-
Notifications
You must be signed in to change notification settings - Fork 805
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
blockchaos: impl blockchaos in chaosdaemon #2907
blockchaos: impl blockchaos in chaosdaemon #2907
Conversation
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
[REVIEW NOTIFICATION] This pull request has been approved by:
To complete the pull request process, please ask the reviewers in the list to review by filling The full list of commands accepted by this bot can be found here. Reviewer can indicate their review by submitting an approval review. |
Codecov Report
@@ Coverage Diff @@
## master #2907 +/- ##
==========================================
- Coverage 41.09% 40.82% -0.27%
==========================================
Files 165 166 +1
Lines 13851 13969 +118
==========================================
+ Hits 5692 5703 +11
- Misses 7726 7835 +109
+ Partials 433 431 -2
Continue to review full report at Codecov.
|
f61d729
to
7db00da
Compare
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
/run-e2e-tests |
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
/build-image |
…haosdaemon Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
You can download and import the image with following commands: ./hack/download-image.sh -r chaos-mesh/chaos-mesh -i 1920188139 |
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
…o impl-blockchaos-chaosdaemon
} | ||
|
||
blockchaos := obj.(*v1alpha1.BlockChaos) | ||
if blockchaos.Status.InjectionIds == nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think will not happen or this is a situation with some unknown problem.
func (s *DaemonServer) ApplyBlockChaos(ctx context.Context, req *pb.ApplyBlockChaosRequest) (*pb.ApplyBlockChaosResponse, error) { | ||
log := s.getLoggerFromContext(ctx) | ||
|
||
volumeName, err := normalizeVolumeName(ctx, req.VolumePath) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is wired , but you have to do it. What a pity.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you can access the mnt ns of process in /proc/$PID/root/.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Andrewmatilde I have considered this problem, the difficult part is the symbolic path resolving. If there is a symlink points to an absolute address, e.g. /home/vagrant/test -> /mnt
, then the /proc/1/root/home/vagrant/test
in container also points to /mnt
, which doesn't exist in the container. To resolve this problem we have to implement a symlink walking by ourselves, which is somehow disappointing, as it may contain relative paths, absolute paths...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with it.
@Andrewmatilde |
It fixed. THX |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
…haosdaemon Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
if pbClient != nil { | ||
defer pbClient.Close() | ||
} | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not check this error as soon as it is returned at L52?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the tricky part (as all of other container-level injection). It'll need to check whether the pbClient
should be closed, before returning the error.
I thought there are some problems which makes it hard to clean the pbClient
inside DecodeContainerRecord
, but I'm not sure. I'll open an issue to optimize this function (DecodeContainerRecord
) further. But in this PR, I think we can keep the same with all other implementations.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rest LGTM
Signed-off-by: YangKeao <yangkeao@chunibyo.icu>
/merge |
This pull request has been accepted and is ready to merge. Commit hash: c1f86b3
|
After nearly five months 😆 |
* implement blockchaos on chaosdaemon Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * make check Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * implement blockchaos helper Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * auto enable ioem scheduler Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * make check Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * fix decode container record Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * fix joining the volume path Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * enable local mount and mount namespace for cdh Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * use host-sys rather than sys in chaos-daemon Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * enable CGO for cdh Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * fine tune the protobuf Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * don't override scheduler if it's already set Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * make check Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * remount sysfs with rw permission Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * modify BlockChaos API Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * regenerate something Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * remove blockchaos limit Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * clean go.sum in e2e-test Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * add CHANGELOG.md of blockchaos Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * remove example of limit Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * use float64 correlation Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * close chaos-driver client Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * make tidy Signed-off-by: YangKeao <yangkeao@chunibyo.icu> * return error after recovering Signed-off-by: YangKeao <yangkeao@chunibyo.icu> Signed-off-by: STRRL <im@strrl.dev>
What problem does this PR solve?
Implement blockchaos in chaosdaemon
Test Steps
This functions is relatively hard to automatically test. I have tested manually with the following steps in a centos virtual machine:
kubectl exec
to enter the pod, and do some operation on the disk.Detailed Steps
These steps can be concluded in the following scripts, but please execute them one by one.
Bootstraping virtual machine
Firstly we need a virtual machine to test this feature, I used
vagrant
to help me setup the machine. In an empty directory:Then update the kernel and kernel-devel for virtual machine
You'll also need to install docker/go/python3 to build chaos-mesh
Install chaos driver
Then, inside the virtual machine, we'll need to build the chaos-driver
Now, you have installed the chaos-driver. In the
dmesg
you can see:Install k3s and helm
You can see every pod is running or completed.
Build and install chaos mesh
Then you can check whether chaos mesh is running through
k3s kubectl get pods -n chaos-testing
Setup Injectee Pod
I have prepared one in the examples
Inject BlockChaos
Then you can verify the injection through read or write inside the
/usr/share/nginx/html
You can see:
You can see:
Further Tests