SECTOR 03 // REFERENCE
netem & resource
Composed Pumba providers for kernel-level network faults and resource exhaustion.
Composed Pumba faults. Two composed providers ship as examples
(examples/faults/providers/) that drive
Pumba for kernel-level network faults
and resource exhaustion. They need the pumba binary on PATH and
NET_ADMIN / privileged access on the target containers.
| provider | verbs |
|---|---|
netem | delay (target, ms), loss (target, percent), rate (target, kbps), clear (target) |
resource | cpu (target, load), memory (target, bytes), io (target, workers), clear (target) |
Each fault verb runs Pumba under background and reverts on clear via
stop_background. The background step declares effect: degradation, so the
fault is tracked and the recovery check applies. netem complements
toxiproxy: netem hits all traffic at the interface, with no proxy in the
request path.
Caveats, all confirmed against a live Docker + Pumba run:
targetis a container name, not a compose service name (or are2:pattern). Pumba logsno containers foundand exits 0 on a miss, so a wrong target fails silently. Pin the name (container_name:in the compose file) so a service-style target resolves.- The fault is backgrounded and is not synchronized: nothing waits for Pumba to
attach and apply the rule before the scenario proceeds. Add a
wait_until/sleepif a step must observe the fault already in effect. - Surviving a fault is asserted today; observing the degradation itself (for example, that latency actually rose) needs a latency-capturing probe that the current verb set does not provide.