ChaosControllerConfig defines the configuration for Chaos Controller
type ChaosControllerConfig struct {
// ChaosDaemonPort is the port which grpc server listens on
ChaosDaemonPort int `envconfig:"CHAOS_DAEMON_SERVICE_PORT" default:"31767"`
TLSConfig
// The QPS config for kubernetes client
QPS float32 `envconfig:"QPS" default:"30"`
// The Burst config for kubernetes client
Burst int `envconfig:"BURST" default:"50"`
// BPFKIPort is the port which BFFKI grpc server listens on
BPFKIPort int `envconfig:"BPFKI_PORT" default:"50051"`
// WebhookHost and WebhookPort are combined into an address the webhook server bind to
WebhookHost string `envconfig:"WEBHOOK_HOST" default:"0.0.0.0"`
WebhookPort int `envconfig:"WEBHOOK_PORT" default:"9443"`
// MetricsHost and MetricsPort are combined into an address the metric endpoint binds to
MetricsHost string `envconfig:"METRICS_HOST" default:"0.0.0.0"`
MetricsPort int `envconfig:"METRICS_PORT" default:"10080"`
// PprofAddr is the address the pprof endpoint binds to.
PprofAddr string `envconfig:"PPROF_ADDR" default:"0"`
// CtrlAddr os the address the ctrlserver bind to
CtrlAddr string `envconfig:"CTRL_ADDR"`
// EnableLeaderElection enables leader election for controller manager
// Enabling this will ensure there is only one active controller manager
EnableLeaderElection bool `envconfig:"ENABLE_LEADER_ELECTION" default:"true"`
// LeaderElectLeaseDuration is the duration that non-leader candidates will
// wait to force acquire leadership. This is measured against time of
// last observed ack. (default 15s)
LeaderElectLeaseDuration time.Duration `envconfig:"LEADER_ELECT_LEASE_DURATION" default:"15s"`
// LeaderElectRenewDeadline is the duration that the acting control-plane
// will retry refreshing leadership before giving up. (default 10s)
LeaderElectRenewDeadline time.Duration `envconfig:"LEADER_ELECT_RENEW_DEADLINE" default:"10s"`
// LeaderElectRetryPeriod is the duration the LeaderElector clients should wait
// between tries of actions. (default 2s)
LeaderElectRetryPeriod time.Duration `envconfig:"LEADER_ELECT_RETRY_PERIOD" default:"2s"`
// EnableFilterNamespace will filter namespace with annotation. Only the pods/containers in namespace
// annotated with `chaos-mesh.org/inject=enabled` will be injected
EnableFilterNamespace bool `envconfig:"ENABLE_FILTER_NAMESPACE" default:"false"`
// CertsDir is the directory for storing certs key file and cert file
CertsDir string `envconfig:"CERTS_DIR" default:"/etc/webhook/certs"`
// RPCTimeout is timeout of RPC between controllers and chaos-operator
RPCTimeout time.Duration `envconfig:"RPC_TIMEOUT" default:"1m"`
// ClusterScoped means control Chaos Object in cluster level(all namespace),
ClusterScoped bool `envconfig:"CLUSTER_SCOPED" default:"true"`
// TargetNamespace is the target namespace to injecting chaos.
// It only works with ClusterScoped is false;
TargetNamespace string `envconfig:"TARGET_NAMESPACE" default:""`
// DNSServiceName is the name of DNS service, which is used for DNS chaos
DNSServiceName string `envconfig:"CHAOS_DNS_SERVICE_NAME" default:""`
DNSServicePort int `envconfig:"CHAOS_DNS_SERVICE_PORT" default:""`
// SecurityMode is used for enable authority validation in admission webhook
SecurityMode bool `envconfig:"SECURITY_MODE" default:"true" json:"security_mode"`
// ChaosdSecurityMode is used for enable mTLS connection between chaos-controller-manager and chaod
ChaosdSecurityMode bool `envconfig:"CHAOSD_SECURITY_MODE" default:"true" json:"chaosd_security_mode"`
// Namespace is the namespace which the controller manager run in
Namespace string `envconfig:"NAMESPACE" default:""`
// AllowHostNetworkTesting removes the restriction on chaos testing pods with `hostNetwork` set to true
AllowHostNetworkTesting bool `envconfig:"ALLOW_HOST_NETWORK_TESTING" default:"false"`
// PodFailurePauseImage is used to set a custom image for pod failure
PodFailurePauseImage string `envconfig:"POD_FAILURE_PAUSE_IMAGE" default:"gcr.io/google-containers/pause:latest"`
EnabledControllers []string `envconfig:"ENABLED_CONTROLLERS" default:"*"`
EnabledWebhooks []string `envconfig:"ENABLED_WEBHOOKS" default:"*"`
LocalHelmChartPath string `envconfig:"LOCAL_HELM_CHART_PATH" default:""`
}
func EnvironChaosController() (ChaosControllerConfig, error)
EnvironChaosController returns the settings from the environment.
ChaosDashboardConfig defines the configuration for Chaos Dashboard
type ChaosDashboardConfig struct {
ListenHost string `envconfig:"LISTEN_HOST" default:"0.0.0.0" json:"listen_host"`
ListenPort int `envconfig:"LISTEN_PORT" default:"2333" json:"listen_port"`
MetricHost string `envconfig:"METRIC_HOST" default:"0.0.0.0" json:"-"`
MetricPort int `envconfig:"METRIC_PORT" default:"2334" json:"-"`
EnableLeaderElection bool `envconfig:"ENABLE_LEADER_ELECTION" json:"-"`
Database *DatabaseConfig `json:"-"`
PersistTTL *TTLConfigWithStringTime `json:"-"`
// ClusterScoped means control Chaos Object in cluster level(all namespace).
ClusterScoped bool `envconfig:"CLUSTER_SCOPED" default:"true" json:"cluster_mode"`
// TargetNamespace is the target namespace to injecting chaos.
// It only works with ClusterScoped is false.
TargetNamespace string `envconfig:"TARGET_NAMESPACE" default:"" json:"target_namespace"`
// EnableFilterNamespace will filter namespace with annotation. Only the pods/containers in namespace
// annotated with `chaos-mesh.org/inject=enabled` will be injected.
EnableFilterNamespace bool `envconfig:"ENABLE_FILTER_NAMESPACE" default:"false"`
// SecurityMode will use the token login by the user if set to true
SecurityMode bool `envconfig:"SECURITY_MODE" default:"true" json:"security_mode"`
// GcpSecurityMode will use the gcloud authentication to login to GKE user
GcpSecurityMode bool `envconfig:"GCP_SECURITY_MODE" default:"false" json:"gcp_security_mode"`
GcpClientId string `envconfig:"GCP_CLIENT_ID" default:"" json:"-"`
GcpClientSecret string `envconfig:"GCP_CLIENT_SECRET" default:"" json:"-"`
RootUrl string `envconfig:"ROOT_URL" default:"http://localhost:2333" json:"root_path"`
// enableProfiling is a flag to enable pprof in controller-manager and chaos-daemon
EnableProfiling bool `envconfig:"ENABLE_PROFILING" default:"true" json:"-"`
// After v2.5, the DNS server is created by default.
DNSServerCreate bool `envconfig:"DNS_SERVER_CREATE" default:"true" json:"dns_server_create"`
Version string `json:"version"`
// The QPS config for kubernetes client
QPS float32 `envconfig:"QPS" default:"200" json:"-"`
// The Burst config for kubernetes client
Burst int `envconfig:"BURST" default:"300" json:"-"`
}
func GetChaosDashboardEnv() (*ChaosDashboardConfig, error)
GetChaosDashboardEnv gets all env variables related to dashboard.
DatabaseConfig defines the configuration for databases
type DatabaseConfig struct {
Driver string `envconfig:"DATABASE_DRIVER" default:"sqlite3"`
// Datasource is the connection string for database.
// For sqlite3, it is the path of the database file.
// For mysql, it is the DSN (https://github.com/go-sql-driver/mysql#dsn-data-source-name).
Datasource string `envconfig:"DATABASE_DATASOURCE" default:"core.sqlite"`
}
TLSConfig defines the configuration for chaos-daemon and chaosd tls client
type TLSConfig struct {
// ChaosMeshCACert is the path of chaos daemon ca cert
ChaosMeshCACert string `envconfig:"CHAOS_MESH_CA_CERT" default:""`
// ChaosDaemonClientCert is the path of chaos daemon certificate
ChaosDaemonClientCert string `envconfig:"CHAOS_DAEMON_CLIENT_CERT" default:""`
// ChaosDaemonClientKey is the path of chaos daemon certificate key
ChaosDaemonClientKey string `envconfig:"CHAOS_DAEMON_CLIENT_KEY" default:""`
// ChaosdCACert is the path of chaosd ca cert
ChaosdCACert string `envconfig:"CHAOSD_CA_CERT" default:""`
// ChaosdClientCert is the path of chaosd certificate
ChaosdClientCert string `envconfig:"CHAOSD_CLIENT_CERT" default:""`
// ChaosdClientKey is the path of chaosd certificate key
ChaosdClientKey string `envconfig:"CHAOSD_CLIENT_KEY" default:""`
}
TTLConfig defines all the TTL-related configurations.
type TTLConfig struct {
// ResyncPeriod defines the period of cleaning data.
ResyncPeriod time.Duration
// TTL of events.
EventTTL time.Duration
// TTL of experiments.
ExperimentTTL time.Duration
// TTL of schedules.
ScheduleTTL time.Duration
// TTL of workflows.
WorkflowTTL time.Duration
}
TTLConfigWithStringTime defines all the TTL-related configurations with string type time.
type TTLConfigWithStringTime struct {
ResyncPeriod string `envconfig:"CLEAN_SYNC_PERIOD" default:"12h"`
EventTTL string `envconfig:"TTL_EVENT" default:"168h"` // one week
ExperimentTTL string `envconfig:"TTL_EXPERIMENT" default:"336h"` // two weeks
ScheduleTTL string `envconfig:"TTL_SCHEDULE" default:"336h"`
WorkflowTTL string `envconfig:"TTL_WORKFLOW" default:"336h"`
}
func (config *TTLConfigWithStringTime) Parse() (*TTLConfig, error)