Update chaosd setup to create a temporary fake experiment to trigger necessary chaosd setup for network testing

mininny · mininny · commit 4b0bfb70de72 · 2025-10-20T23:22:40.000+09:00
diff --git a/roles/chaosd/tasks/setup.yaml b/roles/chaosd/tasks/setup.yaml
@@ -64,6 +64,12 @@
     state: started
     daemon_reload: true
 
+- name: Run network partition attack
+  ansible.builtin.command:
+    cmd: "{{ chaosd_install_dir }}/chaosd attack network partition -d eth0 --direction from --hostname temporary.com --uid 9999"
+  become: true
+  changed_when: true
+
 - name: Copy chaos iptables bridge script
   ansible.builtin.template:
     src: chaos-iptables-bridge.sh.j2
diff --git a/roles/chaosd/templates/chaos-iptables-bridge.sh.j2 b/roles/chaosd/templates/chaos-iptables-bridge.sh.j2
@@ -12,16 +12,5 @@ add_jump() {
   iptables -t "$table" -C "$from" -j "$to" 2>/dev/null || iptables -t "$table" -I "$from" "$pos" -j "$to"
 }
 
-# Reuse Chaos Mesh chains if they exist
-has_chain() { iptables -t filter -nL "$1" >/dev/null 2>&1; }
-
-# 1) Container egress: DOCKER-USER -> CHAOS-OUTPUT
-if has_chain CHAOS-OUTPUT; then
-  add_jump filter DOCKER-USER CHAOS-OUTPUT 1
-fi
-
-# 2) Container ingress prep: DOCKER-USER -> CHAOS-INPUT
-# (This lets CHAOS-INPUT rules, when present, also run for FORWARDed traffic to containers.)
-if has_chain CHAOS-INPUT; then
-  add_jump filter DOCKER-USER CHAOS-INPUT 1
-fi
+add_jump filter DOCKER-USER CHAOS-OUTPUT 1
+add_jump filter DOCKER-USER CHAOS-INPUT 1
diff --git a/roles/generate_kubernetes_config/defaults/main.yaml b/roles/generate_kubernetes_config/defaults/main.yaml
@@ -189,7 +189,7 @@ gen_kubernetes_config_helm_charts: # noqa var-naming[no-role-prefix]
     dependencies:
       - name: chaos-mesh
         repository: https://ethpandaops.github.io/ethereum-helm-charts
-        version: 0.0.4
+        version: 0.0.3
   syncoor-server:
     valuesTemplatePath: templates/syncoor-server.yaml.j2
     dependencies:
diff --git a/roles/generate_kubernetes_config/templates/chaos-mesh.yaml.j2 b/roles/generate_kubernetes_config/templates/chaos-mesh.yaml.j2
@@ -39,6 +39,8 @@ chaos-mesh:
 {% for host in groups['ethereum_node'] | sort %}
     - name: {{ hostvars[host]['inventory_hostname'] }}
       address: "https://<path:/secrets/services/services.enc.yaml#ethereum | jsonPath {.testnets.{{ devnet_name }}-devnets.node_ingress.combined}>@rpc.{{ hostvars[host]['inventory_hostname'] }}.{{ network_subdomain }}/chaosd/"
+      hostname: "{{ hostvars[host]['inventory_hostname'] }}.{{ network_subdomain }}"
+      ip: "{{ hostvars[host]['ansible_host'] }}"
       labels:
 {% if 'ethereum_node_cl' in hostvars[host] %}
         consensus: {{ hostvars[host]['ethereum_node_cl'] }}
@@ -52,7 +54,4 @@ chaos-mesh:
 {% endif %}
       annotations:
         description: "{{ hostvars[host]['ethereum_node_cl'] | default('unknown') | title }} + {{ hostvars[host]['ethereum_node_el'] | default('unknown') | title }} node"
-{% if 'node_role' in hostvars[host] %}
-        role: {{ hostvars[host]['node_role'] }}
-{% endif %}
 {% endfor %}
