denier适配器访问控制比较死板。Listchecker的适配器更加灵活。
定义handler:
apiVersion: config.istio.io/v1alpha2
kind: listchecker
metadata:
name: chaos
spec:
overrides: ["v1","v3"] # 列表
blacklist: true # 黑名单类型
定义template: 下面的模板相当于定义了输入参数
apiVersion: config.istio.io/v1alpha2
kind: listentry
metadata:
name: version
spec:
value: source.labels["version"]
定义Rule:
apiVersion: config.istio.io/v1alpha2
kind: rule
metadata:
name: checkversion
spec:
match: destination.labels["app"] == "prod-forecasting"
actions:
- handler: chaos.listchecker
instances:
- version.listentry