Running Denial of Service Attacks
Explore how to run Denial of Service attacks using chaos engineering tools in Kubernetes. Understand how to simulate high traffic with tools like Siege, analyze application responses, and identify system weaknesses. Learn the importance of circuit breakers in service meshes like Istio to prevent overload and improve application resilience.
We'll cover the following...
We'll cover the following...
Now that you are familiar with Siege, and that you have seen a “trick” baked in the go-demo-8 app that allows us to limit the number of requests the application can handle, we can construct a chaos experiment that will check how the application behaves when under Denial of Service attack.
Inspecting the definition of network-dos.yaml
Let’s take a look at yet another chaos experiment definition.
The output is as follows.
version: 1.0.0
title: What happens if we abort responses
description: If responses are aborted, the dependant application should retry and/or timeout requests
tags:
- k8s
- pod
- deployment
- istio
configuration:
ingress_host:
type: env
key: INGRESS_HOST
steady-state-hypothesis:
title: The app is healthy
probes:
- type: probe
name: app-responds-to-requests
tolerance: 200
provider:
type: http
timeout: 5
verify_tls: false
url: http://${ingress_host}?addr=http://go-demo-8/limiter
headers:
Host: repeater.acme.com
method:
- type: action
name: abort-failure
provider:
type: process
path: kubectl
arguments:
- run
- siege
- --namespace
- go-demo-8
- --image
- yokogawa/siege
- --generator
- run-pod/v1
- -it
- --rm
- --
-