Simplified Merge-All #33
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Technically shouldn't force the user to use the kube-monkey namespace
Had to run `glide cache-clear` and then `glide update --strip-vendor`
Allow people to copy pasta ;) asobti#23
Only relevant after asobti#24
CreateClient involves creating a clientset that accesses the k8 api It does not belong in chaos but rather kubernetes
New sublocation for all kinds
run with make gofmt
Allow victims to do the heavylifting for common methods
Whitelists and Blacklists both operate. Blacklist overrides a whitelist.
Log improvements
K8 upgrade
Templatize
Print time fixes
Statefulsets
glide up --v && v0.2.0
|
deploy-test.yaml ---
apiVersion: v1
kind: Namespace
metadata:
name: test-system
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: counter
namespace: test-system
spec:
replicas: 2
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: monkey-victim-counter
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "kill-all"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'
image: busybox:latest
imagePullPolicy: Always
name: test-counter
restartPolicy: Always
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: counter-delete-all-fail-test
namespace: test-system
spec:
replicas: 2
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: monkey-victim-delete-all-fail-test
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "kill-all"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'
image: DOESNOTEXIST:latest
imagePullPolicy: Always
name: test-counter-delete-all-fail-test
restartPolicy: Always
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: singlecounter
namespace: test-system
spec:
replicas: 1
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: monkey-victim-single-counter
kube-monkey/mtbf: "2"
kube-monkey/kill-mode: "fixed"
kube-monkey/kill-value: "2"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'
image: busybox:latest
imagePullPolicy: Always
name: test-single-counter
restartPolicy: Always
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: opt-out-counter
namespace: test-system
spec:
replicas: 1
template:
metadata:
labels:
kube-monkey/enabled: disabled
kube-monkey/identifier: not-a-counter-victim
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "kill-all"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 86400; done'
image: busybox:latest
imagePullPolicy: Always
name: not-a-counter-victim
restartPolicy: Always
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: fail-deploy
namespace: test-system
spec:
replicas: 2
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: failure-test
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "fixed"
kube-monkey/kill-value: "2"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 300; done'
image: invalidimage
imagePullPolicy: Always
name: fail-deploy
restartPolicy: Always
---
# missing-secret.yaml
# a failed deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: secret-pod
namespace: test-system
spec:
replicas: 2
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: missing-secret-test
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "random-max-percent"
kube-monkey/kill-value: "2"
spec:
containers:
- name: missing-secret-test
image: busybox:latest
command: [ "/bin/sh", "-c", "env" ]
volumeMounts:
- mountPath: /etc/secret/
name: myothersecret
volumes:
- name: myothersecret
secret:
secretName: myothersecret
restartPolicy: Alwaysss-test.yaml ---
apiVersion: v1
kind: Namespace
metadata:
name: test-system
---
apiVersion: v1
kind: Service
metadata:
labels:
app: counter-ss
name: counter-ss
namespace: test-system
spec:
clusterIP: None
ports:
- port: 9001
selector:
app: counter-ss
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: counter-ss
namespace: test-system
spec:
serviceName: counter-ss
replicas: 3
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: monkey-victim-counter-ss
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "kill-all"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'
image: busybox:latest
imagePullPolicy: Always
name: test-counter-ss
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
labels:
app: counter-delete-all-fail-test-ss
name: counter-delete-all-fail-test-ss
namespace: test-system
spec:
clusterIP: None
ports:
- port: 9002
selector:
app: counter-delete-all-fail-test-ss
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: counter-delete-all-fail-test-ss
namespace: test-system
spec:
serviceName: counter-delete-all-fail-test-ss
replicas: 3
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: monkey-victim-delete-all-fail-test-ss
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "kill-all"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'
image: DOESNOTEXIST:latest
imagePullPolicy: Always
name: test-counter-delete-all-fail-test-ss
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
labels:
app: singlecounter-ss
name: singlecounter-ss
namespace: test-system
spec:
clusterIP: None
ports:
- port: 9003
selector:
app: singlecounter-ss
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: singlecounter-ss
namespace: test-system
spec:
serviceName: singlecounter-ss
replicas: 1
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: monkey-victim-single-counter-ss
kube-monkey/mtbf: "2"
kube-monkey/kill-mode: "fixed"
kube-monkey/kill-value: "2"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'
image: busybox:latest
imagePullPolicy: Always
name: test-single-counter-ss
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
labels:
app: opt-out-counter-ss
name: opt-out-counter-ss
namespace: test-system
spec:
clusterIP: None
ports:
- port: 9004
selector:
app: opt-out-counter-ss
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: opt-out-counter-ss
namespace: test-system
spec:
serviceName: opt-out-counter-ss
replicas: 1
template:
metadata:
labels:
kube-monkey/enabled: disabled
kube-monkey/identifier: not-a-counter-victim-ss
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "kill-all"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 86400; done'
image: busybox:latest
imagePullPolicy: Always
name: not-a-counter-victim-ss
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
labels:
app: fail-deploy-ss
name: fail-deploy-ss
namespace: test-system
spec:
clusterIP: None
ports:
- port: 9005
selector:
app: fail-deploy-ss
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: fail-deploy-ss
namespace: test-system
spec:
serviceName: fail-deploy-ss
replicas: 2
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: failure-test-ss
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "random-max-percent"
kube-monkey/kill-value: "75"
spec:
containers:
- args:
- /bin/sh
- -c
- 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 300; done'
image: invalidimage
imagePullPolicy: Always
name: fail-deploy-ss
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
labels:
app: secret-pod-ss
name: secret-pod-ss
namespace: test-system
spec:
clusterIP: None
ports:
- port: 9006
selector:
app: secret-pod-ss
---
# missing-secret.yaml
# a failed deployment
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: secret-pod-ss
namespace: test-system
spec:
serviceName: secret-pod-ss
replicas: 2
template:
metadata:
labels:
kube-monkey/enabled: enabled
kube-monkey/identifier: missing-secret-test-ss
kube-monkey/mtbf: "1"
kube-monkey/kill-mode: "random-max-percent"
kube-monkey/kill-value: "75"
spec:
containers:
- name: missing-secret-test-ss
image: busybox:latest
command: [ "/bin/sh", "-c", "env" ]
volumeMounts:
- mountPath: /etc/secret/
name: myothersecret
volumes:
- name: myothersecret
secret:
secretName: myothersecret
restartPolicy: Alwaysconfig.toml config.toml: |
[kubemonkey]
dry_run = false
time_zone = "America/New_York"
run_hour = 8
start_hour = 10
end_hour = 16
graceperiod_sec = 10
blacklisted_namespaces = ["kube-system"]
whitelisted_namespaces = ["default", "test-system"]
[debug]
enabled = false
schedule_delay = 10
force_should_kill = false
schedule_immediate_kill = true |
Merged
|
I just updated the glide.lock by rewriting it (y) |
asobti
reviewed
Jan 24, 2018
chaos/chaos.go
Outdated
| return c.DeletePod(client, targetPod) | ||
| } | ||
| // Has the victim been removed from the whitelist since scheduling? | ||
| if !c.Victim().IsWhitelisted() { |
There was a problem hiding this comment.
@Spellchaser Does this mean that each victim has to specifically be listed in the whitelist for kube-monkey to act on it?
There was a problem hiding this comment.
Yes, but the default for whitelisting is all namespaces. So if you don't enable a whitelist, it doesn't affect you.
There was a problem hiding this comment.
I suppose a better comment would be something like
// Does the namespace whitelist still include the victim's namespace now at killtime?
There was a problem hiding this comment.
It looks like the default is NamespaceDefault
viper.SetDefault(param.WhitelistedNamespaces, []string{metav1.NamespaceDefault})
Is that the same as NamespaceAll?
There was a problem hiding this comment.
Nada, NamespaceDefault is "default" NamespaceAll is ""
I figured it'd be safer, abliet more confusing for users
There was a problem hiding this comment.
So, if I don't specify the whitelisted_namespaces in my config file, my victims will not be killed (assuming they are in their own namespace) ?
There was a problem hiding this comment.
Ok, ignore that. I saw the following commit where you update docs for the whitelisting stuff and that clears it up.
asobti
approved these changes
Jan 24, 2018
|
Not entirely...
If you didn't specify whitelist in the configs it would default to
whitelisting the `default` namespace. Your deployments in `default` still
have to be opted in.
If you whitelisted only `test-namespace`, only deployments in
`test-namespace` could opt in.
On Jan 23, 2018 8:55 PM, "Ayush Sobti" <[email protected]> wrote:
*@asobti* commented on this pull request.
------------------------------
In chaos/chaos.go
<#33 (comment)>:
- glog.V(2).Infof("Terminating pod %s for deployment %s", targetPod,
c.deployment.Name())
- return c.DeletePod(client, targetPod)
-}
+ // Has the victim been removed from the whitelist since scheduling?
+ if !c.Victim().IsWhitelisted() {
So, if I don't specify the whitelisted_namespaces in my config file, my
victims will not be killed (assuming they are in their own namespace) ?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#33 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ACV_i6AiQDcJWnIo64dow2N8rfy21F4Kks5tNo14gaJpZM4RRPx6>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Aggregates #18, #19, #24, #25, #27, #28, #29, #30, #31, #34