ivanch/litmus-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

K8 usecases (#355)

Browse Source 
* Changes for chaostoolkit
This commit is contained in:
sumit Nagal
2020-10-26 09:10:19 -07:00
committed by GitHub
parent aaddf565be
commit 2df1f674a3
50 changed files with 1917 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
workflows/k8-calico-node/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
### This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on against target namespace and assume that you have setup - https://hub.litmuschaos.io/generic/k8-calico-node
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-calico-node/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

150
workflows/k8-calico-node/workflow.yaml Normal file
View File

@@ -0,0 +1,150 @@
# This test can be executed only in Chaos namespace
# this will launch the argo and chaos in chaos namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "kube-system"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "k8s-app=calico-node"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "pod-custom-kill-health.json"
- name: chaosServiceAccount
value: chaos-admin
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']

10
workflows/k8-kiam/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
### This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on against target namespace and assume that you have setup - https://hub.litmuschaos.io/generic/k8-kiam
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-kiam/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

150
workflows/k8-kiam/workflow.yaml Normal file
View File

@@ -0,0 +1,150 @@
# This test can be executed only in Chaos namespace
# this will launch the argo and chaos in chaos namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "kube-system"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "kiam"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "pod-app-kill-health.json"
- name: chaosServiceAccount
value: chaos-admin
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']

9
workflows/k8-pod-delete/Readme.md Normal file
View File

@@ -0,0 +1,9 @@
# This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on your namespace and won't impact outside it
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-pod-delete/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

189
workflows/k8-pod-delete/workflow.yaml Normal file
View File

@@ -0,0 +1,189 @@
# This test can be executed only in application namespace
# this will launch the argo, and the chaos pod in same namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "default"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "nginx-demo-app"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "pod-app-kill-health.json"
- name: chaosServiceAccount
value: k8-pod-delete-sa
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: install-chaos-experiments
template: install-chaos-experiments
- - name: install-chaos-rbac
template: install-chaos-rbac
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- - name: revert-chaos-rbac
template: revert-chaos-rbac
- - name: revert-chaos-experiments
template: revert-chaos-experiments
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: install-chaos-experiments
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args:
- "kubectl apply -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/k8-pod-delete/experiments.yaml -n
{{workflow.parameters.appNamespace}} | sleep 30"
- name: install-chaos-rbac
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args:
- "kubectl apply -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/k8-pod-delete/rbac.yaml -n
{{workflow.parameters.appNamespace}} | sleep 30"
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos-experiments
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args:
- "kubectl delete -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/k8-pod-delete/experiments.yaml -n
{{workflow.parameters.appNamespace}} | sleep 30"
- name: revert-chaos-rbac
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args:
- "kubectl delete -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/k8-pod-delete/rbac.yaml -n
{{workflow.parameters.appNamespace}} | sleep 30"

10
workflows/k8-service-kill/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
### This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on against target namespace and assume that you have setup - https://hub.litmuschaos.io/generic/k8-service-kill
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-service-kill/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

150
workflows/k8-service-kill/workflow.yaml Normal file
View File

@@ -0,0 +1,150 @@
# This test can be executed only in Chaos namespace
# this will launch the argo and chaos in chaos namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "default"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "k8s-app=calico-node"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "service-app-kill-health.json"
- name: chaosServiceAccount
value: chaos-admin
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']

10
workflows/k8-wavefront-collector/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
### This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on against target namespace and assume that you have setup - https://hub.litmuschaos.io/generic/k8-wavefront-collector
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-wavefront-collector/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

150
workflows/k8-wavefront-collector/workflow.yaml Normal file
View File

@@ -0,0 +1,150 @@
# This test can be executed only in Chaos namespace
# this will launch the argo and chaos in chaos namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "kube-system"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "k8s-app=wavefront-collector"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "pod-custom-kill-health.json"
- name: chaosServiceAccount
value: chaos-admin
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']