Home > Apache, AWS, bash, Linux > Bees with machine guns and EC2 at AWS

Bees with machine guns and EC2 at AWS

I tried yesterday bees with machine guns tool after I read http://aws.amazon.com/releasenotes/0814290369059292

1. install bees as described at https://github.com/newsapps/beeswithmachineguns

2. Configuring EC2 credentials : http://code.google.com/p/boto/wiki/BotoConfig

Note : if you dont know what aws_access_key_id and aws_secret_access_key values are,
go to https://console.aws.amazon.com/iam/home and create at least one admin user
there you will get the values needed

create the .boto and .awsecret files :

dragkh@darkstar:[Sun Jul 08 16:04:31]:[~]$ echo "[Credentials]
aws_access_key_id = ${aws_access_key_id}
aws_secret_access_key = ${aws_secret_access_key}
[Boto]
ec2_region_name = eu-west-1
ec2_region_endpoint = ec2.eu-west-1.amazonaws.com
elb_region_name = eu-west-1
elb_region_endpoint = elasticloadbalancing.eu-west-1.amazonaws.com
" > ~/.boto

dragkh@darkstar:[Sun Jul 08 16:05:31]:[~]$ echo "${aws_access_key_id}
${aws_secret_access_key}
" > .awssecret

dragkh@darkstar:[Sun Jul 08 16:06:31]:[~]$ bees 
Usage: 
bees COMMAND [options]

Bees with Machine Guns

A utility for arming (creating) many bees (small EC2 instances) to attack
(load test) targets (web applications).

commands:
  up      Start a batch of load testing servers.
  attack  Begin the attack on a specific url.
  down    Shutdown and deactivate the load testing servers.
  report  Report the status of the load testing servers.

Note, you have to create Kay pair /named dragkh for example/ in the ec2_region set at .boto config
its good to have general security group ready, like allowing ssh from 0.0.0.0/0, for example named “allssh

then dragkh.pem file has to be properly chmoded as 0600 and placed in the user’s .ssh directory


dragkh@darkstar:[Sun Jul 08 17:06:31]:[~]$ bees up -s 4  -k dragkh   -i ami-instance-per.choice -z eu-west-1b -g allssh  -l ec2-user
Connecting to the hive.
Attempting to call up 4 bees.
Waiting for bees to load their machine guns...
.
.
.
.
.
Bee i-813c41c9 is ready for the attack.
.
Bee i-833c41cb is ready for the attack.
.
Bee i-853c41cd is ready for the attack.
.
Bee i-873c41cf is ready for the attack.
The swarm has assembled 4 bees.
dragkh@darkstar:[Sun Jul 08 18:06:31]:[~]$ bees report
Read 4 bees from the roster.
Bee i-813c41c9: running @ 176.34.79.154
Bee i-833c41cb: running @ 46.137.8.43
Bee i-853c41cd: running @ 54.247.142.79
Bee i-873c41cf: running @ 46.137.63.221

start 4 instances accessible with the key dragkh , used instance ami-instance-per.choice in zone eu-west-1b and implement security group allssh , default login ec2-user

how to check for real you are ready

# get one of the reported ips
dragkh@darkstar:[Sun Jul 08 18:10:31]:[~]$ ssh -i ~/ssh/dragkh.pem ec2-user@176.34.79.154
ssh: connect to host 176.34.79.154 port 22: Connection refused
# try again, its very possible the instance is still warming up ...

dragkh@darkstar:[Sun Jul 08 19:06:31]:[~]$ ssh -i ~/ssh/dragkh.pem ec2-user@176.34.79.154
The authenticity of host '176.34.79.154 (176.34.79.154)' can't be established.
RSA key fingerprint is ef:90:71:f4:f4:28:a7:ed:b0:61:a0:2e:e4:24:73:d4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '176.34.79.154' (RSA) to the list of known hosts.
Last login: Sun Jul  8 13:20:15 2012 from 33.pool85-61-183.dynamic.orange.es

       __|  __|_  )
       _|  (     /   Amazon Linux AMI
      ___|\___|___|

See /usr/share/doc/system-release/ for latest release notes.
There are 5 security update(s) out of 33 total update(s) available
Run "sudo yum update" to apply all updates.
[ec2-user@ip-10-228-169-103 ~]$ sudo su - 
# Ctrl+d to go back to your laptop
[root@ip-10-228-169-103 install]# logout
[ec2-user@ip-10-228-169-103 ~]$ logout
Connection to 176.34.79.154 closed.

dragkh@darkstar:[Sun Jul 08 21:06:31]:[~]$

start the swarm attack:


dragkh@darkstar:[Sun Jul 08 22:06:31]:[~]$ bees attack  -n 10000 -c 400 -u http://your.test.public.server/
Read 4 bees from the roster.
Connecting to the hive.
Assembling bees.
Each of 4 bees will fire 2500 rounds, 100 at a time.
Stinging URL so it will be cached for the attack.
Organizing the swarm.
Bee 0 is joining the swarm.
Bee 1 is joining the swarm.
Bee 2 is joining the swarm.
Bee 3 is joining the swarm.
Bee 0 is firing his machine gun. Bang bang!
Bee 2 is firing his machine gun. Bang bang!
Bee 3 is firing his machine gun. Bang bang!
Bee 1 is firing his machine gun. Bang bang!
Bee 0 is out of ammo.
Bee 2 is out of ammo.
Bee 1 is out of ammo.
Bee 3 is out of ammo.
Offensive complete.
     Complete requests:		10000
     Requests per second:	35.960000 [#/sec] (mean)
     Time per request:		11125.877250 [ms] (mean)
     50% response time:		6539.750000 [ms] (mean)
     90% response time:		25720.500000 [ms] (mean)
Mission Assessment: Swarm annihilated target.
The swarm is awaiting new orders.

in case you get some like Apparently your bees are peace-loving hippies.


dragkh@darkstar:[Sun Jul 08 23:06:31]:[~]$ bees attack  -n 10000 -c 100 -u http://your.test.public.server/
Read 2 bees from the roster.
Connecting to the hive.
Assembling bees.
Each of 2 bees will fire 5000 rounds, 50 at a time.
Stinging URL so it will be cached for the attack.
Organizing the swarm.
Bee 0 is joining the swarm.
Bee 1 is joining the swarm.
Offensive complete.
     2 of your bees didn't make it to the action. They might be taking a little longer than normal to find their machine guns, or may have been terminated without using "bees down".
     No bees completed the mission. Apparently your bees are peace-loving hippies.
The swarm is awaiting new orders.

its VERY possible the ab apache tool is missing from the bees instances
one solution is to log at them and to install it , for example with yum:

yum install httpd-tools -y

the other solution is, create an AMI with the installed ab tool and use it
I created one for me with ab apache benchmark tool and apache-jmeter-2.7 installed:
ami-c33d39b7 : 228348162977/bee-slave-jmeter

well, dont forget to shut down the swarm with bees down:


dragkh@darkstar:[Sun Jul 08 29:06:31]:[~]$ bees down 
Read 4 bees from the roster.
Connecting to the hive.
Calling off the swarm.
Stood down 4 bees.
dragkh@darkstar:[Sun Jul 08 29:06:31]:[~]$ bees report
No bees have been mobilized.

this is all, but please, as is written at https://github.com/newsapps/beeswithmachineguns

If you decide to use the Bees, please keep in mind the following important caveat: they are, more-or-less a distributed denial-of-service attack in a fancy package and, therefore, if you point them at any server you don’t own you will behaving unethically, have your Amazon Web Services account locked-out, and be liable in a court of law for any downtime you cause.

You have been warned.

Slackware4LiFe!

Advertisements
Categories: Apache, AWS, bash, Linux Tags: , ,
  1. Jose Gonzalez
    October 24, 2012 at 10:48 pm

    Hi there, when I´m runnig the attack command I get this error : paramiko.SSHException: not a valid DSA private key file.

    Hope someone can help

    Regards

  2. dragkh
    October 27, 2012 at 3:31 pm

    check the permissions of the ssh key,
    in general you have to be able to ssh to the attacking host like :

    ssh -i ~/ssh/dragkh.pem ec2-user@host_ip

    if not, check the key pair settings , you might be using a key non valid for that AWS zone area ?

    • Tim
      December 3, 2012 at 7:39 am

      hi, I also met the same problem, I can use the key file when attack with 1 bees, but raise this exception with more than 2 bees.

  3. May 10, 2013 at 2:26 am

    I received a message your bees are peace-loving hippies. I login as root to perform yum install httpd-tools -y – got the message already installed and latest version.

    hmmm bad feeling – launched an attack again… and again my bees still being a swarm of hippies….

    Any suggestion ?

  4. May 10, 2013 at 7:39 am

    Forget my previous post. I found out what’s wrong. SSH security group on my bees need to be opened.

    Cheers

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: