vegeta attack: Usage, Options & Common CI Errors
vegeta attack sustains a constant request rate and reports the result.
vegeta is the load tool for constant-rate testing (requests/sec, not concurrency), which avoids coordinated omission. Its pipeline model is attack | report, and the binary output must be piped or saved.
What it does
vegeta attack issues HTTP requests at a fixed -rate for a -duration, emitting a binary results stream. vegeta report and vegeta plot then summarize latency percentiles and the success ratio from that stream.
Common usage
echo "GET https://example.com/" | vegeta attack -rate=100 -duration=30s | vegeta report
vegeta attack -targets=targets.txt -rate=50/s -duration=1m > results.bin
vegeta report -type=json results.bin
cat results.bin | vegeta plot > plot.html
echo "GET https://api/x" | vegeta attack -rate=200 -duration=10s -header="Authorization: Bearer ${TOKEN}" | vegeta reportOptions
| Flag | What it does |
|---|---|
| -rate <N>[/t] | Constant request rate (e.g. 100, 50/s) |
| -duration <t> | How long to attack (0 = until targets exhausted) |
| -targets <file> | Read targets (one per line) from a file |
| -header "k: v" | Add a request header (repeatable) |
| -output <file> | Write the binary results stream |
| report -type | text | json | hist[buckets] output format |
Common errors in CI
A frequent gotcha: vegeta attack writes a BINARY stream to stdout - if you forget to pipe into vegeta report or redirect to a file, it floods the terminal with garbage. The report shows "Success [ratio] 100.00%"; gate CI on that (e.g. fail if < 100%) since vegeta exits 0 even when some requests fail. "dial tcp ... connection refused" means the target is down. -rate=0 means "as fast as possible" and can overwhelm a small runner - set an explicit rate.