lucky-sideburn / Kubeinvaders
Programming Languages
Projects that are alternatives of or similar to Kubeinvaders
Gamified chaos engineering and analysis tool for Kubernetes. It is like Space Invaders but the aliens are pods or worker nodes.
Table of Contents
- Description
- New Version (game part in pure JS)
- Special Input Keys and features
- Prometheus metrics and Grafana
- Installation
- Notes for large clusters
- Configuration
Description
Through KubeInvaders you can stress a Kubernetes cluster in a fun way and check how it is resilient.
New Version
KubeInvaders is going to be full open-source. Meanwhile it is possibile choose between 2 different versions.
- Legacy version: Made using Defold as game engine.
- New version: It has been written in pure Javascript and it is totally open-source.
The new version of KubeInvaders has fewer features than legacy but is optimized for chaos engineering because pods and nodes are rendered together and there is a shuffle functionality for better random experiments.
Special Input Keys and features
Input | Action | Version (New or Legacy) |
---|---|---|
n | Change namespace (you should define namespaces list. Ex: TARGET_NAMESPACE=foo1,foo2,foo3). | New, Legacy |
a | Switch to automatic mode. | Legacy |
m | Switch to manual mode. | Legacy |
h | Show special keys. | New, Legacy |
q | Hide help for special keys. | New, Legacy |
i | Show pod's name. Move the ship towards an alien. | Legacy |
r | Refresh log of a pod when spaceship is over the alien. | Legacy |
s | Activate or deactivate shuffle | New |
k | (NEW) Perform kube-linter analysis for a pod. | Legacy |
w | (NEW) Chaos engineering against Kubernetes nodes. | New, Legacy |
Known problems
- It seems that KubeInvaders does not work with EKS because of problems with ServiceAccount. Work in progress!
Hands-on Tutorial
To experience KubeInvaders in action, try it out in this free O'Reilly Katacoda scenario, KubeInvaders.
Metrics
KubeInvaders exposes metrics for Prometheus through the standard endpoint /metrics
This is an example of Prometheus configuration
scrape_configs:
- job_name: kubeinvaders
static_configs:
- targets:
- kubeinvaders.kubeinvaders.svc.cluster.local:8080
Example of metrics
Metric | Description |
---|---|
chaos_jobs_node_count{node=workernode01} | Total number of chaos jobs executed per node |
chaos_node_jobs_total | Total number of chaos jobs executed against all worker nodes |
deleted_pods_total 16 | Total number of deleted pods |
deleted_namespace_pods_count{namespace=myawesomenamespace} | Total number of deleted pods per namespace |
Installation
Install to Kubernetes with Helm (v3+)
# Set target_namespace and ingress.hostname!
git clone https://github.com/lucky-sideburn/KubeInvaders.git
kubectl create namespace kubeinvaders
# Install new and full open-source version
helm install kubeinvaders --set-string target_namespace="namespace1\,namespace2" \
--namespace kubeinvaders ./helm-charts/kubeinvaders \
--set ingress.hostName=kubeinvaders.io --set image.tag=v1.0
# Install legacy version
helm install kubeinvaders --set-string target_namespace="namespace1\,namespace2" \
--namespace kubeinvaders ./helm-charts/kubeinvaders \
--set ingress.hostName=kubeinvaders.io --set image.tag=legacy
Security Notes
In order to restrict the access to the Kubeinvaders endpoint add this annotation into the ingress.
nginx.ingress.kubernetes.io/whitelist-source-range: <your_ip>/32
Install KubeInvaders on OpenShift
To Install KubeInvaders on your OpenShift Cluster clone this repo and launch the following commands:
oc create clusterrole kubeinvaders-role --verb=watch,get,delete,list --resource=pods,pods/log,jobs
TARGET_NAMESPACE=foobar,awesome-namespace
## You can define multiple namespaces ex: TARGET_NAMESPACE=foobar,foobar2
# Choose route host for your kubeinvaders instance.
ROUTE_HOST=kubeinvaders.org
# Please add your source ip IP_WHITELIST. This will add haproxy.router.openshift.io/ip_whitelist in KubeInvaders route
# https://docs.openshift.com/container-platform/3.9/architecture/networking/routes.html#whitelist
IP_WHITELIST="93.44.96.4"
oc new-project kubeinvaders --display-name='KubeInvaders'
oc create sa kubeinvaders -n kubeinvaders
oc adm policy add-cluster-role-to-user kubeinvaders-role -z kubeinvaders -n kubeinvaders
KUBEINVADERS_SECRET=$(oc get secret -n kubeinvaders --field-selector=type==kubernetes.io/service-account-token | grep 'kubeinvaders-token' | awk '{ print $1}' | head -n 1)
oc process -f openshift/KubeInvaders.yaml -p ROUTE_HOST=$ROUTE_HOST -p TARGET_NAMESPACE=$TARGET_NAMESPACE -p KUBEINVADERS_SECRET=$KUBEINVADERS_SECRET | oc create -f -
Notes for large clusters
For clusters with many workers-nodes, KubeInvaders (legacy version) selects a subset of random items.
Item | Max Number |
---|---|
Nodes | 15 |
Configuration
(Legacy Version) Environment Variables - Make the game more difficult to win!
Set the following variables in Kubernetes Deployment or OpenShift DeploymentConfig:
ENV Var | Description |
---|---|
ALIENPROXIMITY (default 15) | Reduce the value to increase distance between aliens. |
HITSLIMIT (default 0) | Seconds of CPU time to wait before shooting. |
UPDATETIME (default 1) | Seconds to wait before update PODs status (you can set also 0.x Es: 0.5). |