Gremlin Brings Chaos to Kubernetes Environments
Portworx sponsored The New Stack’s coverage of KubeCon+CloudNativeCon North America 2019.
Further expanding its failure-as-a-service platform, Gremlin has launched native support for chaos engineering in Kubernetes environments. Chaos engineering has teams preparing for worst-case scenarios by simulating strain and attacks on distributed systems.
The company added support for Docker environments last year and for serverless in October with its Application-Level Fault Injection (ALFI) technology, which provides a way to do failure testing at the application level by inserting breakpoints into the developer’s code itself.
“Gremlin provides an easy and reliable way for us to run chaos experiments on specific services in Kubernetes,” said Simon Govier, director of program management at Expedia. “This significantly reduces the amount of time it takes to do fault injection and increases our systems’ resilience to failure.”
Gremlin asserts that it’s the only enterprise offering that integrates directly with Kubernetes.
“You embed a controller in there, and it goes through your deployment and makes it super easy to then run a little chaos depending on how you do your deployments,” said Matthew Fornaciari, chief technology officer and co-founder of Gremlin.
“You don’t have to switch your thinking around how you would target things. You can say, ‘OK, this deployment, this daemon set or this pod, this is what I want to attack. Then you just go into our UI, find it, filter down by namespace and there you go.’ ”
“In the past if you’ve installed Gremlin on a container in a Kubernetes cluster, you dealt with containers being spun up and down by the Kubernetes orchestrator. Targeting the containers underlying the service on which you’d like to experiment has been a bit like a game of whack-a-mole.”
Gremlin allows targeting objects within Kubernetes clusters. After selecting a cluster, you can filter the visible set of objects by selecting a namespace. Select any of your Deployments, ReplicaSets, StatefulSets, DaemonSets, or Pods. When one object is selected, all child objects will also be targeted.
Now you no longer have to look through a long list for specific containers and wonder whether you’ve found them all, he adds. Instead, the containers targeted by this attack will show up in the attack details screen, grouped together by the Kubernetes object to which they belong.
The UI provides a visualization of the attack, depending on the number of objects you’ve selected.
At the top right of the dashboard is a red Halt button, which means you can instantly stop attacks and roll everything back, safety being paramount, according to Fornaciari.
The company announced its Scenarios features at its Chaos Conf user conference in September. It consists of six recommended scenarios with out-of-the-box tests for a system’s ability to withstand common cloud outage scenarios. The company plans to enable targeting Kubernetes soon from within a Scenario, though that’s not available yet.
The company also provide guidance on the kinds of Kubernetes attacks it recommends.
“Kubernetes is an extremely powerful tool in the sense that you can do just about anything with it. But that also means that it can be a little bit complicated for new users,” Fornaciari said. “So giving them a little bit of guidance and making it as simple as possible to go out there and cause a little chaos is sort of that is the goal around releasing native community support.”