Implement hashing in go and add README

2019-09-01 20:43:02 +01:00
parent 8e8907f48b
commit d83cc1b06d
7 changed files with 134 additions and 83 deletions
--- a/29
+++ b/29
@ -10,23 +10,38 @@ RUN apt-get update

 FROM ubuntu AS ubuntu-deps
 # Install dependencies
-RUN apt-get install -y -o APT::Install-Suggests=0 --no-install-recommends git wget ca-certificates
-RUN git clone https://github.com/GideonRed/dockerdoom.git
+RUN apt-get install -y \
+  -o APT::Install-Suggests=0 \
+  --no-install-recommends \
+  wget ca-certificates
 RUN wget http://distro.ibiblio.org/pub/linux/distributions/slitaz/sources/packages/d/doom1.wad
-RUN wget -O /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/v1.15.3/bin/linux/amd64/kubectl && chmod +x /usr/bin/kubectl
+RUN wget -O /usr/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/v1.15.3/bin/linux/amd64/kubectl \
+  && chmod +x /usr/bin/kubectl

 FROM ubuntu AS ubuntu-build

 ENV DEBIAN_FRONTEND=noninteractive
-RUN apt-get install -y -o APT::Install-Suggests=0 --no-install-recommends build-essential libsdl-mixer1.2-dev libsdl-net1.2-dev gcc
+RUN apt-get install -y \
+  -o APT::Install-Suggests=0 \
+  --no-install-recommends \
+  build-essential \
+  libsdl-mixer1.2-dev \
+  libsdl-net1.2-dev \
+  gcc

 # Setup doom
-COPY --from=ubuntu-deps /dockerdoom /dockerdoom
+ADD /dockerdoom /dockerdoom
 RUN cd /dockerdoom/trunk && ./configure --enable-static && make && make install

 FROM ubuntu
-RUN apt-get install -y -o APT::Install-Suggests=0 --no-install-recommends libsdl-mixer1.2 libsdl-net1.2 x11vnc xvfb netcat-openbsd
-
+RUN apt-get install -y \
+  -o APT::Install-Suggests=0 \
+  --no-install-recommends \
+  libsdl-mixer1.2 \
+  libsdl-net1.2 \
+  x11vnc \
+  xvfb \
+  netcat-openbsd

 WORKDIR /root/

--- a/README.md
+++ b/README.md
@ -0,0 +1,61 @@
+# Kube DOOM
+## Kill Kubernetes pods using Id's Doom!
+
+The next level of chaos engineering is here! Kill pods inside your Kubernetes
+cluster by shooting them in Doom!
+
+This is a fork of the excellent
+[gideonred/dockerdoomd](https://github.com/gideonred/dockerdoomd) using a
+slightly modified Doom, forked from https://github.com/gideonred/dockerdoom,
+which was forked from psdoom.
+
+## Usage
+
+Run the `storaxdev/kubedoom:0.1.0` docker image inside your cluster and expose
+port 5900. Then connect with a VNC viewer to it.
+
+You can quickly test it using [kind](https://github.com/kubernetes-sigs/kind).
+Create a cluster with the example config from this repository:
+
+```console
+$ kind create cluster --config kind-config.yaml
+Creating cluster "kind" ...
+ ✓ Ensuring node image (kindest/node:v1.15.0) 🖼
+ ✓ Preparing nodes 📦📦
+ ✓ Creating kubeadm config 📜
+ ✓ Starting control-plane 🕹️
+ ✓ Installing CNI 🔌
+ ✓ Installing StorageClass 💾
+ ✓ Joining worker nodes 🚜
+Cluster creation complete. You can now use the cluster with:
+
+export KUBECONFIG="$(kind get kubeconfig-path --name="kind")"
+kubectl cluster-info
+```
+
+This will spin up a 2 node cluster inside docker, with port 5900 exposed from
+the worker node. Then run kubedoom inside the cluster by applying the manifest
+provided in this repository:
+
+```console
+$ export KUBECONFIG="$(kind get kubeconfig-path --name="kind")"
+$ kubectl apply -f manifest/
+namespace/kubedoom created
+deployment.apps/kubedoom created
+serviceaccount/kubedoom created
+clusterrolebinding.rbac.authorization.k8s.io/kubedoom created
+```
+
+Now start a VNC viewer and connect to `localhost:5900`. The password is `1234`:
+```console
+$ vncviewer viewer localhost
+```
+
+You should now see DOOM! Now if you want to get the job done quickly enter the
+cheat `idspispopd` and walk through the wall on your right. You should be
+greeted by your pods as little pink monsters. Press `CTRL` to fire. If the
+pistol is not your thing, cheat with `idkfa` and press `5` for a nice surprise.
+Pause the game with `ESC`.
+
+Kubedoom requires a service account with permissions to list all pods and delete
+them and uses kubectl 1.15.3.
--- a/dockerdoom/trunk/src/pr_process.c
+++ b/dockerdoom/trunk/src/pr_process.c
@ -137,8 +137,8 @@ void pr_check(void) {
  while (fgets(buf, 255, f)) {
    int read_fields = sscanf(buf, "%s\n", namebuf);
    if (read_fields == 1 && namebuf) {
-      fprintf(stderr, "Demon: %s\n", namebuf);
      pid = hash(namebuf);
+      fprintf(stderr, "Demon: %s, %d\n", namebuf, pid);
      demon = true;
      add_to_pid_list(pid, namebuf, demon);
    }
--- a/kind-config.yaml
+++ b/kind-config.yaml
@ -6,4 +6,4 @@ nodes:
  extraPortMappings:
  - containerPort: 5900
    hostPort: 5900
-    listenAddress: "127.0.0.1" # Optional, defaults to "0.0.0.0"
+    listenAddress: "127.0.0.1"
--- a/kubedoom.go
+++ b/kubedoom.go
@ -1,18 +1,27 @@
 package main

-//TODO: Make your container die if you die
-
 import (
-	"flag"
-	//"fmt"
 	"log"
 	"net"
 	"os"
 	"os/exec"
 	"strings"
 	"time"
+	"strconv"
 )

+func hash(input string) int32 {
+	var hash int32
+	hash = 5381
+	for _, char := range input {
+		hash = ((hash << 5) + hash + int32(char))
+	}
+	if (hash < 0) {
+		hash = 0 - hash
+	}
+	return hash
+}
+
 func runCmd(cmdstring string) {
 	parts := strings.Split(cmdstring, " ")
 	cmd := exec.Command(parts[0], parts[1:len(parts)]...)
@ -38,6 +47,7 @@ func startCmd(cmdstring string) {
 	parts := strings.Split(cmdstring, " ")
 	cmd := exec.Command(parts[0], parts[1:len(parts)]...)
 	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
 	cmd.Stdin = os.Stdin
 	err := cmd.Start()
 	if err != nil {
@ -45,70 +55,55 @@ func startCmd(cmdstring string) {
 	}
 }

-func startCmdSilent(cmdstring string) {
-	parts := strings.Split(cmdstring, " ")
-	cmd := exec.Command(parts[0], parts[1:len(parts)]...)
-	cmd.Stdin = os.Stdin
-	err := cmd.Start()
-	if err != nil {
-		log.Fatalf("The following command failed: \"%v\"\n", cmdstring)
-	}
+func getPods() []string {
+	args := []string{"kubectl", "get", "pods", "-A", "-o", "go-template", "--template={{range .items}}{{.metadata.namespace}}/{{.metadata.name}} {{end}}"}
+	output := outputCmd(args)
+	outputstr := strings.TrimSpace(output)
+	pods := strings.Split(outputstr, " ")
+	return pods
 }

 func socketLoop(listener net.Listener) {
-	log.Print("Socket loop")
 	for true {
-		log.Print("accept?")
 		conn, err := listener.Accept()
-		log.Print("accept!")
 		if err != nil {
 			panic(err)
 		}
 		stop := false
 		for !stop {
 			bytes := make([]byte, 40960)
-			log.Print("Reading")
 			n, err := conn.Read(bytes)
 			if err != nil {
 				stop = true
 			}
-			log.Print("got suff")
 			bytes = bytes[0:n]
 			strbytes := strings.TrimSpace(string(bytes))
-			log.Printf("Received: '%s'", strbytes)
+			pods := getPods()
 			if strbytes == "list" {
-				// output := outputCmd(fmt.Sprintf("%v ps -q", dockerBinary))
-				args := []string{"kubectl", "get", "pods", "-A", "-o", "go-template", "--template={{range .items}}{{.metadata.namespace}}/{{.metadata.name}} {{end}}"}
-				output := outputCmd(args)
-				log.Printf("output: '%s'", output)
-				_, err = conn.Write([]byte(output))
-				if err != nil {
-					log.Fatal("Could not write to socker file")
+				for _, pod := range pods {
+					padding := strings.Repeat("\n", 255 - len(pod))
+					_, err = conn.Write([]byte(pod + padding))
+					if err != nil {
+						log.Fatal("Could not write to socker file")
+					}
 				}
-				//cmd := exec.Command("/usr/bin/docker", "inspect", "-f", "{{.Name}}", "`docker", "ps", "-q`")
-				// outputstr := strings.TrimSpace(output)
-				// pods := strings.Split(outputstr, "\n")
-				// for _, pod := range pods {
-				// 	log.Print(pod)
-				// 	_, err = conn.Write([]byte(pod + " "))
-				// 	if err != nil {
-				// 		log.Fatal("Could not write to socker file")
-				// 	}
-				// 	time.Sleep(time.Duration(200) * time.Millisecond)
-				// }
 				conn.Close()
 				stop = true
 			} else if strings.HasPrefix(strbytes, "kill ") {
-				log.Printf("killcommand: '%s'", strbytes)
-				// parts := strings.Split(strbytes, " ")
-				// pod := strings.TrimSpace(parts[1])
-				// podparts := strings.Split(pod, "/")
-				// namespace := podparts[0]
-
-				// podname := podparts[1]
-				// log.Printf("Pod to kill: %s // %s", namespace, podname)
-				// cmd := exec.Command(dockerBinary, "rm", "-f", docker_id)
-				// go cmd.Run()
+				parts := strings.Split(strbytes, " ")
+				killhash, err := strconv.ParseInt(parts[1], 10, 32)
+				if err != nil {
+					log.Fatal("Could not parse kill hash")
+				}
+				for _, pod := range pods {
+					if (hash(pod) == int32(killhash)) {
+						log.Printf("Pod to kill: %v", pod)
+						podparts := strings.Split(pod, "/")
+						cmd := exec.Command("/usr/bin/kubectl", "delete", "pod", "-n", podparts[0], podparts[1])
+						go cmd.Run()
+						break
+					}
+				}
 				conn.Close()
 				stop = true
 			}
@ -117,23 +112,18 @@ func socketLoop(listener net.Listener) {
 }

 func main() {
-	var asciiDisplay bool
-	flag.BoolVar(&asciiDisplay, "asciiDisplay", false, "Don't use fancy vnc, throw DOOM straightup on my terminal screen")
-	flag.Parse()
-
 	listener, err := net.Listen("unix", "/dockerdoom.socket")
 	if err != nil {
 		log.Fatalf("Could not create socket file")
 	}

-	if !asciiDisplay {
-		log.Print("Create virtual display")
-		startCmd("/usr/bin/Xvfb :99 -ac -screen 0 640x480x24")
-		time.Sleep(time.Duration(2) * time.Second)
-		startCmd("x11vnc -geometry 640x480 -forever -usepw -display :99")
-		log.Print("You can now connect to it with a VNC viewer at port 5900")
-	}
+	log.Print("Create virtual display")
+	startCmd("/usr/bin/Xvfb :99 -ac -screen 0 640x480x24")
+	time.Sleep(time.Duration(2) * time.Second)
+	startCmd("x11vnc -geometry 640x480 -forever -usepw -display :99")
+	log.Print("You can now connect to it with a VNC viewer at port 5900")
+
 	log.Print("Trying to start DOOM ...")
-	startCmdSilent("/usr/bin/env DISPLAY=:99 /usr/local/games/psdoom -warp -E1M1")
+	startCmd("/usr/bin/env DISPLAY=:99 /usr/local/games/psdoom -warp -E1M1")
 	socketLoop(listener)
 }
--- a/manifest/deployment.yaml
+++ b/manifest/deployment.yaml
@ -18,7 +18,7 @@ spec:
      hostNetwork: true
      serviceAccountName: kubedoom
      containers:
-      - image: kubedoom:0.1.2
+      - image: storaxdev/kubedoom:0.1.0
        name: kubedoom
        ports:
        - containerPort: 5900
--- a/manifest/service.yaml
+++ b/manifest/service.yaml
@ -1,15 +0,0 @@
-# apiVersion: v1
-# kind: Service
-# metadata:
-#   labels:
-#     app: kubedoom
-#   name: kubedoom
-#   namespace: kubedoom
-# spec:
-#   type: NodePort
-#   ports:
-#   - name: vnc
-#     port: 5900
-#     targetPort: vnc
-#   selector:
-#     app: kubedoom