The crux of the solution was taken from the Distributed Load Testing on AWS design. For the most part the design pattern is solid however after actually using it, it's implementation of the Taurus load testing engine (Which is based on jMeter)... it was rather limited, slow and results from those tests took a long time to generate. In addition it's been converted from CloudFormation to Terraform.
What I've done is take the core concept of the solution, re-write the React frontend and the backend API along with some of the core design concepts and expanded on them in certain areas to turn it in to a kind of framework to support multiple different engines (If required in the future) as well as give the console some additional functionality (Mainly around pricing and sizing of the fargate containers).
- Architecture design is still accurate just ignore the mention of a of a specific docker image
- Locust
- https://locust.io/
- Python based distributed load testing tool
- Comes with it's own frontend once spun up and gives realtime monitoring of the load test along with the ability to write custom scenarios for testing (Logins, path based testing etc)
- Writing a locust file documentation
Given this is designed to be run ADHOC when required it will require configuring your AWS CLI with a profile that has sufficient permissions to create the resources required
- Ensure you have the version of terraform installed defined here
- Ensure you have the AWS CLI installed
- Can be downloaded from here
- Clone this repo
- Login to the AWS account where this is going to be run from and create an IAM user with sufficient permissions to create the resources required and create some programmatic access keys
- Minimum IAM permissions policy to create everything required in this solution can be found here
- Configure the AWS CLI
- Configure the default profile
aws configure
- Configure AWS CLI with a profile
aws confgiure --profile <profile-name>- Replace
<profile-name>with what you want the profile to be called
- Configure the default profile
- If you elected to create a separate profile in the step before this add the profile name to the vars file here
- If you are working from outside of the office network you will need to add your IPv4 address to the allowed list of IP's otherwise the WAF will block access
- You can find your IPv4 address here
- Once you have your IPv4 add a new config block to here
- If you don't do this and you try and access the CloudFront distribution URL you'll get a miselading blank page. This is because it's a React SPA so all 404 & 403 responses are being redirected back to the index.html with a 200 status code so even when you get a 403 it'll think it's a 200
- From the command line run
terraform apply - It will prompt you for your email address input it and press enter
- Type in
yesonce the plan output is complete and terraform will begin deploying the solution
Once terraform has spun up the resources the email account which was defined in the only required variable will be sent an email with the default user (Which defaults to Admin), a randomly generated password for that user and the CloudFront distribution URL.
- In the background Codepipeline and Codebuild will be working on building and deploying the console, containers images and scenarios to where they are meant to be so give that entire process about 5-10 minutes before you try and access the console
- Access to the both the DLT console and the Locust swarm console are limited to what's configured for the WAF (Both IP whitelist and geo)
- Once you've deleted the engine from the console you can then safely tear down the load testing tool by running the following from the command line
terraform destroy- Say
yesat the end of the destruction output - Sometimes you may need to run this more than once
- Say
- AWS CLI
- There is one task as part of this process that creates the initial Cognito User and there isn't a Terraform resource for that so the AWS CLI is being used which means you need to have permissions to run
aws cognito-idp admin-create-user
- There is one task as part of this process that creates the initial Cognito User and there isn't a Terraform resource for that so the AWS CLI is being used which means you need to have permissions to run
| Name | Version |
|---|---|
| terraform | >= 0.12.4 |
| Name | Version |
|---|---|
| aws | n/a |
| Name | Source | Version |
|---|---|---|
| backend | ./modules/backend | n/a |
| frontend | ./modules/frontend | n/a |
| Name | Type |
|---|---|
| aws_kms_alias.this | resource |
| aws_kms_key.this | resource |
| aws_caller_identity.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_cli_profile_name | AWS CLI profile to use for credentials if not using the default | string |
"" |
no |
| geo_loc_whitelist | List of countries to whitelist | list(string) |
[ |
no |
| initial_admin_account_name | Default admin username for initial login to Cognito | string |
"Admin" |
no |
| initial_admin_email_address | Default email address for initial login to Cognito. Initial login details will be sent here | string |
n/a | yes |
| name | Name of the solution | string |
"DistributedLoadTesting" |
no |
| public_ips_for_slaves | Flag for weather or not to assign public IP's to slaves. This will give each slave a public IP address to make it look like it's coming from a different source instead of routing traffic out of one of the 3 NAT gateways | bool |
false |
no |
| vpc_cidr | CIDR for the VPC | string |
"192.168.0.0/16" |
no |
| vpc_private_subnet_cidrs | List of CIDRs to be used for private subnets | list |
[ |
no |
| vpc_public_subnet_cidrs | List of CIDRs to be used for public subnets | list |
[ |
no |
| Name | Description |
|---|---|
| nat_ip_addresses | List of public IP addresses assigned to the NAT gateways |