chaosd
chaosd copied to clipboard
chaos-mesh
Inject network chaos failed when iptables version lower than 1.4.20
chaosd attack network delay -d eth0 -i 10.8.198.117 -p tcp -s 7005 -l 3s
2021-12-09T15:36:51.507+0800 INFO chaos-daemon-server flush ipset {"request": "ipsets:{name:\"chaos-11ed9986-f0e4-41\" cidrs:\"10.8.198.117/32\"}"}
2021-12-09T15:36:51.509+0800 INFO background-process-manager build command {"command": "ipset create chaos-11ed9986-f0e4-41old hash:net"}
2021-12-09T15:36:51.519+0800 INFO chaos-daemon-server create ipset {"command": "/usr/sbin/ipset create chaos-11ed9986-f0e4-41old hash:net"}
2021-12-09T15:36:51.878+0800 INFO background-process-manager build command {"command": "ipset add chaos-11ed9986-f0e4-41old 10.8.198.117/32"}
2021-12-09T15:36:51.878+0800 INFO chaos-daemon-server add CIDR to ipset {"command": "/usr/sbin/ipset add chaos-11ed9986-f0e4-41old 10.8.198.117/32"}
2021-12-09T15:36:51.885+0800 INFO background-process-manager build command {"command": "ipset rename chaos-11ed9986-f0e4-41old chaos-11ed9986-f0e4-41"}
2021-12-09T15:36:51.886+0800 INFO chaos-daemon-server rename ipset {"command": "/usr/sbin/ipset rename chaos-11ed9986-f0e4-41old chaos-11ed9986-f0e4-41"}
2021-12-09T15:36:51.897+0800 INFO chaos-daemon-server Set iptables chains {"request": ""}
2021-12-09T15:36:51.898+0800 INFO background-process-manager build command {"command": "iptables -w -N CHAOS-INPUT"}
2021-12-09T15:36:52.062+0800 ERROR chaos-daemon-server error while initializing iptables {"error": "error code: exit status 2, msg: iptables v1.4.7: option `-w' requires an argument\nTry `iptables -h' or 'iptables --help' for more information.\n"}
github.com/go-logr/zapr.(*zapLogger).Error
/home/vagrant/go/pkg/mod/github.com/go-logr/[email protected]/zapr.go:128
github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon.(*DaemonServer).SetIptablesChains
/home/vagrant/go/pkg/mod/github.com/chaos-mesh/[email protected]/pkg/chaosdaemon/iptables_server.go:45
github.com/chaos-mesh/chaosd/pkg/server/chaosd.(*Server).applyIptables
/home/vagrant/chaosd/pkg/server/chaosd/network.go:129
github.com/chaos-mesh/chaosd/pkg/server/chaosd.networkAttack.Attack
/home/vagrant/chaosd/pkg/server/chaosd/network.go:78
github.com/chaos-mesh/chaosd/pkg/server/chaosd.(*Server).ExecuteAttack
/home/vagrant/chaosd/pkg/server/chaosd/attack.go:105
github.com/chaos-mesh/chaosd/cmd/attack.commonNetworkAttackFunc
/home/vagrant/chaosd/cmd/attack/network.go:248
reflect.Value.call
/usr/local/go/src/reflect/value.go:476
reflect.Value.Call
/usr/local/go/src/reflect/value.go:337
go.uber.org/dig.defaultInvoker
/home/vagrant/go/pkg/mod/go.uber.org/[email protected]/dig.go:284
go.uber.org/dig.(*Container).Invoke
/home/vagrant/go/pkg/mod/go.uber.org/[email protected]/dig.go:439
go.uber.org/fx.(*App).executeInvokes
/home/vagrant/go/pkg/mod/go.uber.org/[email protected]/app.go:692
go.uber.org/fx.New
/home/vagrant/go/pkg/mod/go.uber.org/[email protected]/app.go:471
github.com/chaos-mesh/chaosd/pkg/utils.FxNewAppWithoutLog
/home/vagrant/chaosd/pkg/utils/utils.go:27
github.com/chaos-mesh/chaosd/cmd/attack.NewNetworkDelayCommand.func1
/home/vagrant/chaosd/cmd/attack/network.go:65
github.com/spf13/cobra.(*Command).execute
/home/vagrant/go/pkg/mod/github.com/spf13/[email protected]/command.go:854
github.com/spf13/cobra.(*Command).ExecuteC
/home/vagrant/go/pkg/mod/github.com/spf13/[email protected]/command.go:958
github.com/spf13/cobra.(*Command).Execute
/home/vagrant/go/pkg/mod/github.com/spf13/[email protected]/command.go:895
main.main
/home/vagrant/chaosd/cmd/main.go:77
runtime.main
/usr/local/go/src/runtime/proc.go:225
Error: error code: exit status 2, msg: iptables v1.4.7: option `-w' requires an argument
Try `iptables -h' or 'iptables --help' for more information.
It seems that
chaosdneeds at least iptablesv1.4.20to have-wargument.
yes. I'm doing chaos tests on centos 6. while the default iptables version was 1.4.7 & an update on iptables seems expensive.
maybe we should add the minimum version of prerequisites on the documents
I agree with you (richer document is always better).
But as I know, all living distribution uses the iptables greater than 1.4.7, (for reference, the debian strech, which is oldoldstable, uses 1.6.0), and CentOS 6 is end of maintenance one year ago.
maybe we should add the minimum version of prerequisites on the documents
I agree with you (richer document is always better).
But as I know, all living distribution uses the iptables greater than 1.4.7, (for reference, the debian strech, which is oldoldstable, uses 1.6.0), and CentOS 6 is end of maintenance one year ago.
I agree with you that centos 6 was out of maintenance. most of service on physical machine is running on centos 7 nowadays. however, some old & unstable service run on centos 6 which makes everyone crazy. and it becomes a big aim for us to improve the robustness of the old service , so chaosd comes to measure the benefits of improvement ( not just upgrade a system with risk)
in other words, chaosblade was support ed on centos 6
maybe we should add the minimum version of prerequisites on the documents
https://chaos-mesh.org/docs/chaosd-overview/#operating-environment
We have already add the prerequisites on the documents. @yorelog
