This document discusses non-functional issues in cloud-based systems. It outlines challenges like performance, security, availability, and legislation compliance. It proposes solutions like testing measures to evaluate these non-functional risks at different stages from selection to production. Key areas for testing include performance, security, manageability, availability, functionality, and compliance with regulations. Continuous testing of functional and non-functional requirements is needed as cloud systems experience continuous changes.
Testing the Migration of Monolithic Applications to Microservices on the CloudNagarro
Are you considering migrating from monolithic applications to microservices on the cloud? Check out this deck to understand the differences between monolithic applications and microservices, why microservices is a better option, and learn about cloud testing.
A Year of “Testing” the Cloud for Development and TestTechWell
Jim Trentadue describes the first year his organization used the cloud for its non-production needs: development, testing, training, and production support. Jim begins by describing the components of a cloud environment and how it differs from a traditional physical server structure. To prove the cloud concept, he used a risk-based model for determining which servers would be migrated. The result was a win for the organization from a time-to-market and cost savings perspective. Jim shares his do’s and don’ts for moving to the cloud. Do’s include ensure you identify all costs associated with the new cloud infrastructure, implement a risk-based approach to cloud migration, define a governance model, and define Service Level Agreements for your cloud vendor. Jim warns against creating an open-ended environment without a charge-back model to allocate costs and failing to continuously monitor the overall environment. Take back practical and proven recommendations and practices to make your move to the cloud a breeze.
Applying a Comprehensive, Automated Assurance Framework to Validate Cloud Rea...Cognizant
Avoiding costly problems throughout the cloud migration process requires QA safeguarding of applications, servers and databases; this is best accomplished with a comprehensive, automated approach such as the one presented here.
From Relational Database Management to Big Data: Solutions for Data Migration...Cognizant
Big data migration testing for transferring relational database management files is a very time-consuming, high-compute task; we offer a hands-on, detailed framework for data validation in an open source (Hadoop) environment incorporating Amazon Web Services (AWS) for cloud capacity, S3 (Simple Storage Service) and EMR (Elastic MapReduce), Hive tables, Sqoop tools, PIG scripting and Jenkins Slave Machines.
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...SOASTA
IDC, the premier global provider of IT market research, and SOASTA, an IDC industry leader in cloud testing know that maintaining leadership means moving quickly to outpace the competition. Both IDC and SOASTA work with clients to realize the benefits that cloud computing brings to delivering high quality, rapidly deployable web and mobile applications.
Join them in this webinar where you will hear:
IDC speak on:
Perspectives on the state of cloud computing for agile web and mobile development
Market dynamics and maturity around the cloud and cloud testing
Recommendations for getting started with cloud testing
SOASTA speak on:
The business drivers for cloud and virtualization
Customer goals of using and implementing cloud testing
The road to implementing cloud testing in a continuous integration model
Case studies of customer cloud testing success
SOASTA’s services and technology will be highlighted and demonstrated as a solution for continuous web and mobile testing as utilized by the Paychex team.
Who Should Attend?
Senior IT Management
Development and QA Executives and Directors
Performance team leads and engineers
Test Automation leads and engineers
Mobile Development and Testing team leads and engineers
Getting ready for Infrastructure Transformation with hyper-convergedSynapse360
Digital Transformation is an imperative for local government, but siloed legacy infrastructure can make analytics, data sharing and security difficult. Synapse360 illustrate how hyper-converged technology can address these issues cost effectively.
Testing the Migration of Monolithic Applications to Microservices on the CloudNagarro
Are you considering migrating from monolithic applications to microservices on the cloud? Check out this deck to understand the differences between monolithic applications and microservices, why microservices is a better option, and learn about cloud testing.
A Year of “Testing” the Cloud for Development and TestTechWell
Jim Trentadue describes the first year his organization used the cloud for its non-production needs: development, testing, training, and production support. Jim begins by describing the components of a cloud environment and how it differs from a traditional physical server structure. To prove the cloud concept, he used a risk-based model for determining which servers would be migrated. The result was a win for the organization from a time-to-market and cost savings perspective. Jim shares his do’s and don’ts for moving to the cloud. Do’s include ensure you identify all costs associated with the new cloud infrastructure, implement a risk-based approach to cloud migration, define a governance model, and define Service Level Agreements for your cloud vendor. Jim warns against creating an open-ended environment without a charge-back model to allocate costs and failing to continuously monitor the overall environment. Take back practical and proven recommendations and practices to make your move to the cloud a breeze.
Applying a Comprehensive, Automated Assurance Framework to Validate Cloud Rea...Cognizant
Avoiding costly problems throughout the cloud migration process requires QA safeguarding of applications, servers and databases; this is best accomplished with a comprehensive, automated approach such as the one presented here.
From Relational Database Management to Big Data: Solutions for Data Migration...Cognizant
Big data migration testing for transferring relational database management files is a very time-consuming, high-compute task; we offer a hands-on, detailed framework for data validation in an open source (Hadoop) environment incorporating Amazon Web Services (AWS) for cloud capacity, S3 (Simple Storage Service) and EMR (Elastic MapReduce), Hive tables, Sqoop tools, PIG scripting and Jenkins Slave Machines.
Adopting Cloud Testing for Continuous Delivery, with the premier global provi...SOASTA
IDC, the premier global provider of IT market research, and SOASTA, an IDC industry leader in cloud testing know that maintaining leadership means moving quickly to outpace the competition. Both IDC and SOASTA work with clients to realize the benefits that cloud computing brings to delivering high quality, rapidly deployable web and mobile applications.
Join them in this webinar where you will hear:
IDC speak on:
Perspectives on the state of cloud computing for agile web and mobile development
Market dynamics and maturity around the cloud and cloud testing
Recommendations for getting started with cloud testing
SOASTA speak on:
The business drivers for cloud and virtualization
Customer goals of using and implementing cloud testing
The road to implementing cloud testing in a continuous integration model
Case studies of customer cloud testing success
SOASTA’s services and technology will be highlighted and demonstrated as a solution for continuous web and mobile testing as utilized by the Paychex team.
Who Should Attend?
Senior IT Management
Development and QA Executives and Directors
Performance team leads and engineers
Test Automation leads and engineers
Mobile Development and Testing team leads and engineers
Getting ready for Infrastructure Transformation with hyper-convergedSynapse360
Digital Transformation is an imperative for local government, but siloed legacy infrastructure can make analytics, data sharing and security difficult. Synapse360 illustrate how hyper-converged technology can address these issues cost effectively.
Cloud testing: challenges and opportunities, TaaS, Integration TestingDr Ganesh Iyer
Brief overview of Cloud test challenges, opportunities, methodologies and approaches. Also includes brief introduction to TaaS and Integration test challenges and approaches.
This is a paper which will outline the benefits of moving the cloud from traditional in house to cloud,type of testing ,approach Test team/companies need to performed if they are adopting cloud solution .
This solution is generic in nature and it applies for all business who want to use Cloud Offering from different vendors like Microsoft, Amazon, Google, IBM, Salesforce
Best Practices for Workload Security: Securing Servers in Modern Data Center ...CloudPassage
Presentation slides from Black Hat 2016. Presented by Sami Laine, Principal Technologist at CloudPassage & Aaron McKeown, Lead Security Architect of Xero.
Presentation of the 17th International Conference on Evaluation and Assessment in Software Engineering (EASE' 2013)
Paper details: http://dl.acm.org/citation.cfm?doid=2460999.2461037
Conference Program: http://www.cin.ufpe.br/~ease2013/program.html
Digital poster: http://www.crescenciolima.com/ease2013/
In this session you will learn:
Introduction to Test Automation Framework
What is a Test Automation Framework?
Utility of Test Automation Framework
Sample Automation Test Framework
Types of Automation Frameworks
Data Driven Automation Framework
Keyword Driven Automation Framework
Hybrid Automation Framework
Benefits of Automation Framework Approach
For more information: https://www.mindsmapped.com/courses/quality-assurance/qa-software-testing-training-for-beginners/
EuroSTAR Software Testing Conference 2012 presentation on Testing Cloud Services by Blokland & Mengerink. See more at: http://conference.eurostarsoftwaretesting.com/past-presentations/
Test Management for Cloud-based ApplicationsTechWell
Because the cloud introduces additional system risks—Internet dependencies, security challenges, performance concerns, and more—you, as a test manager, need to broaden your scope and update your team’s practices and processes. Ruud Teunissen shares a unique approach that directly addresses more than 140 new testing concerns and risks you may encounter in the cloud. Learn how to identify cloud-specific requirements and the risks that can ensue from those requirements. Then, explore the test strategies you'll need to adopt to mitigate those risks. Explore cloud services selection, implementation, and operations. Then, take a dive in to the wider scope of test management in the cloud. Take back the ammunition you need to convince senior management that test managers should participate during the cloud services selection to help avoid risks before implementation and, further, why you should work with IT operations to extend test activities after the system goes live.
Cloud testing: challenges and opportunities, TaaS, Integration TestingDr Ganesh Iyer
Brief overview of Cloud test challenges, opportunities, methodologies and approaches. Also includes brief introduction to TaaS and Integration test challenges and approaches.
This is a paper which will outline the benefits of moving the cloud from traditional in house to cloud,type of testing ,approach Test team/companies need to performed if they are adopting cloud solution .
This solution is generic in nature and it applies for all business who want to use Cloud Offering from different vendors like Microsoft, Amazon, Google, IBM, Salesforce
Best Practices for Workload Security: Securing Servers in Modern Data Center ...CloudPassage
Presentation slides from Black Hat 2016. Presented by Sami Laine, Principal Technologist at CloudPassage & Aaron McKeown, Lead Security Architect of Xero.
Presentation of the 17th International Conference on Evaluation and Assessment in Software Engineering (EASE' 2013)
Paper details: http://dl.acm.org/citation.cfm?doid=2460999.2461037
Conference Program: http://www.cin.ufpe.br/~ease2013/program.html
Digital poster: http://www.crescenciolima.com/ease2013/
In this session you will learn:
Introduction to Test Automation Framework
What is a Test Automation Framework?
Utility of Test Automation Framework
Sample Automation Test Framework
Types of Automation Frameworks
Data Driven Automation Framework
Keyword Driven Automation Framework
Hybrid Automation Framework
Benefits of Automation Framework Approach
For more information: https://www.mindsmapped.com/courses/quality-assurance/qa-software-testing-training-for-beginners/
EuroSTAR Software Testing Conference 2012 presentation on Testing Cloud Services by Blokland & Mengerink. See more at: http://conference.eurostarsoftwaretesting.com/past-presentations/
Test Management for Cloud-based ApplicationsTechWell
Because the cloud introduces additional system risks—Internet dependencies, security challenges, performance concerns, and more—you, as a test manager, need to broaden your scope and update your team’s practices and processes. Ruud Teunissen shares a unique approach that directly addresses more than 140 new testing concerns and risks you may encounter in the cloud. Learn how to identify cloud-specific requirements and the risks that can ensue from those requirements. Then, explore the test strategies you'll need to adopt to mitigate those risks. Explore cloud services selection, implementation, and operations. Then, take a dive in to the wider scope of test management in the cloud. Take back the ammunition you need to convince senior management that test managers should participate during the cloud services selection to help avoid risks before implementation and, further, why you should work with IT operations to extend test activities after the system goes live.
The cloud can deliver services over the Internet in three ways—software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS). Each of these approaches requires testers to focus on more than classical functional testing. Ruud Teunissen explores the new techniques and skills testers need to master for testing cloud services. Examples include testing for elasticity; testing fall back scenarios to guarantee continuity of business processes; testing for adherence to laws and regulations; and testing apps, web services, and the numerous platforms that need to be supported. Join Ruud and learn how to test these additional cloud requirements to get a grip on technical test issues, explore cloud services operations, and jump-start the broader scope of testing in the cloud. Take back practical approaches for tuning and tweaking your present test techniques to fly high in the cloud.
ComResource's Agency Solutions Offering - Focused on Cybersecurity awareness for Nationwide Insurance agents. For more information, please visit: https://bit.ly/AgencySolutions
Going Cloudy? How to test SaaS? with Kees Blokland TEST Huddle
View webinar: http://www.eurostarconferences.com/community/member/webinar-archive/webinar-80-going-cloudy-how-to-test-saas
The introduction of cloud computing has changed the playing field for testing. Testing needs to evolve and innovate to address the newly introduced risks that come with "going cloudy" with application services. How do we make sure that the continuity of services is guaranteed? In this webinar Kees Blokland introduces new solutions to tackle the new risks that arise with SaaS. How to use innovative combinations of testing techniques to cope with this phenomenon.
On September 17 Polteq contributed to the EuroSTAR online event ”Software Testing Summit” with a webinar about testing cloud services with title ”Going Cloudy? How to test SaaS?”
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …Andris Soroka
World's #1 SIEM technology in GRC (Governance, Risk, Compliance). QRadar Risk Manager provides organizations with a pre-exploit solution that allows network security professionals to assess what risks exist during and after an attack, while also answering many "What if?" questions ahead of time, which can greatly improve operational efficiency and reduce network security risks.
Continuous compliance using data and codeErkang Zheng
There's too much data and too much repetitive work when it comes to compliance. Cloud native organizations can maintain continuous compliance in a software-defined approach -- using data and code.
Cloud Security Summit - InfoSec World 2014Bill Burns
Cloud Security trends, practical tips and lessons learned. Implementing holistic security controls to protect business data, Trends that will affect data security, and advice to security startups and companies evaluating them.
We are CyberPact Solutions, a technology powered cyber security consulting private limited company located in Bangalore with unique yet unifying ecosystem of comprehensive cyber security assessment, design and deployment. Apart from offering core solutions in the ambit of cyber security, our expertise also spans allied areas including privacy planning, incident response, Cyber Forensics and information security training services.
We are CyberPact Solutions, a technology powered cyber security consulting private limited company located in Bangalore with unique yet unifying ecosystem of comprehensive cyber security assessment, design and deployment. Apart from offering core solutions in the ambit of cyber security, our expertise also spans allied areas including privacy planning, incident response, Cyber Forensics and information security training services.
Similar to Non-functional Issues in Cloud Based Systems by Kees Blokland and Martin Pol (20)
Martin Pol, Jeroen Mengerink en Kees Blokland lanceren in 2012 een boek over het testen van Cloud Services. Met deze presentatie wordt het boek geïntroduceerd.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
2. Agenda
• Introduction Cloud computing
• Challenges Non-Functional Risks
• Solutions Test measures
Traditional
New “Cloud related”
Ways to test
Ways to help reduce the risks
16. Other customers
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & Regulations
Suppliers & Outsourcing
Risks
YOUR
Operational Profile
On Premise
In Cloud
YOUR
Operational Profile
PLUS
17. Everything over the web
Performance
Security
Availability & Continuity
Functionality
Manageability
Legislation & Regulations
Suppliers & Outsourcing
Risks On Premise
The idea:
“it’s safe”
In Cloud
Home ground for
hackers
18. Bring Your Own Device
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & Regulations
Suppliers & Outsourcing
Risks
In Cloud
Endless
possibilities
On Premise
No free choice of
device
(Bring Your Own Disaster)
23. Updates, patches, fixes, …
Performance
Security
Availability & Continuity
Functionality
Manageability
Legislation & Regulations
Suppliers & Outsourcing
Risks On Premise
Planned and
controlled
In Cloud
Do I have a
choice?
25. Where is my data?
And is that OK?
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & regulations
Suppliers & Outsourcing
Risks On Premise
In house …
In Cloud
Somewhere …
38. Known measures
tuned and tweaked
New measures
developed
Use:
– Your skills
– Heuristics
– The Book
– Your peers
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
41. Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & Regulations
Suppliers & Outsourcing
Risks
42. Selection Criteria
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Completeness
Controllable
For service
For supplier
Spec’s and terms
References
……
43. Proof of Concept
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Dynamic testing
More suppliers
Time boxing
Representative
44. Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Selection
Implementation
Production
45. Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & Regulations
Suppliers & Outsourcing
Risks
46. Load Testing
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
YOUR
Operational Profile
On Premise
In Cloud
YOUR
Operational Profile
PLUS
ACTUAL MOMENT
48. Stress Testing
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
On Premise
Yes, you can!
In Cloud
Definitely NOT!
49. Elasticity
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
On Premise
Load and stress
In Cloud
Load and elasticity
51. load
load test – ‘up’
extend?
200
charged
100
charged
no
yes
path test
99
100
101
boundary values
‘up’
tc 1: use=99, pay 100
tc 2: use=100, pay 100
tc 3: use=101, pay 200
‘down’
tc1: use=101, pay 200
tc2: use=100, pay 100
tc3: use=99, pay 100
boundary values
load test – ‘down’
• (Automatic) scaling up or down
does not perform as required
• At scaling moments functional
problems emerge
• Insight in use based costs is
not sufficient
52. • Security at:
– Network
– Supplier
– User
• Encryption
• Authentication and
authorisation
• Test logs and audit trails
• Security Audits
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
IDaaS
Experts
Security patch routines
53. • Completeness and correctness
of specifications and manuals
– Supplier
– User
• Availability of test
environments
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Interface specifications
Supported platforms
Business process specs
User manuals
55. Manageablity of test environments
• Link all current environments to the service
56. • Role of system architecture
• Monitoring and Logging
• Guarantees and SLA’s
• Test fail-over mechanism
• Test online/offline
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
57. Fail-over testing
A: disrupted
B: active
A: active
B: inactive
A is disrupted
B takes over service
A: inactive
B: active
disruptioninAended
nochange
Aisdisrupted
nochange
A: active
B: disrupted
B is disrupted
A takes over service
Bisdisrupted
nochange
disruptioninBended
nochange
A: disrupted
B: disrupted
58. Online – Offline
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
In Cloud
Use case testing
Global testing
On Premise
59. Online – Offline
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
In Cloud
Use case testing
Global testing
On Premise
Off line tests focussed on problems:
• Work continues, based on out-of-date information, and
this information could be changed in the cloud during the
offline period
• The users are not aware that they are working (partly)
online (and are lead to believe differently)
• Synchronization conflicts arise because data is changed
locally as well as in the cloud
60. Online – Offline
Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
In Cloud
Use case testing
Global testing
On Premise
Off line test cases:
• End the connection and check whether the users can
see that they are working offline.
• Disrupt the connection (for instance, a port or a
certain type of IP traffic) and check whether problems
arise.
• Check whether changes that are made offline find
their way to the cloud when online status is regained.
• Check whether conflicts between offline and cloud
data are handled robustly (which is in fact a
functional requirement).
61. Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & Regulations
Suppliers & Outsourcing
Risks
62. Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Continuous End-to-End Testing
Continuous Change
Functionals and Non-Functionals
64. Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & Regulations
Suppliers & Outsourcing
Risks
Testing starts early: in selection
Scope of testing is widened
Testing continues in production
Testing Cloud Based Systems
65. Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & Regulations
Suppliers & Outsourcing
Risks
Questions?
www.polteq.com
martin.pol@polteq.com
kees.blokland@polteq.com
Testing Cloud Based Systems
66. Performance Testing
Security Testing
Manageability Testing
Availability & Continuity
Testing
Functional Testing
Migration Testing
Testing due to
Legislation & Regulations
Testing in Production
Testing during Selection
TestMeasures
Performance
Security
Availability & Continuity
Functionality
Maintainability
Legislation & Regulations
Suppliers & Outsourcing
Risks
Thank you!
www.polteq.com
martin.pol@polteq.com
kees.blokland@polteq.com
Testing Cloud Based Systems
Editor's Notes
the cloud…
But, where do we come from?
Consider a traditional setting, where
An organization is housed in a building and everything is contained in that building:
I am in the building
My computer is in the building
The network is in the building
The servers are in the building
My data is stored in the building
The IT maintenance people are in the building.
Aha, for email, websurfing and file transfer we leave the building
Well, the data is leaving the building, I’m still in it.
The traditional -all in house- situation though, has a number of issues that become more serious over time
Take the datacenter equipment, for instance: on average 80% of it’s capabilities is UNused. Organizations are having more and more problems with the high capital investments in equipment that are required to accommodate peak loads and future growth.
And growth there is a lot: such as
The constant claim for more Storage
And the always growing requirements for Hardware
(became obvious to me again when I was surfing the web last night using my ipad1: two years ago top of the bill, but now having more trouble in browsing through typical websites with reasonable speed)
Organizations are faced with new requirements too:
There is an increasing criticism on power consumption, is your organization green enough?
And: the need to support the New World of Work and the Bring You Own Device phenomenon
Recent technological innovations and developments can cope with most of the issues.
For instance:
Virtualization: to increase the hardware exploitation and decrease the capital expenses
Standard software for commodity services to further cut costs
Service Orientation and high bandwidth internet technology that enable the delivery of services at any location using any device
The new technological possibilities AND the search from organizations to get solutions for there issues give rise to the following trend:
IT goes into the cloud!
Wat is de cloud? Of cloud computing?
But what is the Cloud?
What characterizes Cloud Computing?
We use he Cloud Computing definition of the National Institute of standards and technology
I will give short explanation of the essential characteristics of cloud computing according to NIST because these give rise to many specific risks that are introduced with cloud computing
on-demand services: you can get what you want at the time that you want it without needing help from anyone;
example: you can go to a website and have a IT environment in the cloud up and running in minutes
Broad network access: a service is available anywhere in the world and with any capacity that is needed
Resource pooling: the customers are sharing supplier resources; this provides higher cost efficiency
Rapid elasticity: like on demand services: more needed? Via a simple manual action on the internet of even automatically you get more (or less) capacity; example: dropbox
Measured services: pay per use: only pay what you use
The cloud computing deployment model determines with who the resources are shared.
The main focus in this presentation is on Software as a service
This is where the cloud supplier provides a full functional service, the customer only needs a device to get access and the cloud service provider is responsible for everything else
We use he Cloud Computing definition of the National Institute of standards and technology
I will give short explanation of the essential characteristics of cloud computing according to NIST because these give rise to many specific risks that are introduced with cloud computing
on-demand services: you can get what you want at the time that you want it without needing help from anyone;
example: you can go to a website and have a IT environment in the cloud up and running in minutes
Broad network access: a service is available anywhere in the world and with any capacity that is needed
Resource pooling: the customers are sharing supplier resources; this provides higher cost efficiency
Rapid elasticity: like on demand services: more needed? Via a simple manual action on the internet of even automatically you get more (or less) capacity; example: dropbox
Measured services: pay per use: only pay what you use
The cloud computing deployment model determines with who the resources are shared.
The main focus in this presentation is on Software as a service
This is where the cloud supplier provides a full functional service, the customer only needs a device to get access and the cloud service provider is responsible for everything else
Een perfect voorbeeld van een community cloud is bijvoorbeeld EuroCloud, deze non-profit organisatie heeft een specifieke omgeving waar hun eigen community ervaringen, ideeën, rapporten, whitepapers en dergelijke met elkaar uitwisselt. Toegang tot die groepen kan alleen verkregen worden als men lid is.
The cloud, what does that mean for testing?
the answer to this question starts with finding an answer to another question: what are the risks of using cloud computing?
There are all kinds of aspects of cloud computing that come with risks
We made an inventory and identified 143 risks
And we grouped them into 7 risk categories
I give a few examples of cloud related risks, starting with performance risks
Traditionally: is the application and it’s environment fast enough considering my expected usage?
Usage that is modelled into an operation profile
In the cloud there are other users too (remember: one of the essential characteristics is resource pooling)
The risk of insufficient performance not only depends on my operational profile
but it also depends on the usage of other customers that share the same cloud service resources. If many customers are having a peak load at the same time, this will introduce a high likelihood of performance issues.
A security example
Traditionally: everything is in house, operated and controlled by your own trusted people. In other words: it is safe.
In the cloud: the user gets access to the service over the web (broad network access)
And there is a risk that other people penetrate the service and get hold of or even change your data.
Another security example
In many organizations people use mandatory, standard desktops, configured with security policies like an automatic screen lock after a time out
But: more and more people want to use there own device, because of which organizations decide to use cloud services
Using own devices introduces security risks. Show of hands: who has an automatic screen lock on their smartphone or tablet that needs to be unlocked with a pin code?
Of course I cannot see you, but based on experience in other audiences I guess that NOT all of you have your device secured with this simple mechanism to prevent others to access your data or the company’s data on your device
Ja het is anders!
Ja het is anders!
Ja het is anders!
En dat concept – van risico’s naar testmaatregelen – vormt dan ook de basis en de architectuur van Cloutest en het bijbehorende boek.
En dat concept – van risico’s naar testmaatregelen – vormt dan ook de basis en de architectuur van Cloutest en het bijbehorende boek.
A well known risk example in the area of legislation deals with this question
Where is my data?
Before the Cloud this would have been easy to answer: somewhere in house in the data centre.
Access to data centres is normally limited to well known maintenance people
But what about ‘in the cloud’?
Again a request for a virtual show of hands, who of you uses Google Docs?
So was a European local government: they started to use it to enable easy sharing of documents to enable government employees to work at home
Until someone found out they were seriously violating European rules
These rules requires guarantees that all privacy sensitive data stays within the borders of the European Community
It was not possible at that time for Google to provide these guarantees, because the data is stored in different data centres in the world part of which were outside the borders of the European Community
In the cloud means my data is somewhere, but I need to know: is that OK? What legislation risks apply?
A well known risk example in the area of legislation deals with this question
Where is my data?
Before the Cloud this would have been easy to answer: somewhere in house in the data centre.
Access to data centres is normally limited to well known maintenance people
But what about ‘in the cloud’?
Again a request for a virtual show of hands, who of you uses Google Docs?
So was a European local government: they started to use it to enable easy sharing of documents to enable government employees to work at home
Until someone found out they were seriously violating European rules
These rules requires guarantees that all privacy sensitive data stays within the borders of the European Community
It was not possible at that time for Google to provide these guarantees, because the data is stored in different data centres in the world part of which were outside the borders of the European Community
In the cloud means my data is somewhere, but I need to know: is that OK? What legislation risks apply?
Ja het is anders!
Alle overige individuele risico’s – in totaal 143 – worden in Cloutest beschreven op een vergelijkbare manier…
That where a number of examples of cloud related risks
How to mitigate Cloud specific risks with testing?
We determined test measures for all 143 identified risks.
Certain risks can be mitigated by traditional testing and reviewing
Other risks needed additional measures to mitigate for intance auditing, proof of concepts and simluation
We determined test measures for all 143 identified risks.
Certain risks can be mitigated by traditional testing and reviewing
Other risks needed additional measures to mitigate for intance auditing, proof of concepts and simluation
We organized the test measures in the following groups
Later on I will give some examples of test measures
Risico’s en maatregelen.
Wat Cloutest UNIEK maakt is de dat er een directe link wordt gelegd tussen INDIVIDUELE risico’s en de bijbehorende INDIVIDUELE maatregelen.
---
The next step is to link the risks with test measures.
The various performance risks link to test measures from four groups
Kijk bijvoorbeeld naar performance.
Voor de meesten van ons als begrip weinig nieuws.
Wat blijkt is dat de performance eisen al nadrukkelijk tijdens de selectie moeten worden meegenomen. Maar ook dat naast de set van maatregelen voor het testen van performance, het testen van beheerbaarheid van belang is: heb ik een representatieve omgeving?
En tijdens productie? Meer dan voorheen moet de performance niet alleen gemonitord worden maar het kan zelfs van belang zijn om het regelmatig te testen. De cloud services veranderen continu, veel en vaak en ongecontroleerd en dit kan impact hebben op uw performance. Monitoring is dan niet voldoende maar regressietest op uw performance kan noodzakelijk zijn.
The number of security risks is overwhelming
They link to a large variety of test measures
Neem nu bijvoorbeeld Beveiliging.
Hoewel daar niet bewust op gestuurd is, blijkt dat het testen van beveiliging in elke testmaatregele terug komt…
Van selectiecriteria (welke beveiligingsmaatregelen heeft de leverancier genomen en over welke certificaten beschikt hij),
via het testen van autorisatie en autenticatie (terug te vinden in het testen van beveiliging en het testen van functionaliteit),
Naar het testen van bv dataschoning: onbedoeld blijven gegevens bestaan die gewist hadden.
Tot en met het "live" bewaken want het gebeurt domweg dat er onbedoeld wijzigingen worden doorgevoerd die impact hebben op de beveiligingsmaatregelen.
For each of the individual 143 risks we identified one or more individual test measures that will help mitigating each risk
---
Cloutest
Architectuur
Risico’s handig gegroepeerd, maatregelen effectief geclusterd
INDIVIDUELE risicos gekoppeld aan INDIVIDUELE maatregelen
Many of the test measures are similar to testing on traditional, I mean non-cloud, software.
By tweaking, tuning and combining known test approaches a part of the cloud specific risks can be mitigated.
But there are also risks that are not regular in the traditional testing scene that need new test measures.
Let’s look through some examples of old and new test measures applied in the cloud context.
Part of the test measures must be executed during the selection phase, when the cloud service has not been chosen yet
Other measures are executed when the service is up and running (in production)
But most types of test measures are executed in the implementation phase, when the cloud service is already available but not in production yet.
I will give some examples of the numerous test measures that we have described for covering all the cloud related risks we have identified
---
De essentie van Cloutest is in feite: Testen begint eerder (tijdens selectie), kijkt breder (anders en met meer diepgang tijdens implementatie), gaat langer door…
“Doet de SW het volgens de specs?” verandert in “Gaat dit straks wel werken voor de gebruiker?”. Dus kruip al tijdens de selectie in de huid van de (eind)gebruiker.
Voorkom dat je achter de feiten aanloopt en dat je achteraf vaststelt dat je de verkeerde keuze hebt gemaakt. Dus moet je aanwezig zijn bij de selectie want DAAR worden belangrijke beslissingen genomen die grote invloed hebben op de risico’s bij gebruik van de service. Risico’s (de kans dat) veranderen in feiten (issues).
Goed en breed testen tijdens implementatie, voor life gang
En dan houdt het niet op, want ook nadat de service in productie is genomen blijven er taken voor test. Want als je services gaat afnemen uit de Cloud verdwijnt de vertrouwde rol die beheer tot nu toe heeft gehad.
Part of the test measures must be executed during the selection phase, when the cloud service has not been chosen yet
Other measures are executed when the service is up and running (in production)
But most types of test measures are executed in the implementation phase, when the cloud service is already available but not in production yet.
I will give some examples of the numerous test measures that we have described for covering all the cloud related risks we have identified
---
De essentie van Cloutest is in feite: Testen begint eerder (tijdens selectie), kijkt breder (anders en met meer diepgang tijdens implementatie), gaat langer door…
“Doet de SW het volgens de specs?” verandert in “Gaat dit straks wel werken voor de gebruiker?”. Dus kruip al tijdens de selectie in de huid van de (eind)gebruiker.
Voorkom dat je achter de feiten aanloopt en dat je achteraf vaststelt dat je de verkeerde keuze hebt gemaakt. Dus moet je aanwezig zijn bij de selectie want DAAR worden belangrijke beslissingen genomen die grote invloed hebben op de risico’s bij gebruik van de service. Risico’s (de kans dat) veranderen in feiten (issues).
Goed en breed testen tijdens implementatie, voor life gang
En dan houdt het niet op, want ook nadat de service in productie is genomen blijven er taken voor test. Want als je services gaat afnemen uit de Cloud verdwijnt de vertrouwde rol die beheer tot nu toe heeft gehad.
Starting with testing during selection.
The earlier risks are mitigated, the better it is
Early involvement is key. Nothing new there.
One of the first actions that can be taken is making sure that the selection criteria are complete and specific enough.
Complete means: including cloud specific risks. For which I provided a number of examples earlier.
Specific means: it is clear how to verify that a criterion is met or not
Cloud services are not bought but are rented.
So an important advantage of cloud services is that one can use it for a limited period of time, for evaluation. The cost is low.
This enables a the execution of a proof of concept.
That means using the candidate cloud service and try the intended user processes to find out that it can work
Or finding out that some blocking issue is found (there is a showstopper for selecting this service).
In this way risks are mitigated early, before the final choice for a cloud service is made and the implementation phase is started.
Mitigating risks by applying test measures is the typical job of a test manager.
It is strongly recommended that someone with the role of test manager participates during the selection of cloud service to help mitigating the risks.
------
Selectie wordt beheerst door de afdeling inkoop en die kijken – naast andere aspecten – met name naar kosten Hebben vaak minder ook voor de aansluiting op het business proces. En vergis u niet: SAP kent ABAP, maar uw service in de cloud kent helemaal niets…
Maar wie let op al die cloud risico’s? Het waren er 143, weet u nog wel. En vergeet niet: Na selectie zit je aan de service vast en is een risico geen risico meer maar een feit (issue).
Dus moet test moet zich in het selectieproces aan tafel “vechten”!
---
Wat speelt er dan allemaal?
Zorg dat de selectiecriteria compleet zijn (inclusief de cloudrisico’s)
Criteria gericht op de service: dat moet het doen
Criteria gericht op de leverancier: ook DAAR zit je straks aan vast
Leverancier waaraan je vast zit… door een slimme strategie
Gestapelde leveranciers – Hosting!
---
Een belangrijk pluspunt is overigens dat de een “life test” van de service kunt doen. Deze zogenaamde Proof of Concept is mogelijk door tijdelijk de service af te nemen.
The earlier risks are mitigated, the better it is
Early involvement is key. Nothing new there.
One of the first actions that can be taken is making sure that the selection criteria are complete and specific enough.
Complete means: including cloud specific risks. For which I provided a number of examples earlier.
Specific means: it is clear how to verify that a criterion is met or not
Cloud services are not bought but are rented.
So an important advantage of cloud services is that one can use it for a limited period of time, for evaluation. The cost is low.
This enables a the execution of a proof of concept.
That means using the candidate cloud service and try the intended user processes to find out that it can work
Or finding out that some blocking issue is found (there is a showstopper for selecting this service).
In this way risks are mitigated early, before the final choice for a cloud service is made and the implementation phase is started.
Mitigating risks by applying test measures is the typical job of a test manager.
It is strongly recommended that someone with the role of test manager participates during the selection of cloud service to help mitigating the risks.
------
Selectie wordt beheerst door de afdeling inkoop en die kijken – naast andere aspecten – met name naar kosten Hebben vaak minder ook voor de aansluiting op het business proces. En vergis u niet: SAP kent ABAP, maar uw service in de cloud kent helemaal niets…
Maar wie let op al die cloud risico’s? Het waren er 143, weet u nog wel. En vergeet niet: Na selectie zit je aan de service vast en is een risico geen risico meer maar een feit (issue).
Dus moet test moet zich in het selectieproces aan tafel “vechten”!
---
Wat speelt er dan allemaal?
Zorg dat de selectiecriteria compleet zijn (inclusief de cloudrisico’s)
Criteria gericht op de service: dat moet het doen
Criteria gericht op de leverancier: ook DAAR zit je straks aan vast
Leverancier waaraan je vast zit… door een slimme strategie
Gestapelde leveranciers – Hosting!
---
Een belangrijk pluspunt is overigens dat de een “life test” van de service kunt doen. Deze zogenaamde Proof of Concept is mogelijk door tijdelijk de service af te nemen.
Implementation means: the selection is been done, but the cloud service is not in use yet.
It is now time to tests to verify that everything is in order before starting to use the service.
Blocking incidents found during the implementation phase need to be solved before the production phase.
In an extreme situation a show stopper could cause that selection decision needs to be reconsidered.
Oude tekst:
Wat is implementatie?
Het lijkt op wat we gewend zijn maar in feite is het in productie maar nog niet life…
Het inrichten, aansluiten, configureren, in gebruik nemen, etc van de service
In de omgeving met bestaande informatiesystemen
Met alles erop en eraan
En dan met name het testen er van
Wordt waargemaakt waar de selectie op was gebaseerd?
Proof of the pudding is in the eating
Feitelijk constateren IN de productiesituatie
Voor performance, beveiliging, functionaliteit, migratie niet heel erg nieuw, maar op diverse onderdelen
Bewuster, scherper, completer, preciezer, kritischer, ook minder en anders.
Beheerbaarheid, continuiteit waren geen veeleisende onderwerpen voor testen
In de Cloud komen die veel nadrukkelijker op de agenda
Wet- en regelgeving is helemaal nieuw
Kortom: een combinatie van bestaande, aangescherpte en nieuwe aanpakken voor testen
Implementation means: the selection is been done, but the cloud service is not in use yet.
It is now time to tests to verify that everything is in order before starting to use the service.
Blocking incidents found during the implementation phase need to be solved before the production phase.
In an extreme situation a show stopper could cause that selection decision needs to be reconsidered.
Oude tekst:
Wat is implementatie?
Het lijkt op wat we gewend zijn maar in feite is het in productie maar nog niet life…
Het inrichten, aansluiten, configureren, in gebruik nemen, etc van de service
In de omgeving met bestaande informatiesystemen
Met alles erop en eraan
En dan met name het testen er van
Wordt waargemaakt waar de selectie op was gebaseerd?
Proof of the pudding is in the eating
Feitelijk constateren IN de productiesituatie
Voor performance, beveiliging, functionaliteit, migratie niet heel erg nieuw, maar op diverse onderdelen
Bewuster, scherper, completer, preciezer, kritischer, ook minder en anders.
Beheerbaarheid, continuiteit waren geen veeleisende onderwerpen voor testen
In de Cloud komen die veel nadrukkelijker op de agenda
Wet- en regelgeving is helemaal nieuw
Kortom: een combinatie van bestaande, aangescherpte en nieuwe aanpakken voor testen
Voorbeeld van aangescherpt, verdwenen en nieuw
Load testing is more or less a standard these days.
Especially when there are many users involved and fast performance is business critical.
Such as a web shop.
A load test is based on an operational profile: how many people are doing what at which time.
This is put in some automated tool which tests the software against the profile.
If the test passes: the risk of insufficient performance is covered.
What if the software runs in the cloud?
The test with the tool can still be executed.
The problem now is: the operational profile needs to include also the use of the service by all other customers on the shared cloud resource.
In general there is no knowledge about other customers, so what to do?
A solution is to execute the load test in real time.
That means: test the various loads at the moment they are expected to happen in reality.
If there is always a peak load in the morning: execute the test it in the morning assuming that other customers are having their typical every day usage too.
This is the closest you can get to reality.
There is no guarantee though that the load on the service by other customers stays the same over time, so it necessary to repeat a load test regularly (in production!)
Voorbeeld van aangescherpt, verdwenen en nieuw
Traditionally stress testing is following load testing.
This is to verify that there sufficient room for growth and to see what happens when the load peaks to extremes?
Does the performance degrades or does the system break down completely?
Finding stress limits of a cloud service is not an obvious thing to do.
Stressing a cloud service for a start cannot be done right away, since it may affect the service to other customers.
And the terms and conditions may pose restrictions on going beyond normal usage of a cloud service.
So is stress testing not applicable to cloud services?
Well yes, in another form: testing elasticity
Rapid elasticity is the mechanism that provides the customer of cloud services with the opportunity to accommodate growth.
We combine load testing with testing elasticity
This can be tested as follows
Wat is implementatie?
Het lijkt op wat we gewend zijn maar in feite is het in productie maar nog niet life…
Het inrichten, aansluiten, configureren, in gebruik nemen, etc van de service
In de omgeving met bestaande informatiesystemen
Met alles erop en eraan
En dan met name het testen er van
Wordt waargemaakt waar de selectie op was gebaseerd?
Proof of the pudding is in the eating
Feitelijk constateren IN de productiesituatie
Voor performance, beveiliging, functionaliteit, migratie niet heel erg nieuw, maar op diverse onderdelen
Bewuster, scherper, completer, preciezer, kritischer, ook minder en anders.
Beheerbaarheid, continuiteit waren geen veeleisende onderwerpen voor testen
In de Cloud komen die veel nadrukkelijker op de agenda
Wet- en regelgeving is helemaal nieuw
Kortom: een combinatie van bestaande, aangescherpte en nieuwe aanpakken voor testen
Voorbeeld van aangescherpt, verdwenen en nieuw
Voorbeeld van aangescherpt, verdwenen en nieuw
Voorbeeld van aangescherpt, verdwenen en nieuw
Voorbeeld van aangescherpt, verdwenen en nieuw
Wat is implementatie?
Het lijkt op wat we gewend zijn maar in feite is het in productie maar nog niet life…
Het inrichten, aansluiten, configureren, in gebruik nemen, etc van de service
In de omgeving met bestaande informatiesystemen
Met alles erop en eraan
En dan met name het testen er van
Wordt waargemaakt waar de selectie op was gebaseerd?
Proof of the pudding is in the eating
Feitelijk constateren IN de productiesituatie
Voor performance, beveiliging, functionaliteit, migratie niet heel erg nieuw, maar op diverse onderdelen
Bewuster, scherper, completer, preciezer, kritischer, ook minder en anders.
Beheerbaarheid, continuiteit waren geen veeleisende onderwerpen voor testen
In de Cloud komen die veel nadrukkelijker op de agenda
Wet- en regelgeving is helemaal nieuw
Kortom: een combinatie van bestaande, aangescherpte en nieuwe aanpakken voor testen
Testing during implementation is convenient in the sense that the service is not in production yet and no users are bothered by it.
But we realized that positive test results from test measures during the selection and implementation phases do not guarantee that the this results stay valid forever
Due to all kinds of reasons things continually change like
There are all kinds of origins of changes, like
The cloud service provider that develops and updates the service
Other customers that intensified their use of the service
More intensive use by yourself
Changes in the user processes
Etc.
Unfortunately It is not very likely that each customer is always aware of or informed about the changes
So continuous regression testing is required
To detect changes and
To check the impact of changes
It is best to do this end-to-end to have the best chance to discover all changes and to monitor the full impact on the user processes
And it should include functional as well as non-functional tests.
-------
Applicaties (Apps) veranderen voortdurend
Leveranciers en Services veranderen voortdurend
Business wil en kan voortdurend veranderen.
Veel meer ongecontroleerde changes vanuit de services…
Beheer van de service ligt bij de leverancier dus geen eigen beheerafdeling…
Na implementatie kan alles wel goed werken MAAR: er verandert van alles
DUS: risico’s komen terug
DUS: tester houdt een rol na live-gang
---
Zo goed mogelijke schaduw omgeving!
Door continue E2E/Ketentest detecteren van veranderingen
---
Functioneel; veranderingen in de functionaliteit
Performance: ook hier kunnen er veranderingen plaatsvinden
Beheerbaarheid: veranderingen in werk instructies
What did we learn?
I showed you that various cloud related risks are introduced when introducing cloud services
And we have identified a large variety of test measures to mitigate these risks
---
U wordt bij uw manager geroepen en die verteld: “we gaan naar de cloud” en we willen graag dat jij het testen voor je rekening neemt!
Allerlei vragen:
Welke delen gaan naar de cloud?
Wat is de impact?
Past mijn huidige testaanpak op deze nieuwe context?
Wat moet ik veranderen?
Na de eerste opwinding (of teleurstelling), grijp je al snel terug op de vertrouwde principes: laten we eens kijken welke risico’s er nou eigenlijk zijn verbonden aan het gebruiken van cloud services…
Misschien verdwijnen bekende risico's wel als sneeuw voor de zon… Maar goed, het kan ook zijn dat nieuwe risico hun plaats innemen en bestaande risico’s op een andere manier alsnog optreden…
KLIK
Het goede nieuws is dat wij dat ook gedaan hebben… Op basis van onze eigen praktijk en de ervaringen van onze mensen, aan de hand van allerhande informatiebronnen, uiteraard gezond verstand en onze ervaring in testen en IT, hebben wij de meest voorkomende risico's (143) hebben geïnventariseerd.