diff --git a/charts/generic/generic.chartserviceversion.yaml b/charts/generic/generic.chartserviceversion.yaml index 578747d..fd8a50f 100644 --- a/charts/generic/generic.chartserviceversion.yaml +++ b/charts/generic/generic.chartserviceversion.yaml @@ -35,6 +35,7 @@ spec: - node-io-stress - pod-io-stress - node-restart + - pod-dns-chaos keywords: - Kubernetes @@ -48,6 +49,7 @@ spec: - CPU - Memory - Service + - DNS maintainers: - name: ksatchit email: karthik.s@mayadata.io diff --git a/charts/generic/generic.package.yaml b/charts/generic/generic.package.yaml index cfcab05..9606e7e 100644 --- a/charts/generic/generic.package.yaml +++ b/charts/generic/generic.package.yaml @@ -66,3 +66,6 @@ experiments: - name: node-restart CSV: node-restart.chartserviceversion.yaml desc: "node-restart" + - name: pod-dns-chaos + CSV: pod-dns-chaos.chartserviceversion.yaml + desc: "pod-dns-chaos" diff --git a/charts/generic/icons/pod-dns-chaos.png b/charts/generic/icons/pod-dns-chaos.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/charts/generic/icons/pod-dns-chaos.png differ diff --git a/charts/generic/pod-dns-chaos/engine.yaml b/charts/generic/pod-dns-chaos/engine.yaml new file mode 100644 index 0000000..f755976 --- /dev/null +++ b/charts/generic/pod-dns-chaos/engine.yaml @@ -0,0 +1,46 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos +spec: + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + # It can be true/false + annotationCheck: 'false' + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: pod-dns-chaos-sa + # It can be delete/retain + jobCleanUpPolicy: 'delete' + experiments: + - name: pod-dns-chaos + spec: + components: + env: + # list of the target hostnames or kewywords eg. '["litmuschaos","chaosnative.io"]' . If empty all hostnames are targets + - name: TARGET_HOSTNAMES + value: '' + + # can be either exact or substring, determines whether the dns query has to match exactly with one of the targets or can have any of the targets as substring + - name: MATCH_SCHEME + value: 'exact' + + # currently only error chaos is supported + - name: CHAOS_TYPE + value: 'error' + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # provide the name of container runtime, it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + \ No newline at end of file diff --git a/charts/generic/pod-dns-chaos/experiment.yaml b/charts/generic/pod-dns-chaos/experiment.yaml new file mode 100644 index 0000000..786ff5e --- /dev/null +++ b/charts/generic/pod-dns-chaos/experiment.yaml @@ -0,0 +1,107 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + injects dns failure in target pod container +kind: ChaosExperiment +metadata: + name: pod-dns-chaos + labels: + name: pod-dns-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "batch" + - "apps" + - "apps.openshift.io" + - "argoproj.io" + - "litmuschaos.io" + resources: + - "jobs" + - "pods" + - "pods/log" + - "replicationcontrollers" + - "deployments" + - "statefulsets" + - "daemonsets" + - "replicasets" + - "deploymentconfigs" + - "rollouts" + - "pods/exec" + - "events" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - "deletecollection" + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name pod-dns-chaos + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime, it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + # list of the target hostnames or kewywords eg. '["litmuschaos","chaosnative.io"]' . If empty all hostnames are targets + - name: TARGET_HOSTNAMES + value: '' + + # can be either exact or substring, determines whether the dns query has to match exactly with one of the targets or can have any of the targets as substring + - name: MATCH_SCHEME + value: 'exact' + + # currently only error chaos is supported + - name: CHAOS_TYPE + value: 'error' + + labels: + experiment: pod-dns-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + diff --git a/charts/generic/pod-dns-chaos/pod-dns-chaos.chartserviceversion.yaml b/charts/generic/pod-dns-chaos/pod-dns-chaos.chartserviceversion.yaml new file mode 100644 index 0000000..edaccc4 --- /dev/null +++ b/charts/generic/pod-dns-chaos/pod-dns-chaos.chartserviceversion.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-dns-chaos + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-dns-chaos + categoryDescription: > + injects dns failure in target pod container + keywords: + - "pods" + - "kubernetes" + - "generic" + - "dns" + maturity: alpha + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + maintainers: + - name: gdsoumya + email: gdsoumya@chaosnative.com + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-dns-chaos + - name: Documentation + url: https://docs.litmuschaos.io/docs/getstarted/ + - name: Video + url: + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-dns-chaos/experiment.yaml \ No newline at end of file diff --git a/charts/generic/pod-dns-chaos/rbac-psp.yaml b/charts/generic/pod-dns-chaos/rbac-psp.yaml new file mode 100644 index 0000000..b7eba0e --- /dev/null +++ b/charts/generic/pod-dns-chaos/rbac-psp.yaml @@ -0,0 +1,61 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-dns-chaos-sa + namespace: default + labels: + name: pod-dns-chaos-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-dns-chaos-sa + namespace: default + labels: + name: pod-dns-chaos-sa + app.kubernetes.io/part-of: litmus +rules: + - apiGroups: [""] + resources: ["pods","events"] + verbs: ["create","list","get","patch","update","delete","deletecollection"] + - apiGroups: [""] + resources: ["pods/exec","pods/log","replicationcontrollers"] + verbs: ["create","list","get"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","daemonsets","replicasets"] + verbs: ["list","get"] + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update"] + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-dns-chaos-sa + namespace: default + labels: + name: pod-dns-chaos-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-dns-chaos-sa +subjects: +- kind: ServiceAccount + name: pod-dns-chaos-sa + namespace: default \ No newline at end of file diff --git a/charts/generic/pod-dns-chaos/rbac.yaml b/charts/generic/pod-dns-chaos/rbac.yaml new file mode 100644 index 0000000..2896b76 --- /dev/null +++ b/charts/generic/pod-dns-chaos/rbac.yaml @@ -0,0 +1,57 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-dns-chaos-sa + namespace: default + labels: + name: pod-dns-chaos-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-dns-chaos-sa + namespace: default + labels: + name: pod-dns-chaos-sa + app.kubernetes.io/part-of: litmus +rules: + - apiGroups: [""] + resources: ["pods","events"] + verbs: ["create","list","get","patch","update","delete","deletecollection"] + - apiGroups: [""] + resources: ["pods/exec","pods/log","replicationcontrollers"] + verbs: ["create","list","get"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","daemonsets","replicasets"] + verbs: ["list","get"] + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-dns-chaos-sa + namespace: default + labels: + name: pod-dns-chaos-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-dns-chaos-sa +subjects: +- kind: ServiceAccount + name: pod-dns-chaos-sa + namespace: default \ No newline at end of file