search

chaos-mesh / chaosd

A Chaos Engineering toolkit.
Apache License 2.0
136 stars 63 forks source link

network faults can not be deleted,or can not repeat injection , iptables error 'Chain already exists' #178

Open Joker1222 opened 2 years ago

Joker1222 commented 2 years ago

os debian10 chaosd version v1.2.0 iptables version v1.8.2 (nf_tables) 


2022-06-16T14:29:55.175+0800    INFO    background-process-manager      build command   {"command": "iptables -w -N CHAOS-INPUT"}
2022-06-16T14:29:55.176+0800    INFO    background-process-manager      build command   {"command": "iptables -w -F CHAOS-INPUT"}
2022-06-16T14:29:55.176+0800    INFO    background-process-manager      build command   {"command": "iptables -w -S INPUT"}
2022-06-16T14:29:55.177+0800    INFO    background-process-manager      build command   {"command": "iptables -w -A INPUT -j CHAOS-INPUT"}
2022-06-16T14:29:55.178+0800    INFO    background-process-manager      build command   {"command": "iptables -w -N CHAOS-OUTPUT"}
2022-06-16T14:29:55.178+0800    INFO    background-process-manager      build command   {"command": "iptables -w -F CHAOS-OUTPUT"}
2022-06-16T14:29:55.179+0800    INFO    background-process-manager      build command   {"command": "iptables -w -S OUTPUT"}
2022-06-16T14:29:55.180+0800    INFO    background-process-manager      build command   {"command": "iptables -w -A OUTPUT -j CHAOS-OUTPUT"}
2022-06-16T14:29:55.180+0800    INFO    chaos-daemon-server     handling tc request     {"tcs": "tcs:{netem:{time:100000}}  tcs:{netem:{time:100000}}  device:\"eth0\""}
2022-06-16T14:29:55.180+0800    INFO    background-process-manager      build command   {"command": "tc qdisc del dev eth0 root"}
2022-06-16T14:29:55.181+0800    INFO    chaos-daemon-server     add tc  {"tc": "netem:{time:100000}"}
2022-06-16T14:29:55.181+0800    INFO    chaos-daemon-server     adding netem    {"device": "eth0", "parent": "root", "handle": "handle 1:"}
2022-06-16T14:29:55.181+0800    INFO    background-process-manager      build command   {"command": "tc qdisc add dev eth0 root handle 1: netem delay 100000"}
2022-06-16T14:29:55.182+0800    INFO    chaos-daemon-server     add tc  {"tc": "netem:{time:100000}"}
2022-06-16T14:29:55.182+0800    INFO    chaos-daemon-server     adding netem    {"device": "eth0", "parent": "parent 1:", "handle": "handle 2:"}
2022-06-16T14:29:55.182+0800    INFO    background-process-manager      build command   {"command": "tc qdisc add dev eth0 parent 1: handle 2: netem delay 100000"}
[GIN] 2022/06/16 - 14:29:55 | 200 |   12.326215ms |      10.1.x.84 | POST     "/api/attack/network"
2022-06-16T14:41:37.074+0800    INFO    chaos-daemon-server     Set iptables chains     {"request": ""}
2022-06-16T14:41:37.074+0800    INFO    background-process-manager      build command   {"command": "iptables -w -N CHAOS-INPUT"}
2022-06-16T14:41:37.075+0800    ERROR   chaos-daemon-server     error while initializing iptables       {"error": "error code: exit status 1, msg: iptables v1.8.2 (nf_tables): Chain already exists\n"}
github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon.(*DaemonServer).SetIptablesChains
        /github/home/go/pkg/mod/github.com/chaos-mesh/chaos-mesh@v0.9.1-0.20210525104133-41e37dd1ac16/pkg/chaosdaemon/iptables_server.go:45
github.com/chaos-mesh/chaosd/pkg/server/chaosd.(*Server).recoverIptables
        /__w/chaosd/chaosd/pkg/server/chaosd/network.go:395
github.com/chaos-mesh/chaosd/pkg/server/chaosd.networkAttack.Recover
        /__w/chaosd/chaosd/pkg/server/chaosd/network.go:359
github.com/chaos-mesh/chaosd/pkg/server/chaosd.(*Server).RecoverAttack
        /__w/chaosd/chaosd/pkg/server/chaosd/recover.go:81
github.com/chaos-mesh/chaosd/pkg/server/httpserver.(*httpServer).recoverAttack
        /__w/chaosd/chaosd/pkg/server/httpserver/server.go:417
github.com/gin-gonic/gin.(*Context).Next
        /github/home/go/pkg/mod/github.com/gin-gonic/gin@v1.6.3/context.go:161
github.com/chaos-mesh/chaosd/pkg/server/utils.MWHandleErrors.func1
        /__w/chaosd/chaosd/pkg/server/utils/error.go:47
github.com/gin-gonic/gin.(*Context).Next
        /github/home/go/pkg/mod/github.com/gin-gonic/gin@v1.6.3/context.go:161
github.com/gin-gonic/gin.RecoveryWithWriter.func1
        /github/home/go/pkg/mod/github.com/gin-gonic/gin@v1.6.3/recovery.go:83
github.com/gin-gonic/gin.(*Context).Next
        /github/home/go/pkg/mod/github.com/gin-gonic/gin@v1.6.3/context.go:161
github.com/gin-gonic/gin.LoggerWithConfig.func1
        /github/home/go/pkg/mod/github.com/gin-gonic/gin@v1.6.3/logger.go:241
github.com/gin-gonic/gin.(*Context).Next
        /github/home/go/pkg/mod/github.com/gin-gonic/gin@v1.6.3/context.go:161
github.com/gin-gonic/gin.(*Engine).handleHTTPRequest
        /github/home/go/pkg/mod/github.com/gin-gonic/gin@v1.6.3/gin.go:409
github.com/gin-gonic/gin.(*Engine).ServeHTTP
        /github/home/go/pkg/mod/github.com/gin-gonic/gin@v1.6.3/gin.go:367
net/http.serverHandler.ServeHTTP
        /__t/go/1.16.2/x64/src/net/http/server.go:2887
net/http.(*conn).serve
        /__t/go/1.16.2/x64/src/net/http/server.go:1952
[GIN] 2022/06/16 - 14:41:37 | 500 |    1.410471ms |      10.1.x.84 | DELETE   "/api/attack/135f4c19-94c7-4464-9e35-ef1d8b48813e"
Error #01: error.api.internal_server_error: Recover experiment 135f4c19-94c7-4464-9e35-ef1d8b48813e failed: error code: exit status 1, msg: iptables v1.8.2 (nf_tables): Chain already exists```

I must be call 'iptables -F && Iptables -X '  for delete rule and chain before injection or recovery ?
Is there a better way?