ivanch/litmus-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

K8 usecases (#355)

Browse Source 
* Changes for chaostoolkit
This commit is contained in:
sumit Nagal
2020-10-26 09:10:19 -07:00
committed by GitHub
parent aaddf565be
commit 2df1f674a3
50 changed files with 1917 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
charts/generic/k8-calico-node/Readme.md Normal file
View File

@@ -0,0 +1,9 @@
# Remote namespace
* Apply experiments for K8 - `kubectl apply -f experiments.yaml`
* Validate the experiments for k8 - `kubectl get chaosexperiments`
* Setup RBAC as admin mode - `kubectl apply -f rbac-admin.yaml`
* Create pod Experiment - for health experiment for IKS 1.0 -`kubectl create -f engine.yaml`
* Validate experiment - `kubectl get pods -w`
* Validate logs - `kubectl logs -f <delete pod>`
* Clean up chaosexperiment -`kubectl delete -f engine.yaml`
* Clean up rbac-admin -`kubectl delete -f rbac-admin.yaml`

39
charts/generic/k8-calico-node/engine.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-calico-node
namespace: default
spec:
appinfo:
appns: 'default'
applabel: "k8s-app=calico-node"
appkind: deployment
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-pod-delete
spec:
components:
env:
# set chaos namespace
- name: NAME_SPACE
value: kube-system
# set chaos label name
- name: LABEL_NAME
value: k8s-app=calico-node
# pod endpoint
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'pod-custom-kill-health.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

58
charts/generic/k8-calico-node/experiment.yaml Normal file
View File

@@ -0,0 +1,58 @@
# Generic Chaos experiment for Application team, who want to participate in Game Day
apiVersion: litmuschaos.io/v1alpha1
description:
message: |
Deletes a pod belonging to a deployment/statefulset/daemonset
kind: ChaosExperiment
metadata:
name: k8-pod-delete
spec:
definition:
scope: Namespaced
permissions:
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
labels:
name: k8-pod-delete
app.kubernetes.io/part-of: litmus
image: "litmuschaos/chaostoolkit:latest"
args:
- -c
- python /app/chaos/chaostest/kubernetes/k8_wrapper.py ; exit 0
command:
- /bin/bash
env:
- name: CHAOSTOOLKIT_IN_POD
value: 'true'
- name: FILE
value: 'pod-app-kill-count.json'
- name: NAME_SPACE
value: ''
- name: LABEL_NAME
value: ''
- name: APP_ENDPOINT
value: ''
- name: PERCENTAGE
value: '50'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

33
charts/generic/k8-calico-node/k8-calico-node.chartserviceversion.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: litmuchaos.io/v1alpha1
kind: ChartServiceVersion
metadata:
name: k8-pod-delete
version: 0.0.4
annotations:
categories: Kubernetes
vendor: CNCF
createdAt: 2020-02-24T10:28:08Z
support: https://slack.kubernetes.io/
spec:
displayName: k8-pod-delete
categoryDescription: |
K8 Pod delete contains chaos to disrupt state of kubernetes resources. It uses chaostoolkit to inject random pod delete failures against specified applications
keywords:
- Kubernetes
- State
platforms:
- Minikube
maturity: alpha
maintainers:
- name: sumit
email: sumit_nagal@intuit.com
minKubeVersion: 1.12.0
provider:
name: Intuit
links:
- name: Source Code
url: https://github.com/litmuschaos/litmus-python/tree/master/chaos-test
icon:
- url:
mediatype: ""
chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/k8-pod-delete/experiment.yaml

38
charts/generic/k8-calico-node/rbac-admin.yaml Normal file
View File

@@ -0,0 +1,38 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: chaos-admin
labels:
name: chaos-admin
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: chaos-admin
labels:
name: chaos-admin
rules:
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: chaos-admin
labels:
name: chaos-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: chaos-admin
subjects:
- kind: ServiceAccount
name: chaos-admin
namespace: default

0
charts/generic/k8-pod-delete/Cluster/engine-kiam-count.yaml → charts/generic/k8-kiam/Cluster/engine-kiam-count.yaml
View File

0
charts/generic/k8-pod-delete/Cluster/engine-kiam-custom-count.yaml → charts/generic/k8-kiam/Cluster/engine-kiam-custom-count.yaml
View File

0
charts/generic/k8-pod-delete/Cluster/engine-kiam-custom-health.yaml → charts/generic/k8-kiam/Cluster/engine-kiam-custom-health.yaml
View File

0
charts/generic/k8-pod-delete/Cluster/engine-kiam-health.yaml → charts/generic/k8-kiam/Cluster/engine-kiam-health.yaml
View File

38
charts/generic/k8-kiam/Cluster/rbac-admin.yaml Normal file
View File

@@ -0,0 +1,38 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: chaos-admin
labels:
name: chaos-admin
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: chaos-admin
labels:
name: chaos-admin
rules:
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: chaos-admin
labels:
name: chaos-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: chaos-admin
subjects:
- kind: ServiceAccount
name: chaos-admin
namespace: default

9
charts/generic/k8-kiam/Readme.md Normal file
View File

@@ -0,0 +1,9 @@
# Remote namespace
* Apply experiments for K8 - `kubectl apply -f experiments.yaml`
* Validate the experiments for k8 - `kubectl get chaosexperiments`
* Setup RBAC as admin mode - `kubectl apply -f rbac-admin.yaml`
* Create pod Experiment - for health experiment for IKS 1.0 -`kubectl create -f engine.yaml`
* Validate experiment - `kubectl get pods -w`
* Validate logs - `kubectl logs -f <delete pod>`
* Clean up chaosexperiment -`kubectl delete -f engine.yaml`
* Clean up rbac-admin -`kubectl delete -f rbac-admin.yaml`

39
charts/generic/k8-kiam/engine.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-calico-node
namespace: default
spec:
appinfo:
appns: 'default'
applabel: "app=kiam"
appkind: deployment
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-pod-delete
spec:
components:
env:
# set chaos namespace
- name: NAME_SPACE
value: kube-system
# set chaos label name
- name: LABEL_NAME
value: k8s-app=calico-node
# pod endpoint
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'pod-app-kill-health.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

58
charts/generic/k8-kiam/experiment.yaml Normal file
View File

@@ -0,0 +1,58 @@
# Generic Chaos experiment for Application team, who want to participate in Game Day
apiVersion: litmuschaos.io/v1alpha1
description:
message: |
Deletes a pod belonging to a deployment/statefulset/daemonset
kind: ChaosExperiment
metadata:
name: k8-pod-delete
spec:
definition:
scope: Namespaced
permissions:
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
labels:
name: k8-pod-delete
app.kubernetes.io/part-of: litmus
image: "litmuschaos/chaostoolkit:latest"
args:
- -c
- python /app/chaos/chaostest/kubernetes/k8_wrapper.py ; exit 0
command:
- /bin/bash
env:
- name: CHAOSTOOLKIT_IN_POD
value: 'true'
- name: FILE
value: 'pod-app-kill-count.json'
- name: NAME_SPACE
value: ''
- name: LABEL_NAME
value: ''
- name: APP_ENDPOINT
value: ''
- name: PERCENTAGE
value: '50'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

33
charts/generic/k8-kiam/k8-kiam.chartserviceversion.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: litmuchaos.io/v1alpha1
kind: ChartServiceVersion
metadata:
name: k8-pod-delete
version: 0.0.4
annotations:
categories: Kubernetes
vendor: CNCF
createdAt: 2020-02-24T10:28:08Z
support: https://slack.kubernetes.io/
spec:
displayName: k8-pod-delete
categoryDescription: |
K8 Pod delete contains chaos to disrupt state of kubernetes resources. It uses chaostoolkit to inject random pod delete failures against specified applications
keywords:
- Kubernetes
- State
platforms:
- Minikube
maturity: alpha
maintainers:
- name: sumit
email: sumit_nagal@intuit.com
minKubeVersion: 1.12.0
provider:
name: Intuit
links:
- name: Source Code
url: https://github.com/litmuschaos/litmus-python/tree/master/chaos-test
icon:
- url:
mediatype: ""
chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/k8-pod-delete/experiment.yaml

38
charts/generic/k8-kiam/rbac-admin.yaml Normal file
View File

@@ -0,0 +1,38 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: chaos-admin
labels:
name: chaos-admin
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: chaos-admin
labels:
name: chaos-admin
rules:
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: chaos-admin
labels:
name: chaos-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: chaos-admin
subjects:
- kind: ServiceAccount
name: chaos-admin
namespace: default

7
charts/generic/k8-service-kill/Service/engine.yaml → charts/generic/k8-pod-delete/Cluster/engine-app-all-health.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-chaos-service-health
name: nginx-chaos-cluster-all-health
namespace: default
spec:
appinfo:
@@ -14,7 +14,7 @@ spec:
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-service-kill
- name: k8-pod-delete
spec:
components:
env:
@@ -28,7 +28,7 @@ spec:
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'service-app-kill-health.json'
value: 'pod-app-kill-all.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
@@ -36,3 +36,4 @@ spec:
- name: TEST_NAMESPACE
value: 'default'

39
charts/generic/k8-pod-delete/Cluster/engine-app-count.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-chaos-cluster-count
namespace: default
spec:
appinfo:
appns: 'default'
applabel: 'app=nginx'
appkind: 'deployment'
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-pod-delete
spec:
components:
env:
# set chaos namespace
- name: NAME_SPACE
value: 'default'
# set chaos label name
- name: LABEL_NAME
value: 'nginx'
# pod endpoint
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'pod-app-kill-count.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

39
charts/generic/k8-pod-delete/Cluster/engine-app-health.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-chaos-cluster-health
namespace: default
spec:
appinfo:
appns: 'default'
applabel: 'app=nginx'
appkind: 'deployment'
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-pod-delete
spec:
components:
env:
# set chaos namespace
- name: NAME_SPACE
value: 'default'
# set chaos label name
- name: LABEL_NAME
value: 'nginx'
# pod endpoint
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'pod-app-kill-health.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

39
charts/generic/k8-pod-delete/Cluster/engine-custom-all-health.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-chaos-cluster-custom-all-health
namespace: default
spec:
appinfo:
appns: 'default'
applabel: 'app=nginx'
appkind: 'deployment'
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-pod-delete
spec:
components:
env:
# set chaos namespace
- name: NAME_SPACE
value: 'default'
# set chaos label name
- name: LABEL_NAME
value: 'app=nginx'
# pod endpoint
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'pod-custom-kill-all.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

39
charts/generic/k8-pod-delete/Cluster/engine-custom-count.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-chaos-cluster-custom-count
namespace: default
spec:
appinfo:
appns: 'default'
applabel: 'app=nginx'
appkind: 'deployment'
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-pod-delete
spec:
components:
env:
# set chaos namespace
- name: NAME_SPACE
value: 'default'
# set chaos label name
- name: LABEL_NAME
value: 'app=nginx'
# pod endpoint
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'pod-custom-kill-count.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

39
charts/generic/k8-pod-delete/Cluster/engine-custom-health.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-chaos-cluster-custom-health
namespace: default
spec:
appinfo:
appns: 'default'
applabel: 'app=nginx'
appkind: 'deployment'
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-pod-delete
spec:
components:
env:
# set chaos namespace
- name: NAME_SPACE
value: 'default'
# set chaos label name
- name: LABEL_NAME
value: 'app=nginx'
# pod endpoint
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'pod-custom-kill-health.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

35
charts/generic/k8-pod-delete/Cluster/rbac-admin.yaml
View File

@@ -1,35 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: chaos-admin
labels:
name: chaos-admin
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: chaos-admin
labels:
name: chaos-admin
rules:
- apiGroups: ["","apps","batch","extensions","litmuschaos.io","openebs.io","storage.k8s.io"]
resources: ["chaosengines","chaosexperiments","chaosresults","configmaps","cstorpools","cstorvolumereplicas","events","jobs","persistentvolumeclaims","persistentvolumes","pods","pods/exec","pods/log","secrets","storageclasses","chaosengines","chaosexperiments","chaosresults","configmaps","cstorpools","cstorvolumereplicas","daemonsets","deployments","events","jobs","persistentvolumeclaims","persistentvolumes","pods","pods/eviction","pods/exec","pods/log","replicasets","secrets","services","statefulsets","storageclasses"]
verbs: ["create","delete","get","list","patch","update"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get","list","patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: chaos-admin
labels:
name: chaos-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: chaos-admin
subjects:
- kind: ServiceAccount
name: chaos-admin
namespace: default

46
charts/generic/k8-pod-delete/Cluster/rbac.yaml Normal file
View File

@@ -0,0 +1,46 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: k8-pod-delete-sa
namespace: default
labels:
name: k8-pod-delete-sa
app.kubernetes.io/part-of: litmus
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: k8-pod-delete-sa
namespace: default
labels:
name: k8-pod-delete-sa
app.kubernetes.io/part-of: litmus
rules:
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: k8-pod-delete-sa
namespace: default
labels:
name: k8-pod-delete-sa
app.kubernetes.io/part-of: litmus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: k8-pod-delete-sa
subjects:
- kind: ServiceAccount
name: k8-pod-delete-sa
namespace: default

12
charts/generic/k8-pod-delete/Service/rbac.yaml
View File

@@ -6,6 +6,7 @@ metadata:
namespace: default
labels:
name: k8-pod-delete-sa
app.kubernetes.io/part-of: litmus
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
@@ -14,10 +15,14 @@ metadata:
namespace: default
labels:
name: k8-pod-delete-sa
app.kubernetes.io/part-of: litmus
rules:
- apiGroups: ["","litmuschaos.io","batch","apps"]
resources: ["pods","deployments","jobs","configmaps","chaosengines","chaosexperiments","chaosresults"]
verbs: ["create","list","get","patch","update","delete"]
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
@@ -29,6 +34,7 @@ metadata:
namespace: default
labels:
name: k8-pod-delete-sa
app.kubernetes.io/part-of: litmus
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role

9
charts/generic/k8-pod-delete/rbac.yaml
View File

@@ -17,9 +17,12 @@ metadata:
name: k8-pod-delete-sa
app.kubernetes.io/part-of: litmus
rules:
- apiGroups: ["","litmuschaos.io","batch","apps"]
resources: ["pods","deployments","jobs","configmaps","chaosengines","chaosexperiments","chaosresults"]
verbs: ["create","list","get","patch","update","delete"]
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]

75
charts/generic/k8-service-kill/Service/experiment.yaml
View File

@@ -1,75 +0,0 @@
apiVersion: litmuschaos.io/v1alpha1
description:
message: |
Deletes a pod belonging to a deployment/statefulset/daemonset
kind: ChaosExperiment
metadata:
name: k8-service-kill
spec:
definition:
scope: Namespaced
permissions:
- apiGroups:
- ""
- "apps"
- "batch"
- "litmuschaos.io"
resources:
- "deployments"
- "jobs"
- "pods"
- "configmaps"
- "chaosengines"
- "chaosexperiments"
- "chaosresults"
verbs:
- "create"
- "list"
- "get"
- "patch"
- "update"
- "delete"
- apiGroups:
- ""
resources:
- "nodes"
verbs :
- "get"
- "list"
image: "litmuschaos/chaostoolkit:latest"
args:
- -c
- python /app/chaos/chaostest/kubernetes/k8_wrapper.py; exit 0
command:
- /bin/bash
env:
- name: CHAOSTOOLKIT_IN_POD
value: 'true'
- name: FILE
value: 'service-app-kill-health.json'
- name: NAME_SPACE
value: ''
- name: LABEL_NAME
value: ''
- name: APP_ENDPOINT
value: ''
- name: PERCENTAGE
value: '50'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'
labels:
name: k8-service-kill

35
charts/generic/k8-service-kill/Service/rbac.yaml
View File

@@ -1,35 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: chaos-admin
labels:
name: chaos-admin
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: chaos-admin
labels:
name: chaos-admin
rules:
- apiGroups: ["","apps","batch","extensions","litmuschaos.io","openebs.io","storage.k8s.io"]
resources: ["chaosengines","chaosexperiments","chaosresults","configmaps","cstorpools","cstorvolumereplicas","events","jobs","persistentvolumeclaims","persistentvolumes","pods","pods/exec","pods/log","secrets","storageclasses","chaosengines","chaosexperiments","chaosresults","configmaps","cstorpools","cstorvolumereplicas","daemonsets","deployments","events","jobs","persistentvolumeclaims","persistentvolumes","pods","pods/eviction","pods/exec","pods/log","replicasets","secrets","services","statefulsets","storageclasses"]
verbs: ["create","delete","get","list","patch","update"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get","list","patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: chaos-admin
labels:
name: chaos-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: chaos-admin
subjects:
- kind: ServiceAccount
name: chaos-admin
namespace: default

4
charts/generic/k8-service-kill/engine.yaml
View File

@@ -1,14 +1,14 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-chaos-service-health
name: k8-service-kill-health
namespace: default
spec:
appinfo:
appns: 'default'
applabel: 'app=nginx'
appkind: 'deployment'
annotationCheck: 'true'
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false

9
charts/generic/k8-service-kill/experiment.yaml
View File

@@ -41,6 +41,9 @@ spec:
verbs :
- "get"
- "list"
labels:
name: k8-service-kill
app.kubernetes.io/part-of: litmus
image: "litmuschaos/chaostoolkit:latest"
args:
- -c
@@ -75,9 +78,3 @@ spec:
- name: TEST_NAMESPACE
value: 'default'
labels:
name: k8-service-kill
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: experiment-job
app.kubernetes.io/version: latest

30
charts/generic/k8-service-kill/rbac.yaml
View File

@@ -1,38 +1,38 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: k8-service-kill-sa
name: chaos-admin
labels:
name: k8-service-kill-sa
app.kubernetes.io/part-of: litmus
name: chaos-admin
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: k8-service-kill-sa
name: chaos-admin
labels:
name: k8-service-kill-sa
app.kubernetes.io/part-of: litmus
name: chaos-admin
rules:
- apiGroups: ["","apps","batch","extensions","litmuschaos.io","openebs.io","storage.k8s.io"]
resources: ["chaosengines","chaosexperiments","chaosresults","configmaps","cstorpools","cstorvolumereplicas","events","jobs","persistentvolumeclaims","persistentvolumes","pods","pods/exec","pods/log","secrets","storageclasses","chaosengines","chaosexperiments","chaosresults","configmaps","cstorpools","cstorvolumereplicas","daemonsets","deployments","events","jobs","persistentvolumeclaims","persistentvolumes","pods","pods/eviction","pods/exec","pods/log","replicasets","secrets","services","statefulsets","storageclasses"]
verbs: ["create","delete","get","list","patch","update"]
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get","list","patch"]
verbs : ["get","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: k8-service-kill-sa
name: chaos-admin
labels:
name: k8-service-kill-sa
app.kubernetes.io/part-of: litmus
name: chaos-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: k8-service-kill-sa
name: chaos-admin
subjects:
- kind: ServiceAccount
name: k8-service-kill-sa
name: chaos-admin
namespace: default

10
charts/generic/k8-wavefront-collector/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
# Remote namespace
# wavefront collector information - https://github.com/wavefrontHQ/wavefront-collector
* Apply experiments for K8 - `kubectl apply -f experiments.yaml`
* Validate the experiments for k8 - `kubectl get chaosexperiments`
* Setup RBAC as admin mode - `kubectl apply -f rbac-admin.yaml`
* Create pod Experiment - for health experiment -`kubectl create -f engine.yaml`
* Validate experiment - `kubectl get pods -w`
* Validate logs - `kubectl logs -f <delete pod>`
* Clean up chaosexperiment -`kubectl delete -f engine.yaml`
* Clean up rbac-admin -`kubectl delete -f rbac-admin.yaml`

39
charts/generic/k8-wavefront-collector/engine.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-calico-node
namespace: default
spec:
appinfo:
appns: 'default'
applabel: "k8s-app=wavefront-collector"
appkind: deployment
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: chaos-admin
monitoring: false
jobCleanUpPolicy: 'retain'
experiments:
- name: k8-pod-delete
spec:
components:
env:
# set chaos namespace, we assume you are using the kube-system if not modify the below namespace
- name: NAME_SPACE
value: kube-system
# set chaos label name
- name: LABEL_NAME
value: k8s-app=wavefront-collector
# pod endpoint
- name: APP_ENDPOINT
value: 'localhost'
- name: FILE
value: 'pod-custom-kill-health.json'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

58
charts/generic/k8-wavefront-collector/experiment.yaml Normal file
View File

@@ -0,0 +1,58 @@
# Generic Chaos experiment for Application team, who want to participate in Game Day
apiVersion: litmuschaos.io/v1alpha1
description:
message: |
Deletes a pod belonging to a deployment/statefulset/daemonset
kind: ChaosExperiment
metadata:
name: k8-pod-delete
spec:
definition:
scope: Namespaced
permissions:
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
labels:
name: k8-pod-delete
app.kubernetes.io/part-of: litmus
image: "litmuschaos/chaostoolkit:latest"
args:
- -c
- python /app/chaos/chaostest/kubernetes/k8_wrapper.py ; exit 0
command:
- /bin/bash
env:
- name: CHAOSTOOLKIT_IN_POD
value: 'true'
- name: FILE
value: 'pod-app-kill-count.json'
- name: NAME_SPACE
value: ''
- name: LABEL_NAME
value: ''
- name: APP_ENDPOINT
value: ''
- name: PERCENTAGE
value: '50'
- name: REPORT
value: 'true'
- name: REPORT_ENDPOINT
value: 'none'
- name: TEST_NAMESPACE
value: 'default'

33
charts/generic/k8-wavefront-collector/k8-wavefront-collector.chartserviceversion.yaml Normal file
View File

@@ -0,0 +1,33 @@
apiVersion: litmuchaos.io/v1alpha1
kind: ChartServiceVersion
metadata:
name: k8-pod-delete
version: 0.0.4
annotations:
categories: Kubernetes
vendor: CNCF
createdAt: 2020-02-24T10:28:08Z
support: https://slack.kubernetes.io/
spec:
displayName: k8-pod-delete
categoryDescription: |
K8 Pod delete contains chaos to disrupt state of kubernetes resources. It uses chaostoolkit to inject random pod delete failures against specified applications
keywords:
- Kubernetes
- State
platforms:
- Minikube
maturity: alpha
maintainers:
- name: sumit
email: sumit_nagal@intuit.com
minKubeVersion: 1.12.0
provider:
name: Intuit
links:
- name: Source Code
url: https://github.com/litmuschaos/litmus-python/tree/master/chaos-test
icon:
- url:
mediatype: ""
chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/k8-pod-delete/experiment.yaml

38
charts/generic/k8-wavefront-collector/rbac-admin.yaml Normal file
View File

@@ -0,0 +1,38 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: chaos-admin
labels:
name: chaos-admin
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: chaos-admin
labels:
name: chaos-admin
rules:
- apiGroups: ["","apps","batch"]
resources: ["jobs","deployments","daemonsets"]
verbs: ["create","list","get","patch","delete"]
- apiGroups: ["","litmuschaos.io"]
resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"]
verbs: ["get","create","update","patch","delete","list"]
- apiGroups: [""]
resources: ["nodes"]
verbs : ["get","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: chaos-admin
labels:
name: chaos-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: chaos-admin
subjects:
- kind: ServiceAccount
name: chaos-admin
namespace: default

10
workflows/k8-calico-node/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
### This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on against target namespace and assume that you have setup - https://hub.litmuschaos.io/generic/k8-calico-node
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-calico-node/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

150
workflows/k8-calico-node/workflow.yaml Normal file
View File

@@ -0,0 +1,150 @@
# This test can be executed only in Chaos namespace
# this will launch the argo and chaos in chaos namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "kube-system"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "k8s-app=calico-node"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "pod-custom-kill-health.json"
- name: chaosServiceAccount
value: chaos-admin
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']

10
workflows/k8-kiam/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
### This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on against target namespace and assume that you have setup - https://hub.litmuschaos.io/generic/k8-kiam
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-kiam/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

150
workflows/k8-kiam/workflow.yaml Normal file
View File

@@ -0,0 +1,150 @@
# This test can be executed only in Chaos namespace
# this will launch the argo and chaos in chaos namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "kube-system"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "kiam"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "pod-app-kill-health.json"
- name: chaosServiceAccount
value: chaos-admin
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']

9
workflows/k8-pod-delete/Readme.md Normal file
View File

@@ -0,0 +1,9 @@
# This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on your namespace and won't impact outside it
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-pod-delete/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

189
workflows/k8-pod-delete/workflow.yaml Normal file
View File

@@ -0,0 +1,189 @@
# This test can be executed only in application namespace
# this will launch the argo, and the chaos pod in same namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "default"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "nginx-demo-app"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "pod-app-kill-health.json"
- name: chaosServiceAccount
value: k8-pod-delete-sa
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: install-chaos-experiments
template: install-chaos-experiments
- - name: install-chaos-rbac
template: install-chaos-rbac
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- - name: revert-chaos-rbac
template: revert-chaos-rbac
- - name: revert-chaos-experiments
template: revert-chaos-experiments
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: install-chaos-experiments
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args:
- "kubectl apply -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/k8-pod-delete/experiments.yaml -n
{{workflow.parameters.appNamespace}} | sleep 30"
- name: install-chaos-rbac
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args:
- "kubectl apply -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/k8-pod-delete/rbac.yaml -n
{{workflow.parameters.appNamespace}} | sleep 30"
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'true'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos-experiments
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args:
- "kubectl delete -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/k8-pod-delete/experiments.yaml -n
{{workflow.parameters.appNamespace}} | sleep 30"
- name: revert-chaos-rbac
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args:
- "kubectl delete -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/k8-pod-delete/rbac.yaml -n
{{workflow.parameters.appNamespace}} | sleep 30"

10
workflows/k8-service-kill/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
### This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on against target namespace and assume that you have setup - https://hub.litmuschaos.io/generic/k8-service-kill
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-service-kill/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

150
workflows/k8-service-kill/workflow.yaml Normal file
View File

@@ -0,0 +1,150 @@
# This test can be executed only in Chaos namespace
# this will launch the argo and chaos in chaos namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "default"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "k8s-app=calico-node"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "service-app-kill-health.json"
- name: chaosServiceAccount
value: chaos-admin
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']

10
workflows/k8-wavefront-collector/Readme.md Normal file
View File

@@ -0,0 +1,10 @@
### This explain how you can execute the argo work flow,
### Assumption is that you have installed the litmus - https://docs.litmuschaos.io/docs/getstarted/
### Assumption is that you have install argo work flow on this cluster - https://github.com/litmuschaos/chaos-workflows#getting-started
### This execution will happen on against target namespace and assume that you have setup - https://hub.litmuschaos.io/generic/k8-wavefront-collector
### Please ensure you have enough pods for this namespace
- Apply rbac for argo - `kubectl apply -f rbac-argo-service.yaml`
- Execute experiments for k8 - `argo submit workflow.yaml`

45
workflows/k8-wavefront-collector/rbac-argo-service.yaml Normal file
View File

@@ -0,0 +1,45 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: argowf-role
namespace: default
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","patch","list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","watch"]
- apiGroups: ["argoproj.io"]
resources: ["workflow","workflows"]
verbs: ["get","create","update","patch","delete","list","watch"]
- apiGroups: ["policy"]
resources: ["poddisruptionbudgets"]
verbs: ["get","create","delete","list"]
- apiGroups: ["","litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["get","create","update","patch","delete","list","watch","deletecollection"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: argowf-svcacc
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: argowf-rolebinding
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: argowf-role
subjects:
[
{
"kind": "ServiceAccount",
"name": "argowf-svcacc",
"namespace": "default"
}
]

150
workflows/k8-wavefront-collector/workflow.yaml Normal file
View File

@@ -0,0 +1,150 @@
# This test can be executed only in Chaos namespace
# this will launch the argo and chaos in chaos namespace
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: argowf-chaos-
spec:
entrypoint: pdbcreate
poddisruptionbudget:
minavailable: 100%
# must complete in 1m
activeDeadlineSeconds: 86400
# keep workflows for 3m
ttlStrategy:
secondsAfterCompletion: 3600
# delete all pods as soon as they complete
podGC:
strategy: OnPodCompletion
serviceAccountName: argowf-svcacc
arguments:
parameters:
- name: appNamespace
value: "kube-system"
- name: appCurrentNamespace
value: "default"
- name: appLabel
value: "k8s-app=wavefront-collector"
- name: appEndpoint
value: "localhost"
- name: fileName
value: "pod-custom-kill-health.json"
- name: chaosServiceAccount
value: chaos-admin
- name: reportEndpoint
value: none
templates:
- name: argowf-chaos
steps:
- - name: pdbcreate
template: pdbcreate
- - name: run-chaos
template: run-chaos
- - name: revert-chaos
template: revert-chaos
- name: pdbcreate
container:
image: alpine:latest
command: [sh, -c]
args: [sleep 10]
- name: run-chaos
inputs:
artifacts:
- name: run-chaos
path: /tmp/createChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: ['kubectl apply -f /tmp/createChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']
- name: revert-chaos
inputs:
artifacts:
- name: revert-chaos
path: /tmp/deleteChaosEngine.yaml
raw:
data: |
# chaosengine.yaml
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: k8-pod-delete
namespace: {{workflow.parameters.appCurrentNamespace}}
spec:
#ex. values: ns1:name=percona,ns2:run=nginx
appinfo:
appns: {{workflow.parameters.appNamespace}}
# FYI, To see app label, apply kubectl get pods --show-labels
#applabel: "app=nginx"
applabel: "app={{workflow.parameters.appLabel}}"
appkind: deployment
jobCleanUpPolicy: delete
monitoring: false
annotationCheck: 'false'
engineState: 'active'
chaosServiceAccount: {{workflow.parameters.chaosServiceAccount}}
experiments:
- name: k8-pod-delete
spec:
components:
env:
- name: NAME_SPACE
value: {{workflow.parameters.appNamespace}}
- name: LABEL_NAME
value: {{workflow.parameters.appLabel}}
- name: APP_ENDPOINT
value: {{workflow.parameters.appEndpoint}}
- name: FILE
value: {{workflow.parameters.fileName}}
- name: REPORT
value: 'false'
- name: REPORT_ENDPOINT
value: '{{workflow.parameters.reportEndpoint}}'
- name: TEST_NAMESPACE
value: {{workflow.parameters.appCurrentNamespace}}
container:
image: lachlanevenson/k8s-kubectl
command: [sh, -c]
args: [' sleep 20 | kubectl delete -f /tmp/deleteChaosEngine.yaml -n {{workflow.parameters.appCurrentNamespace}} | echo "sleeping for 60s" | sleep 60 ']