ALB AZ down
ALB AZ down takes down the AZ (Availability Zones) on a target application load balancer for a specific duration. This fault:
- Restricts access to certain availability zones for a specific duration.
- Tests the application sanity, availability, and recovery workflows of the application pod attached to the load balancer.
Use cases
- ALB AZ down fault breaks the connectivity of an ALB with the given zones and impacts their delivery.
- Detaching the AZ from the application load balancer disrupts the application's performance.
note
- Kubernetes > 1.17 is required to execute this fault.
- Appropriate AWS access to attach or detach subnet from the target ALB.
- There needs to be a minimum of two AZs attached to the target ALB after injecting chaos; otherwise, the fault will fail to detach the given AZ.
- The ALB should be attached to the given availability zones.
- Kubernetes secret that has the AWS access configuration(key) in the
CHAOS_NAMESPACE. Below is a sample secret file.
apiVersion: v1
kind: Secret
metadata:
name: cloud-secret
type: Opaque
stringData:
cloud_config.yml: |-
# Add the cloud AWS credentials respectively
[default]
aws_access_key_id = XXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXX
- It is recommended to use the same secret name, that is,
cloud-secret. Otherwise, you will need to update theAWS_SHARED_CREDENTIALS_FILEenvironment variable in the fault template with the new secret name and you may be unable to use the default health check probes. - Refer to AWS named profile for chaos to know how to use a different profile for AWS faults.
Below is an example AWS policy to execute the fault.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeInstanceStatus",
"ec2:DescribeInstances",
"ec2:DescribeSubnets",
"elasticloadbalancing:DetachLoadBalancerFromSubnets",
"elasticloadbalancing:AttachLoadBalancerToSubnets",
"elasticloadbalancing:DescribeLoadBalancers"
],
"Resource": "*"
}
]
}
Refer to the superset permission or policy to execute all AWS faults.
Fault tunables
Mandatory fields
| Variables | Description | Notes |
|---|---|---|
| LOAD_BALANCER_ARN | Target load balancer ARN whose AZ should be detached. | For example, arn:aws:elasticloadbalancing:us-east-2:100054111296:loadbalancer/app/test-alb/09121290906ffab7. |
| ZONES | Target zones that should be detached from ALB. | For example, us-east-1a. |
| REGION | Region name for the target volumes. | For example, us-east-1. |
Optional fields
| Variables | Description | Notes |
|---|---|---|
| TOTAL_CHAOS_DURATION | Duration to insert chaos (in seconds). | Defaults to 30s. For more information, go to duration of the chaos. |
| CHAOS_INTERVAL | Duration between the attachment and detachment of the volumes (in seconds). | Defaults to 30s. For more information, go to chaos interval. |
| SEQUENCE | Sequence of chaos execution for multiple volumes. | Default value is parallel. Supports serial and parallel. For more information, go to sequence of chaos execution. |
| RAMP_TIME | Duration to wait before and after injecting chaos (in seconds). | For example, 30s. For more information, go to ramp time. |
Target zones
It contains the comma-separated list of target zones. Tune it by using the ZONES environment variable.
Use the following example to tune the target zones:
# contains alb az down for given zones
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
chaosServiceAccount: litmus-admin
experiments:
- name: alb-az-down
spec:
components:
env:
# load balancer arn for chaos
- name: LOAD_BALANCER_ARN
value: 'arn:aws:elasticloadbalancing:us-east-2:100054111296:loadbalancer/app/test-alb/09121290906ffab7'
# target zones for the chaos
- name: ZONES
value: 'us-east-1a,us-east-1b'
# region for chaos
- name: REGION
value: 'us-east-1'