I want to perform some stress-test for the applications that are run inside docker containers. Simple scenarios like turn on/off dropping all the packets for a specified IP address.
I’ve tried some tools, but none of them seem to satisfy me:
Disconnecting containers from the bridge network – sadly it drops all connections, not only to the specified ips.
Setting up iptables rules from inside a container – it requires a container to be launched in privileged mode, which is not a great practice (I’d like to have an approach that is suitable even for production environments).
Modifying the host’s iptables also doesn’t look like an option – I’d like to create network issues for a specific container, not for all the containers on the host.
What are some possible ways I should look into?
Are there any chaos engineering tools that are to-go options for such needs?