Simian Army Ansible Playbook and AMIs

View code on GitHub

The Simian Army are tools for keeping your cloud operating in top form. For example, Chaos Monkey is a resiliency tool that helps applications tolerate random instance failures. Before running the playbook, there are a few things we need to do:


You need Ansible and AWS set up an configured. This is a 10 minute process, and you can watch Episode 2 to see how to do it.

Launch EC2 instance for Edda

  1. Create a Simian Army IAM Role with this policy
  2. Create a Simian Army security group
    • Allow port 22 for SSH
    • Allow port 80 for REST access only from your own IP address
  3. Create a new Key pair (if you don't already have one) and add it to your keychain or SSH agent so you don't need to specify it later:

    $ ssh-add mykey.pem
  4. Launch a new EC2 instance using the above IAM Role, Security Group and key pair. Use Ubuntu 12.04 LTS as the AMI.

  5. Set the Name tag of the instance to SimianArmy
  6. Confirm you can see the instance using the Ansible EC2 inventory
    $ /etc/ansible/hosts | grep 'SimianArmy'

Run Ansible playbook

Now you can run the playbook

$ ansible-playbook playbooks/simian-army-ubuntu.yml -l 'tag_Name_SimianArmy'

Configure Simian Army

Once the playbook is finished, you can SSH to the instance an start configure the Simian Army. Example:

cd /usr/local/tomcat/webapps/simianarmy/WEB-INF/classes/
sudo emacs
sudo service tomcat7 restart

The log files are located at /var/log/tomcat7, with catalina.out being the main one.

The easy way with CloudFormation

If all of that seems too hard, feel free to use the Simian Army CloudFormation template to bring up the Simian Army in just a few clicks.


You can find the list of pre-built AMIs here:


This playbook does nothing for security. It is highly recommended that you put some kind of restrictions on who can access the Simian Army monkeys. At the very minimum, please make sure your security group only allows port 80 access from your IP address only.

Adding authentication, running over SSL, and/or putting it on a private subnet is also recommended.


If you have feedback, comments or suggestions, please feel free to contact Peter at Answers for AWS, create an Issue, or submit a pull request.

View code on GitHub