Testing APIs in the Cloud

2,584 views

Published on

Erik Yverling, an API expert and soapUI developer at SmartBear-Sweden, gave this presentation at WebTech Conference 2012.

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,584
On SlideShare
0
From Embeds
0
Number of Embeds
28
Actions
Shares
0
Downloads
86
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Testing APIs in the Cloud

  1. 1. Erik R. Yverling | SmartBearTesting APIs in the Cloud
  2. 2. Erik R. Überling | SmartBearTesting APIs in the Cloud
  3. 3. A little bit about me• Developer at SmartBear working on soapUI• Lives in Stockholm, Sweden• Agile enthusiast• Linux and Open Source lover• Just another fellow geek
  4. 4. No code :(
  5. 5. Recommendations!
  6. 6. Overview• Golden age of APIs• Testing APIs• Testing APIs in the Cloud• Testing APIs from the Cloud• Recommendations
  7. 7. Golden age of APIs
  8. 8. Golden age of APIs• APIs are at the core of business strategies – not just technology strategies
  9. 9. Registred APIs APIs are growing rapidly YearSource: programmableweb.com
  10. 10. Testing APIsAPI
  11. 11. Quality aspects of APIs• Functionality – does it work as expected?• Performance – does it perform as required?• Security – is it secured for common attacks?• Usability – is it usable?• Compliance – does it follow common practices?
  12. 12. How are APIs tested?APIs generally implement a request-responsemodel for exchanging messages or data Parameterized Request Test API Response A simple test sends a request message and validates that the response message has the expected content
  13. 13. Testing APIs in the Cloud API
  14. 14. APIs + the Cloud = true• High availability• High scalability• Easy deployment on the locations of your customer
  15. 15. Quality aspects of cloud APIs• Functionality – does it work as expected?• Performance – does it perform as required?• Security – is it secured for common attacks?• Usability – is it usable?• Compliance – does it follow common practices?• Policy and regulations– does it follow your legal regulations?
  16. 16. Functionality• Does it matter where your API is deployed? – Timestamps? – Time zones? – Locales?
  17. 17. Performance• How to handle shared resources with others?• How to make sure that the API is able to scale?
  18. 18. Security• How to handle sensitive transactions to your backend?
  19. 19. Policy and regulations• How much of your traffic that is allowed to cross country boarders?• US export controls• Is there a limit for load testing?• What about costs related to transactions?
  20. 20. Policy and regulations• What happens if your API stops working?
  21. 21. Testing APIs from the Cloud API
  22. 22. Test Environment as a service (TEaaS)API
  23. 23. Quality aspects of APIs tested from the Cloud• Functionality – does it work as expected?• Performance – does it perform as required?• Security – is it secured for common attacks?• Usability – is it usable?• Compliance – does it follow common practices?• Policy and regulations– does it follow your legal regulations?
  24. 24. Functionality• How will your application react to request from different locations?
  25. 25. Performance• How will your API react on distributed load?
  26. 26. Security• Will you be able to test your API from all kinds of locations?• Is there some locations that should not be able to reach the API?
  27. 27. Whoa!Using the Cloud seams like a lot of work!
  28. 28. Recommendations!
  29. 29. Testing APIs in the Cloud API
  30. 30. Functionality• Reuse test cases during development for monitoring
  31. 31. In Agile you have “Continuous Integration” API Test should be run automatically andcontinuously for every build of the software
  32. 32. In DevOps you have “Continuous Deployment” API Monitors run continuously toensure operations and production quality
  33. 33. AgileBusiness Development Operations DevOps
  34. 34. Benefits of Test Asset Reuse Development : Continuous Integration / Deployment API Tests and Quality Assets Operations : API Monitoring
  35. 35. Functionality• Reuse test cases during development for monitoring• Start with a local baseline setup to compare with• Mock out external dependencies to begin with• Mind the backwards compatibility
  36. 36. Functionality• Run regression tests against different locations• Designing your application for failure recovery
  37. 37. Performance• Make performance requirements• Experiment with the load• Parallelize• Consider using dedicated machines• Use monitoring together with the load test
  38. 38. Performance• Run load tests in an isolated environment for root cause analysis• Chaos monkey!
  39. 39. Security• Make security requirements• Encrypt sensitive transactions to your backend• Encrypt data before sending it to the Cloud• Find out who is responsible for the different aspects of security
  40. 40. Policy and regulations• Check the legal implications with your company experts• Check what backup/recovery solution your provider offers• Check the providers regulations for load testing• Do a calculation on what it may cost you to run your load tests
  41. 41. Compliance• Don’t always follow standards to the letter (others may not).• Look for best practices and reference implementations
  42. 42. Testing APIs from the Cloud API
  43. 43. Functionality• Beware of from where you tests are run• Run functional tests that depends on a geographical location from that actual geographical location• Easily create nodes in your test lab for different client setups
  44. 44. Performance• Use distributed load testing for better performance• Scale your test suite along with your API
  45. 45. Security• Make sure to cover locations that should not be able to access the API• Be aware of firewalls if your API is protected
  46. 46. Summary• Golden age of APIs• Testing APIs• Testing APIs in the Cloud• Testing APIs from the Cloud• Recommendations
  47. 47. Try this at home!• Check out soapUI Test On Demand• http://www.soapui.org
  48. 48. ?
  49. 49. Contact• @erikryverling• @soapui• erik.yverling@smartbear.com

×