client support configuration

Question

client support configuration

BruceZu opened this issue 8 years ago · 8 comments

Hi Mathias,
Does the docker-simianarmy still only support AWS and VSphere?
May I use is for microservice running on Kubenetes?
Thank you!

Answer 1 · 2016-12-28T15:21:12.000Z

Yes, the Simian Army (and with it, docker-simianarmy) still only supports AWS and VSphere.

You can deploy docker-simianarmy as a microservice to a Kubernetes cluster. We're doing the same thing with AWS ECS. See https://speakerdeck.com/mlafeldt/chaos-monkey-for-fun-and-profit for some more details.

Answer 2 · 2016-12-28T17:32:54.000Z

Hi Mathias,
Thank you so much for your feedback. I read through https://speakerdeck.com/mlafeldt/chaos-monkey-for-fun-and-profit. It is cool. Also I read the quick start and find when I deploy the docker-simianarmy
It required some options related to AWS, e.g.

    -e SIMIANARMY_CLIENT_AWS_ACCOUNTKEY=$AWS_ACCESS_KEY_ID \
    -e SIMIANARMY_CLIENT_AWS_SECRETKEY=$AWS_SECRET_ACCESS_KEY \
    -e SIMIANARMY_CLIENT_AWS_REGION=$AWS_REGION \

When I try to deploy it on Kubernetes without providing these options,
kubectl run simianarmy --image=mlafeldt/simianarmy --port=8080
then expose it as a microservice
kubectl expose deployment simianarmy --type=NodePort

I check the deploy log find error

com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain
	at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)
	at com.amazonaws.http.AmazonHttpClient.getCredentialsFromContext(AmazonHttpClient.java:774)
	at com.amazonaws.http.AmazonHttpClient.executeOneRequest(AmazonHttpClient.java:800)
	at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:695)
	at com.amazonaws.http.AmazonHttpClient.doExecute(AmazonHttpClient.java:447)
	at com.amazonaws.http.AmazonHttpClient.executeWithTimer(AmazonHttpClient.java:409)
	at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:358)
	at com.amazonaws.services.simpledb.AmazonSimpleDBClient.doInvoke(AmazonSimpleDBClient.java:1039)
	at com.amazonaws.services.simpledb.AmazonSimpleDBClient.invoke(AmazonSimpleDBClient.java:1009)
	at com.amazonaws.services.simpledb.AmazonSimpleDBClient.select(AmazonSimpleDBClient.java:958)
	at com.netflix.simianarmy.aws.SimpleDBRecorder.findEvents(SimpleDBRecorder.java:220)
	at com.netflix.simianarmy.aws.SimpleDBRecorder.findEvents(SimpleDBRecorder.java:245)
	at com.netflix.simianarmy.aws.SimpleDBRecorder.findEvents(SimpleDBRecorder.java:262)

when I try to access it http://10.145.101.61:31350/simianarmy/api/v1/chaos
got the same error.


HTTP ERROR 500

Problem accessing /simianarmy/api/v1/chaos. Reason:

    Unable to load AWS credentials from any provider in the chain
Caused by:

com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain

If it is possible to deploy docker-simianarmy as a microservice to a Kubernetes cluster.
Will you please let me know to get around those AWS options to let it works in Kubernetes cluster and kill some microservice running on Kubernetes.

Maybe I am on the wrong way.
Maybe I should understand your direction "You can deploy docker-simianarmy as a microservice to a Kubernetes cluster. We're doing the same thing with AWS ECS" as I can deploy docker-simianarmy as a microservice to a Kubernetes cluster, but I still need provide those AWS options because Simian Army (include the Chaos Monkey) can only aim at AWS and VSphere. Right? :)

Thank you in advance!

Answer 3 · 2016-12-28T18:12:17.000Z

I think the problem is you're not passing the AWS env vars to Kubernetes, e.g.

kubectl run --env="SIMIANARMY_CLIENT_AWS_ACCOUNTKEY=$AWS_ACCESS_KEY_ID" etc.

Answer 4 · 2016-12-28T23:48:37.000Z

Maybe I did not make my case clear.
I do not think something is wrong with the this image.
I think you are helping me deploy the Chaos Monkey on Kubernetes and let it attack microservices running on AWS cloud.

Actually we have no AWS and only have Kubernetes cluster .
Our objective is to use Chaos Monkey aim at microservice running on Kubernetes.
So in this scenario is there some workaround to provide the $AWS_ACCESS_KEY_ID for the SIMIANARMY_CLIENT_AWS_ACCOUNTKEY

If my understanding is right the value of SIMIANARMY_CLIENT_AWS_ACCOUNTKEY will be used by Chaos Monkey to access the related AWS cloud and kill the selected microservice or EC2 instance running on that AWS cloud.

While I am expecting it aim at microservice running on my Kubernetes :)
Is this possible.

Answer 5 · 2016-12-29T11:28:02.000Z

Ah, now I understand. While you can run Chaos Monkey anywhere (even on your laptop), it only supports AWS and VSphere as targets. Sorry.

Answer 6 · 2016-12-29T17:11:17.000Z

Hi @mlafeldt,
Thank you so much for your feedback. With your confirm I understand it completely now.

Answer 7 · 2017-01-01T13:26:41.000Z

@BruceZu According to https://www.infoq.com/news/2016/10/chaos-monkey-upgrade, the new Chaos Monkey version living at https://github.com/Netflix/chaosmonkey can be used with Kubernetes. I don't know the details, but this might be useful to you.

Answer 8 · 2017-01-03T20:33:00.000Z

Oh, Thank you so much! @mlafeldt, I read these pages, plus
https://github.com/Netflix/chaosmonkey/wiki/How-to-deploy
and
http://techblog.netflix.com/2016/10/netflix-chaos-monkey-upgraded.html
Still there is no contributed docker image for this Chaos Monkey 2.0 and higher version. It need assume Spinnaker is ready and still need create a MySql data base.
I check the code of https://github.com/jnewland/kubernetes-pod-chaos-monkey and find it is not using Netflix Chaos Monkey, instead it implement it in bash.