Skip to content

Commit

Permalink
Add port blacklisting in the pod-network faults (#4222)
Browse files Browse the repository at this point in the history 
Signed-off-by: Shubham Chaudhary <shubham.chaudhary@harness.io>
  • Loading branch information
@ispeakc0de
ispeakc0de authored Oct 12, 2023
1 parent d1b19a3 commit 02a5900
Show file tree
Hide file tree
Showing 8 changed files with 260 additions and 0 deletions.
39 changes: 39 additions & 0 deletions mkdocs/docs/experiments/categories/pods/pod-network-corruption.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -330,6 +330,45 @@ spec:
value: '60'
```

### Blacklist Source and Destination Ports

By default, the network experiments disrupt traffic for all the source and destination ports. The specific ports can be blacklisted via `SOURCE_PORTS` and `DESTINATION_PORTS` ENV.

- `SOURCE_PORTS`: Provide the comma separated source ports preceded by `!`, that you'd like to blacklist from the chaos.
- `DESTINATION_PORTS`: Provide the comma separated destination ports preceded by `!` , that you'd like to blacklist from the chaos.

Use the following example to tune this:

[embedmd]:# (pod-network-corruption/blacklist-source-and-destination-ports.yaml yaml)
```yaml
# blacklist the source and destination ports
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
annotationCheck: "false"
appinfo:
appns: "default"
applabel: "app=nginx"
appkind: "deployment"
chaosServiceAccount: pod-network-corruption-sa
experiments:
- name: pod-network-corruption
spec:
components:
env:
# it will blacklist 80 and 8080 source ports
- name: SOURCE_PORTS
value: '!80,8080'
# it will blacklist 8080 and 9000 destination ports
- name: DESTINATION_PORTS
value: '!8080,9000'
- name: TOTAL_CHAOS_DURATION
value: '60'
```

### Network Interface

The defined name of the ethernet interface, which is considered for shaping traffic. It can be tuned via `NETWORK_INTERFACE` ENV. Its default value is `eth0`.
Expand Down
26 changes: 26 additions & 0 deletions ...iments/categories/pods/pod-network-corruption/blacklist-source-and-destination-ports.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# blacklist the source and destination ports
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
annotationCheck: "false"
appinfo:
appns: "default"
applabel: "app=nginx"
appkind: "deployment"
chaosServiceAccount: pod-network-corruption-sa
experiments:
- name: pod-network-corruption
spec:
components:
env:
# it will blacklist 80 and 8080 source ports
- name: SOURCE_PORTS
value: '!80,8080'
# it will blacklist 8080 and 9000 destination ports
- name: DESTINATION_PORTS
value: '!8080,9000'
- name: TOTAL_CHAOS_DURATION
value: '60'
39 changes: 39 additions & 0 deletions mkdocs/docs/experiments/categories/pods/pod-network-duplication.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -331,6 +331,45 @@ spec:
value: '60'
```

### Blacklist Source and Destination Ports

By default, the network experiments disrupt traffic for all the source and destination ports. The specific ports can be blacklisted via `SOURCE_PORTS` and `DESTINATION_PORTS` ENV.

- `SOURCE_PORTS`: Provide the comma separated source ports preceded by `!`, that you'd like to blacklist from the chaos.
- `DESTINATION_PORTS`: Provide the comma separated destination ports preceded by `!` , that you'd like to blacklist from the chaos.

Use the following example to tune this:

[embedmd]:# (pod-network-duplication/blacklist-source-and-destination-ports.yaml yaml)
```yaml
# blacklist the source and destination ports
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
annotationCheck: "false"
appinfo:
appns: "default"
applabel: "app=nginx"
appkind: "deployment"
chaosServiceAccount: pod-network-duplication-sa
experiments:
- name: pod-network-duplication
spec:
components:
env:
# it will blacklist 80 and 8080 source ports
- name: SOURCE_PORTS
value: '!80,8080'
# it will blacklist 8080 and 9000 destination ports
- name: DESTINATION_PORTS
value: '!8080,9000'
- name: TOTAL_CHAOS_DURATION
value: '60'
```

### Network Interface

The defined name of the ethernet interface, which is considered for shaping traffic. It can be tuned via `NETWORK_INTERFACE` ENV. Its default value is `eth0`.
Expand Down
26 changes: 26 additions & 0 deletions ...ments/categories/pods/pod-network-duplication/blacklist-source-and-destination-ports.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# blacklist the source and destination ports
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
annotationCheck: "false"
appinfo:
appns: "default"
applabel: "app=nginx"
appkind: "deployment"
chaosServiceAccount: pod-network-duplication-sa
experiments:
- name: pod-network-duplication
spec:
components:
env:
# it will blacklist 80 and 8080 source ports
- name: SOURCE_PORTS
value: '!80,8080'
# it will blacklist 8080 and 9000 destination ports
- name: DESTINATION_PORTS
value: '!8080,9000'
- name: TOTAL_CHAOS_DURATION
value: '60'
39 changes: 39 additions & 0 deletions mkdocs/docs/experiments/categories/pods/pod-network-latency.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -340,6 +340,45 @@ spec:
value: '60'
```

### Blacklist Source and Destination Ports

By default, the network experiments disrupt traffic for all the source and destination ports. The specific ports can be blacklisted via `SOURCE_PORTS` and `DESTINATION_PORTS` ENV.

- `SOURCE_PORTS`: Provide the comma separated source ports preceded by `!`, that you'd like to blacklist from the chaos.
- `DESTINATION_PORTS`: Provide the comma separated destination ports preceded by `!` , that you'd like to blacklist from the chaos.

Use the following example to tune this:

[embedmd]:# (pod-network-latency/blacklist-source-and-destination-ports.yaml yaml)
```yaml
# blacklist the source and destination ports
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
annotationCheck: "false"
appinfo:
appns: "default"
applabel: "app=nginx"
appkind: "deployment"
chaosServiceAccount: pod-network-latency-sa
experiments:
- name: pod-network-latency
spec:
components:
env:
# it will blacklist 80 and 8080 source ports
- name: SOURCE_PORTS
value: '!80,8080'
# it will blacklist 8080 and 9000 destination ports
- name: DESTINATION_PORTS
value: '!8080,9000'
- name: TOTAL_CHAOS_DURATION
value: '60'
```

### Network Interface

The defined name of the ethernet interface, which is considered for shaping traffic. It can be tuned via `NETWORK_INTERFACE` ENV. Its default value is `eth0`.
Expand Down
26 changes: 26 additions & 0 deletions ...periments/categories/pods/pod-network-latency/blacklist-source-and-destination-ports.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# blacklist the source and destination ports
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
annotationCheck: "false"
appinfo:
appns: "default"
applabel: "app=nginx"
appkind: "deployment"
chaosServiceAccount: pod-network-latency-sa
experiments:
- name: pod-network-latency
spec:
components:
env:
# it will blacklist 80 and 8080 source ports
- name: SOURCE_PORTS
value: '!80,8080'
# it will blacklist 8080 and 9000 destination ports
- name: DESTINATION_PORTS
value: '!8080,9000'
- name: TOTAL_CHAOS_DURATION
value: '60'
39 changes: 39 additions & 0 deletions mkdocs/docs/experiments/categories/pods/pod-network-loss.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -331,6 +331,45 @@ spec:
value: '60'
```

### Blacklist Source and Destination Ports

By default, the network experiments disrupt traffic for all the source and destination ports. The specific ports can be blacklisted via `SOURCE_PORTS` and `DESTINATION_PORTS` ENV.

- `SOURCE_PORTS`: Provide the comma separated source ports preceded by `!`, that you'd like to blacklist from the chaos.
- `DESTINATION_PORTS`: Provide the comma separated destination ports preceded by `!` , that you'd like to blacklist from the chaos.

Use the following example to tune this:

[embedmd]:# (pod-network-loss/blacklist-source-and-destination-ports.yaml yaml)
```yaml
# blacklist the source and destination ports
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
annotationCheck: "false"
appinfo:
appns: "default"
applabel: "app=nginx"
appkind: "deployment"
chaosServiceAccount: pod-network-loss-sa
experiments:
- name: pod-network-loss
spec:
components:
env:
# it will blacklist 80 and 8080 source ports
- name: SOURCE_PORTS
value: '!80,8080'
# it will blacklist 8080 and 9000 destination ports
- name: DESTINATION_PORTS
value: '!8080,9000'
- name: TOTAL_CHAOS_DURATION
value: '60'
```

### Network Interface

The defined name of the ethernet interface, which is considered for shaping traffic. It can be tuned via `NETWORK_INTERFACE` ENV. Its default value is `eth0`.
Expand Down
26 changes: 26 additions & 0 deletions .../experiments/categories/pods/pod-network-loss/blacklist-source-and-destination-ports.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# blacklist the source and destination ports
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: engine-nginx
spec:
engineState: "active"
annotationCheck: "false"
appinfo:
appns: "default"
applabel: "app=nginx"
appkind: "deployment"
chaosServiceAccount: pod-network-loss-sa
experiments:
- name: pod-network-loss
spec:
components:
env:
# it will blacklist 80 and 8080 source ports
- name: SOURCE_PORTS
value: '!80,8080'
# it will blacklist 8080 and 9000 destination ports
- name: DESTINATION_PORTS
value: '!8080,9000'
- name: TOTAL_CHAOS_DURATION
value: '60'

0 comments on commit 02a5900

Please sign in to comment.