Skip to content

chaostoolkit-incubator/chaostoolkit-azure

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

152 Commits
.github/workflows
.github/workflows
 
 
chaosazure
chaosazure
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pdm.lock
pdm.lock
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

Chaos Toolkit Extension for Azure

Build Python versions

This project is a collection of actions and probes, gathered as an extension to the Chaos Toolkit. It targets the Microsoft Azure platform.

Install

This package requires Python 3.8+

To be used from your experiment, this package must be installed in the Python environment where chaostoolkit already lives.

$ pip install -U chaostoolkit-azure

Usage

To use the probes and actions from this package, add the following to your experiment file:

{
  "type": "action",
  "name": "start-service-factory-chaos",
  "provider": {
    "type": "python",
    "module": "chaosazure.vm.actions",
    "func": "stop_machines",
    "secrets": ["azure"],
    "arguments": {
      "parameters": {
        "TimeToRunInSeconds": 45
      }
    }
  }
}

That's it!

Please explore the code to see existing probes and actions.

Credentials

This extension uses the Azure SDK under the hood.

Environment Variables

The extensions uses a chained approach to locating the appropriate credentials, starting from the secrets in the experiment before moving to environment variables and so on as per the Azure documentation.

In theory, at the bare minimum you don't need to set anything explicitely into the experiment and let the client figure it out based on the local machine settings.

Experiment Secrets

You may also pass them via the secrets block of the experiment:

{
  "secrets": {
    "azure": {
      "client_id": "your-super-secret-client-id",
      "client_secret": "your-even-more-super-secret-client-secret",
      "tenant_id": "your-tenant-id"
    }
  }
}

You can retrieve secretes as well from environment or HashiCorp vault.

If you are not working with Public Global Azure, e.g. China Cloud You can set the cloud environment.

{
  "client_id": "your-super-secret-client-id",
  "client_secret": "your-even-more-super-secret-client-secret",
  "tenant_id": "your-tenant-id",
  "cloud": "AZURE_CHINA_CLOUD"
}

Available cloud names:

  • AZURE_CHINA_CLOUD
  • AZURE_GERMAN_CLOUD
  • AZURE_PUBLIC_CLOUD
  • AZURE_US_GOV_CLOUD

Either of these values can be passed via AZURE_CLOUD as well.

Subscription

Additionally you need to provide the Azure subscription id.

  • As an environment variable

    • AZURE_SUBSCRIPTION_ID

  • Subscription id in the experiment file

    {
  "configuration": {
    "azure_subscription_id": "your-azure-subscription-id"
  }
}

    Configuration may be as well retrieved from an environment.

    An old, but deprecated way of doing it was as follows, this still works but should not be favoured over the previous approaches as it's not the Chaos Toolkit way to pass structured configurations.

    {
  "configuration": {
    "azure": {
      "subscription_id": "your-azure-subscription-id"
    }
  }
}

  • Subscription id in the Azure credential file

    Credential file described in the previous "Credential" section contains as well subscription id. If AZURE_AUTH_LOCATION is set and subscription id is NOT set in the experiment definition, extension will try to load it from the credential file.

Putting it all together

Here is a full example for an experiment containing secrets and configuration:

{
  "version": "1.0.0",
  "title": "...",
  "description": "...",
  "tags": ["azure", "kubernetes", "aks", "node"],
  "configuration": {
    "azure_subscription_id": "xxx"
  },
  "secrets": {
    "azure": {
      "client_id": "xxx",
      "client_secret": "xxx",
      "tenant_id": "xxx"
    }
  },
  "steady-state-hypothesis": {
    "title": "Services are all available and healthy",
    "probes": [
      {
        "type": "probe",
        "name": "consumer-service-must-still-respond",
        "tolerance": 200,
        "provider": {
          "type": "http",
          "url": "https://some-url/"
        }
      }
    ]
  },
  "method": [
    {
      "type": "action",
      "name": "restart-node-at-random",
      "provider": {
        "type": "python",
        "module": "chaosazure.machine.actions",
        "func": "restart_machines",
        "secrets": ["azure"],
        "config": ["azure_subscription_id"]
      }
    }
  ],
  "rollbacks": []
}

Contribute

If you wish to contribute more functions to this package, you are more than welcome to do so. Please, fork this project, make your changes following the usual PEP 8 code style, sprinkling with tests and submit a PR for review.

The Chaos Toolkit projects require all contributors must sign a Developer Certificate of Origin on each commit they would like to merge into the master branch of the repository. Please, make sure you can abide by the rules of the DCO before submitting a PR.

Develop

If you wish to develop on this project, make sure to install the development dependencies.

$ pdm install --dev

Now, you can edit the files and they will be automatically be seen by your environment, even when running from the chaos command locally.

Test

To run the tests for the project execute the following:

$ pdm run test

About

Chaos Toolkit Extension for Azure

chaostoolkit.org/

Topics

chaos-engineering chaostoolkit chaostoolkit-extension

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

22 stars

Watchers

6 watching

Forks

28 forks
Report repository

Releases 13

0.17.0 Latest
Mar 26, 2024
+ 12 releases

Packages

No packages published

Contributors 19

+ 5 contributors

Languages