defaults to the number of CPUs you have)
-profile string
Enable profiling of [cpu, heap]
-version
Print version and exit
attack command:
-body string
Requests body file
-cert string
TLS client PEM encoded certificate file
-connections int
Max open idle connections per target host (default 10000)
-duration duration
Duration of the test [0 = forever]
-format string
Targets format [http, json] (default "http")
-h2c
Send HTTP/2 requests without TLS encryption
-header value
Request header
-http2
Send HTTP/2 requests when supported by the server (default true)
-insecure
Ignore invalid server TLS certificates
-keepalive
Use persistent connections (default true)
-key string
TLS client PEM encoded private key file
-laddr value
Local IP address (default 0.0.0.0)
-lazy
Read targets lazily
-max-body value
Maximum number of bytes to capture from response bodies. [-1 = no limit] (default -1)
-name string
Attack name
-output string
Output file (default "stdout")
-rate value
Number of requests per time unit (default 50/1s)
-redirects int
Number of redirects to follow. -1 will not follow but marks as success (default 10)
-resolvers value
List of addresses (ip:port) to use for DNS resolution. Disables use of local system DNS. (comma separated list)
-root-certs value
TLS root certificate files (comma separated list)
-targets string
Targets file (default "stdin")
-timeout duration
Requests timeout (default 30s)
-unix-socket string
Connect over a unix socket. This overrides the host address in target URLs
-workers uint
Initial number of workers (default 10)
encode command:
-output string
Output file (default "stdout")
-to string
Output encoding [csv, gob, json] (default "json")
plot command:
-output string
Output file (default "stdout")
-threshold int
Threshold of data points above which series are downsampled. (default 4000)
-title string
Title and header of the resulting HTML page (default "Vegeta Plot")
report command:
-every duration
Report interval
-output string
Output file (default "stdout")
-type string
Report type to generate [text, json, hist[buckets]] (default "text")
examples:
echo "GET http://localhost/" | vegeta attack -duration=5s | tee results.bin | vegeta report
vegeta report -type=json results.bin > metrics.json
cat results.bin | vegeta plot > plot.html
cat results.bin | vegeta report -type="hist[0,100ms,200ms,300ms]"Specifies the number of CPUs to be used internally. It defaults to the amount of CPUs available in the system.
Specifies which profiler to enable during execution. Both cpu and heap profiles are supported. It defaults to none.
Prints the version and exits.
Specifies the file whose content will be set as the body of every
request unless overridden per attack target, see -targets.
Specifies the PEM encoded TLS client certificate file to be used with HTTPS requests.
If -key isn't specified, it will be set to the value of this flag.
Specifies the maximum number of idle open connections per target host.
Specifies the amount of time to issue request to the targets. The internal concurrency structure's setup has this value as a variable. The actual run time of the test can be longer than specified due to the responses delay. Use 0 for an infinite attack.
Specifies the targets format to decode.
The JSON format makes integration with programs that produce targets dynamically easier. Each target is one JSON object in its own line. The method and url fields are required. If present, the body field must be base64 encoded. The generated JSON Schema defines the format in detail.
jq -ncM '{method: "GET", url: "http://goku", body: "Punch!" | @base64, header: {"Content-Type": ["text/plain"]}}' |
vegeta attack -format=json -rate=100 | vegeta encodeThe http format almost resembles the plain-text HTTP message format defined in RFC 2616 but it doesn't support in-line HTTP bodies, only references to files that are loaded and used as request bodies (as exemplified below).
Although targets in this format can be produced by other programs, it was originally meant to be used by people writing targets by hand for simple use cases.
Here are a few examples of valid targets files in the http format:
GET http://goku:9090/path/to/dragon?item=ball
GET http://user:password@goku:9090/path/to
HEAD http://goku:9090/path/to/success
GET http://user:password@goku:9090/path/to
X-Account-ID: 8675309
DELETE http://goku:9090/path/to/remove
Confirmation-Token: 90215
Authorization: Token DEADBEEF
POST http://goku:9090/things
@/path/to/newthing.json
PATCH http://goku:9090/thing/71988591
@/path/to/thing-71988591.json
POST http://goku:9090/things
X-Account-ID: 99
@/path/to/newthing.json
Lines starting with # are ignored.
# get a dragon ball
GET http://goku:9090/path/to/dragon?item=ball
Specifies that HTTP2 requests are to be sent over TCP without TLS encryption.
Specifies a request header to be used in all targets defined, see -targets.
You can specify as many as needed by repeating the flag.
Specifies whether to enable HTTP/2 requests to servers which support it.
Specifies whether to ignore invalid server TLS certificates.
Specifies whether to reuse TCP connections between HTTP requests.
Specifies the PEM encoded TLS client certificate private key file to be used with HTTPS requests.
Specifies the local IP address to be used.
Specifies whether to read the input targets lazily instead of eagerly. This allows streaming targets into the attack command and reduces memory footprint. The trade-off is one of added latency in each hit against the targets.
Specifies the maximum number of bytes to capture from the body of each response. Remaining unread bytes will be fully read but discarded. Set to -1 for no limit. It knows how to intepret values like these:
"10 MB"->10MB"10240 g"->10TB"2000"->2000B"1tB"->1TB"5 peta"->5PB"28 kilobytes"->28KB"1 gigabyte"->1GB
Specifies the name of the attack to be recorded in responses.
Specifies the output file to which the binary results will be written to. Made to be piped to the report command input. Defaults to stdout.
Specifies the request rate per time unit to issue against the targets. The actual request rate can vary slightly due to things like garbage collection, but overall it should stay very close to the specified. If no time unit is provided, 1s is used.
Specifies the max number of redirects followed on each request. The default is 10. When the value is -1, redirects are not followed but the response is marked as successful.
Specifies custom DNS resolver addresses to use for name resolution instead of the ones configured by the operating system. Works only on non Windows systems.
Specifies the trusted TLS root CAs certificate files as a comma separated list. If unspecified, the default system CAs certificates will be used.
Specifies the file from which to read targets, defaulting to stdin.
See the -format section to learn about the different target formats.
Specifies the timeout for each request. The default is 0 which disables timeouts.
Specifies the initial number of workers used in the attack. The actual number of workers will increase if necessary in order to sustain the requested rate.
Usage: vegeta report [options] [<file>...]
Outputs a report of attack results.
Arguments:
<file> A file with vegeta attack results encoded with one of
the supported encodings (gob | json | csv) [default: stdin]
Options:
--type Which report type to generate (text | json | hist[buckets]).
[default: text]
--buckets Histogram buckets, e.g.: '[0,1ms,10ms]'
--every Write the report to --output at every given interval (e.g 100ms)
The default of 0 means the report will only be written after
all results have been processed. [default: 0]
--output Output file [default: stdout]
Examples:
echo "GET http://:80" | vegeta attack -rate=10/s > results.gob
echo "GET http://:80" | vegeta attack -rate=100/s | vegeta encode > results.json
vegeta report results.*Requests [total, rate] 1200, 120.00
Duration [total, attack, wait] 10.094965987s, 9.949883921s, 145.082066ms
Latencies [mean, 50, 95, 99, max] 113.172398ms, 108.272568ms, 140.18235ms, 247.771566ms, 264.815246ms
Bytes In [total, mean] 3714690, 3095.57
Bytes Out [total, mean] 0, 0.00
Success [ratio] 55.42%
Status Codes [code:count] 0:535 200:665
Error Set:
Get http://localhost:6060: dial tcp 127.0.0.1:6060: connection refused
Get http://localhost:6060: read tcp 127.0.0.1:6060: connection reset by peer
Get http://localhost:6060: dial tcp 127.0.0.1:6060: connection reset by peer
Get http://localhost:6060: write tcp 127.0.0.1:6060: broken pipe
Get http://localhost:6060: net/http: transport closed before response was received
Get http://localhost:6060: http: can't write HTTP request on broken connectionThe Requests row shows:
- The
totalnumber of issued requests. - The real request
ratesustained during the attack.
The Duration row shows:
- The
attacktime taken issuing all requests (total-wait) - The
waittime waiting for the response to the last issued request (total-attack) - The
totaltime taken in the attack (attack+wait)
Latency is the amount of time taken for a response to a request to be read (including the -max-body bytes from the response body).
meanis the arithmetic mean / average of the latencies of all requests in an attack.50,95,99are the 50th, 95th an 99th percentiles, respectively, of the latencies of all requests in an attack. To understand more about why these are useful, I recommend this article from @tylertreat.maxis the maximum latency of all requests in an attack.
The Bytes In and Bytes Out rows shows:
- The
totalnumber of bytes sent (out) or received (in) with the request or response bodies. - The
meannumber of bytes sent (out) or received (in) with the request or response bodies.
The Success ratio shows the percentage of requests whose responses didn't error and had status codes between 200 and 400 (non-inclusive).
The Status Codes row shows a histogram of status codes. 0 status codes mean a request failed to be sent.
The Error Set shows a unique set of errors returned by all issued requests. These include requests that got non-successful response status code.
{
"latencies": {
"total": 237119463,
"mean": 2371194,
"50th": 2854306,
"95th": 3478629,
"99th": 3530000,
"max": 3660505
},
"buckets": {"0":9952,"1000000":40,"2000000":6,"3000000":0,"4000000":0,"5000000":2},
"bytes_in": {
"total": 606700,
"mean": 6067
},
"bytes_out": {
"total": 0,
"mean": 0
},
"earliest": "2015-09-19T14:45:50.645818631+02:00",
"latest": "2015-09-19T14:45:51.635818575+02:00",
"end": "2015-09-19T14:45:51.639325797+02:00",
"duration": 989999944,
"wait": 3507222,
"requests": 100,
"rate": 101.01010672380401,
"success": 1,
"status_codes": {
"200": 100
},
"errors": []
}In the buckets field, each key is a nanosecond value representing the lower bound of a bucket.
The upper bound is implied by the next higher bucket.
Upper bounds are non-inclusive.
The highest bucket is the overflow bucket; it has no upper bound.
The values are counts of how many requests fell into that particular bucket.
If the -buckets parameter is not present, the buckets field is omitted.
Computes and prints a text based histogram for the given buckets. Each bucket upper bound is non-inclusive.
cat results.bin | vegeta report -type='hist[0,2ms,4ms,6ms]'
Bucket # % Histogram
[0, 2ms] 6007 32.65% ########################
[2ms, 4ms] 5505 29.92% ######################
[4ms, 6ms] 2117 11.51% ########
[6ms, +Inf] 4771 25.93% ###################Usage: vegeta encode [options] [<file>...]
Encodes vegeta attack results from one encoding to another.
The supported encodings are Gob (binary), CSV and JSON.
Each input file may have a different encoding which is detected
automatically.
The CSV encoder doesn't write a header. The columns written by it are:
1. Unix timestamp in nanoseconds since epoch
2. HTTP status code
3. Request latency in nanoseconds
4. Bytes out
5. Bytes in
6. Error
7. Base64 encoded response body
8. Attack name
9. Sequence number of request
Arguments:
<file> A file with vegeta attack results encoded with one of
the supported encodings (gob | json | csv) [default: stdin]
Options:
--to Output encoding (gob | json | csv) [default: json]
--output Output file [default: stdout]
Examples:
echo "GET http://:80" | vegeta attack -rate=1/s > results.gob
cat results.gob | vegeta encode | jq -c 'del(.body)' | vegeta encode -to gob
Usage: vegeta plot [options] [<file>...]
Outputs an HTML time series plot of request latencies over time.
The X axis represents elapsed time in seconds from the beginning
of the earliest attack in all input files. The Y axis represents
request latency in milliseconds.
Click and drag to select a region to zoom into. Double click to zoom out.
Choose a different number on the bottom left corner input field
to change the moving average window size (in data points).
Arguments:
<file> A file output by running vegeta attack [default: stdin]
Options:
--title Title and header of the resulting HTML page.
[default: Vegeta Plot]
--threshold Threshold of data points to downsample series to.
Series with less than --threshold number of data
points are not downsampled. [default: 4000]
Examples:
echo "GET http://:80" | vegeta attack -name=50qps -rate=50 -duration=5s > results.50qps.bin
cat results.50qps.bin | vegeta plot > plot.50qps.html
echo "GET http://:80" | vegeta attack -name=100qps -rate=100 -duration=5s > results.100qps.bin
vegeta plot results.50qps.bin results.100qps.bin > plot.html
Apart from accepting a static list of targets, Vegeta can be used together with another program that generates them in a streaming fashion. Here's an example of that using the jq utility that generates targets with an incrementing id in their body.
jq -ncM 'while(true; .+1) | {method: "POST", url: "http://:6060", body: {id: .} | @base64 }' | \
vegeta attack -rate=50/s -lazy -format=json -duration=30s | \
tee results.bin | \
vegeta reportWhenever your load test can't be conducted due to Vegeta hitting machine limits such as open files, memory, CPU or network bandwidth, it's a good idea to use Vegeta in a distributed manner.
In a hypothetical scenario where the desired attack rate is 60k requests per second,
let's assume we have 3 machines with vegeta installed.
Make sure open file descriptor and process limits are set to a high number for your user on each machine
using the ulimit command.
We're ready to start the attack. All we need to do is to divide the intended rate by the number of machines, and use that number on each attack. Here we'll use pdsh for orchestration.
$ PDSH_RCMD_TYPE=ssh pdsh -b -w '10.0.1.1,10.0.2.1,10.0.3.1' \
'echo "GET http://target/" | vegeta attack -rate=20000 -duration=60s > result.bin'After the previous command finishes, we can gather the result files to use on our report.
$ for machine in 10.0.1.1 10.0.2.1 10.0.3.1; do
scp $machine:~/result.bin $machine.bin &
doneThe report command accepts multiple result files.
It'll read and sort them by timestamp before generating reports.
$ vegeta report 10.0.1.1.bin 10.0.2.1.bin 10.0.3.1.bin
Requests [total, rate] 3600000, 60000.00
Latencies [mean, 95, 99, max] 223.340085ms, 326.913687ms, 416.537743ms, 7.788103259s
Bytes In [total, mean] 3714690, 3095.57
Bytes Out [total, mean] 0, 0.00
Success [ratio] 100.0%
Status Codes [code:count] 200:3600000
Error Set:If you are a happy user of iTerm, you can integrate vegeta with jplot using jaggr to plot a vegeta report in real-time in the comfort of you terminal:
echo 'GET http://localhost:8080' | \
vegeta attack -rate 5000 -duration 10m | vegeta encode | \
jaggr @count=rps \
hist\[100,200,300,400,500\]:code \
p25,p50,p95:latency \
sum:bytes_in \
sum:bytes_out | \
jplot rps+code.hist.100+code.hist.200+code.hist.300+code.hist.400+code.hist.500 \
latency.p95+latency.p50+latency.p25 \
bytes_in.sum+bytes_out.sum
The library versioning follows SemVer v2.0.0. Since lib/v9.0.0, the library and cli are versioned separately to better isolate breaking changes to each component.
See Versioning for more details on git tag naming schemes and compatibility
with go mod.
package main
import (
"fmt"
"time"
vegeta "github.com/tsenart/vegeta/lib"
)
func main() {
rate := vegeta.Rate{Freq: 100, Per: time.Second}
duration := 4 * time.Second
targeter := vegeta.NewStaticTargeter(vegeta.Target{
Method: "GET",
URL: "http://localhost:9100/",
})
attacker := vegeta.NewAttacker()
var metrics vegeta.Metrics
for res := range attacker.Attack(targeter, rate, duration, "Big Bang!") {
metrics.Add(res)
}
metrics.Close()
fmt.Printf("99th percentile: %s\n", metrics.Latencies.P99)
}There will be an upper bound of the supported rate which varies on the
machine being used.
You could be CPU bound (unlikely), memory bound (more likely) or
have system resource limits being reached which ought to be tuned for
the process execution. The important limits for us are file descriptors
and processes. On a UNIX system you can get and set the current
soft-limit values for a user.
$ ulimit -n # file descriptors
2560
$ ulimit -u # processes / threads
709Just pass a new number as the argument to change it.
See LICENSE.
If you use and love Vegeta, please consider sending some Satoshi to
1MDmKC51ve7Upxt75KoNM6x1qdXHFK6iW2. In case you want to be mentioned as a
sponsor, let me know!
