- How To Generate Unit Test Using WCF Load Test – Quick Steps
-
 This is quick summary of steps for creating WCF Unit Tests using WCF Load Test available for free on Codeplex. This quick summary created based on the Lab materials that ship with the tool. | Quick Resource Box |
Summary of steps - Step 1. Configure message tracing in the app.config file on client side.
- Step 2. Run WCF client to invoke the remote methods and generate trace file.
- Step 3. Generate Unit test based on trace file.
Step 1. Configure message tracing in the app.config file on client side. - Select the Diagnostics folder.
- Under Message Logging click Enable Message Logging.
- Click Log Level and check Service messages. The other options can be unchecked.
- Click ServiceModelMessageLoggingListener and change the file name to be “WCFClient.svclog”.
- Under the Message Logging folder enable LogEntireMessage.
- Save the configuration file.
Step 2. Run WCF client to invoke the remote methods and generate trace file. Run your WCF client. Make sure WCFClient.svclog generated. This log file will be used in the next step to generate Unit Tests Step 3. Generate Unit test based on trace file. - Create a new test project in Visual Studio.
- Add a reference to the following assemblies:
- System.ServiceModel
- System.Runtime.Serialization (version 3.0.0.0)
- In the directory containing the test project create a file called SampleConfig.xml with the following contents:
<?xml version='1.0' encoding='utf-8' ?>
<WcfUnitConfiguration xmlns='http://microsoft.com/wcfunit'
testMethodMode='ScenarioMethodOnly'
operationTimerMode='IncludeOperationTimers'>
<assembly fileName="C:\Client\bin\Debug\ConsoleClient.exe"/>
<soapActions soapActionMode='Include'>
</soapActions>
</WcfUnitConfiguration>
- Open an SDK command prompt and change the directory to the one containing the test project.
- Execute the following command:
svcutil /o:proxy.cs /config:app.config http://localhost:8090/service?wsdl
- Run the command-line tool using the following command:
“c:\program files\wcfunit\wcfunit” CompileTimeScenario <trace file> SampleConfig.xml where the <trace file> is the path to the WCFClient.svclog file created in the previous exercise.
- Add generated files (CompileTimeScenario.cs and CompileTimeScenario.stubs) to the test project.
- Rename CompileTimeScenario.stubs to CompileTimeScenario.Stubs.cs.
- Also add the proxy.cs and app.config files located in the client project folder to the test project.
- Build the solution and a Unit Test called CompileTimeScenario should appear in the Test View.
|
- Architects UG: 16 Case Studies of ASP.NET Web Performance
-
Below is a slide deck for the talk I gave today on Architect UG. The presentation focused on 16 case studies of performance that is less than optimal. The session is focused on baking performance engineering into the development lifecycle.
Each case study has a link to the detailed walkthrough and relevant resources on how to improve performance.
Enjoy
- Free Web Performance Tools From Microsoft, Google, Yahoo, And IBM
-
| This post is a quick overview of free performance tools available from Microsoft, Yahoo, Google, and IBM. It also contains a pointers to related articles that go deeper regarding the best practices and how the tools can help in identifying compliance to the best practices. | Quick Resource Box: |
Microsoft’s Fiddler Fiddler is a free web performance tool, it is not really a property of Microsoft rather a side project by Eric Lawrence, a PM with Microsoft. I used Fiddler for both security testing and now for performance. I love it a lot. Must mention it requires Net Fx 2.0 as a prerequisite so it is limited to Windows OS. Recently Eric added support to Firefox – Fiddler Hook For Firefox, so the tool is great for both IE and FF. My related posts: Microsoft’s VRTA VRTA is a free web performance tool and it stands for Visual Round Trip Analyzer created by Microsoft’s Jim Pierson and used internally for sometime. It was made available for public use during last PDC 2008. Jim has written very detailed article about the tool and how it solves performance problems - 12 Steps To Faster Web Pages With Visual Round Trip Analyzer. VRTA installs and uses under the hood free Microsoft Network Monitor (Netmon) to capture and analyze network captures. Yahoo’s YSlow YSlow is a free performance analysis tool created by Steve Souders when he was with Yahoo. Steve created another good tool called Cuzilion. YSlowl comes with extremely good set of performance guidance that can be found here - rules for high performance web pages. YSlow requires Firebug as a prerequisite, meaning it is restricted to Firefox only. IBM’s Page Detailer Page Detailer is a free web performance tool from IBM. I was not able to identify any good articles that cover it – if you share with me please, or better off publish one. It does not have any prerequisites, consider it as an advantage. Google’s Page Speed Recently I stumbled on Page Speed from Google. It reminds me a Yahoo’s YSlow lot that makes me believe it comes from Steve Souders that works now for Google. It also requires Firebug as a prerequisite and works with FireFox only. It comes with nice guidance found here - Web Performance Best Practices. Must admit – I adore the concept of the tool although in most cases I cannot use it as I work for customers that IE is their target browser. Nevertheless the guidance is tool agnostic and I recommend bookmarking it for quick reference. |
- High Level Digest On Windows Azure Services Platform
-
I was reading a white paper called An Introduction to Microsoft .NET Services for Developers while taking few quick notes. The notes might be beneficial to those who wants to quickly get an idea what Windows Azure is. Here is what I have captured:
- Azure – Windows in the cloud, software and data stored and running in Microsoft owned data servers.
- .Net Services platform consists of the following building blocks:
- Windows Azure:
- Hosted in MS data centers.
- Allows creating deploying, scaling, managing, distributing application and services in Internet.
- Business benefits - shields you from costs related to
- Provisioning,
- Configuring,
- …and Managing physical servers and the software running on them
- Windows® Azure storage services are designed to be very simple and highly scalable:
- BLOB storage, queue storage, and simple table storage,
- but it doesn’t provide the capabilities of a relational database (Microsoft® SQL Services does offer all these)
- Microsoft® .NET Services
- .NET developer-oriented services and a software development kit (SDK) for building .NET applications to run in the cloud.
- Based on industry standard protocols - REST, SOAP, and WS-*
- Microsoft® SQL Services
- Set of data-oriented services designed to extend the capabilities SQL Server into the cloud.
- Microsoft® SQL Data Services (SDS), which offers full relational database capabilities.
- Live Services provides a set of user-centric services focused primarily on social applications and experiences:
- Mesh Services
- Identity Services
- Directory Services
- User-Data Storage Services
- Communication and Presence Services
- Search Services, and Geospatial Services
- Embraces REST, Atom, and AtomPub
- Domain-specific service offerings
- Microsoft® SharePoint Services
- Microsoft® Dynamics CRM Services
- Using Windows Azure:
- Microsoft Certified Architect (MCA) - Preparing Your Competency Document Video Distilled
-
Preparing Your Competency Document video goes briefly about the documents the you should submit as a candidate for Microsoft Certified Architect (MCA) program. Below are the notes I have take while watching the video.
- Technical depth has least weight
- MCA is technology agnostic program.
- Architect needs to have technical depth in some area of his choice.
- Architect needs to have the broad knowledge of the existing technologies on the market.
- Architect must be able to answer the question “Are you able to invest the budget smart?”
- The documents should reflect you are familiar with organization dynamics – crisis, politics, dealing with tension, etc.
- Reflect on your role as a leader – what was the impact of your work? How many followed you?
- Reflect on how you build your succession.
- Reflect on your mentoring strategies and how many you mentored.
- Reflect on your communication skills – you are tested for it during the presentation, when reading your docs, and during open question part.
- Reflect on how you communicate with peers and people inside you projects.
- Reflect on methodologies you used to organize the project.
- Show you are able to communicate in common language – do not reinvent the toolbox to each project.
- Reflect on your strategy skills– strategic decision making, strategic thinking, being able make decision, shape decision, suggest decision to leadership based on trends in industry.
Resources
- Microsoft Certified Architect (MCA) - Preparing For The Review Board Interview Video Distilled
-
Review board interview is the critical part of the MCA certification program. It is discussed in the Preparing for the Review Board Interview video. Below are the notes I have taken when I watched the video.
- Key to success is no different of any other interview.
- Before interview you should make yourself very familiar with the documents you submitted (resume, case study, presentation, skills template, etc).
- You should be well prepared for presentation.
- Ensure presentation compliments the submitted materials/documents.
- Practice the presentation.
- Familiarize with competencies – show you mastered it.
- The interview conducted by 7 people – practice and rehearse with friend, instruct them to make it hard for you, not harsh but be a tough crowd.
- Ask to provide feedback.
- When you asked a question you do not know the answer – say you do not know it, do not try to make up the answer, chances one of the board members knows it well and you might only make it worse.
- Ask clarifying questions.
- Do not ramble – time is precious.
- Relax – watch the videos, should not be anything new to you.
Resources
- Microsoft Certified Architect (MCA) Review Board Interview Video Distilled
-
I was watching MCA Review Board Interview video as part of my preparation to the MCA program. Following are the notes I have taken while watching the video:
- Review process conducted quarterly.
- The board of 7 members reviews 13 candidates during a week.
- 3 hours per candidate
- The process:
- 10 minutes for set up.
- Introductions.
- 30 minutes presentation to the board.
- Candidate shows the 7 skills throughout the presentation.
- During 30 minutes of the presentation it is candidate’s prime time, only interrupted for clarifying. Generally no interruptions.
- Show 7 competencies.
- 10 minutes for each member of the board to ask questions.
- Precision technique questions methods – expect to be cut off.
- 5 minutes break – candidate leave the room – the board discusses what they saw and what they did not.
- 10 minutes Q&A – wide open questions.
- 5 minutes for closing remarks – candidate may say thanks or add whatever he likes.
- Done
- Members go through process of determining whether the candidate deserves MCA – thumbs up/down, giving each competencies “does not meet”, “meets” or “exceeds” mark.
- The board shares general impressions and notes taken during 2 hours review process.
- The board makes recommendations – provide feedback to the candidate where he can improve.
- Final vote, thumbs up/down.
- 3 members must give thumbs up to achieve the MCA certification.
- The candidate should expect an email after two weeks with the decision on his performance during the review.
Resources
- Hollywood's Project Management System
-
What if I tell you there is a project management system that works? By "works" I mean it helps completing projects on time, on budget, on spec. No more 2% slip. Think such system does not exist? It does exist in Hollywood. Not in the movies. The system is wide spread across major film studios. In his book, Hollywood Secrets of Project Management Success, James R. Persse covers Hollywood's approach to successful project management. The main ingredients are:
- Consistency. "Consistency of vision, a common agreement, reached through communications and reviews, regarding the purpose, scope, and tone of the project".
- Predictability. "The system defines a present work flow that can be mapped out, planned, and followed, thereby ensuring that essential work phases are not skipped and critical milestones are not missed or ignored."
- Accountability.
"Slipping 10 percent over budget is a $6 million slip, so it's helpful to know who did the slipping and why. The system, build accountability into every phase of production. The production system pays very close attention to job descriptions."
- Communications. "… it promotes communications – both informal, casual communications and formal binding communication. Producing, at its heart, is a communications job."
- Trackability. "… the system promotes regular and deep-reaching measures of progress. This process tracking begins on day 1 and does not end until the lid of the can of the final cut is taped shut."
Hmm... seems nothing revolutionary to me. If so, then why IT projects always slip? They slip massively in all dimensions – scope, budget, time. May be because project management skills are not that valued? May be project manager (director) must be a super star for the whole project to be succesful? I cannot find another explanation to such phenomena. BTW, next time you finish watching a movie pay close attention to titles running in the end. Usually director of the movie comes before the movie star. Why is it so?
Persse cites Bill Fay, President of Production with Legendary Pictures, as he comments on the fact that IT projects often slip 100% in budget and time, - "That wouldn't fly in this business… no able producer or competent production team would ever allow project to drift so far off base."
Is you project manager a super star? Are you set to produce the next block buster?
Read Hollywood Secrets of Project Management Success to help you produce the next IT mega hit.
My related posts
- Is Your Project Going To Fail?
- Understanding ASP.NET MVC Code (For Aspiring Architects) - #3
-
| This post is a digest of the Understanding Models, Views, and Controllers (C#). It helps to quickly understand the generated code when creating ASP.NET MVC project in Visual Studio. | Resources |
ASP.NET MVC Project in Visual Studio - Three folders created: Models, Views (ASPX pages sit here), Controllers
- Urls are SEO friendly (/Home/About)
- No direct correspondence between URL and the page.
Routing - Requests mapped to Controller's actions
- ASP.NET Web Forms are content centric
- ASP.NET MVC is logic centric
- ASP.NET Routing maps request to action.
- Routing is registered in Global.asax
Controllers - Controls user interaction (flow) with ASP.NET MVC application.
- Derive from Controller class.
- Exposes actions that can return ActionResult.
- Any public method is action (WARNING: can be invoked freely via URL).
- A controller should only contain the bare minimum of logic required to return the right view or redirect the user to another action (flow control).
Views - Create folders by Controllers names.
- Create sub-folders to reflect views that Controller handles.
- View is ASPX page that inherits from System.Web.Mvc.ViewPage
- View should contain only logic related to generating the user interface.
Models - An MVC model contains all of your application logic that is not contained in a view or a controller.
Related Materials |
This post is made with PracticeThis.com plugin for Windows Live Writer
- How ASP.NET MVC Works (For Aspiring Architects) - #2
-
| This post briefly describes ASP.NET MVC request processing model. It is digested and based on Understanding the MVC Application Execution Process (MSDN) | Resources |
ASP.NET MVC Execution Process | Stage | Details | | Receive first request for the application | In the Global.asax file, Route objects are added to the RouteTable object. void Application_Start(object sender, EventArgs e)
{
RegisterRoutes(RouteTable.Routes);
}
public static void RegisterRoutes(RouteCollection routes)
{
routes.Add(new Route
(
"Category/{action}/{categoryName}"
, new CategoryRouteHandler()
));
}
|
|
Perform routing
|
The UrlRoutingModule module uses the first matching Route object in the RouteTable collection to create the RouteData object, which it then uses to create a RequestContext object.
|
|
Create MVC request handler
|
The MvcRouteHandler object creates an instance of the MvcHandler class and passes the RequestContext instance to the handler.
|
|
Create controller
|
The MvcHandler object uses the RequestContext instance to identify the IControllerFactory object (typically an instance of the DefaultControllerFactory class) to create the controller instance with.
|
|
Execute controller
|
The MvcHandler instance calls the controller's Execute method.
|
|
Invoke action
|
For controllers that inherit from the ControllerBase class, the ControllerActionInvoker object that is associated with the controller determines which action method of the controller class to call, and then calls that method.
|
|
Execute result
|
The action method receives user input, prepares the appropriate response data, and then executes the result by returning a result type. The built-in result types that can be executed include the following: ViewResult (which renders a view and is the most-often used result type), RedirectToRouteResult, RedirectResult, ContentResult, JsonResult, FileResult, and EmptyResult.
|
Related Materials
|
This post is made with PracticeThis.com plugin for Windows Live Writer
- ASP.NET MVC For Aspiring Architects - #1
-
| Is ASP.NET MVC more than just new cool technology? What advantages it brings over ASP.NET Web Forms? When should I use ASP.NET MVC and when ASP.NET Web Forms? How do I MVC this and MVC that? | Resources |
| This the first post in series of posts that should help me as an architect to answer these questions. It is based on and digested from ASP.NET MVC Overview. ASP.NET MVC Overview The Model-View-Controller (MVC) architectural pattern separates an application into three main components: the model, the view, and the controller. - Models. Model objects are the parts of the application that implement the logic for the application's data domain.
- Views. Views are the components that display the application's user interface (UI).
- Controllers. Controllers are the components that handle user interaction, work with the model, and ultimately select a view to render that displays UI.
Advantages of an MVC-Based Web Application - It makes it easier to manage complexity by dividing an application into the model, the view, and the controller.
- It does not use view state or server-based forms.
- It uses a Front Controller pattern that processes Web application requests through a single controller.
- It provides better support for test-driven development (TDD).
- It works well for Web applications that are supported by large teams of developers and Web designers who need a high degree of control over the application behavior.
Advantages of a Web Forms-Based Web Application - It supports an event model that preserves state over HTTP, which benefits line-of-business Web application development.
- It uses a Page Controller pattern that adds functionality to individual pages.
- It uses view state or server-based forms.
- It works well for small teams of Web developers and designers who want to take advantage of the large number of components available for rapid application development.
- In general, it is less complex for application development, because the components (the Page class, controls, and so on) are tightly integrated and usually require less code than the MVC model.
Related Materials |
This post is made with PracticeThis.com plugin for Windows Live Writer
- ASP.NET Security Architecture Cheat Sheet For Very Busy Architects
-
| You are an architect. You are sitting in your fancy office thinking about cloud computing and about the higher ground stuff. Suddenly the phone rings, it's your current project manager. "Quick! Come over here, we have a meeting with security department, they have tons of questions and I do not have a clue what they want from me! Our project must ship on time, | 
by erik ERXON |
we cannot afford postponing it anymore. It's your show time, dude, Save me!" - ...."Ehm... OK... I am coming...". You hang up the phone, scratch your head and... take the below cheat sheet with you on your way to the meeting. Application Security Meeting From my experience application security meetings are usually hard to manage since the participants do not share common language. Security guys come from infrastructure background and developers usually ... just hate security. There is a communication gap that results in antagonism prolonging the problem instead of solving it. There is the need for common language that everyone understands. The cheat sheet below helped me many times to establish the common ground for fruitful discussion. It is based on JD Meier's epic works: Have fun. The Cheat Sheet Architecture and Design Issues for Web Applications 
Building Secure Assemblies The main threats are: - Unauthorized access or privilege elevation, or both
- Code injection
- Information disclosure
- Tampering
Building Secure ASP.NET Pages and Controls The main threats are: - Code injection
- Session hijacking
- Identity spoofing
- Parameter manipulation
- Network eavesdropping
- Information disclosure
Building Secure Serviced Components The main threats are: - Network eavesdropping
- Unauthorized access
- Unconstrained delegation
- Disclosure of configuration data
- Repudiation
Building Secure Web Services The main threats are: - Unauthorized access
- Parameter manipulation
- Network eavesdropping
- Disclosure of configuration data
- Message replay
Building Secure Remoted Components The main threats are: - Unauthorized access
- Network eavesdropping
- Parameter manipulation
- Serialization
Building Secure Data Access The main threats are: - SQL injection
- Disclosure of configuration data
- Disclosure of sensitive application data
- Disclosure of database schema and connection details
- Unauthorized access
- Network eavesdropping
Complimentary questionnaire | Identify threats | Identify vulnerabilities | Common Vulnerabilities | | Authentication | | · How could an attacker spoof identity? · How could an attacker gain access to the credential store? · How could an attacker mount a dictionary attack? How are your user's credentials stored and what password policies are enforced? · How can an attacker modify, intercept, or bypass your user's credential reset mechanism? | · Are user names and passwords sent in clear text over an unprotected channel? Is any ad hoc cryptography used for sensitive information? · Are credentials stored? If they are stored, how are they stored and protected? · Do you enforce strong passwords? What other password policies are enforced? · How are credentials verified? · How is the authenticated user identified after the initial logon? | · Passing authentication credentials or authentication cookies over unencrypted network links, which can lead to credential capture or session hijacking · Using weak password and account policies, which can lead to unauthorized access · Mixing personalization with authentication | | Authorization | | · How could an attacker influence authorization checks to gain access to privileged operations? · How could an attacker elevate privileges? | · What access controls are used at the entry points of the application? · Does your application use roles? If it uses roles, are they sufficiently granular for access control and auditing purposes? · Does your authorization code fail securely and grant access only upon successful confirmation of credentials? · Do you restrict access to system resources? · Do you restrict database access? · How is authorization enforced at the database? | · Using over-privileged roles and accounts · Failing to provide sufficient role granularity · Failing to restrict system resources to particular application identities | | Input and Data Validation | | · How could an attacker inject SQL commands? · How could an attacker perform a cross-site scripting attack? · How could an attacker bypass input validation? · How could an attacker send invalid input to influence security logic on the server? · How could an attacker send malformed input to crash the application? | · Is all input data validated? · Do you validate for length, range, format, and type? · Do you rely on client-side validation? · Could an attacker inject commands or malicious data into the application? · Do you trust data you write out to Web pages, or do you need to HTML-encode it to help prevent cross-site scripting attacks? · Do you validate input before using it in SQL statements to help prevent SQL injection? · Is data validated at the recipient entry point as it is passed between separate trust boundaries? · Can you trust data in the database? · Do you accept input file names, URLs, or user names? Have you addressed canonicalization issues? | · Relying exclusively on client-side validation · Using a deny approach instead of allow for filtering input · Writing data you did not validate out to Web pages · Using input you did not validate to generate SQL queries · Using insecure data access coding techniques, which can increase the threat posed by SQL injection · Using input file names, URLs, or user names for security decisions | | Configuration Management | | · How could an attacker gain access to administration functionality? · How could an attacker gain access to your application's configuration data? | · How do you protect remote administration interfaces? · Do you protect configuration stores? · Do you encrypt sensitive configuration data? · Do you separate administrator privileges? · Do you use least privileged process and service accounts? | · Storing configuration secrets, such as connection strings and service account credentials, in clear text · Failing to protect the configuration management aspects of your application, including administration interfaces · Using over-privileged process accounts and service accounts | | Sensitive Data | | · Where and how does your application store sensitive data? · When and where is sensitive data passed across a network? · How could an attacker view sensitive data? · How could an attacker manipulate sensitive data? | · Do you store secrets in persistent stores? · How do you store sensitive data? · Do you store secrets in memory? · Do you pass sensitive data over the network? · Do you log sensitive data? | · Storing secrets when you do not need to store them · Storing secrets in code · Storing secrets in clear text · Passing sensitive data in clear text over networks | | Session Management | | · Do you use a custom encryption algorithm, and do you trust the algorithm? · How could an attacker hijack a session? · How could an attacker view or manipulate another user's session state? | · How are session cookies generated? · How are session identifiers exchanged? · How is session state protected as it crosses the network? · How is session state protected to prevent session hijacking? · How is the session state store protected? · Do you restrict session lifetime? · How does the application authenticate with the session store? · Are credentials passed over the network and are they maintained by the application? If they are, how are they protected? | · Passing session identifiers over unencrypted channels · Prolonged session lifetime · Insecure session state stores · Session identifiers in query strings | | Cryptography | | · What would it take for an attacker to crack your encryption? · How could an attacker obtain access to encryption keys? · Which cryptographic standards are you using? What, if any, are the known attacks on these standards? · Are you creating your own cryptography? · How does your deployment topology potentially impact your choice of encryption methods? | · What algorithms and cryptographic techniques are used? · Do you use custom encryption algorithms? · Why do you use particular algorithms? · How long are encryption keys, and how are they protected? · How often are keys recycled? · How are encryption keys distributed? | · Using custom cryptography · Using the wrong algorithm or a key size that is too small · Failing to protect encryption keys · Using the same key for a prolonged period of time | | Parameter Manipulation | | · How could an attacker manipulate parameters to influence security logic on the server? · How could an attacker manipulate sensitive parameter data? | · Do you validate all input parameters? · Do you validate all parameters in form fields, view state, cookie data, and HTTP headers? · Do you pass sensitive data in parameters? · Does the application detect tampered parameters? | · Failing to validate all input parameters. This makes your application susceptible to denial of service attacks and code injection attacks, including SQL injection and XSS. · Including sensitive data in unencrypted cookies. Cookie data can be changed at the client or it can be captured and changed as it is passed over the network. · Including sensitive data in query strings and form fields. Query strings and form fields are easily changed on the client. · Trusting HTTP header information. This information is easily changed on the client. | | Exception Management | | · How could an attacker crash the application? · How could an attacker gain useful exception details? | · How does the application handle error conditions? · Are exceptions ever allowed to propagate back to the client? · What type of data is included in exception messages? · Do you reveal too much information to the client? · Where do you log exception details? Are the log files secure? | · Failing to validate all input parameters · Revealing too much information to the client | | Auditing and Logging | | · How could an attacker cover his or her tracks? · How can you prove that an attacker (or legitimate user) performed specific actions? | · Have you identified key activities to audit? · Does your application audit activity across all layers and servers? · How are log files protected? | · Failing to audit failed logons · Failing to protect audit files · Failing to audit across application layers and servers | Related Materials |
This post is made with PracticeThis.com plugin for Windows Live Writer
- Things You Know Now
-
| Jimmy May, aspiring geek and part time editor in chief for www.PracticeThis.com tagged me for Things You Know Now. The idea behind all this is sharing the lessons learned at hard knock school of life. Or in other words it is about what would I do differently if I had a chance to rewind. Here is my take. | 
by www.wordle.net |
Things I Know Now - Value time. Time is the scarcest resource of all. Vlaue it the most. You'll be amazed how much time can be actually created out of thin air...
- Let some balls drop, prioritize. Focus on stuff that matters, ignore the rest.
- Invest in your strengths not in your weaknesses. Helps building your brand, helps you to stand out, helps you to be you, a better you, the best.
- Create your brand. I first heard about it from Kevin. Kevin is successful professional and entrepreneur. I adopted his advice wholeheartedly. I am a big fan of modeling the best.
- The wider your spread the thinner it gets. This one I learned from Gerald M. Weinberg from his book - Secrets of Consulting: A Guide to Giving and Getting Advice Successfully. The thinner you get the less customers want you.
- Build your network. Is not it proven pattern these days, eh? Look at the social revolution all around us - Facebook, Twitter and many more. Pick the brain of the network, become the next greatest mind.
- Practice Emotional Intelligence. "Emotion Is Your Enemy" – coach John Wooden.
- Become a consultant. Like challenges? Hate cubicles and 9-5 thing?
I tag MCS IL team and ACE team blogs. These teams are my most significant source of insights and continuous learning. What are the Things You Know Now? |
This post is made with PracticeThis.com plugin for Windows Live Writer
- Distributed Architecture Drawbacks Revealed By Netmon(Bonus - TDS Parser Goes Public)
-
| Distributed architecture can mercilessly backfire at you. In my case flexible architecture, elegant design patterns, and smart code led to abuse of the flexibility, resulting in very poor performance. Free Microsoft Network Monitor (Netmon) helped to identify the root cause of the | 
by striatic |
performance hit. It showed that over-distributed-ness can cost you in terms of performance. Customer Case Study The customer complained about poor response times in his web application. The application's architecture was similar to the Web Application Archetype. Notice Services Agent box that connects your application to downstream services? Our assumption was that the services agents are too chatty causing the performance hit. Netmon only made it clear. Analysis We took captures on the application server where the Server Agents are to identify what other downstream servers are accessed. In no time we get very clear picture - the application server was accessing other three downstream resources:  There are two well known ports - 443 and 1433 - so we could safely assume there is communication over SSL/HTTPS and SQL Server. The other one - 1414 - turned out to be MQ. Next step was to identify which one of the conversations is causing us troubles the most - either by chatty communication or by just long running transaction. Looking at Time Delta column for HTTPS stateless communications we found nothing exciting regarding the latency: 
For MQ communications we used magic ContainsBin(FrameData, 0,"StringToFindGoesHere") to identify XML messages going back and forth over MQ transport. For example, to find the beginning of the XML message we used the following filter: 
Similar technique was used to correlate request and response XML messages. To identify SQL communication we used shiny new TDS parser available for free download on Codeplex - SQL Parser in Latest CodePlex Package. I particularly like this one, it shows SQL Server communication without using SQL Server Profiler:  Conclusion Lessons learned: - Distributed Architecture can mercilessly backfire at you by its distributed-ness. Use Distributed architecture to solve problems vs introducing new ones.
- Elegant and flexible design can be abused resulting in poor performance. Review code to avoid the abuse.
- Low level network monitoring tools such as Netmon can quickly reveal over-distributed-ness. Use it! It is free.
Related Materials |
This post is made with PracticeThis.com plugin for Windows Live Writer
- WinDBG Walkthrough - Dump Values Of DataSet or DataTable
-
Customer Case Study
The customer complained about potential memory leak. Following the procedure described in Identifying Memory Leak With Process Explorer And Windbg we realized that we are dealing with static variable that grows in unlimited way. This assumption is based on the fact that after running !gcroot on the leaking type we get the following:
HANDLE(Strong):23b1cd0:Root:0x12571730.....
After reviewing Tess' .NET Debugging Demos Lab 7: Memory Leak - Review we found the following which made us believe we are dealing with static variable:
DOMAIN(001CCE68):HANDLE(Strong) - Strong reference, Typically a static variable
To identify what this static variable is we needed to dump its values. The variable was a DataTable. I have not found a straightforward way of dumping contents of DataTable. This is the walkthrough that does the job.
Summary of steps
- Step 1. Dump DataTables
- Step 2. Dump DataTable
- Step 3. Dump columnCollection
- Step 4. Dump list object
- Step 5. Dump raw memory - dd command
- Step 6. Dump DataColumn
- Step 7. Dump storage
- Step 8. Dump values
- Step 9. Bonus - automation
Step 1. Dump DataTables
The objective of this step is identify all DataTable object and pick the one of the interest
0:000> !dumpdatatables
DataTable Rows Columns DataSet nextRowID ColumnCount
-----------------------------------------------------------------------------------------------
0x024dc948 0x024dcbc8 0x024dcdec 0x064f2400 1 2
0x025156b8 0x02515938 0x02515b5c 0x02515478 1 7
...
0x0e5b9ce4 0x0e5b9f64 0x0e5ba138 0x0e55a338 428 5
0x06510e54 0x065110d4 0x065112a8 0x064f2400 1,359 7
0x0e5778f0 0x0e577b70 0x0e577d44 0x0e55a338 1,359 7
0x0a55d270 0x0a55d4f0 0x0a55d6c4 0x06a62620 4,194,305 10
Total 61 DataTable objects
Step 2. Dump DataTable
The objective of this step is identifying the address of columnCollection of the DataTable.
0:000> !do 0x0a55d270
Name: System.Data.DataTable
...
0x176c1560 0x40003f2 0x18 CLASS instance 0x0a55d6c4 columnCollection
...
Step 3. Dump columnCollection
The objective of this step is identifying the address of list object of the columnCollection.
0:000> !do 0x0a55d6c4
Name: System.Data.DataColumnCollection
...
0x176c5ffc 0x4000377 0x8 CLASS instance 0x0a55d6f8 list
...
Step 4. Dump list object
The objective of this step is identifying the address of _items object.
0:000> !do 0x0a55d6f8
Name: System.Collections.ArrayList
...
0x79ba75ec 0x4000362 0x4 CLASS instance 0x0a55d710 _items
...
Step 5. Dump raw memory - dd command
The objective of this step is identifying addresses of DataColumn objects.
0:000> dd 0x0a55d710
0a55d710 01e5209c 00000010 79b92eec 0a55d854
0a55d720 0a55d8d4 0a55d954 0a55d9d4 0a55da54
0a55d730 0a55dad4 0a55db54 0a55dbd4 0a55dd74
Step 6. Dump DataColumn
The objective of this step is identifying the address of storage object.
!do 0a55d854
Name: System.Data.DataColumn
...
0x176c69e8 0x400036b 0x48 CLASS instance 0x0a55df40 storage
...
Step 7. Dump storage
The objective of this step is identifying address of value object.
0:000> !do 0x0a55df40
Name: System.Data.Common.Int32Storage
...
0x176ecc8c 0x4000729 0x10 CLASS instance 0x4dbd0030 values
...
Step 8. Dump values
The objective of this step is dumping the actual values, finally...
0:000> !do 0x4dbd0030
Name: System.Int32[]
...
Content: 8,388,608 items
Ouch, it is array.... !do -v will dump its values, but I am afraid it is not a good idea doing it for 8 million items here ;)
Step 9. Bonus - automation
The objective of this step is automate the process of dumping values (Step 8):
- Create a text file named dumparray and save it in WinDBG directory. The contents of the file are:
- .foreach ( o { !do ${$arg1} -v -short }) { !do ${o} }
- Run the following command in WinDBG to dump the values of the array
- $$>a< dumparray 0x4dbd0030
Related Materials
This post is made with PracticeThis.com plugin for Windows Live Writer
