Network Tolerance Testing (and Nginx)

Somewhat tiny example of the network tolerance testing code is contained in the following example:

containers:
  flask:
    setup:
    - !Ubuntu xenial
    - !PipConfig { dependencies: true }
    - !Py3Install [flask]

  nginx:
    setup:
    - !Ubuntu xenial
    - !Install [nginx]

  test:
    setup:
    - !Alpine v3.5
    - !Install [iptables]
    - !EnsureDir /vagga
    volumes:
      /vagga: !VaggaBin
    environ:
      PATH: /bin:/vagga:/sbin

  bench:
    setup:
    - !Alpine v3.5
    - !Repo edge/testing
    - !Install [wrk]

commands:

  run-normal: !Supervise
    description: Just run flask behind an nginx (http://172.23.255.2:8000)
    children:
      nginx: !Command
        container: nginx
        network:
          ip: 172.23.0.1
          ports: {8000: 8000}
        run: [nginx, -c, "/work/nginx.conf"]
      flask: !Command
        container: flask
        network:
          ip: 172.23.0.2
          ports: {5000: 5000}
        run: "python3 app.py"

  run-flaky: !Supervise
    description: |
      Just run flask behind nginx with network that doesn't work
      50% of the time (http://172.23.255.2:8000)
    children:
      nginx: !Command
        container: nginx
        network:
          ip: 172.23.0.1
          ports: {8000: 8000}
        run: [nginx, -c, "/work/nginx.conf"]
      flask: !Command
        container: flask
        network:
          ip: 172.23.0.2
          ports: {5000: 5000}
        run: "python3 app.py"
      interrupt: !BridgeCommand
        container: test
        run: |
          set -x
          while true; do
            vagga _network isolate flask
            sleep 1
            vagga _network fullmesh
            sleep 1
          done

  wrk: !Command
    description: Run wrk (should try against running server)
    container: bench
    run: [wrk]

This example also includes almost a smallest possible nginx configuration:

daemon off;
master_process off;
worker_processes  1;
user root;

error_log stderr;
#pid /tmp/nginx.pid;

events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    access_log off;

    client_body_temp_path /tmp 1 2;
    proxy_temp_path /tmp 1 2;
    fastcgi_temp_path /tmp 1 2;
    uwsgi_temp_path /tmp 1 2;
    scgi_temp_path /tmp 1 2;

    sendfile        on;

    keepalive_timeout  65;

    server {
        listen       8000;
        large_client_header_buffers 4 64k;

        charset utf-8;

        location / {
            proxy_pass http://172.18.0.2:5000;
        }

    }

}

Note

The nginx spits the following message just after start:

nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (30: Read-only file system)

It’s fine, we can’t change this directory as it’s hardcoded into the source. While we can mount Tmpfs volume into /var/log/nginx we don’t have to, as all other messages are actually logged into the stderr as configured. So this is just annoying and useless warning that is safe to ignore.