def test_check_min_nodes_exist(client, has_conf):
has_conf.return_value = False
v1 = MagicMock()
node1 = create_node_object("old_node")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="node-role.kubernetes.io/master",
value=None,
time_added=None)
node1.spec.taints = [taint]
node1.metadata.creation_timestamp = datetime.datetime.now(
) - datetime.timedelta(seconds=1000)
node2 = create_node_object("new_node")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="node-role.kubernetes.io/master",
value=None,
time_added=None)
node2.spec.taints = [taint]
node2.metadata.creation_timestamp = datetime.datetime.now(
) - datetime.timedelta(seconds=10)
response = k8sClient.V1NodeList(items=[node1, node2])
v1.list_node_with_http_info.return_value = response
client.CoreV1Api.return_value = v1
client.V1NodeList.return_value = k8sClient.V1NodeList(items=[])
resp = check_min_nodes_exist(k8s_label_selector="some_selector",
min_limit=2)
assert True == resp
resp = check_min_nodes_exist(k8s_label_selector="some_selector",
min_limit=5)
assert False == resp
def test_attach_sq_to_instance_by_tag(gks, client, has_conf, boto_client):
has_conf.return_value = False
gks.return_value = {
'url': 'fake_url.com',
'token': 'fake_token_towhatever',
'SLACK_CHANNEL': 'chaos_fanout',
'SLACK_TOKEN': 'sometoken'
}
v1 = MagicMock()
taint1 = k8sClient.V1Taint(effect="NoSchedule",
key="node-role.kubernetes.io/master",
value=None,
time_added=None)
taint2 = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
value="spot",
time_added=None)
ignore_list = [taint1, taint2]
node1 = create_node_object("node1")
node2 = create_node_object("tainted_node_ignore")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
time_added=None,
value="spot")
node2.spec.taints = [taint]
response = k8sClient.V1NodeList(items=[node1, node2])
v1.list_node_with_http_info.return_value = response
client.CoreV1Api.return_value = v1
client.V1NodeList.return_value = k8sClient.V1NodeList(items=[])
client = MagicMock()
boto_client.client.return_value = client
boto_client.resource.return_value = client
network_interface = MagicMock()
instance = MagicMock()
instance.security_groups = [{"GroupId": "some_testsgid"}]
instance.network_interfaces = [network_interface]
client.instances.filter.return_value = [instance]
client.describe_security_groups.return_value = {
'SecurityGroups': [{
'GroupId': "i_testsgid",
}]
}
config = create_config_with_taint_ignore()
retval = attach_sq_to_instance_by_tag(tag_name="under_chaostest",
sg_name="chaos_test_sg",
configuration=config)
assert retval is not None
network_interface.modify_attribute.assert_called_with(
Groups=['i_testsgid'])
def test_get_non_tainted_nodes(client, has_conf):
has_conf.return_value = False
v1 = MagicMock()
node1 = create_node_object("tainted_node")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="faketaint",
time_added=None,
value=None)
node1.spec.taints = [taint]
node2 = create_node_object("not_tainted_node")
response = k8sClient.V1NodeList(items=[node1, node2])
v1.list_node_with_http_info.return_value = response
client.CoreV1Api.return_value = v1
client.V1NodeList.return_value = k8sClient.V1NodeList(items=[])
resp, v1 = get_active_nodes()
assert len(resp.items) == 2
def test_tag_random_node_aws(clientApi, has_conf, boto_client):
has_conf.return_value = False
v1 = MagicMock()
node1 = create_node_object("node1")
node2 = create_node_object("tainted_node_ignore")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
time_added=None,
value="spot")
node2.spec.taints = [taint]
response = k8sClient.V1NodeList(items=[node1, node2])
v1.list_node_with_http_info.return_value = response
clientApi.return_value = v1
client = MagicMock()
boto_client.client.return_value = client
client.describe_instances.return_value = {
'Reservations': [{
'Instances': [{
'InstanceId': "id_1",
'InstanceLifecycle': 'normal',
'PrivateDnsName': 'node1'
}]
}]
}
config = create_config_with_taint_ignore()
retval, nodename = tag_random_node_aws(k8s_label_selector="label_selector",
secrets=None,
tag_name="test_tag",
configuration=config)
assert retval == 0
assert nodename == "node1"
client.create_tags.assert_called_with(Resources=['id_1'],
Tags=[{
'Key': 'test_tag',
'Value': 'test_tag'
}])
def test_get_tainted_nodes(cl, client, has_conf):
has_conf.return_value = False
def replace_k8s_taint(effect, key, time_added, value):
return k8sClient.V1Taint(effect=effect,
key=key,
time_added=time_added,
value=value)
v1 = MagicMock()
node1 = create_node_object("tainted_node")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
time_added=None,
value="special")
node1.spec.taints = [taint]
node2 = create_node_object("tainted_node_ignore")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
time_added=None,
value="spot")
node2.spec.taints = [taint]
node3 = create_node_object("not_tainted")
response = k8sClient.V1NodeList(items=[node1, node2, node3])
v1.list_node_with_http_info.return_value = response
client.CoreV1Api.return_value = v1
client.V1NodeList.return_value = k8sClient.V1NodeList(items=[])
client.V1Taint.return_value = replace_k8s_taint
resp = get_tainted_nodes(key="dedicated",
value="special",
effect="NoSchedule")
assert 1 == len(resp)
assert resp[0].metadata.name == node1.metadata.name
def test_get_non_tainted_nodes_filtered(cl, client, has_conf):
has_conf.return_value = False
v1 = MagicMock()
taint1 = k8sClient.V1Taint(effect="NoSchedule",
key="node-role.kubernetes.io/master",
value=None,
time_added=None)
taint2 = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
value="spot",
time_added=None)
ignore_list = [taint1, taint2]
node1 = create_node_object("tainted_node")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="faketaint",
time_added=None,
value=None)
node1.spec.taints = [taint]
node2 = create_node_object("tainted_node_ignore")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
time_added=None,
value="spot")
node2.spec.taints = [taint]
node3 = create_node_object("not_tainted")
response = k8sClient.V1NodeList(items=[node1, node2, node3])
v1.list_node_with_http_info.return_value = response
client.CoreV1Api.return_value = v1
client.V1NodeList.return_value = k8sClient.V1NodeList(items=[])
resp, v1 = get_active_nodes(taints_ignore_list=ignore_list)
assert 2 == len(resp.items)
def test_all_nodes_are_ok(cl, client, has_conf):
has_conf.return_value = False
v1 = MagicMock()
node = create_node_object("fakenode")
response = k8sClient.V1NodeList(items=[node])
v1.list_node_with_http_info.return_value = response
client.CoreV1Api.return_value = v1
label_selector = 'beta.kubernetes.io/instance-type=m5.large'
resp = all_nodes_are_ok(label_selector=label_selector)
v1.list_node_with_http_info.assert_called_with(
label_selector=label_selector,
_preload_content=True,
_return_http_data_only=True)
assert resp is True
def test_iptables_block_port_no_taint_only(gks, fabric, client, has_conf,
boto_client):
fabric_api = MagicMock()
fabric.return_value = fabric_api
gks.return_value = {
'url': 'fake_url.com',
'token': 'fake_token_towhatever',
'SLACK_CHANNEL': 'chaos_fanout',
'SLACK_TOKEN': 'sometoken'
}
os.environ["SSH_KEY"] = "keytext"
os.environ["SSH_USER"] = "******"
has_conf.return_value = False
v1 = MagicMock()
taint1 = k8sClient.V1Taint(effect="NoSchedule",
key="node-role.kubernetes.io/master",
value=None,
time_added=None)
taint2 = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
value="spot",
time_added=None)
ignore_list = [taint1, taint2]
node1 = create_node_object("node1")
node2 = create_node_object("tainted_node_ignore")
taint = k8sClient.V1Taint(effect="NoSchedule",
key="dedicated",
time_added=None,
value="spot")
node2.spec.taints = [taint]
response = k8sClient.V1NodeList(items=[node1, node2])
v1.list_node_with_http_info.return_value = response
client.CoreV1Api.return_value = v1
client.V1NodeList.return_value = k8sClient.V1NodeList(items=[])
client = MagicMock()
boto_client.client.return_value = client
boto_client.resource.return_value = client
instance = MagicMock()
instance.pivate_ip_address = "test_ip"
instance.security_groups = [{"GroupId": "some_testsgid"}]
client.instances.filter.return_value = [instance]
client.describe_security_groups.return_value = {
'SecurityGroups': [{
'GroupId': "i_testsgid",
}]
}
config = create_config_with_taint_ignore()
retval = iptables_block_port(tag_name="under_chaostest",
port=53,
protocols=["tcp"],
configuration=config)
assert retval is not None
text = "iptables -I PREROUTING -t nat -p {} --dport {} -j DNAT --to-destination 0.0.0.0:1000".format(
"tcp", 53)
fabric.sudo.assert_called_with(text)