Blockade: network fault testing with Docker
Project description
********
Blockade
********
.. image:: https://travis-ci.org/dcm-oss/blockade.png?branch=master
:target: https://travis-ci.org/dcm-oss/blockade
Blockade is a utility for testing network failures and partitions in
distributed applications. Blockade uses `Docker <http://www.docker.io>`_
containers to run application processes and manages the network from
the host system to create various failure scenarios.
A common use is to run a distributed application such as a database
or cluster and create network partitions, then observe the behavior of
the nodes. For example in a leader election system, you could partition
the leader away from the other nodes and ensure that the leader steps
down and that another node emerges as leader.
Check out the `full documentation <http://blockade.readthedocs.org>`_
for details.
Blockade features:
* A flexible YAML format to describe the containers in your application
* Support for dependencies between containers, using named links
* A CLI tool for managing and querying the status of your blockade
* Creation of arbitrary partitions between containers
* Giving a container a flaky network connection to others (drop packets)
* Giving a container a slow network connection to others (latency)
* While under partition or network failure control, containers can
freely communicate with the host system -- so you can still grab logs
and monitor the application.
Blockade is written and maintained by the
`Dell Cloud Manager <http://www.enstratius.com>`_ (formerly Enstratius)
team and is used internally to test the behaviors of our software.
We also release a number of other internal components as open source,
most notably `Dasein Cloud <http://dasein.org>`_.
Inspired by the excellent `Jepsen <http://aphyr.com/tags/jepsen>`_ series.
Requirements
============
* docker (>= 1.4.0 due to docker-py)
* iproute2 tools (``ip`` and ``tc`` specifically)
Configuration
=============
Blockade expects a ``blockade.yaml`` file in the current directory which
describes the containers to launch, how they are linked, and various
parameters for the blockade modes. Example:
.. code-block:: yaml
containers:
c1:
image: my_docker_image
command: /bin/myapp
volumes:
"/opt/myapp": "/opt/myapp_host"
expose: [80]
environment:
"IS_MASTER": 1
ports:
81: 80
c2:
image: my_docker_image
command: /bin/myapp
volumes: ["/data"]
expose: [80]
links:
c1: master
c3:
image: my_docker_image
command: /bin/myapp
expose: [80]
links:
c1: master
network:
flaky: 30%
slow: 75ms 100ms distribution normal
Blockade stores transient information in a local ``.blockade/`` directory.
This directory will be cleaned up automatically when you run the
``blockade destroy`` command.
Usage
=====
Blockade may be used from the command line manually. The commands are also
intended to be easy to wrap and automate within tests, etc.
Commands
========
``blockade up``
Start the containers and link them together, if necessary.
``blockade destroy``
Destroys all containers and restore networks.
``blockade status``
Print the status of the containers and blockade.
``blockade flaky n1``
``blockade flaky n1 n2``
Make network flaky to one or more containers.
``blockade slow n1``
Make network slow to one or more containers.
``blockade duplicate n1``
Toggle sporadic duplicate packets in the network of one or more containers.
``blockade fast n1``
Restore network speed and reliability to one or more containers.
``blockade partition n1,n2``
``blockade partition n1,n2 n3,n4``
Create one or more network partitions. Each partition is specified as a
comma-separated list. Containers may not exist in more than one partition.
Containers not specified are grouped into an implicit partition. Each
partition command replaces any previous partition or block rules.
``blockade join``
Remove all partitions between containers.
``blockade random-partition``
Introduce one or many random partitions among the configured nodes.
License
=======
Blockade is offered under the Apache License 2.0.
Development
===========
Install test dependencies with ``pip install blockade[test]``.
You can run integration tests in a Vagrant VM using the included Vagrantfile.
Run ``vagrant up`` and Docker will be installed in your VM and tests run.
You can rerun them with ``vagrant provision``, or SSH into the VM and run
them yourself, from ``/vagrant``.
Blockade documentation is built with Sphinx and is found under ``docs/``.
To build:
.. code-block:: bash
$ pip install -r requirements_docs.txt
$ cd docs/
$ make html
HTML output will be under ``docs/_build/html/``.
The documentation is also `hosted online <http://blockade.readthedocs.org>`_.
Changelog
=========
0.3.1 (2016-12-09)
---------------
- #43: Restore support for loading from ``blockade.yml`` config file.
- #26: Improved error messages when running blockade without access
to the Docker API.
- #25: Improved error messages when determining container host network
device fails.
- #40: Fixed ``kill`` command (broken in 0.3.0).
- #1: Fixed support for configuring Docker API via ``DOCKER_HOST`` env.
- #36: Truncate long blockade IDs to avoid iptables limits.
- Switched to directly inspecting ``/sys`` for container network devices
instead of via ``ip``. This means containers no longer need to have ``ip``
installed.
- Improved Blockade Python API by returning names of the containers a
command has operated on. Contributed by Gregor Uhlenheuer (@kongo2002).
- Fixed ``Vagrantfile`` to also work on Windows. Contributed by Oresztesz
Margaritisz (@gitaroktato).
- Documentation fix contributed by Konrad Klocek (@kklocek).
- Added new ``version`` command that prints Blockade version and exits.
- Added ``cap_add`` container config option, for specifying additional
root capabilities. Contributed by Maciej Zimnoch (@Zimnx).
0.3.0 (2016-10-29)
------------------
- Reworks all network commands to run in Docker containers. This allows
Blockade to be run without root privileges, as long as the user can
access Docker.
- Introduces a REST API and daemon mode that allows creation and
management of blockades remotely.
- Adds ability to add a container to a running blockade, via ``add``
command.
- Adds support for Docker user-defined networks to allow any-to-any
communication between containers, without links. Contributed by
Stas Kelvich (@kelvich).
- Adds ability to configure DNS servers for containers in a blockade.
Contributed by Vladimir Borodin (@dev1ant).
- Adds a generic ``--random`` flag for many commands to allow easier
randomized chaos testing. Contributed by Gregor Uhlenheuer (@kongo2002).
- Introduces a new ``kill`` command for killing containers in a blockade.
- Fixed links to Docker documentation. Contributed by @joepadmiraal.
- Fixed links of named containers. Contributed by Gregor Uhlenheuer
(@kongo2002).
0.2.0 (2015-12-23)
------------------
- #14: Support for docker >1.6, with the native driver. Eliminates the need
to use the deprecated LXC driver. Contributed by Gregor Uhlenheuer.
- #12: Fix port publishing. **Breaking change**: the order of port publishing was
swapped to be ``{external: internal}``, to be consistent with the docker
command line. Contributed by aidanhs.
- Introduces new ``duplicate`` command, which causes some packets to a container
to be duplicated. Contributed by Gregor Uhlenheuer.
- Introduces new ``start``, ``stop``, and ``restart`` commands, which manage
specified containers via Docker. Contributed By Gregor Uhlenheuer.
- Introduces new random partition behavior: ``blockade partition --random`` will
create zero or more random partitions. Contributed By Gregor Uhlenheuer.
- Reworked the blockade ID generation to be more like docker-compose, instead
of using randomly-generated IDs. If ``--name`` is specified on the command
line, this is used as the blockade ID and is prefixed to container names.
Otherwise the blockade name is taken from the basename of the current
working directory.
- Numerous other small fixes and features, many contributed by Gregor
Uhlenheuer. Thanks Gregor!
0.1.2 (2015-1-28)
-----------------
- #6: Change ``ports`` config keyword to match docker usage. It now publishes a
container port to the host. The ``expose`` config keyword now offers the
previous behavior of ``ports``: it makes a port available from the container,
for linking to other containers. Thanks to Simon Bahuchet for the
contribution.
- #9: Fix logs command for Python 3.
- Updated dependencies.
0.1.1 (2014-02-12)
------------------
- Support for Python 2.6 and Python 3.x
0.1.0 (2014-02-11)
------------------
- Initial release of Blockade!
Blockade
********
.. image:: https://travis-ci.org/dcm-oss/blockade.png?branch=master
:target: https://travis-ci.org/dcm-oss/blockade
Blockade is a utility for testing network failures and partitions in
distributed applications. Blockade uses `Docker <http://www.docker.io>`_
containers to run application processes and manages the network from
the host system to create various failure scenarios.
A common use is to run a distributed application such as a database
or cluster and create network partitions, then observe the behavior of
the nodes. For example in a leader election system, you could partition
the leader away from the other nodes and ensure that the leader steps
down and that another node emerges as leader.
Check out the `full documentation <http://blockade.readthedocs.org>`_
for details.
Blockade features:
* A flexible YAML format to describe the containers in your application
* Support for dependencies between containers, using named links
* A CLI tool for managing and querying the status of your blockade
* Creation of arbitrary partitions between containers
* Giving a container a flaky network connection to others (drop packets)
* Giving a container a slow network connection to others (latency)
* While under partition or network failure control, containers can
freely communicate with the host system -- so you can still grab logs
and monitor the application.
Blockade is written and maintained by the
`Dell Cloud Manager <http://www.enstratius.com>`_ (formerly Enstratius)
team and is used internally to test the behaviors of our software.
We also release a number of other internal components as open source,
most notably `Dasein Cloud <http://dasein.org>`_.
Inspired by the excellent `Jepsen <http://aphyr.com/tags/jepsen>`_ series.
Requirements
============
* docker (>= 1.4.0 due to docker-py)
* iproute2 tools (``ip`` and ``tc`` specifically)
Configuration
=============
Blockade expects a ``blockade.yaml`` file in the current directory which
describes the containers to launch, how they are linked, and various
parameters for the blockade modes. Example:
.. code-block:: yaml
containers:
c1:
image: my_docker_image
command: /bin/myapp
volumes:
"/opt/myapp": "/opt/myapp_host"
expose: [80]
environment:
"IS_MASTER": 1
ports:
81: 80
c2:
image: my_docker_image
command: /bin/myapp
volumes: ["/data"]
expose: [80]
links:
c1: master
c3:
image: my_docker_image
command: /bin/myapp
expose: [80]
links:
c1: master
network:
flaky: 30%
slow: 75ms 100ms distribution normal
Blockade stores transient information in a local ``.blockade/`` directory.
This directory will be cleaned up automatically when you run the
``blockade destroy`` command.
Usage
=====
Blockade may be used from the command line manually. The commands are also
intended to be easy to wrap and automate within tests, etc.
Commands
========
``blockade up``
Start the containers and link them together, if necessary.
``blockade destroy``
Destroys all containers and restore networks.
``blockade status``
Print the status of the containers and blockade.
``blockade flaky n1``
``blockade flaky n1 n2``
Make network flaky to one or more containers.
``blockade slow n1``
Make network slow to one or more containers.
``blockade duplicate n1``
Toggle sporadic duplicate packets in the network of one or more containers.
``blockade fast n1``
Restore network speed and reliability to one or more containers.
``blockade partition n1,n2``
``blockade partition n1,n2 n3,n4``
Create one or more network partitions. Each partition is specified as a
comma-separated list. Containers may not exist in more than one partition.
Containers not specified are grouped into an implicit partition. Each
partition command replaces any previous partition or block rules.
``blockade join``
Remove all partitions between containers.
``blockade random-partition``
Introduce one or many random partitions among the configured nodes.
License
=======
Blockade is offered under the Apache License 2.0.
Development
===========
Install test dependencies with ``pip install blockade[test]``.
You can run integration tests in a Vagrant VM using the included Vagrantfile.
Run ``vagrant up`` and Docker will be installed in your VM and tests run.
You can rerun them with ``vagrant provision``, or SSH into the VM and run
them yourself, from ``/vagrant``.
Blockade documentation is built with Sphinx and is found under ``docs/``.
To build:
.. code-block:: bash
$ pip install -r requirements_docs.txt
$ cd docs/
$ make html
HTML output will be under ``docs/_build/html/``.
The documentation is also `hosted online <http://blockade.readthedocs.org>`_.
Changelog
=========
0.3.1 (2016-12-09)
---------------
- #43: Restore support for loading from ``blockade.yml`` config file.
- #26: Improved error messages when running blockade without access
to the Docker API.
- #25: Improved error messages when determining container host network
device fails.
- #40: Fixed ``kill`` command (broken in 0.3.0).
- #1: Fixed support for configuring Docker API via ``DOCKER_HOST`` env.
- #36: Truncate long blockade IDs to avoid iptables limits.
- Switched to directly inspecting ``/sys`` for container network devices
instead of via ``ip``. This means containers no longer need to have ``ip``
installed.
- Improved Blockade Python API by returning names of the containers a
command has operated on. Contributed by Gregor Uhlenheuer (@kongo2002).
- Fixed ``Vagrantfile`` to also work on Windows. Contributed by Oresztesz
Margaritisz (@gitaroktato).
- Documentation fix contributed by Konrad Klocek (@kklocek).
- Added new ``version`` command that prints Blockade version and exits.
- Added ``cap_add`` container config option, for specifying additional
root capabilities. Contributed by Maciej Zimnoch (@Zimnx).
0.3.0 (2016-10-29)
------------------
- Reworks all network commands to run in Docker containers. This allows
Blockade to be run without root privileges, as long as the user can
access Docker.
- Introduces a REST API and daemon mode that allows creation and
management of blockades remotely.
- Adds ability to add a container to a running blockade, via ``add``
command.
- Adds support for Docker user-defined networks to allow any-to-any
communication between containers, without links. Contributed by
Stas Kelvich (@kelvich).
- Adds ability to configure DNS servers for containers in a blockade.
Contributed by Vladimir Borodin (@dev1ant).
- Adds a generic ``--random`` flag for many commands to allow easier
randomized chaos testing. Contributed by Gregor Uhlenheuer (@kongo2002).
- Introduces a new ``kill`` command for killing containers in a blockade.
- Fixed links to Docker documentation. Contributed by @joepadmiraal.
- Fixed links of named containers. Contributed by Gregor Uhlenheuer
(@kongo2002).
0.2.0 (2015-12-23)
------------------
- #14: Support for docker >1.6, with the native driver. Eliminates the need
to use the deprecated LXC driver. Contributed by Gregor Uhlenheuer.
- #12: Fix port publishing. **Breaking change**: the order of port publishing was
swapped to be ``{external: internal}``, to be consistent with the docker
command line. Contributed by aidanhs.
- Introduces new ``duplicate`` command, which causes some packets to a container
to be duplicated. Contributed by Gregor Uhlenheuer.
- Introduces new ``start``, ``stop``, and ``restart`` commands, which manage
specified containers via Docker. Contributed By Gregor Uhlenheuer.
- Introduces new random partition behavior: ``blockade partition --random`` will
create zero or more random partitions. Contributed By Gregor Uhlenheuer.
- Reworked the blockade ID generation to be more like docker-compose, instead
of using randomly-generated IDs. If ``--name`` is specified on the command
line, this is used as the blockade ID and is prefixed to container names.
Otherwise the blockade name is taken from the basename of the current
working directory.
- Numerous other small fixes and features, many contributed by Gregor
Uhlenheuer. Thanks Gregor!
0.1.2 (2015-1-28)
-----------------
- #6: Change ``ports`` config keyword to match docker usage. It now publishes a
container port to the host. The ``expose`` config keyword now offers the
previous behavior of ``ports``: it makes a port available from the container,
for linking to other containers. Thanks to Simon Bahuchet for the
contribution.
- #9: Fix logs command for Python 3.
- Updated dependencies.
0.1.1 (2014-02-12)
------------------
- Support for Python 2.6 and Python 3.x
0.1.0 (2014-02-11)
------------------
- Initial release of Blockade!
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
blockade-0.3.1.tar.gz
(40.3 kB
view details)
File details
Details for the file blockade-0.3.1.tar.gz
.
File metadata
- Download URL: blockade-0.3.1.tar.gz
- Upload date:
- Size: 40.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 7aa64e638013baf30b01942641f8cef9e02f098392fb72c668f38f66cc69dc9d |
|
MD5 | 61fb76cfb3bb7f084c22e72f5aeb01e8 |
|
BLAKE2b-256 | 3761c4135351fbee4e249f1eb8501224c98d9ad662aae8debafe0ae8030b9e1f |