KevinPoole
commented
3 years ago @karunchennuri let me know what you think of all of this. slightly more involved than the previous PRs, but I believe in all cases backwards compatibility is preserved and the tool is improved some.
Crunchy PostgreSQL Service has services that follow the pattern of
postgresql-11-odb. Seems like a reasonable assumption that the needed values in the services yaml will be the same across the versions, so chose to cover allpostgresql-\d+-odbwith a single pattern.The approach for implementing ingress traffic manipulation was almost entirely copied from here: https://wiki.linuxfoundation.org/networking/netem#how_can_i_use_netem_on_incoming_traffic
The only notes with that are:
sudo modprobe ifb... leaving this module loaded seems relatively harmless compared to unloading it in the case that we were not the ones who loaded it (as in, someone/thing else is depending on it being loaded) so I opted to leave it loaded rather than try to undo that during theunmanipulate_trafficmethod.ifb0interface being up. harmless to leave up, but harmful to take down if someone else is depending on it.Finally, I also added rate limiting via netem to the
manipulate_trafficmethod. This should be nice since it says that the shape traffic can not happen at the same time asmanipulate_trafficbut this will allow the insertion of throughput limiting alongside other traffic manipulations like latency, loss, etc.Based on the PCF release notes here: https://docs.pivotal.io/pivotalcf/2-6/pcf-release-notes/runtime-rn.html ... in newer releases,
containerdis used instead ofrunc. I added the ability to usecontainerdto get a shell / execute commands on a container which can be enabled via ause-containerdentry in the config. this is disabled by default so will not effect behavior unless you choose to.