diff --git a/charts/generic/experiments.yaml b/charts/generic/experiments.yaml index 83d4cea..336592d 100644 --- a/charts/generic/experiments.yaml +++ b/charts/generic/experiments.yaml @@ -926,7 +926,6 @@ spec: app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest ---- --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -1056,6 +1055,121 @@ spec: app.kubernetes.io/version: latest --- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration +kind: ChaosExperiment +metadata: + name: pod-http-reset-peer + labels: + name: pod-http-reset-peer + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "batch" + - "apps" + - "litmuschaos.io" + resources: + - "jobs" + - "pods" + - "pods/log" + - "events" + - "deployments" + - "replicasets" + - "pods/exec" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - "deletecollection" + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-reset-peer + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # reset timeout specifies after how much duration to reset the connection + - name: RESET_TIMEOUT + value: '0' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-reset-peer + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -1142,7 +1256,6 @@ spec: app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest ---- --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -2440,7 +2553,6 @@ spec: app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest ---- --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -2628,7 +2740,6 @@ spec: - name: id-rsa mountPath: /mnt/ ---- --- apiVersion: litmuschaos.io/v1alpha1 description: diff --git a/charts/generic/generic.chartserviceversion.yaml b/charts/generic/generic.chartserviceversion.yaml index 0d1d26d..3041d24 100644 --- a/charts/generic/generic.chartserviceversion.yaml +++ b/charts/generic/generic.chartserviceversion.yaml @@ -38,6 +38,7 @@ spec: - pod-memory-hog-exec - pod-network-partition - pod-http-latency + - pod-http-reset-peer keywords: - Kubernetes - K8S diff --git a/charts/generic/generic.package.yaml b/charts/generic/generic.package.yaml index a26f3d2..492f22f 100644 --- a/charts/generic/generic.package.yaml +++ b/charts/generic/generic.package.yaml @@ -75,3 +75,6 @@ experiments: - name: pod-http-latency CSV: pod-http-latency.chartserviceversion.yaml desc: "pod-http-latency" + - name: pod-http-reset-peer + CSV: pod-http-reset-peer.chartserviceversion.yaml + desc: "pod-http-reset-peer" \ No newline at end of file diff --git a/charts/generic/icons/pod-http-reset-peer.png b/charts/generic/icons/pod-http-reset-peer.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/charts/generic/icons/pod-http-reset-peer.png differ diff --git a/charts/generic/pod-http-latency/engine.yaml b/charts/generic/pod-http-latency/engine.yaml index bc226d8..9eb8009 100644 --- a/charts/generic/pod-http-latency/engine.yaml +++ b/charts/generic/pod-http-latency/engine.yaml @@ -17,9 +17,11 @@ spec: spec: components: env: + # set chaos duration (in sec) as desired - name: TOTAL_CHAOS_DURATION value: '60' # in seconds + # set latency value for the chaos - name: LATENCY value: '2000' #in ms diff --git a/charts/generic/pod-http-latency/experiment.yaml b/charts/generic/pod-http-latency/experiment.yaml index 79ab473..fe8e7f9 100644 --- a/charts/generic/pod-http-latency/experiment.yaml +++ b/charts/generic/pod-http-latency/experiment.yaml @@ -74,6 +74,7 @@ spec: - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' + # set latency value for the chaos - name: LATENCY value: '2000' #in ms diff --git a/charts/generic/pod-http-reset-peer/engine.yaml b/charts/generic/pod-http-reset-peer/engine.yaml new file mode 100644 index 0000000..e685a97 --- /dev/null +++ b/charts/generic/pod-http-reset-peer/engine.yaml @@ -0,0 +1,48 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + # FYI, To see app label, apply kubectl get pods --show-labels + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-http-reset-peer-sa + experiments: + - name: pod-http-reset-peer + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # reset timeout specifies after how much duration to reset the connection + - name: RESET_TIMEOUT + value: '0' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/charts/generic/pod-http-reset-peer/experiment.yaml b/charts/generic/pod-http-reset-peer/experiment.yaml new file mode 100644 index 0000000..0b93b57 --- /dev/null +++ b/charts/generic/pod-http-reset-peer/experiment.yaml @@ -0,0 +1,134 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration +kind: ChaosExperiment +metadata: + name: pod-http-reset-peer + labels: + name: pod-http-reset-peer + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-reset-peer + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # reset timeout specifies after how much duration to reset the connection + - name: RESET_TIMEOUT + value: '0' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-reset-peer + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/charts/generic/pod-http-reset-peer/pod-http-reset-peer.chartserviceversion.yaml b/charts/generic/pod-http-reset-peer/pod-http-reset-peer.chartserviceversion.yaml new file mode 100644 index 0000000..5758eae --- /dev/null +++ b/charts/generic/pod-http-reset-peer/pod-http-reset-peer.chartserviceversion.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-http-reset-peer + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-http-reset-peer + categoryDescription: > + it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration + keywords: + - "pods" + - "kubernetes" + - "generic" + - "exec" + - "http" + - "loss" + platforms: + - "Minikube" + maturity: alpha + maintainers: + - name: Akash Shrivastava + email: akash.shrivastava@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-http-reset-peer + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-http-reset-peer/ + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-http-reset-peer/experiment.yaml \ No newline at end of file diff --git a/charts/generic/pod-http-reset-peer/rbac-psp.yaml b/charts/generic/pod-http-reset-peer/rbac-psp.yaml new file mode 100644 index 0000000..5c22b38 --- /dev/null +++ b/charts/generic/pod-http-reset-peer/rbac-psp.yaml @@ -0,0 +1,84 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-reset-peer-sa +subjects: +- kind: ServiceAccount + name: pod-http-reset-peer-sa + namespace: default diff --git a/charts/generic/pod-http-reset-peer/rbac.yaml b/charts/generic/pod-http-reset-peer/rbac.yaml new file mode 100644 index 0000000..0c71681 --- /dev/null +++ b/charts/generic/pod-http-reset-peer/rbac.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-reset-peer-sa +subjects: +- kind: ServiceAccount + name: pod-http-reset-peer-sa + namespace: default diff --git a/experiments/generic/experiments.yaml b/experiments/generic/experiments.yaml index 1023276..b2e295d 100644 --- a/experiments/generic/experiments.yaml +++ b/experiments/generic/experiments.yaml @@ -137,7 +137,6 @@ spec: app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest ---- --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -1223,6 +1222,208 @@ spec: app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration +kind: ChaosExperiment +metadata: + name: pod-http-reset-peer + labels: + name: pod-http-reset-peer + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "batch" + - "apps" + - "litmuschaos.io" + resources: + - "jobs" + - "pods" + - "pods/log" + - "events" + - "deployments" + - "replicasets" + - "pods/exec" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - "deletecollection" + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-reset-peer + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # reset timeout specifies after how much duration to reset the connection + - name: RESET_TIMEOUT + value: '0' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-reset-peer + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Drain the node where application pod is scheduled +kind: ChaosExperiment +metadata: + name: node-drain + labels: + name: node-drain + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-drain + command: + - /bin/bash + env: + + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + labels: + name: node-drain + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -1309,7 +1510,6 @@ spec: app.kubernetes.io/service-kill: "true" app.kubernetes.io/version: latest ---- --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -1698,7 +1898,6 @@ spec: - name: id-rsa mountPath: /mnt/ ---- --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -2644,7 +2843,6 @@ spec: app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest ---- --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -2869,7 +3067,6 @@ spec: - name: id-rsa mountPath: /mnt/ ---- --- apiVersion: litmuschaos.io/v1alpha1 description: diff --git a/experiments/generic/generic.chartserviceversion.yaml b/experiments/generic/generic.chartserviceversion.yaml index fdb2047..83546a5 100644 --- a/experiments/generic/generic.chartserviceversion.yaml +++ b/experiments/generic/generic.chartserviceversion.yaml @@ -63,6 +63,8 @@ spec: description: "" - name: pod-http-latency description: "" + - name: pod-http-reset-peer + description: "" keywords: - Kubernetes - K8S diff --git a/experiments/generic/generic.package.yaml b/experiments/generic/generic.package.yaml index a26f3d2..492f22f 100644 --- a/experiments/generic/generic.package.yaml +++ b/experiments/generic/generic.package.yaml @@ -75,3 +75,6 @@ experiments: - name: pod-http-latency CSV: pod-http-latency.chartserviceversion.yaml desc: "pod-http-latency" + - name: pod-http-reset-peer + CSV: pod-http-reset-peer.chartserviceversion.yaml + desc: "pod-http-reset-peer" \ No newline at end of file diff --git a/experiments/generic/icons/pod-http-reset-peer.png b/experiments/generic/icons/pod-http-reset-peer.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-http-reset-peer.png differ diff --git a/experiments/generic/pod-http-reset-peer/engine.yaml b/experiments/generic/pod-http-reset-peer/engine.yaml new file mode 100644 index 0000000..e685a97 --- /dev/null +++ b/experiments/generic/pod-http-reset-peer/engine.yaml @@ -0,0 +1,48 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + # FYI, To see app label, apply kubectl get pods --show-labels + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-http-reset-peer-sa + experiments: + - name: pod-http-reset-peer + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # reset timeout specifies after how much duration to reset the connection + - name: RESET_TIMEOUT + value: '0' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/experiments/generic/pod-http-reset-peer/experiment.yaml b/experiments/generic/pod-http-reset-peer/experiment.yaml new file mode 100644 index 0000000..0b93b57 --- /dev/null +++ b/experiments/generic/pod-http-reset-peer/experiment.yaml @@ -0,0 +1,134 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration +kind: ChaosExperiment +metadata: + name: pod-http-reset-peer + labels: + name: pod-http-reset-peer + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-reset-peer + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # reset timeout specifies after how much duration to reset the connection + - name: RESET_TIMEOUT + value: '0' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-reset-peer + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-http-reset-peer/pod-http-reset-peer.chartserviceversion.yaml b/experiments/generic/pod-http-reset-peer/pod-http-reset-peer.chartserviceversion.yaml new file mode 100644 index 0000000..5758eae --- /dev/null +++ b/experiments/generic/pod-http-reset-peer/pod-http-reset-peer.chartserviceversion.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-http-reset-peer + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-http-reset-peer + categoryDescription: > + it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration + keywords: + - "pods" + - "kubernetes" + - "generic" + - "exec" + - "http" + - "loss" + platforms: + - "Minikube" + maturity: alpha + maintainers: + - name: Akash Shrivastava + email: akash.shrivastava@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-http-reset-peer + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-http-reset-peer/ + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-http-reset-peer/experiment.yaml \ No newline at end of file diff --git a/experiments/generic/pod-http-reset-peer/rbac-psp.yaml b/experiments/generic/pod-http-reset-peer/rbac-psp.yaml new file mode 100644 index 0000000..5c22b38 --- /dev/null +++ b/experiments/generic/pod-http-reset-peer/rbac-psp.yaml @@ -0,0 +1,84 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-reset-peer-sa +subjects: +- kind: ServiceAccount + name: pod-http-reset-peer-sa + namespace: default diff --git a/experiments/generic/pod-http-reset-peer/rbac.yaml b/experiments/generic/pod-http-reset-peer/rbac.yaml new file mode 100644 index 0000000..0c71681 --- /dev/null +++ b/experiments/generic/pod-http-reset-peer/rbac.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-reset-peer-sa + namespace: default + labels: + name: pod-http-reset-peer-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-reset-peer-sa +subjects: +- kind: ServiceAccount + name: pod-http-reset-peer-sa + namespace: default