Creating an SRE Testing Interview VM

linux ubuntu system-monitoring stress-testing

edit replace SELinux with AppArmor for Ubuntu

Here are a few suggestion that should be easy to set up in a VM (and I ran into over the years):

  • set invalid POSIX permissions for content the web server should deliver.
  • set invalid SELinux labels for content.
  • break the connection between web server and a backend server (e.g. with IPTables or SELinux)
  • as @anx suggested break DNS with /etc/hosts entries or invalid nameservers
  • create an invalid virtual host / SNI config, making the web server reply with an incorrect vhosts' content.
  • create a resource exhaustion scenario invoking the OOM-Killer.
  • Block inbound connections with firewalld/iptables/nftables/SELinux.
  • Create a config missing content - e.g. missing user and homedirectory, missing content, misspelled ip addresses or directory names, etc.
  • Block outbound connections and serve an app from the webserver that needs them.
  • Stop and disable needed services - e.g. the DB server.
  • Scramble the app's db user's password or introduce a typo.
  • Remove grants for the app db user.
  • Fill up the filesystem.
  • Introduce a failure state in the application depending on text encoding and collation (e.g. jumbled up characters, missing data).

Related

Exclude image formats from Files directive in .htaccess
AWS client VPN pricing estimation
LSI MegaRaid - Image Drive from Failed RAID
Send test mail using telnet via smtps (465) port
NGINX proxy pass to separate port for route starting with /api
IPv6 is here and confuses me
Postfix rejecting mail from authenticated clients
Missed kernel messages
SAMBA shares are not working unless I enter an iptables command at every boot
Does azure VM disk contain information about the subscription?
How to troubleshoot a black screen (no video) on boot?
Missing locales on CentOS 7