Lambda toggle event mapping state
Lambda toggle event mapping state toggles (or sets) the event source mapping state to disable for a Lambda function during a specific duration. Toggling between different states of event source mapping from a Lambda function may lead to failures when updating the database on an event trigger. This can break the service and impact its delivery.
Use cases
Lambda toggle event mapping:
- Checks the performance of the running application when the event source mapping is not enabled. This may cause missing entries in a database.
- Determines if the application has proper error handling or auto recovery actions configured.
Prerequisites
- Kubernetes >= 1.17
- AWS Lambda event source mapping must be healthy and attached to the Lambda function.
- Kubernetes secret must have the AWS access configuration(key) in the
CHAOS_NAMESPACE. A secret file looks like this:apiVersion: v1
kind: Secret
metadata:
name: cloud-secret
type: Opaque
stringData:
cloud_config.yml: |-
# Add the cloud AWS credentials respectively
[default]
aws_access_key_id = XXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXX
HCE recommends that you use the same secret name, that is, cloud-secret. Otherwise, you will need to update the AWS_SHARED_CREDENTIALS_FILE environment variable in the fault template with the new secret name and you won't be able to use the default health check probes.
Below is an example AWS policy to execute the fault.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:ListEventSourceMappings",
"lambda:DeleteEventSourceMapping",
"lambda:UpdateEventSourceMapping",
"lambda:CreateEventSourceMapping",
"lambda:UpdateFunctionConfiguration",
"lambda:GetFunctionConcurrency",
"lambda:GetFunction",
"lambda:DeleteFunctionConcurrency",
"lambda:PutFunctionConcurrency"
],
"Resource": "*"
}
]
}
- Go to AWS named profile for chaos to use a different profile for AWS faults.
- Go to superset permission/policy to execute all AWS faults.
- Go to common tunables and AWS-specific tunables to tune the common tunables for all faults and AWS-specific tunables.
Mandatory tunables
| Tunable | Description | Notes |
|---|---|---|
| FUNCTION_NAME | Function name of the target lambda function. It supports single function name. | For example, test-function |
| EVENT_UUIDS | Provide the UUID for the target event source mapping. | You can provide multiple values as comma-separated values. For example, id1,id2 |
| REGION | The region name of the target lambda function | For example, us-east-2 |
Optional tunables
| Tunable | Description | Notes |
|---|---|---|
| TOTAL_CHAOS_DURATION | Duration that you specify, through which chaos is injected into the target resource (in seconds). | Default: 30 s. For more information, go to duration of the chaos. |
| AWS_SHARED_CREDENTIALS_FILE | Path to the AWS secret credentials. | Default: /tmp/cloud_config.yml. |
| SEQUENCE | It defines sequence of chaos execution for multiple instance | Default: parallel. Supports serial and parallel. For more information, go to sequence of chaos execution. |
| RAMP_TIME | Period to wait before and after injection of chaos in sec | For example, 30 s. For more information, go to ramp time. |
Multiple event source mapping
Toggle between multiple event source mapping for a specific duration. Tune it by using EVENT_UUIDS environment variable that takes the UUID of the events as a comma-separated value.
The following YAML snippet illustrates the use of this environment variable:
# contains the removal of multiple event source mapping
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
chaosServiceAccount: litmus-admin
experiments:
- name: lambda-toggle-event-mapping-state
spec:
components:
env:
# provide UUIDS of event source mapping
- name: EVENT_UUIDS
value: 'id1,id2'
# provide the function name for the chaos
- name: FUNCTION_NAME
value: 'chaos-function'