Network chaos ng porting

build.sh

@@ -1,6 +1,7 @@
 SCENARIOS=( application-outages container-scenarios network-chaos node-cpu-hog node-io-hog \
 node-memory-hog node-scenarios node-scenarios-bm pod-network-chaos pod-scenarios power-outages pvc-scenario \
-service-disruption-scenarios service-hijacking syn-flood time-scenarios zone-outages node-network-filter pod-network-filter kubevirt-outage)
+service-disruption-scenarios service-hijacking syn-flood time-scenarios zone-outages node-network-filter pod-network-filter kubevirt-outage \
+node-network-chaos-ng pod-network-chaos-ng)
 for i in "${SCENARIOS[@]}"; do
     export KRKNCTL_INPUT=$(cat $i/krknctl-input.json|tr -d "\n")
     envsubst < $i/Dockerfile.template > $i/Dockerfile

docker-compose.yaml

@@ -113,4 +113,14 @@ services:
       build:
         context: ./
         dockerfile: ./kubevirt-outage/Dockerfile
-      image: quay.io/krkn-chaos/krkn-hub:kubevirt-outage
+      image: quay.io/krkn-chaos/krkn-hub:kubevirt-outage
+    pod-network-chaos-ng:
+      build:
+        context: ./
+        dockerfile: ./pod-network-chaos-ng/Dockerfile
+      image: quay.io/krkn-chaos/krkn-hub:pod-network-chaos-ng
+    node-network-chaos-ng:
+      build:
+        context: ./
+        dockerfile: ./node-network-chaos-ng/Dockerfile
+      image: quay.io/krkn-chaos/krkn-hub:node-network-chaos-ng

node-network-chaos-ng/Dockerfile.template

@@ -0,0 +1,24 @@
+# Dockerfile for kraken
+
+FROM quay.io/krkn-chaos/krkn:latest
+
+ENV KUBECONFIG /home/krkn/.kube/config
+
+# Copy configurations
+COPY metrics_config.yaml.template /home/krkn/kraken/config/kube_burner.yaml.template
+COPY config.yaml.template /home/krkn/kraken/config/config.yaml.template
+
+COPY node-network-filter/env.sh /home/krkn/env.sh
+COPY env.sh /home/krkn/main_env.sh
+COPY node-network-filter/run.sh /home/krkn/run.sh
+COPY node-network-filter/network-chaos.yml /home/krkn/kraken/scenarios/kube/network-chaos.yml
+COPY common_run.sh /home/krkn/common_run.sh
+
+LABEL krknctl.kubeconfig_path="/home/krkn/.kube/config"
+LABEL krknctl.title="Node Network Chaos"
+LABEL krknctl.description="Scenario to introduce network latency, packet loss, and bandwidth restriction in the Node's host network interface. The purpose of this scenario is to observe faults caused by random variations in the network (NG version)."
+
+LABEL krknctl.input_fields='$KRKNCTL_INPUT'
+
+ENTRYPOINT /home/krkn/run.sh
+

node-network-chaos-ng/README.md

@@ -0,0 +1,3 @@
+# Network Chaos docs
+
+See [doc](../../docs/node-network-filter.md) for how to run and all the variables listed

node-network-chaos-ng/env.sh

@@ -0,0 +1,20 @@
+export TEST_DURATION=${TOTAL_CHAOS_DURATION:="60"}
+export LABEL_SELECTOR=${NODE_SELECTOR:=""}
+export NAMESPACE=${NAMESPACE:="default"}
+export INSTANCE_COUNT=${INSTANCE_COUNT:="1"}
+export EXECUTION=${EXECUTION:="parallel"}
+export INGRESS=${INGRESS:="false"}
+export EGRESS=${EGRESS:="false"}
+export INTERFACES=${INTERFACES:=""}
+export PORTS=${PORTS:=""}
+export SCENARIO_TYPE=${SCENARIO_TYPE:=network_chaos_ng_scenarios}
+export SCENARIO_FILE=${SCENARIO_FILE:=scenarios/kube/network-chaos.yml}
+export IMAGE=${IMAGE:="quay.io/krkn-chaos/krkn-network-chaos:latest"}
+export PROTOCOLS=${PROTOCOLS:="tcp"}
+export NODE_NAME=${NODE_NAME:=""}
+export TAINTS=${TAINTS:=""}
+export SERVICE_ACCOUNT=${SERVICE_ACCOUNT:=""}
+export LATENCY=${LATENCY:="0ms"}
+export LOSS=${LOSS:="0"}
+export BANDWIDTH=${BANDWIDTH:="1gbit"}
+export FORCE=${FORCE:="False"}

node-network-chaos-ng/krknctl-input.json

@@ -0,0 +1,152 @@
+[
+  {
+    "name": "chaos-duration",
+    "short_description": "Chaos Duration",
+    "description": "Set chaos duration (in sec) as desired",
+    "variable": "TOTAL_CHAOS_DURATION",
+    "type": "number",
+    "default": "60",
+    "required": "false"
+  },
+  {
+    "name": "node-selector",
+    "short_description": "Node Selector",
+    "description": "Node selector where the scenario containers will be scheduled in the format \"<selector>=<value>\". NOTE:  Will be instantiated a container per each node selected with the same scenario options. If left empty a random node will be selected",
+    "variable": "NODE_SELECTOR",
+    "type": "string",
+    "validator": "^$|^.+\\=.*$",
+    "validation_message": "Node selector must be in the format: key=value",
+    "default": "",
+    "required": "false"
+  },
+  {
+    "name": "node-name",
+    "short_description": "Node Name",
+    "description": "The Node name to target (if label selector not specified)",
+    "variable": "NODE_NAME",
+    "type": "string",
+    "default": "",
+    "required": "false"
+  },
+  {
+    "name": "namespace",
+    "short_description": "Namespace",
+    "description": "Namespace where the scenario container will be deployed",
+    "variable": "NAMESPACE",
+    "type": "string",
+    "default": "default",
+    "required": "false"
+  },
+  {
+    "name": "instance-count",
+    "short_description": "Number of instances to target",
+    "description": "Number of instances to target if more the one is selected by the NODE_SELECTOR",
+    "variable": "INSTANCE_COUNT",
+    "type": "number",
+    "default": "1",
+    "required": "false"
+  },
+  {
+    "name": "execution",
+    "short_description": "Execution mode",
+    "description": "When multiple nodes are selected the execution on all of them can be performed in serial or in parallel",
+    "variable": "EXECUTION",
+    "type": "enum",
+    "allowed_values": "parallel,serial",
+    "separator": ",",
+    "required": "false"
+  },
+  {
+    "name": "ingress",
+    "short_description": "Filter incoming traffic",
+    "description": "Incoming network traffic will be filtered",
+    "variable": "INGRESS",
+    "type": "boolean",
+    "required": "true"
+  },
+  {
+    "name": "egress",
+    "short_description": "Filter outgoing traffic",
+    "description": "Outgoing network traffic will be filtered",
+    "variable": "EGRESS",
+    "type": "boolean",
+    "required": "true"
+  },
+  {
+    "name": "interfaces",
+    "short_description": "Network interfaces to filter outgoing traffic (if more than one separated by comma)",
+    "description": "Network interfaces to filter outgoing traffic (if more than one separated by comma eg. eth0,eth1,eth2)",
+    "variable": "INTERFACES",
+    "type": "string",
+    "default": "",
+    "validator": "^$|^[a-zA-Z0-9-.]+(,[a-zA-Z0-9-.]+)*",
+    "validation_message": "Network interfaces must be in the format: eth0 or a comma separated list eth0,eth1,eth2,eth-1,eth.1",
+    "required": "false"
+  },
+  {
+    "name": "image",
+    "short_description": "The network chaos injection workload container image",
+    "description": "The network chaos injection workload container image",
+    "variable": "IMAGE",
+    "type": "string",
+    "default": "quay.io/krkn-chaos/krkn-network-chaos:latest",
+    "required": "false"
+  },
+  {
+    "name": "taints",
+    "short_description": "The list of tolerations that can be assigned to the network filter workload",
+    "description": "The list of tolerations that can be assigned to the network filter workload (comma separated)",
+    "variable": "TAINTS",
+    "type": "string",
+    "default": "",
+    "required": "false"
+  },
+  {
+    "name": "service-account",
+    "short_description": "The service account associated with the Node Network Filter workload",
+    "description": "The service account associated with the Node Network Filter workload",
+    "variable": "SERVICE_ACCOUNT",
+    "type": "string",
+    "default": "",
+    "required": "false"
+  },
+  {
+    "name": "latency",
+    "short_description": "The latency introduced on the network interface by the scenario",
+    "description": "The latency introduced on the network interface by the scenario, can be expressed in `us` (microseconds), `ms`( milliseconds), `s` (seconds)",
+    "variable": "LATENCY",
+    "type": "string",
+    "default": "0ms",
+    "validator": "^(\\d+)(us|ms|s)$",
+    "validation_message": "latency must be expressed in `us` (microseconds), `ms`( milliseconds), `s` (seconds), eg. 10ms",
+    "required": "false"
+  },
+  {
+    "name": "loss",
+    "short_description": "The percentage of packets that will be dropped",
+    "description": "The percentage of packets that will be dropped",
+    "variable": "LOSS",
+    "type": "number",
+    "default": "1",
+    "required": "false"
+  },
+  {
+    "name": "bandwidth",
+    "short_description": "The bandwidth restriction applied to the interface.",
+    "description": "The bandwidth restriction applied to the interface, can be expressed in `bit`, `kbit`, `mbit` or `tbit`",
+    "variable": "BANDWIDTH",
+    "type": "string",
+    "default": "10gbit",
+    "validator": "^(\\d+)(bit|kbit|mbit|gbit|tbit)$",
+    "validation_message": "bandwidth must be expressed in `bit`, `kbit`, `mbit` or `tbit`",
+    "required": "false"
+  },
+  {
+    "name": "force",
+    "short_description": "Forces the scenario execution.",
+    "description": "Forces the scenario execution if krkn detects a potential configuration conflict",
+    "variable": "FORCE",
+    "type": "boolean",
+    "required": "false"
+  }
+]

node-network-chaos-ng/network-chaos.yml

@@ -0,0 +1,18 @@
+- id: node_network_chaos
+  image: "quay.io/krkn-chaos/krkn-network-chaos:latest"
+  wait_duration: 1
+  test_duration: 60
+  label_selector: ""
+  service_account: ""
+  taints: []
+  namespace: 'default'
+  instance_count: 1
+  target: "<node_name>"
+  execution: parallel
+  interfaces: []
+  ingress: true
+  egress: true
+  latency: 0s # supported units are us (microseconds), ms, s
+  loss: 10 # percentage
+  bandwidth: 1gbit #supported units are bit kbit mbit gbit tbit
+  force: false

node-network-chaos-ng/run.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+
+ROOT_FOLDER="/home/krkn"
+KRAKEN_FOLDER="$ROOT_FOLDER/kraken"
+SCENARIO_FOLDER="$KRAKEN_FOLDER/scenarios/kube"
+
+# Source env.sh to read all the vars
+source $ROOT_FOLDER/main_env.sh
+source $ROOT_FOLDER/env.sh
+source $ROOT_FOLDER/common_run.sh
+
+if [[ $KRKN_DEBUG == "True" ]];then
+  set -ex
+fi
+
+yq -i ".[0].test_duration=$TEST_DURATION" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].label_selector=\"$LABEL_SELECTOR\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].namespace=\"$NAMESPACE\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].instance_count=$INSTANCE_COUNT" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].execution=\"$EXECUTION\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].ingress=$INGRESS" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].egress=$EGRESS" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].image=\"$IMAGE\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].target=\"$NODE_NAME\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].service_account=\"$SERVICE_ACCOUNT\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].latency=\"$LATENCY\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].loss=\"$LOSS\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].bandwidth=\"$BANDWIDTH\"" $SCENARIO_FOLDER/network-chaos.yml
+yq -i ".[0].force=\"$FORCE\"" $SCENARIO_FOLDER/network-chaos.yml
+
+IFS=',' read -ra array <<< "$INTERFACES"
+
+for ((i=0; i<${#array[@]}; i++)); do
+  yq -i ".[0].interfaces[$i]=\"${array[$i]}\"" $SCENARIO_FOLDER/network-chaos.yml
+done
+
+IFS=',' read -ra array <<< "$TAINTS"
+
+for ((i=0; i<${#array[@]}; i++)); do
+  yq -i ".[0].taints[$i]=\"${array[$i]}\"" $SCENARIO_FOLDER/network-chaos.yml
+done
+
+envsubst < $KRAKEN_FOLDER/config/config.yaml.template > $KRAKEN_FOLDER/config/network-chaos-config.yaml
+
+checks
+
+cd $KRAKEN_FOLDER
+
+if [[ $KRKN_DEBUG == "True" ]];then
+  cat $SCENARIO_FOLDER/network-chaos.yml
+  cat $KRAKEN_FOLDER/config/network-chaos-config.yaml
+fi
+
+
+python3.9 run_kraken.py --config=$KRAKEN_FOLDER/config/network-chaos-config.yaml

pod-network-chaos-ng/Dockerfile.template

@@ -0,0 +1,24 @@
+# Dockerfile for kraken
+
+FROM quay.io/krkn-chaos/krkn:latest
+
+ENV KUBECONFIG /home/krkn/.kube/config
+
+# Copy configurations
+COPY metrics_config.yaml.template /home/krkn/kraken/config/kube_burner.yaml.template
+COPY config.yaml.template /home/krkn/kraken/config/config.yaml.template
+
+COPY node-network-filter/env.sh /home/krkn/env.sh
+COPY env.sh /home/krkn/main_env.sh
+COPY node-network-filter/run.sh /home/krkn/run.sh
+COPY node-network-filter/network-chaos.yml /home/krkn/kraken/scenarios/kube/network-chaos.yml
+COPY common_run.sh /home/krkn/common_run.sh
+
+LABEL krknctl.kubeconfig_path="/home/krkn/.kube/config"
+LABEL krknctl.title="Node Network Chaos"
+LABEL krknctl.description="Scenario to introduce network latency, packet loss, and bandwidth restriction in the Pod's host network interface. The purpose of this scenario is to observe faults caused by random variations in the network (NG version)."
+
+LABEL krknctl.input_fields='$KRKNCTL_INPUT'
+
+ENTRYPOINT /home/krkn/run.sh
+

pod-network-chaos-ng/README.md

@@ -0,0 +1,3 @@
+# Network Chaos docs
+
+See [doc](../../docs/node-network-filter.md) for how to run and all the variables listed

pod-network-chaos-ng/env.sh

@@ -0,0 +1,19 @@
+export TEST_DURATION=${TOTAL_CHAOS_DURATION:="60"}
+export POD_SELECTOR=${POD_SELECTOR:=""}
+export NAMESPACE=${NAMESPACE:="default"}
+export INSTANCE_COUNT=${INSTANCE_COUNT:="1"}
+export EXECUTION=${EXECUTION:="parallel"}
+export INGRESS=${INGRESS:="false"}
+export EGRESS=${EGRESS:="false"}
+export INTERFACES=${INTERFACES:=""}
+export PORTS=${PORTS:=""}
+export SCENARIO_TYPE=${SCENARIO_TYPE:=network_chaos_ng_scenarios}
+export SCENARIO_FILE=${SCENARIO_FILE:=scenarios/kube/network-chaos.yml}
+export IMAGE=${IMAGE:="quay.io/krkn-chaos/krkn-network-chaos:latest"}
+export PROTOCOLS=${PROTOCOLS:="tcp"}
+export POD_NAME=${POD_NAME:=""}
+export TAINTS=${TAINTS:=""}
+export SERVICE_ACCOUNT=${SERVICE_ACCOUNT:=""}
+export LATENCY=${LATENCY:="0ms"}
+export LOSS=${LOSS:="0"}
+export BANDWIDTH=${BANDWIDTH:="1gbit"}