added tolerations to node network filter pod deployment (#867)

2026-02-14 18:10:00 +00:00 · 2025-07-16 17:11:46 +02:00
parent 106d9bf1ae
commit 11069c6982
6 changed files with 38 additions and 5 deletions
--- a/config/config.yaml
+++ b/config/config.yaml
@@ -46,7 +46,8 @@ kraken:
        - syn_flood_scenarios:
              - scenarios/kube/syn_flood.yaml
        -  network_chaos_ng_scenarios:
-               - scenarios/kube/network-filter.yml
+               - scenarios/kube/pod-network-filter.yml
+               - scenarios/kube/node-network-filter.yml
        -  kubevirt_vm_outage:
               - scenarios/kubevirt/kubevirt-vm-outage.yaml

--- a/krkn/scenario_plugins/network_chaos_ng/models.py
+++ b/krkn/scenario_plugins/network_chaos_ng/models.py
@@ -17,6 +17,7 @@ class BaseNetworkChaosConfig:
    instance_count: int
    execution: str
    namespace: str
+    taints: list[str]

    def validate(self) -> list[str]:
        errors = []
--- a/krkn/scenario_plugins/network_chaos_ng/modules/templates/network-chaos.j2
+++ b/krkn/scenario_plugins/network_chaos_ng/modules/templates/network-chaos.j2
@@ -7,13 +7,20 @@ spec:
  {% if host_network %}
  hostNetwork: true
  {%endif%}
+  {% if taints %}
+  tolerations:
+  {% for toleration in taints %}
+  - key: "{{ toleration.key }}"
+    operator: "{{ toleration.operator }}"
+    {% if toleration.value %}
+    value: "{{ toleration.value }}"
+    {% endif %}
+    effect: "{{ toleration.effect }}"
+  {% endfor %}
+  {% endif %}
  hostPID: true
  nodeSelector:
    kubernetes.io/hostname: {{target}}
-  tolerations:
-  - key: "node-role.kubernetes.io/master"
-    operator: "Exists"
-    effect: "NoSchedule"
  containers:
  - name: {{container_name}}
    imagePullPolicy: Always
--- a/krkn/scenario_plugins/network_chaos_ng/modules/utils_network_filter.py
+++ b/krkn/scenario_plugins/network_chaos_ng/modules/utils_network_filter.py
@@ -58,6 +58,27 @@ def deploy_network_filter_pod(
    file_loader = FileSystemLoader(os.path.abspath(os.path.dirname(__file__)))
    env = Environment(loader=file_loader, autoescape=True)
    pod_template = env.get_template("templates/network-chaos.j2")
+    tolerations = []
+
+    for taint in config.taints:
+        key_value_part, effect = taint.split(":", 1)
+        if "=" in key_value_part:
+            key, value = key_value_part.split("=", 1)
+            operator = "Equal"
+        else:
+            key = key_value_part
+            value = None
+            operator = "Exists"
+        toleration = {
+            "key": key,
+            "operator": operator,
+            "effect": effect,
+        }
+        if value is not None:
+            toleration["value"] = value
+        tolerations.append(toleration)
+
+
    pod_body = yaml.safe_load(
        pod_template.render(
            pod_name=pod_name,
@@ -66,6 +87,7 @@ def deploy_network_filter_pod(
            target=target_node,
            container_name=container_name,
            workload_image=config.image,
+            taints=tolerations
        )
    )

--- a/scenarios/kube/node-network-filter.yml
+++ b/scenarios/kube/node-network-filter.yml
@@ -3,6 +3,7 @@
  wait_duration: 1
  test_duration: 10
  label_selector: "<node_selector>"
+  taints: [] # example ["node-role.kubernetes.io/master:NoSchedule"]
  namespace: 'default'
  instance_count: 1
  execution: parallel
--- a/scenarios/kube/pod-network-filter.yml
+++ b/scenarios/kube/pod-network-filter.yml
@@ -3,6 +3,7 @@
  wait_duration: 1
  test_duration: 60
  label_selector: "<pod_selector>"
+  taints: [] # example ["node-role.kubernetes.io/master:NoSchedule"]
  namespace: 'default'
  instance_count: 1
  execution: parallel