Observability and Chaos Engineering on System Calls for Containerized Applications in Docker
This addresses the need for improved observability and resilience in containerized applications, particularly for developers and operators using Docker, though it is incremental as it builds on existing chaos engineering concepts.
The paper tackles the problem of evaluating self-protection capabilities of containerized applications against system call errors by introducing ChaosOrca, a fault injection system that operates under production-like workloads without application instrumentation, and results show it is promising for detecting weaknesses in resilience mechanisms.
In this paper, we present a novel fault injection system called ChaosOrca for system calls in containerized applications. ChaosOrca aims at evaluating a given application's self-protection capability with respect to system call errors. The unique feature of ChaosOrca is that it conducts experiments under production-like workload without instrumenting the application. We exhaustively analyze all kinds of system calls and utilize different levels of monitoring techniques to reason about the behaviour under perturbation. We evaluate ChaosOrca on three real-world applications: a file transfer client, a reverse proxy server and a micro-service oriented web application. Our results show that it is promising to detect weaknesses of resilience mechanisms related to system calls issues.