ivanch/litmus-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chart(pod-network-partition): Adding chart of the pod-network-partition experiment (#501)

Browse Source 
Signed-off-by: shubham chaudhary <shubham@chaosnative.com>
This commit is contained in:
Shubham Chaudhary
2021-09-02 21:21:30 +05:30
committed by GitHub
parent fa29cf9905
commit 2a60b8c537
8 changed files with 263 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
charts/generic/generic.chartserviceversion.yaml
View File

@@ -38,6 +38,7 @@ spec:
- pod-dns-spoof
- pod-cpu-hog-exec
- pod-memory-hog-exec
- pod-network-partition
keywords:
- Kubernetes
- K8S

3
charts/generic/generic.package.yaml
View File

@@ -75,3 +75,6 @@ experiments:
- name: pod-memory-hog-exec
CSV: pod-memory-hog-exec.chartserviceversion.yaml
desc: "pod-memory-hog-exec"
- name: pod-network-partition
CSV: pod-network-partition.chartserviceversion.yaml
desc: "pod-network-partition"

BIN
charts/generic/icons/pod-network-partition.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

21
charts/generic/pod-network-partition/engine.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-network-chaos
namespace: default
spec:
# It can be active/stop
engineState: 'active'
appinfo:
appns: 'default'
# FYI, To see app label, apply kubectl get pods --show-labels
applabel: 'app=nginx'
appkind: 'deployment'
chaosServiceAccount: pod-network-partition-sa
experiments:
- name: pod-network-partition
spec:
components:
env:
- name: TOTAL_CHAOS_DURATION
value: '60' # in seconds

91
charts/generic/pod-network-partition/experiment.yaml Normal file
View File

@@ -0,0 +1,91 @@
apiVersion: litmuschaos.io/v1alpha1
description:
message: |
Injects 100% network packet loss on pods belonging to an app deployment
kind: ChaosExperiment
metadata:
name: pod-network-partition
labels:
name: pod-network-partition
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: chaosexperiment
app.kubernetes.io/version: latest
spec:
definition:
scope: Namespaced
permissions:
- apiGroups:
- ""
- "batch"
- "networking.k8s.io"
- "litmuschaos.io"
resources:
- "jobs"
- "pods"
- "pods/log"
- networkpolicies
- "pods/exec"
- "events"
- "chaosengines"
- "chaosexperiments"
- "chaosresults"
verbs:
- "get"
- "list"
- "patch"
- "create"
- "update"
- "delete"
- "deletecollection"
image: "litmuschaos/go-runner:latest"
imagePullPolicy: Always
args:
- -c
- ./experiments -name pod-network-partition
command:
- /bin/bash
env:
- name: TOTAL_CHAOS_DURATION
value: '60' # in seconds
# ime period to wait before and after injection of chaos in sec
- name: RAMP_TIME
value: ''
# it should be litmus
- name: LIB
value: 'litmus'
# provide the destination ips
# chaos injection will be triggered for these destination ips
- name: DESTINATION_IPS
value: ''
# provide the destination hosts
# chaos injection will be triggered for these destination hosts
- name: DESTINATION_HOSTS
value: ''
# provide network policy type
# support ingress, egress, all values
- name: POLICY_TYPES
value: 'all'
# provide labels of the destination pods
- name: POD_SELECTOR
value: ''
# provide labels the destination namespaces
- name: NAMESPACE_SELECTOR
value: ''
# provide comma separated ports
- name: PORTS
value: ''
labels:
name: pod-network-partition
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: experiment-job
app.kubernetes.io/version: latest

43
charts/generic/pod-network-partition/pod-network-partition.chartserviceversion.yaml Normal file
View File

@@ -0,0 +1,43 @@
apiVersion: litmuchaos.io/v1alpha1
kind: ChartServiceVersion
metadata:
createdAt: 2021-08-25T10:28:08Z
name: pod-network-partition
version: 0.1.0
annotations:
categories: Kubernetes
vendor: CNCF
support: https://slack.kubernetes.io/
spec:
displayName: pod-network-partition
categoryDescription: |
pod-network-partition contains chaos to disrupt network connectivity to kubernetes pods. Experiments can inject complete egress/ingress network loss based on label and namespace selectors.
- The application pod should be healthy once chaos is stopped. Service-requests should be served (say, via alternate replicas) despite chaos.
keywords:
- Kubernetes
- K8S
- Pod
- Network
- Partition
platforms:
- Minikube
- Packet(Kubeadm)
maturity: alpha
maintainers:
- name: ispeakc0de
email: shubham@chaosnative.com
minKubeVersion: 1.12.0
provider:
name: ChaosNative
labels:
app.kubernetes.io/component: chartserviceversion
app.kubernetes.io/version: latest
links:
- name: Source Code
url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-network-partition
- name: Documentation
url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-network-partition/
icon:
- base64data: ""
mediatype: ""
chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-network-partition/experiment.yaml

54
charts/generic/pod-network-partition/rbac-psp.yaml Normal file
View File

@@ -0,0 +1,54 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: pod-network-partition-sa
namespace: default
labels:
name: pod-network-partition-sa
app.kubernetes.io/part-of: litmus
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: pod-network-partition-sa
namespace: default
labels:
name: pod-network-partition-sa
app.kubernetes.io/part-of: litmus
rules:
- apiGroups: [""]
resources: ["pods","events"]
verbs: ["create","list","get","patch","update","delete","deletecollection"]
- apiGroups: [""]
resources: ["pods/exec","pods/log"]
verbs: ["list","get","create"]
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["create","list","get","delete","deletecollection"]
- apiGroups: ["networking.k8s.io"]
resources: ["networkpolicies"]
verbs: ["create","delete","list","get"]
- apiGroups: ["litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["create","list","get","patch","update"]
- apiGroups: ["policy"]
resources: ["podsecuritypolicies"]
verbs: ["use"]
resourceNames: ["litmus"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: pod-network-partition-sa
namespace: default
labels:
name: pod-network-partition-sa
app.kubernetes.io/part-of: litmus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: pod-network-partition-sa
subjects:
- kind: ServiceAccount
name: pod-network-partition-sa
namespace: default

50
charts/generic/pod-network-partition/rbac.yaml Normal file
View File

@@ -0,0 +1,50 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: pod-network-partition-sa
namespace: default
labels:
name: pod-network-partition-sa
app.kubernetes.io/part-of: litmus
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: pod-network-partition-sa
namespace: default
labels:
name: pod-network-partition-sa
app.kubernetes.io/part-of: litmus
rules:
- apiGroups: [""]
resources: ["pods","events"]
verbs: ["create","list","get","patch","update","delete","deletecollection"]
- apiGroups: [""]
resources: ["pods/exec","pods/log"]
verbs: ["list","get","create"]
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["create","list","get","delete","deletecollection"]
- apiGroups: ["networking.k8s.io"]
resources: ["networkpolicies"]
verbs: ["create","delete","list","get"]
- apiGroups: ["litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["create","list","get","patch","update"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: pod-network-partition-sa
namespace: default
labels:
name: pod-network-partition-sa
app.kubernetes.io/part-of: litmus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: pod-network-partition-sa
subjects:
- kind: ServiceAccount
name: pod-network-partition-sa
namespace: default