AWS Fault Injection Simulator (FIS)¶
Estimated time to read: 5 minutes
Let's create Chaos Example using AWS Fault Injection Simulator (FIS) to simulate an EC2 instance failure corresponding to the table's first scenario, Chaos Engineering. We'll create a FIS experiment template and an experiment using the AWS Management Console, Boto2 and AWS Cli!!!
AWS Management Console¶
-
First, navigate to the AWS FIS Console and create an Experiment Template:
-
Template Name:
EC2InstanceFailure
-
Description:
Simulate an EC2 instance failure
-
Define the Actions:
-
Action ID:
terminate-instance
- Action Type:
aws:ec2:stopInstances
- Targets:
EC2InstancesTarget
-
Parameters:
{}
-
Define the Targets:
-
Target ID:
EC2InstancesTarget
- ResourceType:
aws:ec2:instance
- ResourceTags:
{ "your-key": "your-value" }
Replace your-key
and your-value
with the appropriate tag key and value to select the instances you want to target for the experiment. Alternatively, you can use other filters like ResourceIds
, ResourceArn
, or ResourceFilters
to select the instances.
-
Define the Stop Conditions:
-
AlarmArn: Add the ARN of a CloudWatch alarm that you want to use as a stop condition. This is optional, but recommended to prevent any adverse effects on your services.
-
Click Create Experiment Template.
Now that you have created the experiment template, you can start an experiment using this template:
-
Navigate to the FIS Console and click on Experiments.
-
Click on Start Experiment.
-
Choose the
EC2InstanceFailure
experiment template from the list. -
Enter an experiment name and description.
-
Click Start Experiment.
Once you start the experiment, FIS will terminate one of the EC2 instances matching the specified target criteria. You can monitor the experiment's progress and results in the FIS Console.
After the experiment, analyse the impact on your services and compare the results with your hypothesis. If the system behaved as expected, it confirms its resilience to EC2 instance failures. If not, identify the issues and improve the system's fault tolerance.
Python Boto3¶
You can create and manage AWS Fault Injection Simulator (FIS) experiments using Boto3, the official AWS SDK for Python. Here's an example of creating a FIS experiment template and starting an experiment for the EC2 instance failure scenario using Boto3:
First, ensure Boto3 is installed and configured with the necessary AWS credentials. If not, you can install it using pip
:
Next, create a Python script to define and run the experiment:
import boto3
# Create FIS client
fis = boto3.client('fis')
# Create an Experiment Template
response = fis.create_experiment_template(
experimentTemplate={
'actions': {
'terminate-instance': {
'actionId': 'terminate-instance',
'description': 'Terminate an EC2 instance',
'actionType': 'aws:ec2:stopInstances',
'targets': {
'instances': 'EC2InstancesTarget'
},
'parameters': {}
}
},
'description': 'Simulate an EC2 instance failure',
'roleArn': 'arn:aws:iam::<ACCOUNT_ID>:role/<ROLE_NAME>', # Replace with your role ARN
'stopConditions': [],
'targets': {
'EC2InstancesTarget': {
'resourceType': 'aws:ec2:instance',
'selectionMode': 'COUNT(1)',
'filters': [
{
'path': 'tags.your-key',
'values': [
'your-value'
]
}
]
}
}
},
tags={
'Name': 'EC2InstanceFailure'
}
)
experiment_template_id = response['experimentTemplate']['id']
print(f"Experiment Template ID: {experiment_template_id}")
# Start an Experiment
response = fis.start_experiment(
experimentTemplateId=experiment_template_id,
clientToken='unique-client-token', # Replace with a unique token
experiment={
'description': 'Running EC2 instance failure experiment',
'roleArn': 'arn:aws:iam::<ACCOUNT_ID>:role/<ROLE_NAME>', # Replace with your role ARN
'tags': {
'Name': 'EC2InstanceFailureExperiment'
},
'stopConditions': []
}
)
experiment_id = response['experiment']['id']
print(f"Experiment ID: {experiment_id}")
Replace <ACCOUNT_ID>
and <ROLE_NAME>
with your AWS account ID and the IAM role name that has the necessary permissions for FIS. You should also replace your-key
and your-value
with the appropriate tag key and value for selecting the instances you want to target.
This script creates a FIS experiment template for the EC2 instance failure scenario and starts an experiment using that template. After running the experiment, monitor its progress using the AWS Management Console or other AWS SDKs and analyse the impact on your services.
AWS CLI¶
You can also create and manage AWS Fault Injection Simulator (FIS) experiments using the AWS CLI. Here's an example of creating a FIS experiment template and starting an experiment for the EC2 instance failure scenario using the AWS CLI:
- Create a JSON file (
ec2_instance_failure_template.json
) with the experiment template definition:
{
"actions": {
"terminate-instance": {
"actionId": "terminate-instance",
"description": "Terminate an EC2 instance",
"actionType": "aws:ec2:stopInstances",
"targets": {
"instances": "EC2InstancesTarget"
},
"parameters": {}
}
},
"description": "Simulate an EC2 instance failure",
"roleArn": "arn:aws:iam::<ACCOUNT_ID>:role/<ROLE_NAME>",
"stopConditions": [],
"targets": {
"EC2InstancesTarget": {
"resourceType": "aws:ec2:instance",
"selectionMode": "COUNT(1)",
"filters": [
{
"path": "tags.your-key",
"values": [
"your-value"
]
}
]
}
}
}
Replace <ACCOUNT_ID>
and <ROLE_NAME>
with your AWS account ID and the IAM role name that has the necessary permissions for FIS. Replace your-key
and your-value
with the appropriate tag key and value for selecting the instances you want to target.
- Create the experiment template using the AWS CLI:
aws fis create-experiment-template --cli-input-json file://ec2_instance_failure_template.json --tags Name=EC2InstanceFailure
This command will return the experiment template ID, which you'll need for the next step.
- Start an experiment using the created template:
aws fis start-experiment --experiment-template-id <EXPERIMENT_TEMPLATE_ID> --client-token unique-client-token --experiment '{"description": "Running EC2 instance failure experiment", "roleArn": "arn:aws:iam::<ACCOUNT_ID>:role/<ROLE_NAME>", "tags": { "Name": "EC2InstanceFailureExperiment" }, "stopConditions": []}'
Replace <EXPERIMENT_TEMPLATE_ID>
with the experiment template ID obtained in step 2, <ACCOUNT_ID>
and <ROLE_NAME>
with your AWS account ID and the IAM role name, and unique-client-token
with a unique token.
After running the experiment, monitor its progress using the AWS Management Console, AWS SDKs, or AWS CLI, and analyse the impact on your services.