DEVOPSdigest

Imagine: it's 2011 and Netflix has introduced Chaos Monkey, a tool that injects arbitrary failures into their cloud architecture to pinpoint design flaws. Today, resiliency engineering has advanced so much that "Chaos Engineer" is an actual job title. Enterprises such as Amazon, Facebook and Google now use chaos to understand their architectures and distributed systems.

While chaos engineering is usually performed on cloud-native software, it can also be used to strengthen the dependability of traditional data center applications that may never move to the cloud. What kind of tests might you run on these applications? Some might be:

■ Low network bandwidth and/or high latency

■ Disc volumes full

■ Application code failure

■ Database/server down

■ Expired certificate(s)

■ Hardware failures

This can be accomplished by using the cloud, which allows IT to create a production-like environment that includes the original's exact application components. All technical infrastructure encapsulating a depiction of an application is called an "environment." Chaos testing can be performed on the cloud replica without affecting production code.

It isn't necessary to change components to "cloud-native" with this approach; simply lift-and-shift, keep the same lines of application code, and use the same servers as the original. To get the most value from chaos testing, reuse the RFC-1918 address spaces you're using on-prem in the cloud. Every major cloud service has some type of network address translation (NAT) system, enabling each cloud-based environment that could be using cloned address spaces to communicate with other on-prem resources to prevent IP address collision.

Setting Up Your Chaos Testing Workflow

One reason to use the cloud for chaos testing on-prem applications is the ability to do a fast reset of the system between test rounds. Your goal should be quickly resetting or re-creating the system in the cloud, allowing you to quickly run several chaos test scenarios without wasting time resetting between each one. Here is a workflow to prepare for chaos testing.

1. Import your on-prem environment to the cloud.

2. Once running, save your application so you can recreate on-demand clones.

When importing the on-prem environment to the cloud, the goal is to duplicate the original on-prem system exactly. All the volume's data, networks, VMs and storage must be included.

Next, your test workflow is:

1. Deploy a duplicate application from your template/scripts.

2. Run your chaos tests and collect the results.

3. Once tests are complete, delete the entire test environment.

4. When you're ready for the next test, return to step #1.

While cloud-based infrastructure won't totally mirror on-prem environments, there are some workarounds. Say the design and size of your storage array (SAN) can't be duplicated in the cloud, meaning you won't be allowed to test due to "failing the SAN." In this instance, you could disconnect or alter a disk linked to a VM to mimic a failure, all in the cloud.

Resetting Your Test Environments After Use

By replicating your traditional on-prem application in the cloud, you can run aggressive tests to determine solutions to common issues, thereby extending the life of the application. However, when the testing eventually ruins the cloud-based application clone, how will you reset for future test rounds? Manually fixing things can take ages, but with cloud-based testing you unlock an unending supply of clones.

Different clouds approach this in different ways. No matter the strategy, the aim is to quickly rebuild a ready-to-use set of infrastructure and application components representing the original application. Companies already doing "infrastructure-as-code" may have the tooling and scripts to replicate the system from nothing.

Note that cloning IP address space is hard to do on-prem; don't be tempted to "Re-IP" (re-assign IP addresses and hostnames) to servers to prevent collision with the originals. This approach means you've essentially changed the original system's representation, so your chaos tests may produce incorrect results due to mismatched hostnames and IP addresses.

What once seemed impossible is actually a simple, elegant approach to improving on-prem applications that will never see the cloud. The cloud provides a 24/7 sandbox for you to create and destroy things, then quickly recover without risking your original systems. This approach works for original application systems of record, disaster recovery systems, and software development pipelines, making it a one-stop testing shop for traditional applications.