Trigger a Gremlin Chaos Engineering attack on deployment

Overview

​Gremlin is a Chaos Engineering Platform. It can be used to test your application and infrastructure resilience to unexpected failures.

In this tutorial, we will show you how to trigger a chaos engineering attack after a deployment has completed.

You will require:

  • A Gremlin account

  • A Humanitec organization

Prerequisites

  • If you have not already done so, you need to install Gremlin to the Kubernetes cluster which is also running your Humanitec applications.

  • If you have not connected your own Kubernetes cluster to Humanitec you can learn about it here.

In the Gremlin UI you can explore the different options of running chaos engineering attacks against your Kubernetes cluster and applications.

Any of those attacks can also be triggered via the Gremlin API. Construct the object that will be sent in the payload by following the docs.

Getting your Gremlin Team ID

Visit the Teams page in Gremlin, and then click on your team’s name in the list.

Gremlin Teams list

On the Teams screen click on Configuration.

Gremlin Teams configuration screen

Retrieving a Gremlin Bearer token

All requests to the Gremlin API require a token to be passed in the Authorization header. You can find details on obtaining your bearer token here: Germlin API Docs: Authentication and access tokens.

In summary, they can be obtained via a request to the /users/auth endpoint if your provide your email and password in the body of the request:

curl -X POST --header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode '[email protected]' \
--data-urlencode 'password=YOUR-PASSWORD' \
'https://api.gremlin.com/v1/users/auth?getCompanySession=true'

Create a Webhook in Humanitec

To trigger an attack after a deployment through Humanitec you can define a webhook to point the Gremlin API with a custom payload.

Navigate to the Webhooks section of the App Settings Screen for your Application in Humanitec.

  1. Enter an ID you will use to identify this webhook in future. It must be a valid Humanitec ID.

  2. Enter the URL that defines the attack you wish to perform. Remember to include your Gremlin Team ID.

  3. Click the Headers button and set the Key field to Authorization and the Value field to Bearer followed by a space and then the token you retrieved in the previous step.

  4. Click the Payload button and enter the appropriate payload as defined in the Germlin API Documentation.​

  5. Select the Deployment → Finished trigger to make the webhook be fired once every deployment has completed.

  6. Click the Create button finish setting up the webhook.