Skip to main content

Embargo: network fault testing with Docker

Project description

https://travis-ci.org/worstcase/blockade.png?branch=master

Blockade is a utility for testing network failures and partitions in distributed applications. Blockade uses Docker containers to run application processes and manages the network from the host system to create various failure scenarios.

A common use is to run a distributed application such as a database or cluster and create network partitions, then observe the behavior of the nodes. For example in a leader election system, you could partition the leader away from the other nodes and ensure that the leader steps down and that another node emerges as leader.

Check out the full documentation for details.

Blockade features:

  • A flexible YAML format to describe the containers in your application

  • Support for dependencies between containers, using named links

  • A CLI tool for managing and querying the status of your blockade

  • Creation of arbitrary partitions between containers

  • Giving a container a flaky network connection to others (drop packets)

  • Giving a container a slow network connection to others (latency)

  • While under partition or network failure control, containers can freely communicate with the host system – so you can still grab logs and monitor the application.

Blockade was originally developed by the Dell Cloud Manager (formerly Enstratius) team. Blockade was inspired by the excellent Jepsen series.

Requirements

  • docker (>= 1.4.0 due to docker-py)

  • iproute2 tools (ip and tc specifically)

Configuration

Blockade expects a blockade.yaml file in the current directory which describes the containers to launch, how they are linked, and various parameters for the blockade modes. Example:

containers:
  c1:
    image: my_docker_image
    command: /bin/myapp
    volumes:
      "/opt/myapp": "/opt/myapp_host"
    expose: [80]
    environment:
      "IS_MASTER": 1
    ports:
      81: 80

  c2:
    image: my_docker_image
    command: /bin/myapp
    volumes: ["/data"]
    expose: [80]
    links:
      c1: master

  c3:
    image: my_docker_image
    command: /bin/myapp
    expose: [80]
    links:
      c1: master

network:
  flaky: 30%
  slow: 75ms 100ms distribution normal

Blockade stores transient information in a local .blockade/ directory. This directory will be cleaned up automatically when you run the blockade destroy command.

Usage

Blockade may be used from the command line manually. The commands are also intended to be easy to wrap and automate within tests, etc.

Commands

blockade up

Start the containers and link them together, if necessary.

blockade destroy

Destroys all containers and restore networks.

blockade status

Print the status of the containers and blockade.

blockade flaky n1

blockade flaky n1 n2

Make network flaky to one or more containers.

blockade slow n1

Make network slow to one or more containers.

blockade duplicate n1

Toggle sporadic duplicate packets in the network of one or more containers.

blockade fast n1

Restore network speed and reliability to one or more containers.

blockade partition n1,n2

blockade partition n1,n2 n3,n4

Create one or more network partitions. Each partition is specified as a comma-separated list. Containers may not exist in more than one partition. Containers not specified are grouped into an implicit partition. Each partition command replaces any previous partition or block rules.

blockade join

Remove all partitions between containers.

blockade random-partition

Introduce one or many random partitions among the configured nodes.

License

Blockade is offered under the Apache License 2.0.

Development

Install test dependencies with pip install blockade[test].

You can run integration tests in a Vagrant VM using the included Vagrantfile. Run vagrant up and Docker will be installed in your VM and tests run. You can rerun them with vagrant provision, or SSH into the VM and run them yourself, from /vagrant.

Blockade documentation is built with Sphinx and is found under docs/. To build:

$ pip install -r requirements_docs.txt
$ cd docs/
$ make html

HTML output will be under docs/_build/html/.

The documentation is also hosted online.

Changelog

0.4.0 (2017-06-26)

  • Added new chaos functionality. When used, blockade will randomly select containers to impair with partitions, slow network, etc. Contributed by John Bresnahan (@buzztroll) of Stardog Union.

  • Added an event trail that logs all blockade events that are run against a blockade over its lifetime. This can be helpful in correlating blockade events to application errors. Contributed by John Bresnahan (@buzztroll) of Stardog Union.

  • Substantially improved overall performance by using a cached container for all host commands.

  • #62: Fixed bug with using blockade commands against a restarted container. Contributed by John Bresnahan (@buzztroll) of Stardog Union.

  • Updated Docker SDK and API version. Contributed by Vladimir Borodin (dev1ant).

0.3.1 (2016-12-09)

  • #43: Restore support for loading from blockade.yml config file.

  • #26: Improved error messages when running blockade without access to the Docker API.

  • #25: Improved error messages when determining container host network device fails.

  • #40: Fixed kill command (broken in 0.3.0).

  • #1: Fixed support for configuring Docker API via DOCKER_HOST env.

  • #36: Truncate long blockade IDs to avoid iptables limits.

  • Switched to directly inspecting /sys for container network devices instead of via ip. This means containers no longer need to have ip installed.

  • Improved Blockade Python API by returning names of the containers a command has operated on. Contributed by Gregor Uhlenheuer (@kongo2002).

  • Fixed Vagrantfile to also work on Windows. Contributed by Oresztesz Margaritisz (@gitaroktato).

  • Documentation fix contributed by Konrad Klocek (@kklocek).

  • Added new version command that prints Blockade version and exits.

  • Added cap_add container config option, for specifying additional root capabilities. Contributed by Maciej Zimnoch (@Zimnx).

0.3.0 (2016-10-29)

  • Reworks all network commands to run in Docker containers. This allows Blockade to be run without root privileges, as long as the user can access Docker.

  • Introduces a REST API and daemon mode that allows creation and management of blockades remotely.

  • Adds ability to add a container to a running blockade, via add command.

  • Adds support for Docker user-defined networks to allow any-to-any communication between containers, without links. Contributed by Stas Kelvich (@kelvich).

  • Adds ability to configure DNS servers for containers in a blockade. Contributed by Vladimir Borodin (@dev1ant).

  • Adds a generic --random flag for many commands to allow easier randomized chaos testing. Contributed by Gregor Uhlenheuer (@kongo2002).

  • Introduces a new kill command for killing containers in a blockade.

  • Fixed links to Docker documentation. Contributed by @joepadmiraal.

  • Fixed links of named containers. Contributed by Gregor Uhlenheuer (@kongo2002).

0.2.0 (2015-12-23)

  • #14: Support for docker >1.6, with the native driver. Eliminates the need to use the deprecated LXC driver. Contributed by Gregor Uhlenheuer.

  • #12: Fix port publishing. Breaking change: the order of port publishing was swapped to be {external: internal}, to be consistent with the docker command line. Contributed by aidanhs.

  • Introduces new duplicate command, which causes some packets to a container to be duplicated. Contributed by Gregor Uhlenheuer.

  • Introduces new start, stop, and restart commands, which manage specified containers via Docker. Contributed By Gregor Uhlenheuer.

  • Introduces new random partition behavior: blockade partition --random will create zero or more random partitions. Contributed By Gregor Uhlenheuer.

  • Reworked the blockade ID generation to be more like docker-compose, instead of using randomly-generated IDs. If --name is specified on the command line, this is used as the blockade ID and is prefixed to container names. Otherwise the blockade name is taken from the basename of the current working directory.

  • Numerous other small fixes and features, many contributed by Gregor Uhlenheuer. Thanks Gregor!

0.1.2 (2015-1-28)

  • #6: Change ports config keyword to match docker usage. It now publishes a container port to the host. The expose config keyword now offers the previous behavior of ports: it makes a port available from the container, for linking to other containers. Thanks to Simon Bahuchet for the contribution.

  • #9: Fix logs command for Python 3.

  • Updated dependencies.

0.1.1 (2014-02-12)

  • Support for Python 2.6 and Python 3.x

0.1.0 (2014-02-11)

  • Initial release of Blockade!

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

embargo-0.1.0.tar.gz (55.0 kB view details)

Uploaded Source

Built Distribution

embargo-0.1.0-py3-none-any.whl (67.9 kB view details)

Uploaded Python 3

File details

Details for the file embargo-0.1.0.tar.gz.

File metadata

  • Download URL: embargo-0.1.0.tar.gz
  • Upload date:
  • Size: 55.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.21.0 setuptools/41.0.1 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.7.3

File hashes

Hashes for embargo-0.1.0.tar.gz
Algorithm Hash digest
SHA256 1bcbd6592963337ded21828864d5e72ddf40d4af282b3795dceed3fe978df110
MD5 826cd92649c4c6b716bf8104092aef8f
BLAKE2b-256 7fd7adb7735426b3cb3e82e1ea726d6cd6f9d8e94b39e9927f5bf966510f916a

See more details on using hashes here.

File details

Details for the file embargo-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: embargo-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 67.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.21.0 setuptools/41.0.1 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/3.7.3

File hashes

Hashes for embargo-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 1d56b05769c6acbe29923d80d1ea79110a77432f7d027ed837b7eebcb9b9c127
MD5 da5d6b70e40e15622497db2e771c6ca4
BLAKE2b-256 6c3c2a5bc3677544736555b50e55239e185a21f1a816ef32bf4f1285a8b40413

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page