Skip to main content

Redis cache penetration

Redis cache penetration fault continuously sends cache requests to the Redis database to find the value for a key that does not exist. This continuous request reduces the performance of the application.

Pod Redis cache penetration

Use cases

  • Slows down the database for responses to other requests.
  • Determines the resilience of Redis-dependant application when cache requests are continuously sent to a Redis database and they result in a cache miss.

Redis authentication

note

If your Redis server doesn't require authentication, you can directly provide the ADDRESS tunable, that refers to the Redis server address. Refer here.

If your application requires a secret or authentication, provide the ADDRESS, PASSWORD and the TLS authentication certificate. Create a Kubernetes secret (say redis-secret) in the namespace where the fault executes. A sample is shown below.

apiVersion: v1
kind: Secret
metadata:
name: redis-secret # Name of the Secret
type: Opaque # Default Secret type
stringData:
redis-secret.yaml: |-
address: 34.136.111.6:6379
password: mypass
tlsCertFile: <cert>

After creating the secret, mount the secret into the experiment, and reference the mounted file path using the SECRET_FILE_PATH environment variable in the experiment manifest. A sample is shown below.

apiVersion: litmuschaos.io/v1alpha1
kind: K8sFault
metadata:
name: redis-cache-penetration
spec:
definition:
chaos:
env:
... # other env
... # other env
- name: SECRET_FILE_PATH
value: "/tmp/redis-secret.yaml"
components:
secrets: # Kubernetes secret mounted
- name: redis-secret
mountPath: /tmp/

Optional tunables

Tunable Description Notes
TOTAL_CHAOS_DURATION Duration through which chaos is injected into the target resource. Should be provided in [numeric-hours]h[numeric-minutes]m[numeric-seconds]s format. Default: 30s. Examples: 1m25s, 1h3m2s, 1h3s. For more information, go to duration.
RAMP_TIME Period to wait before and after injecting chaos. Should be provided in [numeric-hours]h[numeric-minutes]m[numeric-seconds]s format. Default: 0s. Examples: 1m25s, 1h3m2s, 1h3s. For more information, go to ramp time.
ADDRESS The address of the Redis server. If your Redis server doesn't require authentication, directly provide the address.
REQUEST_COUNT Number of requests to be sent for accessing the cache. Default: 1000.
SECRET_FILE_PATH Path to the file that contains the secret. If a password or certificate is required alongside the address, use the secret file approach.

Parameters

The following YAML snippet illustrates the use of these tunables:

apiVersion: litmuschaos.io/v1alpha1
kind: KubernetesChaosExperiment
metadata:
name: redis-cache-limit
namespace: hce
spec:
tasks:
- definition:
chaos:
env:
- name: TOTAL_CHAOS_DURATION
value: "60" # in seconds
## Period to wait before and after injection of chaos in sec
- name: RAMP_TIME
value: ""
- name: ADDRESS
value: ""
- name: REQUEST_COUNT
value: "1000"
- name: SECRET_FILE_PATH # optional- required only for authentication
value: "/tmp/redis-secret.yaml"