Simuler des pannes réseau
Traduction Bêta Non Officielle
Cette page a été traduite par PageTurner AI (bêta). Non approuvée officiellement par le projet. Vous avez trouvé une erreur ? Signaler un problème →
Ce document explique comment utiliser Chaosd pour simuler des pannes réseau. Ces simulations s'effectuent en modifiant le routage réseau et le contrôle du flux de trafic à l'aide d'iptables, ipsets, tc, etc.
note
Assurez-vous que le module NET_SCH_NETEM est installé dans le noyau Linux. Si vous utilisez CentOS, vous pouvez installer ce module via le paquet kernel-modules-extra. La plupart des autres distributions Linux l'ont déjà installé par défaut.
Créer des expériences de panne réseau en mode ligne de commande
Cette section présente comment créer des expériences de panne réseau en mode ligne de commande.
Avant de créer une expérience, vous pouvez exécuter la commande suivante pour vérifier les types de pannes réseau pris en charge par Chaosd :
chaosd attack network --help
Le résultat affiché est le suivant :
Network attack related commands
Usage:
chaosd attack network [command]
Available Commands:
bandwidth limit network bandwidth
corrupt corrupt network packet
delay delay network
dns attack DNS server or map specified host to specified IP
duplicate duplicate network packet
loss loss network packet
partition partition
port attack network port
Flags:
-h, --help help for network
Global Flags:
--log-level string the log level of chaosd, the value can be 'debug', 'info', 'warn' and 'error'
Use "chaosd attack network [command] --help" for more information about a command.
Actuellement, vous pouvez simuler quatre scénarios expérimentaux avec Chaosd : corruption réseau, latence réseau, duplication réseau et perte réseau.
Simuler la corruption réseau en mode ligne de commande
Vous pouvez exécuter la commande ci-dessous pour voir la configuration de la simulation de corruption réseau avec Chaosd.
Commande pour la corruption réseau
La commande est la suivante :
chaosd attack network corrupt --help
Le résultat affiché est le suivant :
corrupt network packet
Usage:
chaosd attack network corrupt [flags]
Flags:
-c, --correlation string correlation is percentage (10 is 10%) (default "0")
-d, --device string the network interface to impact
-e, --egress-port string only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. It can only be used in conjunction with -p tcp or -p udp
-h, --help help for corrupt
-H, --hostname string only impact traffic to these hostnames
-i, --ip string only impact egress traffic to these IP addresses
--percent string percentage of packets to corrupt (10 is 10%) (default "1")
-p, --protocol string only impact traffic using this IP protocol, supported: tcp, udp, icmp, all
-s, --source-port string only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. It can only be used in conjunction with -p tcp or -p udp
Global Flags:
--log-level string the log level of chaosd, the value can be 'debug', 'info', 'warn' and 'error'
Paramètres de configuration liés à la corruption réseau
Les paramètres associés sont décrits comme suit :
| Configuration item | Abbreviation | Description | Value |
|---|---|---|---|
| correlation | c | The correlation between the percentage of current corrupt occurrence and the previous occurrence. | int. It is a percentage ranging from 0 to 100 (10 is 10%) ("0" by default ). |
| device | d | Name of the impacted network interface card. | string, such as "eth0", required. |
| egress-port | e | The egress traffic that only impacts specific destination ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
| hostname | H | The host name impacted by traffic. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "chaos-mesh.org". |
| ip | i | The IP address impacted by egress traffic. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "123.123.123.123". |
| protocol | p | The IP protocol impacted by traffic. | string. Supported protocols: tcp, udp, icmp, all (all network protocols). |
| source-port | s | The egress traffic which only impact specific source ports. It can only be configured when the protocol is TCP or UDP. | string. Use a , to delimit the specific port or to indicate the range of the ports, such as "80,8001:8010". |
| percent | Ratio of network packet corruption. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "1"). |
Exemple de simulation de corruption réseau en mode commande
Exécutez la commande suivante pour simuler une corruption réseau :
chaosd attack network corrupt -d eth0 -i 172.16.4.4 --percent 50
Si la commande s'exécute correctement, le résultat est le suivant :
Attack network successfully, uid: 4eab1e62-8d60-45cb-ac85-3c17b8ac4825
Simuler la latence réseau en mode ligne de commande
Vous pouvez exécuter la commande ci-dessous pour voir la configuration de la simulation de latence réseau avec Chaosd.
Commande pour la latence réseau
La commande est la suivante :
chaosd attack network delay --help
Le résultat affiché est le suivant :
delay network
Usage:
chaosd attack network delay [flags]
Flags:
-c, --correlation string correlation is percentage (10 is 10%) (default "0")
-d, --device string the network interface to impact
-e, --egress-port string only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. It can only be used in conjunction with -p tcp or -p udp
-h, --help help for delay
-H, --hostname string only impact traffic to these hostnames
-i, --ip string only impact egress traffic to these IP addresses
-j, --jitter string jitter time, time units: ns, us (or µs), ms, s, m, h.
-l, --latency string delay egress time, time units: ns, us (or µs), ms, s, m, h.
-p, --protocol string only impact traffic using this IP protocol, supported: tcp, udp, icmp, all
-s, --source-port string only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. It can only be used in conjunction with -p tcp or -p udp
Global Flags:
--log-level string the log level of chaosd, the value can be 'debug', 'info', 'warn' and 'error'
Paramètres de configuration liés à la latence réseau
Les paramètres associés sont décrits comme suit :
| Configuration item | Abbreviation | Description | Value |
|---|---|---|---|
| correlation | c | The correlation between the current latency and the previous one. | string. It is a percentage ranging from 0 to 100 (10 is 10%) ("0" by default). |
| device | d | Name of the impacted network interface card. | string, such as "eth0", required. |
| egress-port | e | The egress traffic which only impact specific destination ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
| hostname | H | The host name impacted by traffic. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "chaos-mesh.org". |
| ip | i | The IP address impacted by egress traffic. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "123.123.123.123". |
| jitter | j | Range of the length of network delay time. | string. The time units can be: ns, us (µs), ms, s, m, h, such as "1ms". |
| latency | l | Length of network delay time. | string. The time units can be: ns, us (μs), ms, s, m, h, such as "1ms". |
| protocol | p | The IP protocol impacted by traffic. | string. It supports the following protocol types: "tcp", "udp", "icmp", "all" (all network protocols). |
| source-port | s | The egress traffic that only impacts specified source ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
Exemple de simulation de latence réseau en mode ligne de commande
Exécutez la commande suivante pour simuler une latence réseau :
chaosd attack network delay -d eth0 -i 172.16.4.4 -l 10ms
Si la commande s'exécute correctement, le résultat est le suivant :
Attack network successfully, uid: 4b23a0b5-e193-4b27-90a7-3e04235f32ab
Simuler la duplication réseau en mode ligne de commande
Vous pouvez exécuter la commande ci-dessous pour voir la configuration de la simulation de duplication réseau avec Chaosd.
Commande pour la duplication réseau
La commande est la suivante :
chaosd attack network duplicate --help
Le résultat affiché est le suivant :
duplicate network packet
Usage:
chaosd attack network duplicate [flags]
Flags:
-c, --correlation string correlation is percentage (10 is 10%) (default "0")
-d, --device string the network interface to impact
-e, --egress-port string only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. It can only be used in conjunction with -p tcp or -p udp
-h, --help help for duplicate
-H, --hostname string only impact traffic to these hostnames
-i, --ip string only impact egress traffic to these IP addresses
--percent string percentage of packets to duplicate (10 is 10%) (default "1")
-p, --protocol string only impact traffic using this IP protocol, supported: tcp, udp, icmp, all
-s, --source-port string only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. It can only be used in conjunction with -p tcp or -p udp
Global Flags:
--log-level string the log level of chaosd, the value can be 'debug', 'info', 'warn' and 'error'
Paramètres de configuration liés à la duplication réseau
Les paramètres associés sont décrits comme suit :
| Configuration item | Abbreviation | Description | Value |
|---|---|---|---|
| correlation | c | The correlation between the percentage of current duplication occurrence and the previous one. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "0"). |
| device | d | Name of the impacted network interface card. | string, such as "eth0", required. |
| egress-port | e | The egress traffic that only impacts specified destination ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
| hostname | H | The host name impacted by traffic. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "chaos-mesh.org". |
| ip | i | The IP address impacted by egress traffic. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "123.123.123.123". |
| percent | N/A | Ratio of network packet duplicate. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "1"). |
| protocol | p | The IP protocol impacted by traffic. | string. It supports the following protocol types: "tcp", "udp", "icmp", "all" (all network protocols). |
| source-port | s | The egress traffic which only impact specific source ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
Exemple de simulation de duplication réseau en mode ligne de commande
Exécutez la commande suivante pour simuler une duplication réseau :
chaosd attack network duplicate -d eth0 -i 172.16.4.4 --percent 50
Si la commande s'exécute correctement, le résultat est le suivant :
Attack network successfully, uid: 7bcb74ee-9101-4ae4-82f0-e44c8a7f113c
Simuler la perte réseau en mode ligne de commande
Vous pouvez exécuter la commande ci-dessous pour voir la configuration de la simulation de perte réseau avec Chaosd :
Commande pour la perte réseau
La commande est la suivante :
chaosd attack network loss --help
Le résultat affiché est le suivant :
loss network packet
Usage:
chaosd attack network loss [flags]
Flags:
-c, --correlation string correlation is percentage (10 is 10%) (default "0")
-d, --device string the network interface to impact
-e, --egress-port string only impact egress traffic to these destination ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. It can only be used in conjunction with -p tcp or -p udp
-h, --help help for loss
-H, --hostname string only impact traffic to these hostnames
-i, --ip string only impact egress traffic to these IP addresses
--percent string percentage of packets to drop (10 is 10%) (default "1")
-p, --protocol string only impact traffic using this IP protocol, supported: tcp, udp, icmp, all
-s, --source-port string only impact egress traffic from these source ports, use a ',' to separate or to indicate the range, such as 80, 8001:8010. It can only be used in conjunction with -p tcp or -p udp
Global Flags:
--log-level string the log level of chaosd, the value can be 'debug', 'info', 'warn' and 'error'
Paramètres de configuration liés à la perte réseau
Les paramètres associés sont décrits comme suit :
| Configuration item | Abbreviation | Description | Value |
|---|---|---|---|
| correlation | c | The correlation between the percentage of the current network loss and the previous one. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "0"). |
| device | d | Name of the impacted network interface card. | string, such as "eth0", required. |
| egress-port | e | The egress traffic that only impacts specified destination ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
| hostname | H | The host name impacted by traffic. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "chaos-mesh.org". |
| ip | i | The IP address impacted by egress traffic. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "123.123.123.123". |
| percent | N/A | Ratio of network packet loss. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "1"). |
| protocol | p | Only impact traffic using this IP protocol. | string. It supports the following protocol types: "tcp", "udp", "icmp", "all" (all network protocols). |
| source-port | s | The egress traffic which only impact specific source ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
Exemple de simulation de perte réseau en mode ligne de commande
Exécutez la commande suivante pour simuler une perte réseau :
chaosd attack network loss -d eth0 -i 172.16.4.4 --percent 50
Si la commande s'exécute correctement, le résultat est le suivant :
Attack network successfully, uid: 1e818adf-3942-4de4-949b-c8499f120265
Simuler la partition réseau en mode ligne de commande
Vous pouvez exécuter la commande ci-dessous pour voir la configuration de la simulation de partition réseau avec Chaosd.
Commande pour la partition réseau
La commande est la suivante :
chaosd attack network partition --help
Le résultat affiché est le suivant :
partition
Usage:
chaosd attack network partition [flags]
Flags:
--accept-tcp-flags string only the packet which match the tcp flag can be accepted, others will be dropped. only set when the protocol is tcp.
-d, --device string the network interface to impact
--direction string specifies the partition direction, values can be 'to', 'from' or 'both'. 'from' means packets coming from the 'IPAddress' or 'Hostname' and going to your server, 'to' means packets originating from your server and going to the 'IPAddress' or 'Hostname'. (default "both")
-h, --help help for partition
-H, --hostname string only impact traffic to these hostnames
-i, --ip string only impact egress traffic to these IP addresses
-p, --protocol string only impact traffic using this IP protocol, supported: tcp, udp, icmp, all
Global Flags:
--log-level string the log level of chaosd. The value can be 'debug', 'info', 'warn' and 'error'
--uid string the experiment ID
Paramètres liés à la partition réseau
Les paramètres associés sont décrits comme suit :
| Configuration item | Abbreviation | Description | Value |
|---|---|---|---|
| accept-tcp-flags | N/A | Only the packet which matches the tcp flag can be accepted, others will be dropped. Only set when the protocol is tcp. | string, such as "SYN,ACK SYN,ACK" |
| device | d | the network interface to impact | string, such as "eth0", required |
| direction | d | Specifies the partition direction, values can be 'to', 'from' or 'both'. 'from' means packets coming from the 'ip' or 'hostname' and going to your server, 'to' means packets originating from your server and going to the 'ip' or 'hostname'. | string, values can be "to", "from" or "both" (default "both") |
| hostname | H | Only impact traffic to these hostnames. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "chaos-mesh.org". |
| ip | i | Only impact egress traffic to these IP addresses. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "192.168.123.123". |
| protocol | p | Only impact traffic using this IP protocol | string. It supports the following protocol types: "tcp", "udp", "icmp", "all" (all network protocols). |
Exemple de simulation de partition réseau en mode ligne de commande
Exécutez la commande suivante pour simuler une partition réseau :
chaosd attack network partition -i 172.16.4.4 -d eth0 --direction from
Simuler une panne DNS en mode ligne de commande
Vous pouvez exécuter la commande ci-dessous pour consulter la configuration des pannes DNS simulées avec Chaosd.
Commande pour la panne DNS
La commande est la suivante :
chaosd attack network dns --help
Le résultat affiché est le suivant :
attack DNS server or map specified host to specified IP
Usage:
chaosd attack network dns [flags]
Flags:
-d, --dns-domain-name string map this host to specified IP
-i, --dns-ip string map specified host to this IP address
--dns-server string update the DNS server in /etc/resolv.conf with this value (default "123.123.123.123")
-h, --help help for dns
Global Flags:
--log-level string the log level of chaosd. The value can be 'debug', 'info', 'warn' and 'error'
--uid string the experiment ID
Paramètres liés aux pannes DNS
Les paramètres associés sont décrits comme suit :
| Configuration item | Abbreviation | Description | Value |
|---|---|---|---|
| dns-domain-name | d | Map this host to specified IP(dns-ip) | string, such as "chaos-mesh.org". |
| dns-ip | i | Map specified host(dns-domain-name) to this IP address | string, such as "123.123.123.123" |
| dns-server | N/A | Update the DNS server in /etc/resolv.conf with this value | string, default is "123.123.123.123" |
Exemple de simulation de panne DNS en mode ligne de commande
Exécutez la commande suivante pour simuler une panne DNS en associant un hôte spécifique à une IP donnée :
chaosd attack network dns --dns-ip 123.123.123.123 --dns-domain-name chaos-mesh.org
Exécutez la commande suivante pour simuler une panne DNS en utilisant un serveur DNS incorrect :
chaosd attack network dns --dns-server 123.123.123.123
Simuler la bande passante réseau en mode ligne de commande
Vous pouvez exécuter la commande ci-dessous pour consulter la configuration de la bande passante réseau simulée avec Chaosd.
Commande pour la bande passante réseau
La commande est la suivante :
chaosd attack network bandwidth --help
Le résultat affiché est le suivant :
limit network bandwidth
Usage:
chaosd attack network bandwidth [flags]
Flags:
-b, --buffer uint32 the maximum amount of bytes that tokens can be available for instantaneously
-d, --device string the network interface to impact
-h, --help help for bandwidth
-H, --hostname string only impact traffic to these hostnames
-i, --ip string only impact egress traffic to these IP addresses
-l, --limit uint32 the number of bytes that can be queued waiting for tokens to become available
-m, --minburst uint32 specifies the size of the peakrate bucket
--peakrate uint the maximum depletion rate of the bucket
-r, --rate string the speed knob, allows bps, kbps, mbps, gbps, tbps unit. bps means bytes per second
Global Flags:
--log-level string the log level of chaosd. The value can be 'debug', 'info', 'warn' and 'error'
--uid string the experiment ID
Paramètres liés à la bande passante réseau
Les paramètres associés sont décrits comme suit :
| Configuration item | Abbreviation | Description | Value |
|---|---|---|---|
| buffer | b | The maximum amount of bytes that tokens can be available for instantaneously | int, such as 10000, required |
| device | d | The network interface to impact | string, such as "eth0", required |
| hostname | H | Only impact traffic to these hostnames. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "chaos-mesh.org". |
| ip | i | Only impact egress traffic to these IP addresses. hostname and ip cannot be empty at the same time. When hostname and ip are set at the same time, the configuration item affects both the specified hostname and ip. | string, such as "123.123.123.123". |
| limit | l | The number of bytes that can be queued waiting for tokens to become available | int, such as 10000, required |
| minburst | m | Specifies the size of the peakrate bucket | int, such as 10000 |
| peakrate | N/A | The maximum depletion rate of the bucket | int, such as 10000 |
| rate | r | The speed knob, allows bps, kbps, mbps, gbps, tbps unit. The bps unit means bytes per second. | string, such as "1mbps", required |
Exemple de simulation de bande passante réseau en mode ligne de commande
Exécutez la commande suivante pour simuler l'occupation de port :
chaosd attack network bandwidth --buffer 10000 --device eth0 --limit 10000 --rate 10mbps
Simuler l'occupation de port en mode ligne de commande
Vous pouvez exécuter la commande ci-dessous pour consulter la configuration de l'occupation de port simulée.
Commande pour l'occupation de port
La commande est la suivante :
chaosd attack network port --help
Le résultat affiché est le suivant :
attack network port
Usage:
chaosd attack network port [flags]
Flags:
-h, --help help for port
-p, --port string this specified port is to occupied
Global Flags:
--log-level string the log level of chaosd. The value can be 'debug', 'info', 'warn' and 'error'
--uid string the experiment ID
Paramètres liés à l'occupation de port
Les paramètres associés sont décrits comme suit :
| Configuration item | Abbreviation | Description | Value |
|---|---|---|---|
| port | p | The specified port to be occupied | int, such as 8080, required |
Exemple de simulation d'occupation de port en mode ligne de commande
Exécutez la commande suivante pour simuler l'occupation de port :
chaosd attack network port --port 8080
Créer des expériences de défaillance réseau en mode service
Pour créer des expériences en mode service, procédez comme suit :
-
Lancez Chaosd en mode service :
chaosd server --port 31767 -
Envoyez une requête HTTP
POSTau chemin/api/attack/processdu service Chaosd :curl -X POST 172.16.112.130:31767/api/attack/process -H "Content-Type:application/json" -d '{fault-configuration}'Dans cette commande, configurez
fault-configurationselon le type de défaut. Pour les paramètres correspondants, reportez-vous aux paramètres et exemples de chaque type de défaut dans les sections suivantes.
note
Lors de l'exécution d'une expérience, notez l'UID de l'expérience. Pour arrêter l'expérience associée à cet UID, envoyez une requête HTTP DELETE au chemin /api/attack/{uid} du service Chaosd.
Simuler la corruption réseau en mode service
Paramètres pour simuler la corruption réseau
| Parameter | Description | Value |
|---|---|---|
| action | Action of the experiment. | set to "corrupt" |
| correlation | The correlation between the current latency and the previous one. | string. It is a percentage ranging from 0 to 100 (10 is 10%) ("0" by default). |
| device | Name of the impacted network interface card. | string, such as "eth0", required. |
| egress-port | The egress traffic which only impact specific destination ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
| hostname | The host name impacted by traffic. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "chaos-mesh.org". |
| ip-address | The IP address impacted by egress traffic. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "123.123.123.123". |
| ip-protocol | The IP protocol impacted by traffic. | string. Supported protocols: tcp, udp, icmp, all (all network protocols). |
| source-port | The egress traffic which only impact specific source ports. It can only be configured when the protocol is TCP or UDP. | string. Use a , to delimit the specific port or to indicate the range of the ports, such as "80,8001:8010". |
| percent | Ratio of network packet corruption. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "1"). |
Exemple de simulation de corruption réseau en mode service
curl -X POST 172.16.112.130:31767/api/attack/network -H "Content-Type:application/json" -d '{"action":"corrupt","device":"eth0","ip-address":"172.16.4.4","percent":"50"}'
Simuler la latence réseau en mode service
Paramètres pour simuler la latence réseau
| Parameter | Description | Value |
|---|---|---|
| action | Action of the experiment. | set to "delay" |
| correlation | The correlation between the current latency and the previous one. | string. It is a percentage ranging from 0 to 100 (10 is 10%) ("0" by default). |
| device | Name of the impacted network interface card. | string, such as "eth0", required. |
| egress-port | The egress traffic which only impact specific destination ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
| hostname | The host name impacted by traffic. hostname and ip-address cannot be empty at the same time. When hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "chaos-mesh.org". |
| ip-address | The IP address impacted by egress traffic. hostname and ip-address cannot be empty at the same time. When hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "123.123.123.123". |
| jitter | Range of the length of network delay time. | string. The time units can be: ns, us (µs), ms, s, m, h, such as "1ms". |
| latency | Length of network delay time. | string. The time units can be: ns, us (μs), ms, s, m, h, such as "1ms". |
| ip-protocol | The IP protocol impacted by traffic. | string. It supports the following protocol types: "tcp", "udp", "icmp", "all" (all network protocols). |
| source-port | The egress traffic that only impacts specified source ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
Exemple de simulation de latence réseau en mode service
curl -X POST 172.16.112.130:31767/api/attack/network -H "Content-Type:application/json" -d '{"action":"delay","device":"eth0","ip-address":"172.16.4.4","latency":"10ms"}'
Simuler la duplication réseau en mode service
Paramètres pour simuler la duplication réseau
| Parameter | Description | Value |
|---|---|---|
| action | Action of the experiment. | set to "duplicate" |
| correlation | The correlation between the percentage of current duplication occurrence and the previous one. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "0"). |
| device | Name of the impacted network interface card. | string, such as "eth0", required. |
| egress-port | The egress traffic that only impacts specified destination ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
| hostname | The host name impacted by traffic. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "chaos-mesh.org". |
| ip-address | The IP address impacted by egress traffic. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "123.123.123.123". |
| percent | Ratio of network packet duplicate. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "1"). |
| ip-protocol | The IP protocol impacted by traffic. | string. It supports the following protocol types: "tcp", "udp", "icmp", "all" (all network protocols). |
| source-port | The egress traffic which only impact specific source ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
Exemple pour simuler la duplication réseau en mode service
curl -X POST 172.16.112.130:31767/api/attack/network -H "Content-Type:application/json" -d '{"action":"duplicate","ip-address":"172.16.4.4","device":"eth0","percent":"50"}'
Simuler la perte réseau en mode service
Paramètres pour simuler la perte réseau
| Parameter | Description | Value |
|---|---|---|
| action | Action of the experiment. | set to "loss" |
| correlation | The correlation between the percentage of the current network loss and the previous one. | string, it is a percentage which range is 0 to 100 (10 is 10%) (default "0"). |
| device | Name of the impacted network interface card. | string, such as "eth0", required. |
| egress-port | The egress traffic that only impacts specified destination ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
| hostname | The host name impacted by traffic. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "chaos-mesh.org". |
| ip-address | The IP address impacted by egress traffic. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "123.123.123.123". |
| percent | Ratio of network packet loss. | string. It is a percentage which range is 0 to 100 (10 is 10%) (default "1"). |
| ip-protocol | Only impact traffic using this IP protocol. | string, it supports the following protocol types: "tcp", "udp", "icmp", "all" (all network protocols). |
| source-port | The egress traffic which only impact specific source ports. It can only be configured when the protocol is TCP or UDP. | string. You need to use a , to separate the specific port or to indicate the range of the port, such as "80,8001:8010". |
Exemple pour simuler la perte réseau en mode service
curl -X POST 172.16.112.130:31767/api/attack/network -H "Content-Type:application/json" -d '{"action":"loss","ip-address":"172.16.4.4","device":"eth0","percent":"50"}'
Simuler la partition réseau en mode service
Paramètres pour simuler la partition réseau
| Parameter | Description | Value |
|---|---|---|
| action | Action of the experiment. | set to "partition" |
| accept-tcp-flags | Only the packet which match the tcp flag can be accepted, others will be dropped. Only set when the protocol is tcp. | string, such as "SYN,ACK SYN,ACK" |
| device | The network interface to impact | string, such as "eth0", required |
| direction | Specifies the partition direction, values can be 'to', 'from' or 'both'. 'from' means packets coming from the 'ip-address' or 'hostname' and going to your server, 'to' means packets originating from your server and going to the 'ip-address' or 'hostname'. | string, values can be "to", "from" or "both" (default "both") |
| hostname | Only impact traffic to these hostnames. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "chaos-mesh.org". |
| ip-address | Only impact egress traffic to these IP addresses. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "192.168.123.123". |
| ip-protocol | Only impact traffic using this IP protocol | string. It supports the following protocol types: tcp, udp, icmp, all (all network protocols). |
Exemple pour simuler la partition réseau en mode service
curl -X POST 172.16.112.130:31767/api/attack/network -H "Content-Type:application/json" -d '{"action":"partition","ip-address":"172.16.4.4","device":"eth0","direction":"from"}'
Simuler une panne DNS en mode service
Paramètres pour simuler une panne DNS
| Parameter | Description | Value |
|---|---|---|
| action | Action of the experiment. | set to "dns" |
| dns-domain-name | Map this host to specified IP(dns-ip) | string, such as "chaos-mesh.org". |
| dns-ip | Map specified host(dns-domain-name) to this IP address | string, such as "123.123.123.123" |
| dns-server | Update the DNS server in /etc/resolv.conf with this value | string, such as "123.123.123.123" (default "123.123.123.123") |
Exemple pour simuler une panne DNS en mode service
curl -X POST 172.16.112.130:31767/api/attack/network -H "Content-Type:application/json" -d '{"action":"dns","dns-domain-name":"chaos-mesh.org","dns-ip":"123.123.123.123"}'
Simuler la bande passante réseau en mode service
Paramètres pour simuler la bande passante réseau
| Parameter | Description | Value |
|---|---|---|
| action | Action of the experiment. | set to "bandwidth" |
| buffer | The maximum amount of bytes that tokens can be available for instantaneously | int, such as 10000, required |
| device | The network interface to impact | string, such as "eth0", required |
| hostname | Only impact traffic to these hostnames. hostname and ip-address cannot be empty at the same time. when hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "chaos-mesh.org". |
| ip-address | Only impact egress traffic to these IP addresses. hostname and ip-address cannot be empty at the same time. When hostname and ip-address are set at the same time, the configuration item affects both the specified hostname and ip-address. | string, such as "123.123.123.123". |
| limit | The number of bytes that can be queued waiting for tokens to become available | int, such as 10000, required |
| minburst | Specifies the size of the peakrate bucket | int, such as 10000 |
| peakrate | The maximum depletion rate of the bucket | int, such as 10000 |
| rate | The speed knob, allows bps, kbps, mbps, gbps, tbps unit. The bps unit means bytes per second. | string, such as "1mbps", required |
Exemple pour simuler la bande passante réseau en mode service
curl -X POST 172.16.112.130:31767/api/attack/network -H "Content-Type:application/json" -d '{"action":"bandwidth","buffer":10000,"limit":10000,"rate":"10mbps","device":"eth0"}'
Simuler l'occupation de port en mode service
Paramètres pour simuler l'occupation de port
| Parameter | Description | Value |
|---|---|---|
| action | Action of the experiment. | set to "occupied" |
| port | The specified port to be occupied. | int, such as 8080, required |
Exemple pour simuler l'occupation de port en mode service
curl -X POST 172.16.112.130:31767/api/attack/network -H "Content-Type:application/json" -d '{"action":"occupied","port":8080}'