CN114996955A - Target range environment construction method and device for cloud-originated chaotic engineering experiment - Google Patents
Target range environment construction method and device for cloud-originated chaotic engineering experiment Download PDFInfo
- Publication number
- CN114996955A CN114996955A CN202210666363.3A CN202210666363A CN114996955A CN 114996955 A CN114996955 A CN 114996955A CN 202210666363 A CN202210666363 A CN 202210666363A CN 114996955 A CN114996955 A CN 114996955A
- Authority
- CN
- China
- Prior art keywords
- environment
- target
- container
- shooting range
- flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F30/00—Computer-aided design [CAD]
- G06F30/20—Design optimisation, verification or simulation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Evolutionary Computation (AREA)
- Geometry (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a method and a device for constructing a target range environment of a cloud-originated chaos engineering experiment, wherein the method comprises the following steps: acquiring resource information of a container cloud Kubernetes cluster in an actual production environment; copying the resource information to a Kubernetes cluster of the shooting range environment to realize the construction of the shooting range environment; acquiring actual call flow in an actual production environment; forwarding the actual call flow to the firing ground environment to realize construction of the firing ground environment flow; and obtaining the target shooting range environment in response to the completion of the construction of the shooting range environment and the shooting range environment flow. The invention realizes the copy of the basic environment based on the backup and recovery technology of the cloud-protogenesis and copies the produced flow to the target range environment based on the flow copy technology, thereby completely simulating the production environment and achieving the best effect of chaotic engineering test.
Description
Technical Field
The invention relates to the technical field of cloud-originated chaos engineering experiments, in particular to a method and a device for constructing a target range environment of a cloud-originated chaos engineering experiment.
Background
Chaos engineering is the discipline of experiments on distributed systems, aiming at establishing the ability and confidence of the system to resist out-of-control conditions in the production environment. The cloud is a distributed cloud based on distributed deployment and unified management, and a cloud technology product system is established on the basis of technologies such as containers, micro services, DevOps and the like.
In conventional software testing, it is essential to verify the correctness of the code logic, but this is merely insufficient. When experiments of chaotic engineering are carried out in a cloud-native scene, the behaviors of the whole system as a whole are usually interested, codes are only an important part of the whole system, and besides the codes, the whole system also comprises a plurality of other aspects, particularly states, inputs and system behaviors which are difficult to predict and are caused by a third-party system.
Experiments in a production environment are crucial to chaotic engineering, and confidence in the system is established in the production environment, so the experiments need to be performed in the production environment. Otherwise, confidence in the system is merely built in the traditional test environment, which can greatly undermine the value of these practices. Even if experiments cannot be performed in a production environment, they are performed in an environment as close as possible to the production environment. The closer to the production environment, the less threat to the external validity of the experiment and the more confident is the experimental results. Because the chaotic engineering test has risks, the chaotic engineering test cannot be implemented in a production environment generally, but the chaotic engineering test is performed by using a test, namely a quasi-production environment, but the chaotic engineering test cannot completely simulate a real production environment due to the configuration difference with the real production environment and the incapability of accessing to the real flow, so that the chaotic engineering test capability cannot be completely exerted, and a comprehensive test effect is achieved.
Disclosure of Invention
Aiming at the problems, the invention provides a method and a device for constructing a target ground environment of a cloud-originated chaos engineering experiment, which realize simulation of a production environment and improve the test effect of the chaos engineering experiment.
In order to achieve the purpose, the invention provides the following technical scheme:
a method for constructing a target range environment of a cloud-originated chaotic engineering experiment comprises the following steps:
acquiring resource information of a container cloud Kubernetes cluster in an actual production environment;
copying the resource information to a Kubernetes cluster of the shooting range environment to realize the construction of the shooting range environment;
acquiring actual call flow in the actual production environment;
forwarding the actual call flow to a shooting range environment to realize construction of the shooting range environment flow;
and obtaining the target firing range environment in response to the completion of the construction of the firing range environment and the firing range environment flow.
Optionally, the acquiring resource information of a container cloud kubernets cluster in an actual production environment includes:
determining and obtaining a resource range of a container cloud Kubernetes cluster in an actual production environment;
and acquiring resource information of the container cloud Kubernets cluster in the actual production environment in the resource range based on a target interface, wherein the target interface is an application program interface based on the container cloud Kubernets.
Optionally, the replicating the resource information to a kubernets cluster of the shooting range environment includes:
acquiring a layout file corresponding to the resource information, and storing the layout file in a target position;
in response to copying the orchestration file for the target location to a Kubernets cluster of the firing ground environment, controlling the Kubernets cluster to create a target object corresponding to the orchestration file;
in response to the starting of a persistent container node on a work node of a firing ground environment, reading a mount directory of persistent storage data of a business persistent container node in a production environment through the persistent container node;
and copying the mount directory to the shooting range environment to realize the copying of the persistent storage data to the shooting range environment.
Optionally, forwarding the actual call traffic to the firing ground environment includes:
determining traffic forwarding configuration information, wherein the traffic forwarding configuration information is used for adding a container for traffic forwarding in a container of an actual production environment;
intercepting the flow of the actual production environment through the flow forwarding configuration information, sending the intercepted actual call flow to a service container of the actual production environment, and forwarding the actual call flow to the firing ground environment.
Optionally, the method further comprises:
acquiring task information carrying a target chaotic experiment task;
determining fault injection information based on the task information;
and injecting the fault injection information into a target firing ground environment.
Optionally, the method further comprises:
and after the injected fault test is finished based on the target firing range environment, recovering the target firing range environment to obtain the recovered firing range environment.
A target range environment construction device for cloud-originated chaotic engineering experiments comprises:
the system comprises a first acquisition unit, a second acquisition unit and a third acquisition unit, wherein the first acquisition unit is used for acquiring resource information of a container cloud Kubernetes cluster in an actual production environment;
the copying unit is used for copying the resource information to a Kubernets cluster of the shooting range environment so as to realize the construction of the shooting range environment;
the second obtaining unit is used for obtaining the actual call flow in the actual production environment;
the forwarding unit is used for forwarding the actual call flow to the firing ground environment so as to realize construction of the firing ground environment flow;
and the target acquisition unit is used for responding to the completion of the construction of the firing ground environment and the firing ground environment flow to acquire the target firing ground environment.
Optionally, the first obtaining unit is specifically configured to:
determining and obtaining a resource range of a container cloud Kubernetes cluster in an actual production environment;
acquiring resource information of a container cloud Kubernets cluster in an actual production environment in the resource range based on a target interface, wherein the target interface is an application program interface based on the container cloud Kubernets;
wherein the replication unit is specifically configured to:
acquiring an arrangement file corresponding to the resource information, and storing the arrangement file in a target position;
in response to copying the orchestration file for the target location to a Kubernets cluster of the firing ground environment, controlling the Kubernets cluster to create a target object corresponding to the orchestration file;
in response to a persistent container node being started on a work node of a firing ground environment, reading a mount directory of persistent storage data of a business persistent container node in a production environment through the persistent container node;
and copying the mount directory to the shooting range environment so as to realize the copying of the persistent storage data to the shooting range environment.
Optionally, the forwarding unit is specifically configured to:
determining traffic forwarding configuration information, wherein the traffic forwarding configuration information is used for adding a container for traffic forwarding in a container of an actual production environment;
intercepting the flow of the actual production environment through the flow forwarding configuration information, sending the intercepted actual call flow to a service container of the actual production environment, and forwarding the actual call flow to the firing ground environment.
Optionally, the method further comprises:
the third acquisition unit is used for acquiring task information carrying a target chaotic experiment task;
a determining unit configured to determine fault injection information based on the task information;
the fault injection unit is used for injecting the fault injection information into a target firing ground environment;
and the recovery unit is used for recovering the target firing ground environment after responding to the fault test based on the completion of the injection of the target firing ground environment to obtain the recovered firing ground environment.
Compared with the prior art, the invention provides a method and a device for constructing a target range environment of a cloud-originated chaos engineering experiment, which comprise the following steps: acquiring resource information of a container cloud Kubernetes cluster in an actual production environment; copying the resource information to a Kubernetes cluster of the shooting range environment to realize the construction of the shooting range environment; acquiring actual call flow in an actual production environment; forwarding the actual call flow to the firing ground environment to realize construction of the firing ground environment flow; and obtaining the target shooting range environment in response to the completion of the construction of the shooting range environment and the shooting range environment flow. The invention realizes the copy of the basic environment based on the backup and recovery technology of the cloud-protogenesis and copies the produced flow to the target range environment based on the flow copy technology, thereby completely simulating the production environment and achieving the best effect of chaotic engineering test.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic flow chart of a method for constructing a target ground environment of a cloud-originated chaos engineering experiment according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a construction scenario of a shooting range environment according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a construction and application of a firing ground environment according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a target range environment construction device for a cloud-originated chaos engineering experiment according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first" and "second," and the like in the description and claims of the present invention and the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "comprising" and "having," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not set forth for a listed step or element but may include steps or elements not listed.
The embodiment of the invention provides a method for constructing a firing ground environment of a cloud-originated chaotic engineering experiment, which is used for realizing the copying of a basic environment based on a cloud-originated backup and recovery technology and copying the produced flow to the firing ground environment based on a flow copying technology, thereby completely simulating the production environment and achieving the best effect of chaotic engineering test.
The shooting range environment is a technology for simulating a real environment based on a virtualization technology, for example, a technology or a product for simulating and reproducing the running state and the running environment of a network architecture, system equipment and a business process in a real network space, so as to more effectively realize the behaviors related to network security, such as learning, research, inspection, competition, exercise and the like, and further improve the network security countermeasure level of personnel and mechanisms.
The embodiment of the invention is realized based on a Kubernetes (container cloud) platform, the container cloud (Kubernetes, k8s for short) is an open-source container operation platform, and the invention can realize the functions of combining a plurality of containers into a service, dynamically allocating a host for container operation and the like, and provides great convenience for users to use the containers.
Referring to fig. 1, a schematic flow chart of a method for constructing a firing ground environment of a cloud-native chaotic engineering experiment provided in an embodiment of the present invention may include the following steps:
s101, acquiring resource information of a container cloud Kubernetes cluster in an actual production environment.
In the embodiment of the invention, the construction of the firing ground environment is carried out firstly, namely, the construction of the environment which is completely consistent with the actual production environment is mainly carried out, so that the chaotic fault injection test can be conveniently implemented in the firing ground environment subsequently.
The chaos engineering test object on the cloud is a kubernets resource, that is, the acquired resource information of the container cloud kubernets cluster in the actual production environment mainly includes kubernets cluster physical nodes Node for operating the container, workloads such as Pod, delivery, replay, stateful set, DaemonSet, Job, cronJob and the like for arranging the operation mode of the container, a load balancer Service for defining the container, a persistent storage PV for persistently storing business data, a configMap for configuring the container, a Secret and other self-defined CRD resources.
In an implementation manner of the embodiment of the present invention, the acquiring resource information of a container cloud kubernets cluster in an actual production environment includes: determining and obtaining a resource range of a container cloud Kubernetes cluster in an actual production environment; and acquiring resource information of the container cloud Kubernetes cluster in the actual production environment in the resource range based on a target interface, wherein the target interface is an application program interface based on the container cloud Kubernetes.
Specifically, the target interface may be a kubernets Restful API (container cloud application program interface), and chaotic drilling resources of a kubernets cluster in a production environment, such as a workload and a persistent storage PV, are acquired through the API; the acquired data is copied to a Kubernets cluster of the shooting range environment, and the copied data is written into the Kubernets cluster of the shooting range environment through a Kubernets API, so that chaotic drilling resources of the production environment are transferred to the shooting range environment, and a set of shooting range environment which is completely consistent with the production environment and is subjected to chaotic testing is constructed.
When acquiring the resource information, the resource range of the acquired ubernets is first specified, which may be any resource in kubernets, such as one or more resources of Pod, ConfigMap, and Secret. By directly specifying the resource name, or by tag selection. For services in kubernets, resources of the same service include one same label, for example, service a includes multiple resources such as Pod, PVC, and the like, and are all set with the label of App ═ a. And when the range is specified, all resources of App ═ A are specified, and the whole acquisition is carried out.
S102, copying the resource information to a Kubernetes cluster of the shooting range environment to realize the construction of the shooting range environment.
In one embodiment, the replicating the resource information to a kubernets cluster of the firing ground environment includes: acquiring an arrangement file corresponding to the resource information, and storing the arrangement file in a target position; in response to copying the orchestration file for the target location to a Kubernets cluster of the firing ground environment, controlling the Kubernets cluster to create a target object corresponding to the orchestration file; in response to the starting of a persistent container node on a work node of a firing ground environment, reading a mount directory of persistent storage data of a business persistent container node in a production environment through the persistent container node; and copying the mount directory to the shooting range environment so as to realize the copying of the persistent storage data to the shooting range environment.
Specifically, after the resource range is obtained, the related resources and data can be copied, and the copying is implemented in a Kubernetes API manner. The resource replication method aiming at Kubernetes comprises the following steps: for a specified resource, Api of Kubernetes is called to obtain an orchestration file of the resource and save the orchestration file to a local or other object store. Data stored in a local or object storage is transmitted to the shooting range environment in a file copying mode, a copied programming file is written into a Kubernets cluster of the shooting range environment by calling Api of the Kubernets, and the corresponding object is created by the Kubernets after writing.
The Pod is the smallest unit of deployment in Kubernetes, the Pod is composed of one or more containers, the Pod usually stores PV data, and the PV is a persistent storage volume, and the PV data can be understood as a standard resource on k8 s. Specifically, for persistent storage of Pod mounted PV data, the PV data also needs to be copied through bottom storage, so that file level copying is supported, and data consistency can be ensured. The method specifically comprises the steps that a DaemonSet Pod is started on each working node of Kubernetes, the Pod reads a PV mounting directory on the node where the service Pod is located, files in the mounting directory are backed up to a local or object storage, and incremental backup is supported in the backup process. After the backup is finished, the backup data is copied to the shooting range environment, a new PV is applied in the shooting range environment, and the data of the backup PV is copied to the newly applied PV, so that the continuous PV data copying is realized.
And S103, acquiring the actual call flow in the actual production environment.
And S104, forwarding the actual call flow to a target yard environment to realize construction of the target yard environment flow.
And after the construction of the firing ground environment is finished, constructing the firing ground environment flow, wherein the purpose of constructing the firing ground flow is to inject the real calling flow on the actual production environment into the firing ground environment in a forwarding mode, so that the state of completely simulating the production environment in the firing ground environment is achieved.
The invention adopts a flow forwarding technology based on a Kubernetes Pod layer. The Kubernetes Pod adopts a Sidecar Sidecar mode to add a Sidecar container for forwarding the traffic to the Pod needing forwarding. The flow of the production environment is firstly forwarded to the Sidecar container by configuring services of Kubernetes, and the Sidecar container respectively sends the flow to the production service container and the service container of the firing ground environment according to the configuration of the forwarding strategy of the Sidecar container.
In an implementation manner of the embodiment of the present invention, the forwarding the actual call traffic to the target yard environment includes: determining traffic forwarding configuration information, wherein the traffic forwarding configuration information is used for adding a container for traffic forwarding in a container of an actual production environment; intercepting the flow of the actual production environment through the flow forwarding configuration information, sending the intercepted actual call flow to a service container of the actual production environment, and forwarding the actual call flow to the firing ground environment.
Specifically, information such as a corresponding forwarding range and a destination address can be determined through the traffic forwarding configuration information, for example, for Pod-level traffic forwarding, configuration needs to be added to traffic to be forwarded in a production environment, and a ConfigMap of kubernets is added to the cluster, where the ConfigMap defines a policy of traffic forwarding, and includes a forwarding percentage, a forwarding destination address, and the like.
After strategy configuration is carried out through the flow forwarding configuration information, a service Pod to be forwarded is configured in a production environment, a Sidecar container is added to the service Pod, the container can intercept all flows entering the Pod, the flows are sent to an actual service container, and meanwhile, the flows are forwarded to a target address according to a configured forwarding strategy, so that the construction of production flows is realized. And after the configuration is finished, enabling the flow forwarding of the Pod to take effect one by one in a rolling upgrading mode.
And S105, responding to the completion of the construction of the shooting range environment and the shooting range environment flow, and obtaining the target shooting range environment.
The container resources in the actual production environment are copied and the call flow is forwarded, so that the construction of the firing ground environment and the firing ground environment flow is completed, the target firing ground environment matched with the actual production environment is obtained, and the chaotic engineering experiment can be implemented in the target firing ground environment subsequently.
Referring to fig. 2, a schematic diagram of a construction scene of a shooting range environment is provided in an embodiment of the present invention. The production environment includes a plurality of clusters, such as cluster 1 and cluster 2, each of which includes a plurality of business containers, such as pod-1-1, pod-1-2, pod-1-3, and pod-2-1, pod-2-2, pod-2-3, and then copies these container resources to corresponding containers in the shooting range environment and forwards the request traffic in the production environment to the shooting range environment, thereby constructing the shooting range environment consistent with the production environment.
After the construction of the target firing ground environment is completed, a chaotic engineering experiment can be implemented in the target firing ground environment. The embodiment of the invention also comprises the following steps: acquiring task information carrying a target chaotic experiment task; determining fault injection information based on the task information; and injecting the fault injection information into a target firing ground environment.
The task information may refer to test task information of a target chaotic experiment task, and the fault injection information may include a fault injection type, a fault injection manner, fault specific information, and the like. After the construction of the firing ground environment and the production flow is completed, the chaos engineering experiment can be implemented in the firing ground environment. Fault injection refers to performing fault drilling by using the concept of chaotic engineering in a target range environment, such as injection of a working node CPU, high memory load, network delay of Pod, and the like. And injecting faults aiming at the service Pod and various resources, such as working nodes, clusters and the like, which depend on the service Pod to verify the stability of the service system.
The fault injection method is not limited in the embodiment of the present invention, and there are many fault injection methods, such as implementing fault injection by using an open source tool, chaosblade, or implementing fault injection by using some chaotic engineering platforms. The fault types comprise various common or autonomously developed faults such as node restart downtime, node CPU, high memory load, high Pod memory load, Pod restart, Pod network abnormity and the like.
Various monitoring indexes including basic resources, platforms and service indexes need to be observed in real time in the fault injection process, and the stability of the system and the service is judged according to the change condition of the indexes. If the TPS of the service is reduced and the error rate is increased after fault injection.
Correspondingly, the embodiment of the invention also comprises: and after the injected fault test is finished based on the target firing range environment, recovering the target firing range environment to obtain the recovered firing range environment.
After the fault injection test is completed, the firing ground environment can be recovered. The method comprises the steps of recovering the fault of injection, stopping flow forwarding of the production environment and dismantling the constructed target range environment. The fault recovery includes canceling a fault injected into the system, such as terminating a process causing a high load on the node Cpu, so that the Cpu usage of the node is recovered to a state before fault injection. In the traffic restoration, in the production environment, the Sidecar container responsible for traffic forwarding is deleted, and the ConfigMap defining the traffic forwarding policy is deleted.
Referring to fig. 3, a schematic diagram of construction and application of a firing ground environment provided in an embodiment of the present invention is shown, wherein a general process mainly includes: firing ground environment configuration, flow configuration, fault injection, and environment recovery. Specifically, the environment configuration mainly includes specifying resource ranges, k8s resource replication, and PV data replication. In the flow construction process, the following steps are included: start traffic forwarding, configure target pod, and forward validation. The fault injection process comprises starting fault injection, fault injection and monitoring observation. The environment recovery process includes: and starting environment recovery, fault recovery, flow recovery and environment removal. The specific processing procedures are described in the foregoing embodiments of the present invention, and will not be described in detail herein.
The embodiment of the present invention further provides a target range environment construction apparatus for cloud-originated chaos engineering experiments, referring to fig. 4, including:
a first obtaining unit 201, configured to obtain resource information of a container cloud kubernets cluster in an actual production environment;
the copying unit 202 is used for copying the resource information to a Kubernetes cluster of the shooting range environment so as to realize the construction of the shooting range environment;
a second obtaining unit 203, configured to obtain an actual call flow in the actual production environment;
a forwarding unit 204, configured to forward the actual call traffic to the firing ground environment, so as to implement construction of the firing ground environment traffic;
and the target acquisition unit 205 is used for responding to the completion of the construction of the firing ground environment and the firing ground environment flow rate to obtain the target firing ground environment.
In an embodiment, the first obtaining unit is specifically configured to:
determining and obtaining a resource range of a container cloud Kubernetes cluster in an actual production environment;
acquiring resource information of a container cloud Kubernetes cluster in an actual production environment within the resource range based on a target interface, wherein the target interface is an application program interface based on the container cloud Kubernetes;
wherein the copy unit is specifically configured to:
acquiring a layout file corresponding to the resource information, and storing the layout file in a target position;
in response to copying the orchestration file for the target location to a Kubernets cluster of the firing ground environment, controlling the Kubernets cluster to create a target object corresponding to the orchestration file;
in response to the starting of a persistent container node on a work node of a firing ground environment, reading a mount directory of persistent storage data of a business persistent container node in a production environment through the persistent container node;
and copying the mount directory to the shooting range environment to realize the copying of the persistent storage data to the shooting range environment.
In another embodiment, the forwarding unit is specifically configured to:
determining traffic forwarding configuration information, wherein the traffic forwarding configuration information is used for adding a container for traffic forwarding in a container of an actual production environment;
intercepting the flow of the actual production environment through the flow forwarding configuration information, sending the intercepted actual call flow to a service container of the actual production environment, and forwarding the actual call flow to the firing ground environment.
In one embodiment, the apparatus further comprises:
the third acquisition unit is used for acquiring task information carrying a target chaotic experiment task;
a determining unit configured to determine fault injection information based on the task information;
the fault injection unit is used for injecting the fault injection information into a target firing ground environment;
and the recovery unit is used for recovering the target firing ground environment after responding to the fault test based on the completion of the injection of the target firing ground environment to obtain the recovered firing ground environment.
Based on the foregoing embodiments, embodiments of the present application provide a computer-readable storage medium storing one or more programs, which are executable by one or more processors to implement the steps of the node selection method as any one of the above.
The embodiment of the invention also provides electronic equipment which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and is characterized in that the steps of the node selection method are realized when the processor executes the program.
The invention provides a target range environment construction device for a cloud-originated chaos engineering experiment, which comprises the following components: acquiring resource information of a container cloud Kubernetes cluster in an actual production environment; copying the resource information to a Kubernetes cluster of the shooting range environment to realize the construction of the shooting range environment; acquiring actual call flow in an actual production environment; forwarding the actual call flow to the firing ground environment to realize construction of the firing ground environment flow; and obtaining the target shooting range environment in response to the completion of the construction of the shooting range environment and the shooting range environment flow. The invention realizes the copy of the basic environment based on the backup and recovery technology of the cloud-protogenesis and copies the produced flow to the target range environment based on the flow copy technology, thereby completely simulating the production environment and achieving the best effect of chaotic engineering test.
It should be noted that, in the present embodiment, reference may be made to the corresponding contents in the foregoing for specific implementations of each unit and sub-unit, and details are not described here.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of the changes or substitutions within the technical scope of the present invention, and shall cover the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for constructing a target range environment of a cloud-originated chaotic engineering experiment is characterized by comprising the following steps:
acquiring resource information of a container cloud Kubernets cluster in an actual production environment;
copying the resource information to a Kubernetes cluster of the shooting range environment to realize the construction of the shooting range environment;
acquiring actual call flow in the actual production environment;
forwarding the actual call flow to a shooting range environment to realize construction of the shooting range environment flow;
and obtaining the target shooting range environment in response to the completion of the construction of the shooting range environment and the shooting range environment flow.
2. The method of claim 1, wherein the obtaining resource information of a container cloud Kubernets cluster in an actual production environment comprises:
determining and obtaining a resource range of a container cloud Kubernetes cluster in an actual production environment;
and acquiring resource information of the container cloud Kubernetes cluster in the actual production environment in the resource range based on a target interface, wherein the target interface is an application program interface based on the container cloud Kubernetes.
3. The method of claim 1, wherein said replicating the resource information to a kubernets cluster of a shooting range environment comprises:
acquiring an arrangement file corresponding to the resource information, and storing the arrangement file in a target position;
in response to copying the orchestration file for the target location to a Kubernets cluster of the firing ground environment, controlling the Kubernets cluster to create a target object corresponding to the orchestration file;
in response to a persistent container node being started on a work node of a firing ground environment, reading a mount directory of persistent storage data of a business persistent container node in a production environment through the persistent container node;
and copying the mount directory to the shooting range environment to realize the copying of the persistent storage data to the shooting range environment.
4. The method of claim 1, wherein forwarding the actual call traffic to a shooting range environment comprises:
determining traffic forwarding configuration information, wherein the traffic forwarding configuration information is used for adding a container for traffic forwarding in a container of an actual production environment;
and intercepting the flow of the actual production environment through the flow forwarding configuration information, and forwarding the actual call flow to the firing ground environment while sending the intercepted actual call flow to a service container of the actual production environment.
5. The method of claim 1, further comprising:
acquiring task information carrying a target chaotic experiment task;
determining fault injection information based on the task information;
and injecting the fault injection information into a target firing ground environment.
6. The method of claim 5, further comprising:
and after the injected fault test is finished based on the target firing range environment, recovering the target firing range environment to obtain the recovered firing range environment.
7. A target range environment construction device for cloud-native chaotic engineering experiments is characterized by comprising the following components:
the system comprises a first acquisition unit, a second acquisition unit and a third acquisition unit, wherein the first acquisition unit is used for acquiring resource information of a container cloud Kubernetes cluster in an actual production environment;
the copying unit is used for copying the resource information to a Kubernetes cluster of the shooting range environment so as to realize the construction of the shooting range environment;
the second obtaining unit is used for obtaining the actual call flow in the actual production environment;
the forwarding unit is used for forwarding the actual call flow to the firing ground environment so as to realize construction of the firing ground environment flow;
and the target acquisition unit is used for responding to the completion of the construction of the firing ground environment and the firing ground environment flow to acquire the target firing ground environment.
8. The apparatus according to claim 7, wherein the first obtaining unit is specifically configured to:
determining and obtaining a resource range of a container cloud Kubernets cluster in an actual production environment;
acquiring resource information of a container cloud Kubernets cluster in an actual production environment in the resource range based on a target interface, wherein the target interface is an application program interface based on the container cloud Kubernets;
wherein the replication unit is specifically configured to:
acquiring an arrangement file corresponding to the resource information, and storing the arrangement file in a target position;
in response to copying the orchestration file for the target location to a Kubernets cluster of the firing ground environment, controlling the Kubernets cluster to create a target object corresponding to the orchestration file;
in response to a persistent container node being started on a work node of a firing ground environment, reading a mount directory of persistent storage data of a business persistent container node in a production environment through the persistent container node;
and copying the mount directory to the shooting range environment to realize the copying of the persistent storage data to the shooting range environment.
9. The apparatus according to claim 7, wherein the forwarding unit is specifically configured to:
determining traffic forwarding configuration information, wherein the traffic forwarding configuration information is used for adding a container for traffic forwarding in a container of an actual production environment;
intercepting the flow of the actual production environment through the flow forwarding configuration information, sending the intercepted actual call flow to a service container of the actual production environment, and forwarding the actual call flow to the firing ground environment.
10. The apparatus of claim 7, further comprising:
the third acquisition unit is used for acquiring task information carrying a target chaotic experiment task;
a determining unit configured to determine fault injection information based on the task information;
the fault injection unit is used for injecting the fault injection information into a target firing range environment;
and the recovery unit is used for recovering the target firing ground environment after responding to the fault test based on the completion of the injection of the target firing ground environment to obtain the recovered firing ground environment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210666363.3A CN114996955A (en) | 2022-06-14 | 2022-06-14 | Target range environment construction method and device for cloud-originated chaotic engineering experiment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210666363.3A CN114996955A (en) | 2022-06-14 | 2022-06-14 | Target range environment construction method and device for cloud-originated chaotic engineering experiment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114996955A true CN114996955A (en) | 2022-09-02 |
Family
ID=83034254
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210666363.3A Pending CN114996955A (en) | 2022-06-14 | 2022-06-14 | Target range environment construction method and device for cloud-originated chaotic engineering experiment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114996955A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115643112A (en) * | 2022-12-22 | 2023-01-24 | 杭州默安科技有限公司 | Method and device for testing safety protection capability |
-
2022
- 2022-06-14 CN CN202210666363.3A patent/CN114996955A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115643112A (en) * | 2022-12-22 | 2023-01-24 | 杭州默安科技有限公司 | Method and device for testing safety protection capability |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8910172B2 (en) | Application resource switchover systems and methods | |
| KR102047216B1 (en) | Replaying jobs at a secondary location of a service | |
| JP6788178B2 (en) | Setting support program, setting support method and setting support device | |
| US7984332B2 (en) | Distributed system checker | |
| US11132274B2 (en) | Establishing and monitoring programming environments | |
| CN104765678A (en) | Method and device for testing applications on mobile terminal | |
| CN107193607B (en) | Method and apparatus for updating code file, storage medium, processor, and terminal | |
| CN112631846A (en) | Fault drilling method and device, computer equipment and storage medium | |
| US20170371641A1 (en) | Multi-tenant upgrading | |
| US10795793B1 (en) | Method and system for simulating system failures using domain-specific language constructs | |
| Oliveira et al. | Delivering software with agility and quality in a cloud environment | |
| US11151020B1 (en) | Method and system for managing deployment of software application components in a continuous development pipeline | |
| CN114996955A (en) | Target range environment construction method and device for cloud-originated chaotic engineering experiment | |
| CN110727575B (en) | Information processing method, system, device and storage medium | |
| De Iasio et al. | A framework for microservices synchronization | |
| US8671396B2 (en) | Dynamic interface reduction for software model checking | |
| US20230088318A1 (en) | Remotely healing crashed processes | |
| CN115617668A (en) | Compatibility testing method, device and equipment | |
| CN115080309A (en) | Data backup system, method, storage medium, and electronic device | |
| CN109814911A (en) | Method, apparatus, computer equipment and storage medium for Manage Scripts program | |
| CN113268206B (en) | Network target range resource hot plug implementation method and system | |
| CN115237441A (en) | Upgrade test method, device and medium based on cloud platform | |
| CN114756293A (en) | Service processing method, device, computer equipment and storage medium | |
| CN112506729B (en) | Fault simulation method and device | |
| CN113238950A (en) | System and method for testing distributed system, storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |