Add Simian Army

buildimages.sh

@@ -97,3 +97,8 @@ cd ../..
 cd genie/2.1.0
 docker build -t netflixoss/genie:2.1.0 .
 cd ../..
+
+## SIMIAN ARMY ##
+cd simian-army/2.5-SNAPSHOT
+docker build -t netflixoss/simian-army:2.5-SNAPSHOT .
+cd ../..

launchcommands.txt

@@ -44,3 +44,13 @@ https://SKETCHY_NGINX/eager?url=http://google.com&type=sketch
 
 ## Edda ##
 docker run -d --name edda -v `pwd`/edda/2.1/edda.properties.mine:/tomcat/webapps/ROOT/WEB-INF/classes/edda.properties netflixoss/edda:2.1
+
+## SIMIAN ARMY ##
+docker run -d --name simian-army \
+  -v `pwd`/simian-army/2.5-SNAPSHOT/chaos.properties.mine:/tomcat/webapps/ROOT/WEB-INF/classes/chaos.properties \
+  -v `pwd`/simian-army/2.5-SNAPSHOT/client.properties.mine:/tomcat/webapps/ROOT/WEB-INF/classes/client.properties \
+  -v `pwd`/simian-army/2.5-SNAPSHOT/conformity.properties.mine:/tomcat/webapps/ROOT/WEB-INF/classes/conformity.properties \
+  -v `pwd`/simian-army/2.5-SNAPSHOT/janitor.properties.mine:/tomcat/webapps/ROOT/WEB-INF/classes/janitor.properties \
+  -v `pwd`/simian-army/2.5-SNAPSHOT/simianarmy.properties.mine:/tomcat/webapps/ROOT/WEB-INF/classes/simianarmy.properties \
+  -v `pwd`/simian-army/2.5-SNAPSHOT/volumeTagging.properties.mine:/tomcat/webapps/ROOT/WEB-INF/classes/volumeTagging.properties \
+  netflixoss/simian-army:2.5-SNAPSHOT

simian-army/2.5-SNAPSHOT/Dockerfile

@@ -0,0 +1,27 @@
+FROM netflixoss/tomcat:7
+MAINTAINER John Jelinek IV <[email protected]>
+
+ENV SIMIANARMY_VERSION 2.5-SNAPSHOT
+
+RUN \
+  apt-get update &&\
+  apt-get install -y git &&\
+  git clone git://github.com/Netflix/SimianArmy.git &&\
+  cd SimianArmy/ &&\
+  ./gradlew build &&\
+  mkdir /tomcat/webapps/ROOT &&\
+  cd /tomcat/webapps/ROOT &&\
+  jar xf /SimianArmy/build/libs/simianarmy-"$SIMIANARMY_VERSION".war &&\
+  rm -fr /SimianArmy
+
+# Cleanup
+RUN \
+  apt-get clean && \
+  rm -fr /var/lib/apt/lists/* && \
+  rm -fr /tmp/*
+
+EXPOSE 8080
+
+ENTRYPOINT ["/tomcat/bin/catalina.sh"]
+
+CMD ["run"]

simian-army/2.5-SNAPSHOT/chaos.properties

@@ -0,0 +1,97 @@
+# The file contains the properties for Chaos Monkey.
+# see documentation at:
+# https://github.com/Netflix/SimianArmy/wiki/Configuration
+
+# let chaos run
+simianarmy.chaos.enabled = true
+
+# don't allow chaos to kill (ie dryrun mode)
+simianarmy.chaos.leashed = true
+
+# set to "false" for Opt-In behavior, "true" for Opt-Out behavior
+simianarmy.chaos.ASG.enabled = false
+
+# default probability for all ASGs
+simianarmy.chaos.ASG.probability = 1.0
+
+# increase or decrease the termination limit
+simianarmy.chaos.ASG.maxTerminationsPerDay = 1.0
+
+# Strategies
+simianarmy.chaos.shutdowninstance.enabled = true
+simianarmy.chaos.blockallnetworktraffic.enabled = false
+simianarmy.chaos.burncpu.enabled = false
+simianarmy.chaos.killprocesses.enabled = false
+simianarmy.chaos.nullroute.enabled = false
+simianarmy.chaos.failapi.enabled = false
+simianarmy.chaos.faildns.enabled = false
+simianarmy.chaos.faildynamodb.enabled = false
+simianarmy.chaos.fails3.enabled = false
+simianarmy.chaos.networkcorruption.enabled = false
+simianarmy.chaos.networklatency.enabled = false
+simianarmy.chaos.networkloss.enabled = false
+
+# Force-detaching EBS volumes may cause data loss
+simianarmy.chaos.detachvolumes.enabled = false
+
+# FillDisk fills the root disk.
+# NOTE: This may incur charges for an EBS root volume.  See burnmoney option.
+simianarmy.chaos.burnio.enabled = false
+# BurnIO causes disk activity on the root disk.
+# NOTE: This may incur charges for an EBS root volume. See burnmoney option.
+simianarmy.chaos.filldisk.enabled = false
+
+# Where we know the chaos strategy will incur charges, we won't run it unless burnmoney is true.
+simianarmy.chaos.burnmoney = false
+
+
+# enable a specific ASG
+# simianarmy.chaos.ASG.<asgName>.enabled = true
+# simianarmy.chaos.ASG.<asgName>.probability = 1.0
+
+# increase or decrease the termination limit for a specific ASG
+# simianarmy.chaos.ASG.<asgName>.maxTerminationsPerDay = 1.0
+
+# Enroll in mandatory terminations.  If a group has not had a
+# termination within the windowInDays range then it will terminate
+# one instance in the group with a 0.5 probability (at some point in
+# the next 2 days an instance should be terminated), then
+# do nothing again for windowInDays.  This forces "enabled" groups
+# that have a probability of 0.0 to have terminations periodically.
+simianarmy.chaos.mandatoryTermination.enabled = false
+simianarmy.chaos.mandatoryTermination.windowInDays = 32
+simianarmy.chaos.mandatoryTermination.defaultProbability = 0.5
+
+# Enable notification for Chaos termination for a specific instance group
+# simianarmy.chaos.<groupType>.<groupName>.notification.enabled = true
+
+# Set the destination email the termination notification sent to for a specific instance group
+# simianarmy.chaos.<groupType>.<groupName>.ownerEmail = [email protected]
+
+# Set the source email that sends the termination notification
+# simianarmy.chaos.notification.sourceEmail = [email protected]
+
+# Enable notification for Chaos termination for all instance groups
+#simianarmy.chaos.notification.global.enabled = true
+
+# Set the destination email the termination notification is sent to for all instance groups
+#simianarmy.chaos.notification.global.receiverEmail = [email protected]
+
+# Set a prefix applied to the subject of all termination notifications
+# Probably want to include a trailing space to separate from start of default text
+#simianarmy.chaos.notification.subject.prefix = SubjectPrefix 
+
+# Set a suffix applied to the subject of all termination notifications
+# Probably want to include an escaped space " \ " to separate from end of default text
+#simianarmy.chaos.notification.subject.suffix =  \ SubjectSuffix
+
+# Set a prefix applied to the body of all termination notifications
+# Probably want to include a trailing space to separate from start of default text
+#simianarmy.chaos.notification.body.prefix = BodyPrefix 
+
+# Set a suffix applied to the body of all termination notifications
+# Probably want to include an escaped space " \ " to separate from end of default text
+#simianarmy.chaos.notification.body.suffix =  \ BodySuffix
+
+# Enable the email subject to be the same as the body, to include terminated instance and group information
+#simianarmy.chaos.notification.subject.isBody = true

simian-army/2.5-SNAPSHOT/client.properties

@@ -0,0 +1,47 @@
+#####################################################################
+### Configure which client and context to use.
+#####################################################################
+
+### The default implementation is to use an AWS Client, equaling a property like the following:
+#
+#simianarmy.client.context.class=com.netflix.simianarmy.basic.BasicContext
+
+### to use an VSphereClient instead, uncomment this:
+#
+#simianarmy.client.context.class=com.netflix.simianarmy.client.vsphere.VSphereContext
+#
+### configure the specific selected client, e.g for VSphere these are
+#
+#simianarmy.client.vsphere.url=https://YOUR_VSPHERE_SERVER/sdk
+#simianarmy.client.vsphere.username=YOUR_SERVICE_ACCOUNT_USERNAME
+#simianarmy.client.vsphere.password=YOUR_SERVICE_ACCOUNT_PASSWORD
+
+### configure the specific selected client, e.g for AWS these are
+
+### both "accountKey" and "secretKey" can be left blank or be removed,
+### if the credentials are provided as environment variable or
+### an instance role is used to handle permissions
+### see: http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-roles.html
+#simianarmy.client.aws.accountKey = fakeAccount
+#simianarmy.client.aws.secretKey  = fakeSecret
+simianarmy.client.aws.region = us-west-1
+
+### To operate under an assumed role - the role will be assumed for all activity, sts:AssumeRole 
+### action must be allowed for the inital IAM role being used (long lived credentials)
+### http://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html 
+#
+#simianarmy.client.aws.assumeRoleArn = arn:aws:iam::ACCOUNT:role/ROLE
+
+### The VSpehere client uses a TerminationStrategy for killing VirtualMachines
+### You can configure which property and value for it to set prior to resetting the VirtualMachine
+#
+#simianarmy.client.vsphere.terminationStrategy.property.name=Force Boot
+#simianarmy.client.vsphere.terminationStrategy.property.value=server
+
+# Uncomment to use a version of Monkey recorder that does not rely on AWS SDB
+#simianarmy.client.recorder.class=com.netflix.simianarmy.basic.LocalDbRecorder
+
+### Operate in Cloud Formation mode - the random suffix appended to Auto Scaling Group names is ignored
+### (specify ASG names as usual with no suffix in chaos.properties)  
+#
+#simianarmy.client.chaos.class=com.netflix.simianarmy.basic.chaos.CloudFormationChaosMonkey

simian-army/2.5-SNAPSHOT/conformity.properties

@@ -0,0 +1,85 @@
+# let Conformity monkey run
+simianarmy.conformity.enabled = true
+
+# dryrun mode, no email notification to the owner of nonconforming clusters is sent
+simianarmy.conformity.leashed = true
+
+# By default Conformity Monkey wakes up every hour
+simianarmy.scheduler.frequency = 1
+simianarmy.scheduler.frequencyUnit = HOURS
+simianarmy.scheduler.threads = 1
+
+# Conformity Monkey runs every hour.
+simianarmy.calendar.openHour = 0
+simianarmy.calendar.closeHour = 24
+simianarmy.calendar.timezone = America/Los_Angeles
+
+# override to force monkey time, useful for debugging off hours
+#simianarmy.calendar.isMonkeyTime = true
+
+# Conformity monkey sends notifications to the owner of unconforming clusters between the open hour and close
+# hour only. In other hours, only summary email is sent. The default setting is to always send email notifications
+# after each run.
+simianarmy.conformity.notification.openHour = 0
+simianarmy.conformity.notification.closeHour = 24
+
+simianarmy.conformity.sdb.domain = SIMIAN_ARMY
+
+# The property below needs to be a valid email address to receive the summary email of Conformity Monkey
+# after each run
+simianarmy.conformity.summaryEmail.to = [email protected]
+
+# The property below needs to be a valid email address to send notifications for Conformity monkey
+simianarmy.conformity.notification.defaultEmail = [email protected]
+
+# The property below needs to be a valid email address to send notifications for Conformity Monkey
+simianarmy.conformity.notification.sourceEmail = [email protected]
+
+# By default Eureka is not enabled. The conformity rules that need to access Eureka are not added
+# when Eureka is not enabled.
+simianarmy.conformity.Eureka.enabled = false
+
+# The following property is used to enable the conformity rule to check whether there is mismatch of availability
+# zones between any auto scaling group and its ELBs in a cluster.
+simianarmy.conformity.rule.SameZonesInElbAndAsg.enabled = true
+
+# The following property is used to enable the conformity rule to check whether all instances in the cluster
+# are in required security groups.
+simianarmy.conformity.rule.InstanceInSecurityGroup.enabled = true
+
+# The following property specifies the required security groups in the InstanceInSecurityGroup conformity rule.
+simianarmy.conformity.rule.InstanceInSecurityGroup.requiredSecurityGroups = nf-infrastructure, nf-datacenter
+
+# The following property is used to enable the conformity rule to check whether there is any instance that is
+# older than certain days.
+simianarmy.conformity.rule.InstanceTooOld.enabled = true
+
+# The following property specifies the number of days used in the InstanceInSecurityGroup, any instance that is
+# old than this number of days is consider nonconforming.
+simianarmy.conformity.rule.InstanceTooOld.instanceAgeThreshold = 180
+
+# The following property is used to enable the conformity rule to check whether all instances in the cluster
+# have a status url defined according to Discovery/Eureka.
+simianarmy.conformity.rule.InstanceHasStatusUrl.enabled = true
+
+# The following property is used to enable the conformity rule to check whether all instances in the cluster
+# have a health check url defined according to Discovery/Eureka.
+simianarmy.conformity.rule.InstanceHasHealthCheckUrl.enabled = true
+
+# The following property is used to enable the conformity rule to check whether there are unhealthy instances
+# in the cluster accoring to Discovery/Eureka.
+simianarmy.conformity.rule.InstanceIsHealthyInEureka.enabled = true
+
+# You can override a cluster's owner email by providing a property here. For example, the line below overrides
+# the owner email of cluster foo to [email protected]
+# simianarmy.conformity.cluster.foo.ownerEmail = [email protected]
+
+# You can exclude specific conformity rules for a cluster using this property. For example, the line below excludes
+# the conformity rule rule1 and rule2 on cluster foo.
+# simianarmy.conformity.cluster.foo.excludedRules = rule1,rule2
+
+# You can opt out a cluster completely from Conformity Monkey by using this property. After a cluster is opted out,
+# no notification is sent for it no matter it is conforming or not. For example, the line below opts out the cluster
+# foo.
+# simianarmy.conformity.cluster.foo.optedOut = true
+