diff --git a/experiments/aws-ssm/aws-ssm-chaos-by-id/aws-ssm-chaos-by-id.chartserviceversion.yaml b/experiments/aws-ssm/aws-ssm-chaos-by-id/aws-ssm-chaos-by-id.chartserviceversion.yaml new file mode 100644 index 0000000..bc01916 --- /dev/null +++ b/experiments/aws-ssm/aws-ssm-chaos-by-id/aws-ssm-chaos-by-id.chartserviceversion.yaml @@ -0,0 +1,43 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-06-10T10:28:08Z + name: aws-ssm-chaos-by-id + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: aws-ssm-chaos-by-id + categoryDescription: | + AWS SSM Chaos By ID contains chaos to disrupt the state of infra resources. The experiment can induce chaos on AWS resources using Amazon SSM Run Command This is carried out by using SSM Docs that defines the actions performed by Systems Manager on your managed instances (having SSM agent installed) which let us perform chaos experiments on resources. + - Causes chaos on AWS ec2 instances with given instance ID(s) using SSM docs for total chaos duration with the specified chaos interval. + - Tests deployment sanity (replica availability & uninterrupted service) and recovery workflows of the target application pod(if provided). + keywords: + - SSM + - AWS + - EC2 + platforms: + - AWS + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: udit@chaosnative.com + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/aws-ssm/aws-ssm-chaos-by-id + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/aws-ssm/aws-ssm-chaos-by-id/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/aws-ssm/aws-ssm-chaos-by-id/experiment.yaml diff --git a/experiments/aws-ssm/aws-ssm-chaos-by-id/engine.yaml b/experiments/aws-ssm/aws-ssm-chaos-by-id/engine.yaml new file mode 100644 index 0000000..1133a5a --- /dev/null +++ b/experiments/aws-ssm/aws-ssm-chaos-by-id/engine.yaml @@ -0,0 +1,62 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + engineState: 'active' + chaosServiceAccount: aws-ssm-chaos-by-id-sa + experiments: + - name: aws-ssm-chaos-by-id + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' + + # set chaos duration (in sec) as desired + - name: CHAOS_INTERVAL + value: '60' + + # Instance ID of the target ec2 instance + # Multiple IDs can also be provided as comma separated values ex: id1,id2 + - name: EC2_INSTANCE_ID + value: '' + + # provide the region name of the target instances + - name: REGION + value: '' + + # provide the percentage of available memory to stress + - name: MEMORY_PERCENTAGE + value: '80' + + # provide the CPU chores to be comsumed + # 0 will consume all the available cpu cores + - name: CPU_CORE + value: '0' + + # Provide the name of ssm doc + # if not using the default stress docs + - name: DOCUMENT_NAME + value: '' + + # Provide the type of ssm doc + # if not using the default stress docs + - name: DOCUMENT_TYPE + value: '' + + # Provide the format of ssm doc + # if not using the default stress docs + - name: DOCUMENT_FORMAT + value: '' + + # Provide the path of ssm doc + # if not using the default stress docs + - name: DOCUMENT_PATH + value: '' + + # if you want to install dependencies to run default ssm docs + - name: INSTALL_DEPENDENCIES + value: 'True' diff --git a/experiments/aws-ssm/aws-ssm-chaos-by-id/experiment.yaml b/experiments/aws-ssm/aws-ssm-chaos-by-id/experiment.yaml new file mode 100644 index 0000000..c0f9996 --- /dev/null +++ b/experiments/aws-ssm/aws-ssm-chaos-by-id/experiment.yaml @@ -0,0 +1,129 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Execute AWS SSM Chaos on given ec2 instance IDs +kind: ChaosExperiment +metadata: + name: aws-ssm-chaos-by-id + labels: + name: aws-ssm-chaos-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name aws-ssm-chaos-by-id + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: CHAOS_INTERVAL + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Instance ID of the target ec2 instance + # Multiple IDs can also be provided as comma separated values ex: id1,id2 + - name: EC2_INSTANCE_ID + value: '' + + - name: REGION + value: '' + + # it defines the sequence of chaos execution for multiple target instances + # supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # Provide the name of ssm doc + # if not using the default stress docs + - name: DOCUMENT_NAME + value: '' + + # Provide the type of ssm doc + # if not using the default stress docs + - name: DOCUMENT_TYPE + value: '' + + # Provide the format of ssm doc + # if not using the default stress docs + - name: DOCUMENT_FORMAT + value: '' + + # Provide the path of ssm doc + # if not using the default stress docs + - name: DOCUMENT_PATH + value: '' + + # if you want to install dependencies to run default ssm docs + - name: INSTALL_DEPENDENCIES + value: 'True' + + # provide the number of workers for memory stress + - name: NUMBER_OF_WORKERS + value: '1' + + # provide the percentage of available memory to stress + - name: MEMORY_PERCENTAGE + value: '80' + + # provide the CPU chores to be comsumed + # 0 will consume all the available cpu cores + - name: CPU_CORE + value: '0' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: aws-ssm-chaos-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/aws-ssm/aws-ssm-chaos-by-id/rbac.yaml b/experiments/aws-ssm/aws-ssm-chaos-by-id/rbac.yaml new file mode 100644 index 0000000..72db75e --- /dev/null +++ b/experiments/aws-ssm/aws-ssm-chaos-by-id/rbac.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: aws-ssm-chaos-by-id-sa + namespace: default + labels: + name: aws-ssm-chaos-by-id-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: aws-ssm-chaos-by-id-sa + labels: + name: aws-ssm-chaos-by-id-sa + app.kubernetes.io/part-of: litmus +rules: +# Create and monitor the experiment & helper pods +- apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] +# Performs CRUD operations on the events inside chaosengine and chaosresult +- apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] +# Fetch configmaps & secrets details and mount it to the experiment pod (if specified) +- apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] +# Track and get the runner, experiment, and helper pods log +- apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] +# for creating and managing to execute comands inside target container +- apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] +# for configuring and monitor the experiment job by the chaos-runner pod +- apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] +# for creation, status polling and deletion of litmus chaos resources used within a chaos workflow +- apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: aws-ssm-chaos-by-id-sa + labels: + name: aws-ssm-chaos-by-id-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aws-ssm-chaos-by-id-sa +subjects: +- kind: ServiceAccount + name: aws-ssm-chaos-by-id-sa + namespace: default diff --git a/experiments/aws-ssm/aws-ssm-chaos-by-tag/aws-ssm-chaos-by-tag.chartserviceversion.yaml b/experiments/aws-ssm/aws-ssm-chaos-by-tag/aws-ssm-chaos-by-tag.chartserviceversion.yaml new file mode 100644 index 0000000..fea5b08 --- /dev/null +++ b/experiments/aws-ssm/aws-ssm-chaos-by-tag/aws-ssm-chaos-by-tag.chartserviceversion.yaml @@ -0,0 +1,43 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-06-10T10:28:08Z + name: aws-ssm-chaos-by-tag + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: aws-ssm-chaos-by-tag + categoryDescription: | + AWS SSM Chaos By ID contains chaos to disrupt the state of infra resources. The experiment can induce chaos on AWS resources using Amazon SSM Run Command This is carried out by using SSM Docs that defines the actions performed by Systems Manager on your managed instances (having SSM agent installed) which let us perform chaos experiments on resources. + - Causes chaos on AWS ec2 instances with given instance tag using SSM docs for total chaos duration with the specified chaos interval. + - Tests deployment sanity (replica availability & uninterrupted service) and recovery workflows of the target application pod(if provided). + keywords: + - SSM + - AWS + - EC2 + platforms: + - AWS + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: udit@chaosnative.com + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/aws-ssm/aws-ssm-chaos-by-tag + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/aws-ssm/aws-ssm-chaos-by-tag/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/aws-ssm/aws-ssm-chaos-by-tag/experiment.yaml diff --git a/experiments/aws-ssm/aws-ssm-chaos-by-tag/engine.yaml b/experiments/aws-ssm/aws-ssm-chaos-by-tag/engine.yaml new file mode 100644 index 0000000..19d294b --- /dev/null +++ b/experiments/aws-ssm/aws-ssm-chaos-by-tag/engine.yaml @@ -0,0 +1,62 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + engineState: 'active' + chaosServiceAccount: aws-ssm-chaos-by-tag-sa + experiments: + - name: aws-ssm-chaos-by-tag + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' + + # set chaos duration (in sec) as desired + - name: CHAOS_INTERVAL + value: '60' + + # provide tag of the target ec2 instances + # ex: team:devops (key:value) + - name: EC2_INSTANCE_TAG + value: '' + + # provide the region name of the target instances + - name: REGION + value: '' + + # provide the percentage of available memory to stress + - name: MEMORY_PERCENTAGE + value: '80' + + # provide the CPU chores to comsumed + # 0 will consume all the available cpu cores + - name: CPU_CORE + value: '0' + + # Provide the name of ssm doc + # if not using the default stress docs + - name: DOCUMENT_NAME + value: '' + + # Provide the type of ssm doc + # if not using the default stress docs + - name: DOCUMENT_TYPE + value: '' + + # Provide the format of ssm doc + # if not using the default stress docs + - name: DOCUMENT_FORMAT + value: '' + + # Provide the path of ssm doc + # if not using the default stress docs + - name: DOCUMENT_PATH + value: '' + + # if you want to install dependencies to run default ssm docs + - name: INSTALL_DEPENDENCIES + value: 'True' diff --git a/experiments/aws-ssm/aws-ssm-chaos-by-tag/experiment.yaml b/experiments/aws-ssm/aws-ssm-chaos-by-tag/experiment.yaml new file mode 100644 index 0000000..2ca8c45 --- /dev/null +++ b/experiments/aws-ssm/aws-ssm-chaos-by-tag/experiment.yaml @@ -0,0 +1,133 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Execute AWS SSM Chaos on given ec2 instance Tag +kind: ChaosExperiment +metadata: + name: aws-ssm-chaos-by-tag + labels: + name: aws-ssm-chaos-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name aws-ssm-chaos-by-tag + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: CHAOS_INTERVAL + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide tag of the target ec2 instances + # ex: team:devops (key:value) + - name: EC2_INSTANCE_TAG + value: '' + + - name: REGION + value: '' + + # it defines the sequence of chaos execution for multiple target instances + # supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # percentage of total instance to target + - name: INSTANCE_AFFECTED_PERC + value: '' + + # Provide the name of ssm doc + # if not using the default stress docs + - name: DOCUMENT_NAME + value: '' + + # Provide the type of ssm doc + # if not using the default stress docs + - name: DOCUMENT_TYPE + value: '' + + # Provide the format of ssm doc + # if not using the default stress docs + - name: DOCUMENT_FORMAT + value: '' + + # Provide the path of ssm doc + # if not using the default stress docs + - name: DOCUMENT_PATH + value: '' + + # if you want to install dependencies to run default ssm docs + - name: INSTALL_DEPENDENCIES + value: 'True' + + # provide the number of workers for memory stress + - name: NUMBER_OF_WORKERS + value: '1' + + # provide the percentage of available memory to stress + - name: MEMORY_PERCENTAGE + value: '80' + + # provide the CPU chores to comsumed + # 0 will consume all the available cpu cores + - name: CPU_CORE + value: '0' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: aws-ssm-chaos-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/aws-ssm/aws-ssm-chaos-by-tag/rbac.yaml b/experiments/aws-ssm/aws-ssm-chaos-by-tag/rbac.yaml new file mode 100644 index 0000000..473d902 --- /dev/null +++ b/experiments/aws-ssm/aws-ssm-chaos-by-tag/rbac.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: aws-ssm-chaos-by-tag-sa + namespace: default + labels: + name: aws-ssm-chaos-by-tag-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: aws-ssm-chaos-by-tag-sa + labels: + name: aws-ssm-chaos-by-tag-sa + app.kubernetes.io/part-of: litmus +rules: +# Create and monitor the experiment & helper pods +- apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] +# Performs CRUD operations on the events inside chaosengine and chaosresult +- apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] +# Fetch configmaps & secrets details and mount it to the experiment pod (if specified) +- apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] +# Track and get the runner, experiment, and helper pods log +- apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] +# for creating and managing to execute comands inside target container +- apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] +# for configuring and monitor the experiment job by the chaos-runner pod +- apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] +# for creation, status polling and deletion of litmus chaos resources used within a chaos workflow +- apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: aws-ssm-chaos-by-tag-sa + labels: + name: aws-ssm-chaos-by-tag-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: aws-ssm-chaos-by-tag-sa +subjects: +- kind: ServiceAccount + name: aws-ssm-chaos-by-tag-sa + namespace: default diff --git a/experiments/aws-ssm/aws-ssm.chartserviceversion.yaml b/experiments/aws-ssm/aws-ssm.chartserviceversion.yaml new file mode 100644 index 0000000..38f76a8 --- /dev/null +++ b/experiments/aws-ssm/aws-ssm.chartserviceversion.yaml @@ -0,0 +1,38 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-06-11T10:28:08Z + name: aws-ssm + version: 0.1.0 + annotations: + categories: Kubernetes + chartDescription: Injects aws ssm chaos +spec: + displayName: AWS SSM + categoryDescription: > + aws ssm contains chaos to disrupt state of aws resources by litmus aws ssm docs + experiments: + - name: aws-ssm-chaos-by-id + description: "" + - name: aws-ssm-chaos-by-tag + description: "" + keywords: + - AWS + - SSM + - EC2 + maintainers: + - name: ksatchit + email: karthik@chaosnative.com + provider: + name: ChaosNative + links: + - name: Kubernetes Website + url: https://kubernetes.io + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/aws-ssm + - name: Kubernetes Slack + url: https://slack.kubernetes.io/ + icon: + - url: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/aws-ssm/icons/aws-ssm.png + mediatype: image/png + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/aws-ssm/experiments.yaml diff --git a/experiments/aws-ssm/aws-ssm.package.yaml b/experiments/aws-ssm/aws-ssm.package.yaml new file mode 100644 index 0000000..cfae7ec --- /dev/null +++ b/experiments/aws-ssm/aws-ssm.package.yaml @@ -0,0 +1,8 @@ +packageName: aws-ssm +experiments: + - name: aws-ssm-chaos-by-id + CSV: aws-ssm-chaos-by-id.chartserviceversion.yaml + desc: "aws-ssm-chaos-by-id" + - name: aws-ssm-chaos-by-tag + CSV: aws-ssm-chaos-by-tag.chartserviceversion.yaml + desc: "aws-ssm-chaos-by-tag" \ No newline at end of file diff --git a/experiments/aws-ssm/experiments.yaml b/experiments/aws-ssm/experiments.yaml new file mode 100644 index 0000000..6915473 --- /dev/null +++ b/experiments/aws-ssm/experiments.yaml @@ -0,0 +1,266 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Execute AWS SSM Chaos on given ec2 instance IDs +kind: ChaosExperiment +metadata: + name: aws-ssm-chaos-by-id + labels: + name: aws-ssm-chaos-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name aws-ssm-chaos-by-id + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: CHAOS_INTERVAL + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Instance ID of the target ec2 instance + # Multiple IDs can also be provided as comma separated values ex: id1,id2 + - name: EC2_INSTANCE_ID + value: '' + + - name: REGION + value: '' + + # it defines the sequence of chaos execution for multiple target instances + # supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # Provide the name of ssm doc + # if not using the default stress docs + - name: DOCUMENT_NAME + value: '' + + # Provide the type of ssm doc + # if not using the default stress docs + - name: DOCUMENT_TYPE + value: '' + + # Provide the format of ssm doc + # if not using the default stress docs + - name: DOCUMENT_FORMAT + value: '' + + # Provide the path of ssm doc + # if not using the default stress docs + - name: DOCUMENT_PATH + value: '' + + # if you want to install dependencies to run default ssm docs + - name: INSTALL_DEPENDENCIES + value: 'True' + + # provide the number of workers for memory stress + - name: NUMBER_OF_WORKERS + value: '1' + + # provide the percentage of available memory to stress + - name: MEMORY_PERCENTAGE + value: '80' + + # provide the CPU chores to be comsumed + # 0 will consume all the available cpu cores + - name: CPU_CORE + value: '0' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: aws-ssm-chaos-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Execute AWS SSM Chaos on given ec2 instance Tag +kind: ChaosExperiment +metadata: + name: aws-ssm-chaos-by-tag + labels: + name: aws-ssm-chaos-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name aws-ssm-chaos-by-tag + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: CHAOS_INTERVAL + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide tag of the target ec2 instances + # ex: team:devops (key:value) + - name: EC2_INSTANCE_TAG + value: '' + + - name: REGION + value: '' + + # it defines the sequence of chaos execution for multiple target instances + # supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # percentage of total instance to target + - name: INSTANCE_AFFECTED_PERC + value: '' + + # Provide the name of ssm doc + # if not using the default stress docs + - name: DOCUMENT_NAME + value: '' + + # Provide the type of ssm doc + # if not using the default stress docs + - name: DOCUMENT_TYPE + value: '' + + # Provide the format of ssm doc + # if not using the default stress docs + - name: DOCUMENT_FORMAT + value: '' + + # Provide the path of ssm doc + # if not using the default stress docs + - name: DOCUMENT_PATH + value: '' + + # if you want to install dependencies to run default ssm docs + - name: INSTALL_DEPENDENCIES + value: 'True' + + # provide the number of workers for memory stress + - name: NUMBER_OF_WORKERS + value: '1' + + # provide the percentage of available memory to stress + - name: MEMORY_PERCENTAGE + value: '80' + + # provide the CPU chores to comsumed + # 0 will consume all the available cpu cores + - name: CPU_CORE + value: '0' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: aws-ssm-chaos-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- diff --git a/experiments/aws-ssm/icons/aws-ssm-chaos-by-id.png b/experiments/aws-ssm/icons/aws-ssm-chaos-by-id.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/aws-ssm/icons/aws-ssm-chaos-by-id.png differ diff --git a/experiments/aws-ssm/icons/aws-ssm-chaos-by-tag.png b/experiments/aws-ssm/icons/aws-ssm-chaos-by-tag.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/aws-ssm/icons/aws-ssm-chaos-by-tag.png differ diff --git a/experiments/aws-ssm/icons/aws-ssm.png b/experiments/aws-ssm/icons/aws-ssm.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/aws-ssm/icons/aws-ssm.png differ diff --git a/experiments/azure/azure-disk-loss/azure-disk-loss.chartserviceversion.yaml b/experiments/azure/azure-disk-loss/azure-disk-loss.chartserviceversion.yaml new file mode 100644 index 0000000..ab5f152 --- /dev/null +++ b/experiments/azure/azure-disk-loss/azure-disk-loss.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: azure-disk-loss + version: 0.1.0 + annotations: + categories: Azure + vendor: ChaosNative + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: azure-disk-loss + categoryDescription: | + This experiment causes the detachment of the disk from the VM for a certain chaos duration + - Causes detachment of the disk from the VM and then reattachment of the disk to the VM + - It helps to check the performance of the application on the instance. + keywords: + - Azure + - Disk + - AKS + platforms: + - Azure + maturity: alpha + maintainers: + - name: avaakash + email: akash@chaosnative.com + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/azure/disk-loss/experiment + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/azure/azure-disk-loss/ + # - name: Video + # url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/azure/azure-disk-loss/experiment.yaml \ No newline at end of file diff --git a/experiments/azure/azure-disk-loss/engine.yaml b/experiments/azure/azure-disk-loss/engine.yaml new file mode 100644 index 0000000..18d029f --- /dev/null +++ b/experiments/azure/azure-disk-loss/engine.yaml @@ -0,0 +1,32 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos +spec: + # It can be active/stop + engineState: 'active' + chaosServiceAccount: azure-disk-loss-sa + experiments: + - name: azure-disk-loss + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # provide the resource group of the instance + - name: RESOURCE_GROUP + value: '' + + # accepts enable/disable, default is disable + - name: SCALE_SET + value: '' + + # provide the virtual disk names (comma separated if multiple) + - name: VIRTUAL_DISK_NAMES + value: '' \ No newline at end of file diff --git a/experiments/azure/azure-disk-loss/experiment.yaml b/experiments/azure/azure-disk-loss/experiment.yaml new file mode 100644 index 0000000..0b25921 --- /dev/null +++ b/experiments/azure/azure-disk-loss/experiment.yaml @@ -0,0 +1,95 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Detaches disk from the VM and then re-attaches disk to the VM +kind: ChaosExperiment +metadata: + name: azure-disk-loss + labels: + name: azure-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name azure-disk-loss + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide the resource group of the instance + - name: RESOURCE_GROUP + value: '' + + # accepts enable/disable, default is disable + - name: SCALE_SET + value: '' + + # provide the virtual disk names (comma separated if multiple) + - name: VIRTUAL_DISK_NAMES + value: '' + + # provide the sequence type for the run. Options: serial/parallel + - name: SEQUENCE + value: 'parallel' + + # provide the path to aks credentials mounted from secret + - name: AZURE_AUTH_LOCATION + value: '/tmp/azure.auth' + + labels: + name: azure-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/azure/azure-disk-loss/rbac.yaml b/experiments/azure/azure-disk-loss/rbac.yaml new file mode 100644 index 0000000..0e91994 --- /dev/null +++ b/experiments/azure/azure-disk-loss/rbac.yaml @@ -0,0 +1,64 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: azure-disk-loss-sa + namespace: default + labels: + name: azure-disk-loss-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: azure-disk-loss-sa + namespace: default + labels: + name: azure-disk-loss-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: azure-disk-loss-sa + namespace: default + labels: + name: azure-disk-loss-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: azure-disk-loss-sa +subjects: +- kind: ServiceAccount + name: azure-disk-loss-sa + namespace: default \ No newline at end of file diff --git a/experiments/azure/azure-instance-stop/azure-instance-stop.chartserviceversion.yaml b/experiments/azure/azure-instance-stop/azure-instance-stop.chartserviceversion.yaml new file mode 100644 index 0000000..a6db416 --- /dev/null +++ b/experiments/azure/azure-instance-stop/azure-instance-stop.chartserviceversion.yaml @@ -0,0 +1,44 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-02-20T10:28:08Z + name: azure-instance-stop + version: 0.1.0 + annotations: + categories: Azure + vendor: ChaosNative + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: azure-instance-stop + categoryDescription: | + This experiment causes the power off of an azure instance for a certain chaos duration. + - Causes termination of an azure instance before bringing it back to running state after the specified chaos duration. + - It helps to check the performance of the application on the instance. + keywords: + - Azure + - Scaleset + - AKS + platforms: + - Azure + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: udit@chaosnative.com + provider: + name: Chaos Native + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/azure/instance-stop/experiment + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/azure/azure-instance-stop/ + # - name: Video + # url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/azure/azure-instance-stop/experiment.yaml + diff --git a/experiments/azure/azure-instance-stop/engine.yaml b/experiments/azure/azure-instance-stop/engine.yaml new file mode 100644 index 0000000..b2d0596 --- /dev/null +++ b/experiments/azure/azure-instance-stop/engine.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + engineState: 'active' + chaosServiceAccount: azure-instance-stop-sa + experiments: + - name: azure-instance-stop + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos intreval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # provide the target instance name(s) (comma separated if multiple) + - name: AZURE_INSTANCE_NAME + value: '' + + # provide the resource group of the instance + - name: RESOURCE_GROUP + value: '' + + # accepts enable/disable, default is disable + - name: SCALE_SET + value: '' + diff --git a/experiments/azure/azure-instance-stop/experiment.yaml b/experiments/azure/azure-instance-stop/experiment.yaml new file mode 100644 index 0000000..c685d9d --- /dev/null +++ b/experiments/azure/azure-instance-stop/experiment.yaml @@ -0,0 +1,96 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Terminating azure VM instance +kind: ChaosExperiment +metadata: + name: azure-instance-stop + labels: + name: azure-instance-stop + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name azure-instance-stop + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide the target instance name(s) (comma separated if multiple) + - name: AZURE_INSTANCE_NAME + value: '' + + # provide the resource group of the instance + - name: RESOURCE_GROUP + value: '' + + # accepts enable/disable, default is disable + - name: SCALE_SET + value: '' + + # Provide the path of aks credentials mounted from secret + - name: AZURE_AUTH_LOCATION + value: '/tmp/azure.auth' + + - name: SEQUENCE + value: 'parallel' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: azure-instance-stop + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + diff --git a/experiments/azure/azure-instance-stop/rbac.yaml b/experiments/azure/azure-instance-stop/rbac.yaml new file mode 100644 index 0000000..323e2f3 --- /dev/null +++ b/experiments/azure/azure-instance-stop/rbac.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: azure-instance-stop-sa + namespace: default + labels: + name: azure-instance-stop-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: azure-instance-stop-sa + labels: + name: azure-instance-stop-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: azure-instance-stop-sa + labels: + name: azure-instance-stop-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: azure-instance-stop-sa +subjects: +- kind: ServiceAccount + name: azure-instance-stop-sa + namespace: default diff --git a/experiments/azure/azure.chartserviceversion.yaml b/experiments/azure/azure.chartserviceversion.yaml new file mode 100644 index 0000000..862959a --- /dev/null +++ b/experiments/azure/azure.chartserviceversion.yaml @@ -0,0 +1,41 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-02-20T10:28:08Z + name: azure + version: 0.1.0 + annotations: + categories: Kubernetes + chartDescription: Injects chaos on azure servies +spec: + displayName: Azure + categoryDescription: > + Azure category of chaos experiments causes the disruption of the azure serives for a certain chaos duration. + experiments: + - name: azure-instance-stop + description: "" + - name: azure-disk-loss + description: "" + keywords: + - Azure + - Instance + - AKS + - Scaleset + maintainers: + - name: Udit Gaurav + email: udit.gaurav@mayadata.io + provider: + name: Chaos Native + links: + - name: Kubernetes Website + url: https://kubernetes.io + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/azure/experiments/azure + - name: Kubernetes Slack + url: https://slack.kubernetes.io/ + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/contents/#cloud-infrastructure + icon: + - url: https://raw.githubusercontent.com/litmuschaos/charthub.litmuschaos.io/master/public/litmus.ico + mediatype: image/png + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/azure/experiments.yaml diff --git a/experiments/azure/azure.package.yaml b/experiments/azure/azure.package.yaml new file mode 100644 index 0000000..904710a --- /dev/null +++ b/experiments/azure/azure.package.yaml @@ -0,0 +1,10 @@ +packageName: azure +experiments: + - name: azure-instance-stop + CSV: azure-instance-stop.chartserviceversion.yaml + desc: "azure-instance-stop" + + - name: azure-disk-loss + CSV: azure-disk-loss.chartserviceversion.yaml + desc: "azure-disk-loss" + diff --git a/experiments/azure/experiments.yaml b/experiments/azure/experiments.yaml new file mode 100644 index 0000000..06d46d2 --- /dev/null +++ b/experiments/azure/experiments.yaml @@ -0,0 +1,195 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Terminating azure VM instance +kind: ChaosExperiment +metadata: + name: azure-instance-stop + labels: + name: azure-instance-stop + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name azure-instance-stop + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide the target instance name(s) (comma separated if multiple) + - name: AZURE_INSTANCE_NAME + value: '' + + # provide the resource group of the instance + - name: RESOURCE_GROUP + value: '' + + # accepts enable/disable, default is disable + - name: SCALE_SET + value: '' + + # Provide the path of aks credentials mounted from secret + - name: AZURE_AUTH_LOCATION + value: '/tmp/azure.auth' + + - name: SEQUENCE + value: 'parallel' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: azure-instance-stop + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Detaches disk from the VM and then re-attaches disk to the VM +kind: ChaosExperiment +metadata: + name: azure-disk-loss + labels: + name: azure-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name azure-disk-loss + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide the resource group of the instance + - name: RESOURCE_GROUP + value: '' + + # accepts enable/disable, default is disable + - name: SCALE_SET + value: '' + + # provide the virtual disk names (comma separated if multiple) + - name: VIRTUAL_DISK_NAMES + value: '' + + # provide the sequence type for the run. Options: serial/parallel + - name: SEQUENCE + value: 'parallel' + + # provide the path to aks credentials mounted from secret + - name: AZURE_AUTH_LOCATION + value: '/tmp/azure.auth' + + labels: + name: azure-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- diff --git a/experiments/azure/icons/azure-disk-loss.png b/experiments/azure/icons/azure-disk-loss.png new file mode 100644 index 0000000..5baec5e Binary files /dev/null and b/experiments/azure/icons/azure-disk-loss.png differ diff --git a/experiments/azure/icons/azure-instance-stop.png b/experiments/azure/icons/azure-instance-stop.png new file mode 100644 index 0000000..5baec5e Binary files /dev/null and b/experiments/azure/icons/azure-instance-stop.png differ diff --git a/experiments/azure/icons/azure.png b/experiments/azure/icons/azure.png new file mode 100644 index 0000000..5baec5e Binary files /dev/null and b/experiments/azure/icons/azure.png differ diff --git a/experiments/cassandra/cassandra-pod-delete/cassandra-pod-delete.chartserviceversion.yaml b/experiments/cassandra/cassandra-pod-delete/cassandra-pod-delete.chartserviceversion.yaml new file mode 100644 index 0000000..87aa48b --- /dev/null +++ b/experiments/cassandra/cassandra-pod-delete/cassandra-pod-delete.chartserviceversion.yaml @@ -0,0 +1,47 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-04-14T10:28:08Z + name: cassandra-pod-delete + version: 0.1.3 + annotations: + categories: Cassandra + vendor: CNCF + support: https://cassandra-slack.herokuapp.com +spec: + displayName: cassandra-pod-delete + categoryDescription: | + This experiment causes (forced/graceful) pod failure of random replicas of an cassandra statefulset. + It tests statefulset sanity (replica availability & uninterrupted service) and recovery workflows of the cassandra pod + keywords: + - Kubernetes + - K8S + - Cassandra + - Pod + platforms: + - GKE + - Konvoy + - Packet(Kubeadm) + - Minikube + - EKS + maturity: alpha + maintainers: + - name: Shubham Chaudhary + email: shubham.chaudhary@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/cassandra/pod-delete + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/cassandra/cassandra-pod-delete/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/cassandra/cassandra-pod-delete/experiment.yaml diff --git a/experiments/cassandra/cassandra-pod-delete/engine.yaml b/experiments/cassandra/cassandra-pod-delete/engine.yaml new file mode 100644 index 0000000..37850b8 --- /dev/null +++ b/experiments/cassandra/cassandra-pod-delete/engine.yaml @@ -0,0 +1,55 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: cassandra-chaos + namespace: default +spec: + appinfo: + appns: 'default' + applabel: 'app=cassandra' + appkind: 'statefulset' + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: cassandra-pod-delete-sa + experiments: + - name: cassandra-pod-delete + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '15' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '15' + + # pod failures without '--force' & default terminationGracePeriodSeconds + - name: FORCE + value: 'false' + + # provide cassandra service name + # default service: cassandra + - name: CASSANDRA_SVC_NAME + value: 'cassandra' + + # provide the keyspace replication factor + - name: KEYSPACE_REPLICATION_FACTOR + value: '3' + + # provide cassandra port + # default port: 9042 + - name: CASSANDRA_PORT + value: '9042' + + # SET THE CASSANDRA_LIVENESS_CHECK + # IT CAN BE `enable` OR `disable` + - name: CASSANDRA_LIVENESS_CHECK + value: '' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/experiments/cassandra/cassandra-pod-delete/experiment.yaml b/experiments/cassandra/cassandra-pod-delete/experiment.yaml new file mode 100644 index 0000000..f400435 --- /dev/null +++ b/experiments/cassandra/cassandra-pod-delete/experiment.yaml @@ -0,0 +1,121 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes a pod belonging to a casandra statefulset +kind: ChaosExperiment +metadata: + name: cassandra-pod-delete + labels: + name: cassandra-pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Create and manage the liveness and target application services + - apiGroups: [""] + resources: ["services"] + verbs: ["create","delete","get","list", "deletecollection"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for deriving the parent/owner details of the pod + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name cassandra-pod-delete + command: + - /bin/bash + env: + + # provide cassandra service name + # default service: cassandra + - name: CASSANDRA_SVC_NAME + value: '' + + # provide the keyspace replication factor + - name: KEYSPACE_REPLICATION_FACTOR + value: '' + + # provide cassandra port + # default port: 9042 + - name: CASSANDRA_PORT + value: '9042' + + # provide liveness deployement port + # default port: 8088, It only supports 8088 port + - name: LIVENESS_SVC_PORT + value: '8088' + + # provide cassandra liveness image + - name: CASSANDRA_LIVENESS_IMAGE + value: 'litmuschaos/cassandra-client:latest' + + - name: TOTAL_CHAOS_DURATION + value: '15' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: CHAOS_INTERVAL + value: '15' + + # SET THE CASSANDRA_LIVENESS_CHECK + # IT CAN BE `enable` OR `disable` + - name: CASSANDRA_LIVENESS_CHECK + value: '' + + ## Period to wait before and after injection of chaos + - name: RAMP_TIME + value: '' + + - name: FORCE + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus + - name: LIB + value: 'litmus' + + labels: + name: cassandra-pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/cassandra/cassandra-pod-delete/rbac.yaml b/experiments/cassandra/cassandra-pod-delete/rbac.yaml new file mode 100644 index 0000000..7295950 --- /dev/null +++ b/experiments/cassandra/cassandra-pod-delete/rbac.yaml @@ -0,0 +1,73 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cassandra-pod-delete-sa + namespace: default + labels: + name: cassandra-pod-delete-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cassandra-pod-delete-sa + namespace: default + labels: + name: cassandra-pod-delete-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Create and manage the liveness and target application services + - apiGroups: [""] + resources: ["services"] + verbs: ["create","delete","get","list", "deletecollection"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for deriving the parent/owner details of the pod + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cassandra-pod-delete-sa + namespace: default + labels: + name: cassandra-pod-delete-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cassandra-pod-delete-sa +subjects: +- kind: ServiceAccount + name: cassandra-pod-delete-sa + namespace: default + diff --git a/experiments/cassandra/cassandra.chartserviceversion.yaml b/experiments/cassandra/cassandra.chartserviceversion.yaml new file mode 100644 index 0000000..2227e10 --- /dev/null +++ b/experiments/cassandra/cassandra.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-04-14T10:28:08Z + name: cassandra + version: 0.1.3 + annotations: + categories: Cassandra + chartDescription: Injects cassandra kubernetes chaos +spec: + displayName: Cassandra Chaos + categoryDescription: > + Cassandra is a free and open-source, distributed, wide column store, NoSQL database management system designed to handle + large amounts of data across many commodity servers, providing high availability with no single point of failure. + It will install all the experiments which can be used to inject chaos into cassandra applications. + experiments: + - name: cassandra-pod-delete + description: "" + keywords: + - Kubernetes + - K8S + - Pod + - Cassandra + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: Cassandra Website + url: http://cassandra.apache.org/ + - name: Source Code + url: https://github.com/apache/cassandra + - name: Cassandra Slack + url: https://cassandra-slack.herokuapp.com + - name: Documentation + url: http://cassandra.apache.org/doc/latest/ + icon: + - url: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/cassandra/icons/cassandra.png + mediatype: image/png + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/cassandra/experiments.yaml diff --git a/experiments/cassandra/cassandra.package.yaml b/experiments/cassandra/cassandra.package.yaml new file mode 100644 index 0000000..aeab8f3 --- /dev/null +++ b/experiments/cassandra/cassandra.package.yaml @@ -0,0 +1,5 @@ +packageName: cassandra +experiments: + - name: cassandra-pod-delete + CSV: cassandra-pod-delete.chartserviceversion.yaml + desc: "cassandra-pod-delete" diff --git a/experiments/cassandra/experiments.yaml b/experiments/cassandra/experiments.yaml new file mode 100644 index 0000000..0dbe50a --- /dev/null +++ b/experiments/cassandra/experiments.yaml @@ -0,0 +1,123 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes a pod belonging to a casandra statefulset +kind: ChaosExperiment +metadata: + name: cassandra-pod-delete + labels: + name: cassandra-pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Create and manage the liveness and target application services + - apiGroups: [""] + resources: ["services"] + verbs: ["create","delete","get","list", "deletecollection"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for deriving the parent/owner details of the pod + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name cassandra-pod-delete + command: + - /bin/bash + env: + + # provide cassandra service name + # default service: cassandra + - name: CASSANDRA_SVC_NAME + value: '' + + # provide the keyspace replication factor + - name: KEYSPACE_REPLICATION_FACTOR + value: '' + + # provide cassandra port + # default port: 9042 + - name: CASSANDRA_PORT + value: '9042' + + # provide liveness deployement port + # default port: 8088, It only supports 8088 port + - name: LIVENESS_SVC_PORT + value: '8088' + + # provide cassandra liveness image + - name: CASSANDRA_LIVENESS_IMAGE + value: 'litmuschaos/cassandra-client:latest' + + - name: TOTAL_CHAOS_DURATION + value: '15' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: CHAOS_INTERVAL + value: '15' + + # SET THE CASSANDRA_LIVENESS_CHECK + # IT CAN BE `enable` OR `disable` + - name: CASSANDRA_LIVENESS_CHECK + value: '' + + ## Period to wait before and after injection of chaos + - name: RAMP_TIME + value: '' + + - name: FORCE + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus + - name: LIB + value: 'litmus' + + labels: + name: cassandra-pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- diff --git a/experiments/cassandra/icons/cassandra-pod-delete.png b/experiments/cassandra/icons/cassandra-pod-delete.png new file mode 100644 index 0000000..16aa7b4 Binary files /dev/null and b/experiments/cassandra/icons/cassandra-pod-delete.png differ diff --git a/experiments/cassandra/icons/cassandra.png b/experiments/cassandra/icons/cassandra.png new file mode 100644 index 0000000..3568818 Binary files /dev/null and b/experiments/cassandra/icons/cassandra.png differ diff --git a/experiments/coredns/coredns-pod-delete/coredns-pod-delete.chartserviceversion.yaml b/experiments/coredns/coredns-pod-delete/coredns-pod-delete.chartserviceversion.yaml new file mode 100644 index 0000000..d0288b4 --- /dev/null +++ b/experiments/coredns/coredns-pod-delete/coredns-pod-delete.chartserviceversion.yaml @@ -0,0 +1,43 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-12-30T10:28:08Z + name: coredns-pod-delete + version: 0.1.7 + annotations: + categories: CoreDNS + vendor: CNCF + support: https://slack.cncf.io/ +spec: + displayName: coredns-pod-delete + categoryDescription: | + Pod delete contains chaos to disrupt state of coredns resources. Experiments can inject random pod delete failures against specified application. + - Causes (forced/graceful) pod failure of coredns replicas of an application deployment. + - Tests of successful resolution of app services during chaos injection + keywords: + - Kubernetes + - K8S + - CoreDNS + - DNS + - Pod + platforms: + - GKE + - Minikube + maturity: alpha + maintainers: + - name: Raj Babu Das + email: raj.das@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/coredns/pod_delete + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/coredns-pod-delete/ + - name: Video + url: https://www.youtube.com/watch?v=pwo5idKW7q8 + chaosexpcrdlink: https://raw.githubusercontent.com/litmuchaos/chaos-charts/master/charts/coredns/coredns-pod-delete/experiment.yaml \ No newline at end of file diff --git a/experiments/coredns/coredns-pod-delete/engine.yaml b/experiments/coredns/coredns-pod-delete/engine.yaml new file mode 100644 index 0000000..329bdef --- /dev/null +++ b/experiments/coredns/coredns-pod-delete/engine.yaml @@ -0,0 +1,30 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: engine-coredns + namespace: kube-system +spec: + appinfo: + appns: 'kube-system' + applabel: 'k8s-app=kube-dns' + appkind: 'deployment' + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: coredns-pod-delete-sa + experiments: + - name: coredns-pod-delete + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + + - name: CHAOS_NAMESPACE + value: 'kube-system' \ No newline at end of file diff --git a/experiments/coredns/coredns-pod-delete/experiment.yaml b/experiments/coredns/coredns-pod-delete/experiment.yaml new file mode 100644 index 0000000..44edb19 --- /dev/null +++ b/experiments/coredns/coredns-pod-delete/experiment.yaml @@ -0,0 +1,72 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes coredns pod in kube-system namespace +kind: ChaosExperiment +metadata: + name: coredns-pod-delete + labels: + name: coredns-pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + permissions: + - apiGroups: + - "" + - "batch" + - "litmuschaos.io" + resources: + - "services" + - "jobs" + - "pods" + - "pods/log" + - "events" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "get" + - "list" + - "patch" + - "create" + - "update" + - "delete" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/coredns/pod_delete/pod_delete_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: TOTAL_CHAOS_DURATION + value: '15' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: FORCE + value: 'true' + + - name: CHAOS_INTERVAL + value: '5' + + #supported libs are litmus and powerfulseal + - name: LIB + value: 'litmus' + + - name: LIB_IMAGE + value: 'litmuschaos/pod-delete-helper:latest' + + labels: + name: coredns-pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/coredns/coredns-pod-delete/rbac.yaml b/experiments/coredns/coredns-pod-delete/rbac.yaml new file mode 100644 index 0000000..00fe7db --- /dev/null +++ b/experiments/coredns/coredns-pod-delete/rbac.yaml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: coredns-pod-delete-sa + namespace: kube-system + labels: + name: coredns-pod-delete-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: coredns-pod-delete-sa + labels: + name: coredns-pod-delete-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","litmuschaos.io","batch"] + resources: ["services", "pods","jobs","events","pods/log","chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: coredns-pod-delete-sa + labels: + name: coredns-pod-delete-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: coredns-pod-delete-sa +subjects: +- kind: ServiceAccount + name: coredns-pod-delete-sa + namespace: kube-system diff --git a/experiments/coredns/coredns.chartserviceversion.yaml b/experiments/coredns/coredns.chartserviceversion.yaml new file mode 100644 index 0000000..dbe4fc8 --- /dev/null +++ b/experiments/coredns/coredns.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-12-30T10:28:08Z + name: coredns + version: 0.1.4 + annotations: + categories: Kubernetes + chartDescription: Injects coredns chaos +spec: + displayName: CoreDNS chaos + categoryDescription: > + CoreDNS is an open-source system for DNS management of containerized applications. + It helps to resolve services to IP address. It will install all the experiments which can be used to inject chaos into containerized applications. + experiments: + - name: coredns-pod-delete + description: "" + keywords: + - Kubernetes + - K8S + - Pod + - CoreDNS + - DNS + maintainers: + - name: Raj Babu Das + email: raj.das@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: CoreDNS Website + url: https://coredns.io + - name: Source Code + url: https://github.com/coredns/coredns + - name: CoreDNS Slack + url: https://slack.cncf.io/ + - name: Documentation + url: https://coredns.io/manual/toc/ + icon: + - url: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/coredns/icons/coredns-pod-delete.png + mediatype: image/png + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/coredns/experiments.yaml diff --git a/experiments/coredns/coredns.package.yaml b/experiments/coredns/coredns.package.yaml new file mode 100644 index 0000000..9fa1e66 --- /dev/null +++ b/experiments/coredns/coredns.package.yaml @@ -0,0 +1,5 @@ +packageName: coredns +experiments: + - name: coredns-pod-delete + CSV: coredns-pod-delete.chartserviceversion.yaml + desc: "coredns pod delete experiment" \ No newline at end of file diff --git a/experiments/coredns/experiments.yaml b/experiments/coredns/experiments.yaml new file mode 100644 index 0000000..46c81be --- /dev/null +++ b/experiments/coredns/experiments.yaml @@ -0,0 +1,74 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes coredns pod in kube-system namespace +kind: ChaosExperiment +metadata: + name: coredns-pod-delete + labels: + name: coredns-pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + permissions: + - apiGroups: + - "" + - "batch" + - "litmuschaos.io" + resources: + - "services" + - "jobs" + - "pods" + - "pods/log" + - "events" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "get" + - "list" + - "patch" + - "create" + - "update" + - "delete" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/coredns/pod_delete/pod_delete_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: TOTAL_CHAOS_DURATION + value: '15' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: FORCE + value: 'true' + + - name: CHAOS_INTERVAL + value: '5' + + #supported libs are litmus and powerfulseal + - name: LIB + value: 'litmus' + + - name: LIB_IMAGE + value: 'litmuschaos/pod-delete-helper:latest' + + labels: + name: coredns-pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- diff --git a/experiments/coredns/icons/coredns-pod-delete.png b/experiments/coredns/icons/coredns-pod-delete.png new file mode 100644 index 0000000..c643b7b Binary files /dev/null and b/experiments/coredns/icons/coredns-pod-delete.png differ diff --git a/experiments/coredns/icons/coredns.png b/experiments/coredns/icons/coredns.png new file mode 100644 index 0000000..c643b7b Binary files /dev/null and b/experiments/coredns/icons/coredns.png differ diff --git a/experiments/gcp/experiments.yaml b/experiments/gcp/experiments.yaml new file mode 100644 index 0000000..c262a5d --- /dev/null +++ b/experiments/gcp/experiments.yaml @@ -0,0 +1,374 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Causes loss of a non-boot storage persistent disk from a GCP VM instance filtered by a label for a specified duration before attaching them back +kind: ChaosExperiment +metadata: + name: gcp-vm-disk-loss-by-label + labels: + name: gcp-vm-disk-loss-by-label + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name gcp-vm-disk-loss-by-label + command: + - /bin/bash + env: + + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # set the GCP project id + - name: GCP_PROJECT_ID + value: '' + + # set the zone in which all the disks are created + # all the disks must exist in the same zone + - name: DISK_ZONES + value: '' + + # set the label of the target disk volumes + - name: DISK_VOLUME_LABEL + value: '' + + # set the percentage value of the disks with the given label + # which should be targeted as part of the chaos injection + - name: DISK_AFFECTED_PERC + value: '' + + labels: + name: gcp-vm-disk-loss-by-label + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stops GCP VM instances and GKE nodes filtered by a label for a specified duration and later restarts them +kind: ChaosExperiment +metadata: + name: gcp-vm-instance-stop-by-label + labels: + name: gcp-vm-instance-stop-by-label + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name gcp-vm-instance-stop-by-label + command: + - /bin/bash + env: + + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + - name: SEQUENCE + value: 'parallel' + + # GCP project ID to which the vm instances belong + - name: GCP_PROJECT_ID + value: '' + + # Label of the target vm instance(s) + - name: INSTANCE_LABEL + value: '' + + # Zone in which the target vm instance(s) filtered by the label exist + # all the instances should lie in a single zone + - name: INSTANCE_ZONES + value: '' + + # enable it if the target instance is a part of a managed instance group + - name: MANAGED_INSTANCE_GROUP + value: 'disable' + + # set the percentage value of the instances with the given label + # which should be targeted as part of the chaos injection + - name: INSTANCE_AFFECTED_PERC + value: '' + + labels: + name: gcp-vm-instance-stop-by-label + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stops GCP VM instances and GKE nodes for a specified duration and later restarts them +kind: ChaosExperiment +metadata: + name: gcp-vm-instance-stop + labels: + name: gcp-vm-instance-stop + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name gcp-vm-instance-stop + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # parallel or serial; determines how the VM instances are terminated, all at once or one at a time + - name: SEQUENCE + value: 'parallel' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + # period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # enable or disable; shall be set to enable if the target instances are a part of a managed instance group + - name: MANAGED_INSTANCE_GROUP + value: 'disable' + + # Instance name of the target vm instance(s) + # Multiple instance names can be provided as comma separated values ex: instance1,instance2 + - name: VM_INSTANCE_NAMES + value: '' + + # GCP project ID to which the vm instances belong + - name: GCP_PROJECT_ID + value: '' + + # Instance zone(s) of the target vm instance(s) + # If more than one instance is targetted, provide zone for each in the order of their + # respective instance name in VM_INSTANCE_NAME as comma separated values ex: zone1,zone2 + - name: INSTANCE_ZONES + value: '' + + labels: + name: gcp-vm-instance-stop + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Causes loss of a non-boot storage persistent disk from a GCP VM instance for a specified duration before attaching them back +kind: ChaosExperiment +metadata: + name: gcp-vm-disk-loss + labels: + name: gcp-vm-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name gcp-vm-disk-loss + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # parallel or serial; determines how chaos is injected + - name: SEQUENCE + value: 'parallel' + + # set the GCP project id + - name: GCP_PROJECT_ID + value: '' + + # set the disk volume name(s) as comma seperated values + # eg. volume1,volume2,... + - name: DISK_VOLUME_NAMES + value: '' + + # set the disk zone(s) as comma seperated values in the corresponding + # order of DISK_VOLUME_NAME + # eg. zone1,zone2,... + - name: DISK_ZONES + value: '' + + labels: + name: gcp-vm-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- diff --git a/experiments/gcp/gcp-vm-disk-loss-by-label/engine.yaml b/experiments/gcp/gcp-vm-disk-loss-by-label/engine.yaml new file mode 100644 index 0000000..827a47e --- /dev/null +++ b/experiments/gcp/gcp-vm-disk-loss-by-label/engine.yaml @@ -0,0 +1,41 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: gcp-disk-chaos +spec: + engineState: 'active' + chaosServiceAccount: gcp-vm-disk-loss-by-label-sa + experiments: + - name: gcp-vm-disk-loss-by-label + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # set the GCP project id + - name: GCP_PROJECT_ID + value: '' + + # set the zone in which all the disks are created + # all the disks must exist in the same zone + - name: DISK_ZONES + value: '' + + # set the label of the target disk volumes + - name: DISK_VOLUME_LABEL + value: '' + + # set the percentage value of the disks with the given label + # which should be targeted as part of the chaos injection + - name: DISK_AFFECTED_PERC + value: '' + + # parallel or serial; determines how chaos is injected + - name: SEQUENCE + value: 'parallel' diff --git a/experiments/gcp/gcp-vm-disk-loss-by-label/experiment.yaml b/experiments/gcp/gcp-vm-disk-loss-by-label/experiment.yaml new file mode 100644 index 0000000..773443c --- /dev/null +++ b/experiments/gcp/gcp-vm-disk-loss-by-label/experiment.yaml @@ -0,0 +1,83 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Causes loss of a non-boot storage persistent disk from a GCP VM instance filtered by a label for a specified duration before attaching them back +kind: ChaosExperiment +metadata: + name: gcp-vm-disk-loss-by-label + labels: + name: gcp-vm-disk-loss-by-label + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name gcp-vm-disk-loss-by-label + command: + - /bin/bash + env: + + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # set the GCP project id + - name: GCP_PROJECT_ID + value: '' + + # set the zone in which all the disks are created + # all the disks must exist in the same zone + - name: DISK_ZONES + value: '' + + # set the label of the target disk volumes + - name: DISK_VOLUME_LABEL + value: '' + + # set the percentage value of the disks with the given label + # which should be targeted as part of the chaos injection + - name: DISK_AFFECTED_PERC + value: '' + + labels: + name: gcp-vm-disk-loss-by-label + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/gcp/gcp-vm-disk-loss-by-label/gcp-vm-disk-loss-by-label.chartserviceversion.yaml b/experiments/gcp/gcp-vm-disk-loss-by-label/gcp-vm-disk-loss-by-label.chartserviceversion.yaml new file mode 100644 index 0000000..2aa5bee --- /dev/null +++ b/experiments/gcp/gcp-vm-disk-loss-by-label/gcp-vm-disk-loss-by-label.chartserviceversion.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: gcp-vm-disk-loss-by-label + version: 0.1.0 + annotations: + categories: gcp +spec: + displayName: gcp-vm-disk-loss-by-label + categoryDescription: > + Causes loss of a non-boot storage persistent disk from a GCP VM instance filtered by a label for a specified duration before attaching them back + keywords: + - "Disk" + - "GCP" + platforms: + - "Minikube" + maturity: alpha + maintainers: + - name: Neelanjan Manna + email: neelanjan.manna@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/gcp/gcp-vm-disk-loss-by-label/ + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/gcp/gcp-vm-disk-loss-by-label/experiment.yaml diff --git a/experiments/gcp/gcp-vm-disk-loss-by-label/rbac.yaml b/experiments/gcp/gcp-vm-disk-loss-by-label/rbac.yaml new file mode 100644 index 0000000..3406523 --- /dev/null +++ b/experiments/gcp/gcp-vm-disk-loss-by-label/rbac.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gcp-vm-disk-loss-by-label-sa + namespace: default + labels: + name: gcp-vm-disk-loss-by-label-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gcp-vm-disk-loss-by-label-sa + labels: + name: gcp-vm-disk-loss-by-label-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: gcp-vm-disk-loss-by-label-sa + labels: + name: gcp-vm-disk-loss-by-label-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gcp-vm-disk-loss-by-label-sa +subjects: +- kind: ServiceAccount + name: gcp-vm-disk-loss-by-label-sa + namespace: default \ No newline at end of file diff --git a/experiments/gcp/gcp-vm-disk-loss/engine.yaml b/experiments/gcp/gcp-vm-disk-loss/engine.yaml new file mode 100644 index 0000000..71a4b35 --- /dev/null +++ b/experiments/gcp/gcp-vm-disk-loss/engine.yaml @@ -0,0 +1,40 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: gcp-disk-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + chaosServiceAccount: gcp-vm-disk-loss-sa + experiments: + - name: gcp-vm-disk-loss + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # set the GCP project id + - name: GCP_PROJECT_ID + value: '' + + # set the disk volume name(s) as comma seperated values + # eg. volume1,volume2,... + - name: DISK_VOLUME_NAMES + value: '' + + # set the disk zone(s) as comma seperated values in the corresponding + # order of DISK_VOLUME_NAME + # eg. zone1,zone2,... + - name: DISK_ZONES + value: '' + + # parallel or serial; determines how chaos is injected + - name: SEQUENCE + value: 'parallel' diff --git a/experiments/gcp/gcp-vm-disk-loss/experiment.yaml b/experiments/gcp/gcp-vm-disk-loss/experiment.yaml new file mode 100644 index 0000000..dc9fa37 --- /dev/null +++ b/experiments/gcp/gcp-vm-disk-loss/experiment.yaml @@ -0,0 +1,89 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Causes loss of a non-boot storage persistent disk from a GCP VM instance for a specified duration before attaching them back +kind: ChaosExperiment +metadata: + name: gcp-vm-disk-loss + labels: + name: gcp-vm-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name gcp-vm-disk-loss + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # parallel or serial; determines how chaos is injected + - name: SEQUENCE + value: 'parallel' + + # set the GCP project id + - name: GCP_PROJECT_ID + value: '' + + # set the disk volume name(s) as comma seperated values + # eg. volume1,volume2,... + - name: DISK_VOLUME_NAMES + value: '' + + # set the disk zone(s) as comma seperated values in the corresponding + # order of DISK_VOLUME_NAME + # eg. zone1,zone2,... + - name: DISK_ZONES + value: '' + + labels: + name: gcp-vm-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/gcp/gcp-vm-disk-loss/gcp-vm-disk-loss.chartserviceversion.yaml b/experiments/gcp/gcp-vm-disk-loss/gcp-vm-disk-loss.chartserviceversion.yaml new file mode 100644 index 0000000..452dffe --- /dev/null +++ b/experiments/gcp/gcp-vm-disk-loss/gcp-vm-disk-loss.chartserviceversion.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: gcp-vm-disk-loss + version: 0.1.0 + annotations: + categories: gcp +spec: + displayName: gcp-vm-disk-loss + categoryDescription: > + Causes loss of a non-boot storage persistent disk from a GCP VM instance for a specified duration before attaching them back + keywords: + - "Disk" + - "GCP" + platforms: + - "GCP" + maturity: alpha + maintainers: + - name: Neelanjan Manna + email: neelanjan@chaosnative.com + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/gcp/gcp-vm-disk-loss/ + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/gcp/gcp-vm-disk-loss/experiment.yaml diff --git a/experiments/gcp/gcp-vm-disk-loss/rbac.yaml b/experiments/gcp/gcp-vm-disk-loss/rbac.yaml new file mode 100644 index 0000000..27c2072 --- /dev/null +++ b/experiments/gcp/gcp-vm-disk-loss/rbac.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gcp-vm-disk-loss-sa + namespace: default + labels: + name: gcp-vm-disk-loss-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gcp-vm-disk-loss-sa + labels: + name: gcp-vm-disk-loss-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: gcp-vm-disk-loss-sa + labels: + name: gcp-vm-disk-loss-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gcp-vm-disk-loss-sa +subjects: +- kind: ServiceAccount + name: gcp-vm-disk-loss-sa + namespace: default \ No newline at end of file diff --git a/experiments/gcp/gcp-vm-instance-stop-by-label/engine.yaml b/experiments/gcp/gcp-vm-instance-stop-by-label/engine.yaml new file mode 100644 index 0000000..34bf1be --- /dev/null +++ b/experiments/gcp/gcp-vm-instance-stop-by-label/engine.yaml @@ -0,0 +1,46 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: gcp-vm-chaos +spec: + # It can be active/stop + engineState: 'active' + chaosServiceAccount: gcp-vm-instance-stop-by-label-sa + # It can be delete/retain + experiments: + - name: gcp-vm-instance-stop-by-label + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + - name: SEQUENCE + value: 'parallel' + + # GCP project ID to which the vm instances belong + - name: GCP_PROJECT_ID + value: '' + + # Label of the target vm instance(s) + - name: INSTANCE_LABEL + value: '' + + # Zone in which the target vm instance(s) filtered by the label exist + # all the instances should lie in a single zone + - name: INSTANCE_ZONES + value: '' + + # enable it if the target instances are a part of a managed instance group + - name: MANAGED_INSTANCE_GROUP + value: 'disable' + + # set the percentage value of the instances with the given label + # which should be targeted as part of the chaos injection + - name: INSTANCE_AFFECTED_PERC + value: '' \ No newline at end of file diff --git a/experiments/gcp/gcp-vm-instance-stop-by-label/experiment.yaml b/experiments/gcp/gcp-vm-instance-stop-by-label/experiment.yaml new file mode 100644 index 0000000..4091b8f --- /dev/null +++ b/experiments/gcp/gcp-vm-instance-stop-by-label/experiment.yaml @@ -0,0 +1,95 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stops GCP VM instances and GKE nodes filtered by a label for a specified duration and later restarts them +kind: ChaosExperiment +metadata: + name: gcp-vm-instance-stop-by-label + labels: + name: gcp-vm-instance-stop-by-label + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name gcp-vm-instance-stop-by-label + command: + - /bin/bash + env: + + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + - name: SEQUENCE + value: 'parallel' + + # GCP project ID to which the vm instances belong + - name: GCP_PROJECT_ID + value: '' + + # Label of the target vm instance(s) + - name: INSTANCE_LABEL + value: '' + + # Zone in which the target vm instance(s) filtered by the label exist + # all the instances should lie in a single zone + - name: INSTANCE_ZONES + value: '' + + # enable it if the target instance is a part of a managed instance group + - name: MANAGED_INSTANCE_GROUP + value: 'disable' + + # set the percentage value of the instances with the given label + # which should be targeted as part of the chaos injection + - name: INSTANCE_AFFECTED_PERC + value: '' + + labels: + name: gcp-vm-instance-stop-by-label + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/gcp/gcp-vm-instance-stop-by-label/gcp-vm-instance-stop-by-label.chartserviceversion.yaml b/experiments/gcp/gcp-vm-instance-stop-by-label/gcp-vm-instance-stop-by-label.chartserviceversion.yaml new file mode 100644 index 0000000..f14399d --- /dev/null +++ b/experiments/gcp/gcp-vm-instance-stop-by-label/gcp-vm-instance-stop-by-label.chartserviceversion.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: gcp-vm-instance-stop-by-label + version: 0.1.0 + annotations: + categories: gcp +spec: + displayName: gcp-vm-instance-stop-by-label + categoryDescription: > + Stops GCP VM instances and GKE nodes filtered by a label for a specified duration and later restarts them + keywords: + - "VM" + - "GCP" + platforms: + - "Minikube" + maturity: alpha + maintainers: + - name: Neelanjan Manna + email: neelanjan.manna@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/gcp/gcp-vm-instance-stop-by-label/ + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/gcp/gcp-vm-instance-stop-by-label/experiment.yaml diff --git a/experiments/gcp/gcp-vm-instance-stop-by-label/rbac.yaml b/experiments/gcp/gcp-vm-instance-stop-by-label/rbac.yaml new file mode 100644 index 0000000..f37f8f7 --- /dev/null +++ b/experiments/gcp/gcp-vm-instance-stop-by-label/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gcp-vm-instance-stop-by-label-sa + namespace: default + labels: + name: gcp-vm-instance-stop-by-label-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gcp-vm-instance-stop-by-label-sa + labels: + name: gcp-vm-instance-stop-by-label-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: gcp-vm-instance-stop-by-label-sa + labels: + name: gcp-vm-instance-stop-by-label-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gcp-vm-instance-stop-by-label-sa +subjects: +- kind: ServiceAccount + name: gcp-vm-instance-stop-by-label-sa + namespace: default \ No newline at end of file diff --git a/experiments/gcp/gcp-vm-instance-stop/engine.yaml b/experiments/gcp/gcp-vm-instance-stop/engine.yaml new file mode 100644 index 0000000..3966faa --- /dev/null +++ b/experiments/gcp/gcp-vm-instance-stop/engine.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: gcp-vm-chaos +spec: + engineState: 'active' + chaosServiceAccount: gcp-vm-instance-stop-sa + experiments: + - name: gcp-vm-instance-stop + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # Instance name of the target vm instance(s) + # Multiple instance names can be provided as comma separated values ex: instance1,instance2 + - name: VM_INSTANCE_NAMES + value: '' + + # GCP project ID to which the vm instances belong + - name: GCP_PROJECT_ID + value: '' + + # Instance zone(s) of the target vm instance(s) + # If more than one instance is targetted, provide zone for each in the order of their + # respective instance name in VM_INSTANCE_NAME as comma separated values ex: zone1,zone2 + - name: INSTANCE_ZONES + value: '' + + # enable it if the target instance is a part of a managed instance group. + - name: MANAGED_INSTANCE_GROUP + value: 'disable' + + # parallel or serial; determines how chaos is injected + - name: SEQUENCE + value: 'parallel' diff --git a/experiments/gcp/gcp-vm-instance-stop/experiment.yaml b/experiments/gcp/gcp-vm-instance-stop/experiment.yaml new file mode 100644 index 0000000..f1a60ab --- /dev/null +++ b/experiments/gcp/gcp-vm-instance-stop/experiment.yaml @@ -0,0 +1,99 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stops GCP VM instances and GKE nodes for a specified duration and later restarts them +kind: ChaosExperiment +metadata: + name: gcp-vm-instance-stop + labels: + name: gcp-vm-instance-stop + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name gcp-vm-instance-stop + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # parallel or serial; determines how the VM instances are terminated, all at once or one at a time + - name: SEQUENCE + value: 'parallel' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + # period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # enable or disable; shall be set to enable if the target instances are a part of a managed instance group + - name: MANAGED_INSTANCE_GROUP + value: 'disable' + + # Instance name of the target vm instance(s) + # Multiple instance names can be provided as comma separated values ex: instance1,instance2 + - name: VM_INSTANCE_NAMES + value: '' + + # GCP project ID to which the vm instances belong + - name: GCP_PROJECT_ID + value: '' + + # Instance zone(s) of the target vm instance(s) + # If more than one instance is targetted, provide zone for each in the order of their + # respective instance name in VM_INSTANCE_NAME as comma separated values ex: zone1,zone2 + - name: INSTANCE_ZONES + value: '' + + labels: + name: gcp-vm-instance-stop + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/gcp/gcp-vm-instance-stop/gcp-vm-instance-stop.chartserviceversion.yaml b/experiments/gcp/gcp-vm-instance-stop/gcp-vm-instance-stop.chartserviceversion.yaml new file mode 100644 index 0000000..6b8aab2 --- /dev/null +++ b/experiments/gcp/gcp-vm-instance-stop/gcp-vm-instance-stop.chartserviceversion.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: gcp-vm-instance-stop + version: 0.1.0 + annotations: + categories: gcp +spec: + displayName: gcp-vm-instance-stop + categoryDescription: > + Stops GCP VM instances and GKE nodes for a specified duration and later restarts them + keywords: + - "VM" + - "GCP" + platforms: + - "GCP" + maturity: alpha + maintainers: + - name: Neelanjan Manna + email: neelanjan@chaosnative.com + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/gcp/gcp-vm-instance-stop/ + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/gcp/gcp-vm-instance-stop/experiment.yaml diff --git a/experiments/gcp/gcp-vm-instance-stop/rbac.yaml b/experiments/gcp/gcp-vm-instance-stop/rbac.yaml new file mode 100644 index 0000000..0592ea9 --- /dev/null +++ b/experiments/gcp/gcp-vm-instance-stop/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gcp-vm-instance-stop-sa + namespace: default + labels: + name: gcp-vm-instance-stop-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gcp-vm-instance-stop-sa + labels: + name: gcp-vm-instance-stop-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: gcp-vm-instance-stop-sa + labels: + name: gcp-vm-instance-stop-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gcp-vm-instance-stop-sa +subjects: +- kind: ServiceAccount + name: gcp-vm-instance-stop-sa + namespace: default \ No newline at end of file diff --git a/experiments/gcp/gcp.chartserviceversion.yaml b/experiments/gcp/gcp.chartserviceversion.yaml new file mode 100644 index 0000000..ed3d603 --- /dev/null +++ b/experiments/gcp/gcp.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: gcp + version: 0.1.0 + annotations: + categories: gcp +spec: + displayName: gcp chaos + categoryDescription: > + GCP contains chaos to disrupt state of gcp resources running part of the gcp services + experiments: + - name: gcp-vm-instance-stop + description: "" + - name: gcp-vm-disk-loss + description: "" + - name: gcp-vm-instance-stop-by-label + description: "" + - name: gcp-vm-disk-loss-by-label + description: "" + keywords: + - "VM" + - "Disk" + - "GCP" + - "Infra" + maintainers: + - name: Neelanjan Manna + email: neelanjan.manna@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + links: + - name: GCP Website + url: https://cloud.google.com/ + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/contents/#cloud-infrastructure + - name: Community Slack + url: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/gcp/experiments.yaml diff --git a/experiments/gcp/gcp.package.yaml b/experiments/gcp/gcp.package.yaml new file mode 100644 index 0000000..28c1b33 --- /dev/null +++ b/experiments/gcp/gcp.package.yaml @@ -0,0 +1,14 @@ +packageName: gcp +experiments: + - name: gcp-vm-instance-stop + CSV: gcp-vm-instance-stop.chartserviceversion.yaml + desc: "gcp-vm-instance-stop" + - name: gcp-vm-disk-loss + CSV: gcp-vm-disk-loss.chartserviceversion.yaml + desc: "gcp-vm-disk-loss" + - name: gcp-vm-instance-stop-by-label + CSV: gcp-vm-instance-stop-by-label.chartserviceversion.yaml + desc: "gcp-vm-instance-stop-by-label" + - name: gcp-vm-disk-loss-by-label + CSV: gcp-vm-disk-loss-by-label.chartserviceversion.yaml + desc: "gcp-vm-disk-loss-by-label" diff --git a/experiments/gcp/icons/gcp-vm-disk-loss-by-label.png b/experiments/gcp/icons/gcp-vm-disk-loss-by-label.png new file mode 100644 index 0000000..1b1b94c Binary files /dev/null and b/experiments/gcp/icons/gcp-vm-disk-loss-by-label.png differ diff --git a/experiments/gcp/icons/gcp-vm-disk-loss.png b/experiments/gcp/icons/gcp-vm-disk-loss.png new file mode 100644 index 0000000..1b1b94c Binary files /dev/null and b/experiments/gcp/icons/gcp-vm-disk-loss.png differ diff --git a/experiments/gcp/icons/gcp-vm-instance-stop-by-label.png b/experiments/gcp/icons/gcp-vm-instance-stop-by-label.png new file mode 100644 index 0000000..9f1b90f Binary files /dev/null and b/experiments/gcp/icons/gcp-vm-instance-stop-by-label.png differ diff --git a/experiments/gcp/icons/gcp-vm-instance-stop.png b/experiments/gcp/icons/gcp-vm-instance-stop.png new file mode 100644 index 0000000..9f1b90f Binary files /dev/null and b/experiments/gcp/icons/gcp-vm-instance-stop.png differ diff --git a/experiments/gcp/icons/gcp.png b/experiments/gcp/icons/gcp.png new file mode 100644 index 0000000..577f8ba Binary files /dev/null and b/experiments/gcp/icons/gcp.png differ diff --git a/experiments/generic/container-kill/container-kill.chartserviceversion.yaml b/experiments/generic/container-kill/container-kill.chartserviceversion.yaml new file mode 100644 index 0000000..14db31c --- /dev/null +++ b/experiments/generic/container-kill/container-kill.chartserviceversion.yaml @@ -0,0 +1,48 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-10-15T10:28:08Z + name: container-kill + version: 0.1.13 + annotations: + categories: "Kubernetes" + vendor: "CNCF" + support: https://slack.openebs.io/ +spec: + displayName: container-kill + categoryDescription: | + Container kill contains chaos to disrupt state of kubernetes resources. Experiments can inject random container delete failures against specified application. + - Executes SIGKILL on containers of random replicas of an application deployment. + - Tests deployment sanity (replica availability & uninterrupted service) and recovery workflows of the application pod. + keywords: + - Kubernetes + - K8S + - Pod + - Container + platforms: + - GKE + - Minikube + - Packet(Kubeadm) + - EKS + - AKS + maturity: alpha + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/container-kill + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/container-kill/ + - name: Video + url: https://www.youtube.com/watch?v=XKyMNdVsKMo + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/container-kill/experiment.yaml diff --git a/experiments/generic/container-kill/engine.yaml b/experiments/generic/container-kill/engine.yaml new file mode 100644 index 0000000..19ccab1 --- /dev/null +++ b/experiments/generic/container-kill/engine.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: container-kill-sa + experiments: + - name: container-kill + spec: + components: + env: + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_CONTAINER + value: '' + \ No newline at end of file diff --git a/experiments/generic/container-kill/engine_nginx_getstarted.yaml b/experiments/generic/container-kill/engine_nginx_getstarted.yaml new file mode 100644 index 0000000..1f98146 --- /dev/null +++ b/experiments/generic/container-kill/engine_nginx_getstarted.yaml @@ -0,0 +1,46 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: nginx +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'nginx' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: container-kill-sa + # It can be delete/retain + jobCleanUpPolicy: 'delete' + experiments: + - name: container-kill + spec: + components: + env: + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_CONTAINER + value: '' + \ No newline at end of file diff --git a/experiments/generic/container-kill/experiment.yaml b/experiments/generic/container-kill/experiment.yaml new file mode 100644 index 0000000..826a56e --- /dev/null +++ b/experiments/generic/container-kill/experiment.yaml @@ -0,0 +1,125 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: "Kills a container belonging to an application pod \n" +kind: ChaosExperiment +metadata: + name: container-kill + labels: + name: container-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name container-kill + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + - name: TARGET_PODS + value: '' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + - name: SIGNAL + value: 'SIGKILL' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: container-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/container-kill/rbac-psp.yaml b/experiments/generic/container-kill/rbac-psp.yaml new file mode 100644 index 0000000..12de772 --- /dev/null +++ b/experiments/generic/container-kill/rbac-psp.yaml @@ -0,0 +1,86 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: container-kill-sa + namespace: default + labels: + name: container-kill-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: container-kill-sa + namespace: default + labels: + name: container-kill-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: container-kill-sa + namespace: default + labels: + name: container-kill-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: container-kill-sa +subjects: +- kind: ServiceAccount + name: container-kill-sa + namespace: default + diff --git a/experiments/generic/container-kill/rbac.yaml b/experiments/generic/container-kill/rbac.yaml new file mode 100644 index 0000000..ccea310 --- /dev/null +++ b/experiments/generic/container-kill/rbac.yaml @@ -0,0 +1,81 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: container-kill-sa + namespace: default + labels: + name: container-kill-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: container-kill-sa + namespace: default + labels: + name: container-kill-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: container-kill-sa + namespace: default + labels: + name: container-kill-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: container-kill-sa +subjects: +- kind: ServiceAccount + name: container-kill-sa + namespace: default + diff --git a/experiments/generic/container-kill/rbac_nginx_getstarted.yaml b/experiments/generic/container-kill/rbac_nginx_getstarted.yaml new file mode 100644 index 0000000..461b164 --- /dev/null +++ b/experiments/generic/container-kill/rbac_nginx_getstarted.yaml @@ -0,0 +1,78 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: container-kill-sa + namespace: nginx + labels: + name: container-kill-sa +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: container-kill-sa + namespace: nginx + labels: + name: container-kill-sa +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: container-kill-sa + namespace: nginx + labels: + name: container-kill-sa +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: container-kill-sa +subjects: +- kind: ServiceAccount + name: container-kill-sa + namespace: nginx + diff --git a/experiments/generic/disk-fill/disk-fill.chartserviceversion.yaml b/experiments/generic/disk-fill/disk-fill.chartserviceversion.yaml new file mode 100644 index 0000000..e5b202c --- /dev/null +++ b/experiments/generic/disk-fill/disk-fill.chartserviceversion.yaml @@ -0,0 +1,48 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-11-11T10:28:08Z + name: disk-fill + version: 0.0.12 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: disk-fill + categoryDescription: | + Disk fill contains chaos to disrupt state of kubernetes resources. + - Causes (forced/graceful) Disk Stress by filling up the Ephemeral Storage of the Pod using one of it containers. + - Causes Pod to get Evicted if the Pod exceeds it Ephemeral Storage Limit. + - Tests the Ephemeral Storage Limits, to ensure those parameters are sufficient. + keywords: + - Kubernetes + - K8S + - Pod + - Disk + platforms: + - GKE + - EKS + - AKS + maturity: alpha + chaosType: infra + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/disk-fill + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/disk-fill/ + - name: Video + url: https://www.youtube.com/watch?v=pbok737rUPQ + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/disk-fill/experiment.yaml diff --git a/experiments/generic/disk-fill/engine.yaml b/experiments/generic/disk-fill/engine.yaml new file mode 100644 index 0000000..a7abecd --- /dev/null +++ b/experiments/generic/disk-fill/engine.yaml @@ -0,0 +1,34 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: disk-fill-sa + experiments: + - name: disk-fill + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + # specify the fill percentage according to the disk pressure required + - name: FILL_PERCENTAGE + value: '80' + + - name: PODS_AFFECTED_PERC + value: '' + + # Provide the container runtime path + # Default set to docker container path + - name: CONTAINER_PATH + value: '/var/lib/docker/containers' diff --git a/experiments/generic/disk-fill/experiment.yaml b/experiments/generic/disk-fill/experiment.yaml new file mode 100644 index 0000000..e1364c5 --- /dev/null +++ b/experiments/generic/disk-fill/experiment.yaml @@ -0,0 +1,125 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Fillup Ephemeral Storage of a Resource +kind: ChaosExperiment +metadata: + name: disk-fill + labels: + name: disk-fill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name disk-fill + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + - name: FILL_PERCENTAGE + value: '80' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # provide the data block size + # supported unit is KB + - name: DATA_BLOCK_SIZE + value: '256' + + - name: TARGET_PODS + value: '' + + - name: EPHEMERAL_STORAGE_MEBIBYTES + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # Provide the container runtime path + # Default set to docker container path + - name: CONTAINER_PATH + value: '/var/lib/docker/containers' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: disk-fill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/host-path-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/disk-fill/rbac-psp.yaml b/experiments/generic/disk-fill/rbac-psp.yaml new file mode 100644 index 0000000..e7aa880 --- /dev/null +++ b/experiments/generic/disk-fill/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: disk-fill-sa + namespace: default + labels: + name: disk-fill-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: disk-fill-sa + namespace: default + labels: + name: disk-fill-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: disk-fill-sa + namespace: default + labels: + name: disk-fill-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: disk-fill-sa +subjects: +- kind: ServiceAccount + name: disk-fill-sa + namespace: default diff --git a/experiments/generic/disk-fill/rbac.yaml b/experiments/generic/disk-fill/rbac.yaml new file mode 100644 index 0000000..37a9d9a --- /dev/null +++ b/experiments/generic/disk-fill/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: disk-fill-sa + namespace: default + labels: + name: disk-fill-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: disk-fill-sa + namespace: default + labels: + name: disk-fill-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: disk-fill-sa + namespace: default + labels: + name: disk-fill-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: disk-fill-sa +subjects: +- kind: ServiceAccount + name: disk-fill-sa + namespace: default diff --git a/experiments/generic/docker-service-kill/docker-service-kill.chartserviceversion.yaml b/experiments/generic/docker-service-kill/docker-service-kill.chartserviceversion.yaml new file mode 100644 index 0000000..0f629dd --- /dev/null +++ b/experiments/generic/docker-service-kill/docker-service-kill.chartserviceversion.yaml @@ -0,0 +1,47 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-07-14T10:28:08Z + name: docker-service-kill + version: 0.1.1 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: docker-service-kill + categoryDescription: | + docker-service-kill contains killing docker service gracefully for a certain chaos duration. + - Causes replicas may be evicted or becomes unreachable on account on nodes turning unschedulable (Not Ready) due to docker service kill. + - The application node should be healthy once chaos is stopped and the services are reaccessable. + keywords: + - Kubernetes + - K8S + - Node + - Service + - Docker + platforms: + - GKE + - AKS + maturity: alpha + maintainers: + - name: Ankur Ghosh + email: ankur.ghosh3@wipro.com + minKubeVersion: 1.12.0 + provider: + name: Wipro + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/docker-service-kill + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/docker-service-kill/ + - name: Video + url: + + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/docker-service-kill/experiment.yaml diff --git a/experiments/generic/docker-service-kill/engine.yaml b/experiments/generic/docker-service-kill/engine.yaml new file mode 100644 index 0000000..cfc1d1a --- /dev/null +++ b/experiments/generic/docker-service-kill/engine.yaml @@ -0,0 +1,23 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + auxiliaryAppInfo: '' + chaosServiceAccount: docker-service-kill-sa + experiments: + - name: docker-service-kill + spec: + components: + # nodeSelector: + # # provide the node labels + # kubernetes.io/hostname: 'node02' + env: + - name: TOTAL_CHAOS_DURATION + value: '90' # in seconds + + - name: TARGET_NODE + value: '' \ No newline at end of file diff --git a/experiments/generic/docker-service-kill/experiment.yaml b/experiments/generic/docker-service-kill/experiment.yaml new file mode 100644 index 0000000..056f9a6 --- /dev/null +++ b/experiments/generic/docker-service-kill/experiment.yaml @@ -0,0 +1,85 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kills the docker service on the application node to check the resiliency. +kind: ChaosExperiment +metadata: + name: docker-service-kill + labels: + name: docker-service-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name docker-service-kill + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '90' # in seconds + + # Period to wait before injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: LIB + value: 'litmus' + + - name: NODE_LABEL + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'ubuntu:16.04' + + # provide the target node name + - name: TARGET_NODE + value: '' + + labels: + name: docker-service-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/service-kill: "true" + app.kubernetes.io/version: latest + diff --git a/experiments/generic/docker-service-kill/rbac-psp.yaml b/experiments/generic/docker-service-kill/rbac-psp.yaml new file mode 100644 index 0000000..cc1c8a9 --- /dev/null +++ b/experiments/generic/docker-service-kill/rbac-psp.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: docker-service-kill-sa + namespace: default + labels: + name: docker-service-kill-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: docker-service-kill-sa + labels: + name: docker-service-kill-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: docker-service-kill-sa + labels: + name: docker-service-kill-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: docker-service-kill-sa +subjects: +- kind: ServiceAccount + name: docker-service-kill-sa + namespace: default diff --git a/experiments/generic/docker-service-kill/rbac.yaml b/experiments/generic/docker-service-kill/rbac.yaml new file mode 100644 index 0000000..1972a97 --- /dev/null +++ b/experiments/generic/docker-service-kill/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: docker-service-kill-sa + namespace: default + labels: + name: docker-service-kill-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: docker-service-kill-sa + labels: + name: docker-service-kill-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: docker-service-kill-sa + labels: + name: docker-service-kill-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: docker-service-kill-sa +subjects: +- kind: ServiceAccount + name: docker-service-kill-sa + namespace: default diff --git a/experiments/generic/experiments.yaml b/experiments/generic/experiments.yaml new file mode 100644 index 0000000..1023276 --- /dev/null +++ b/experiments/generic/experiments.yaml @@ -0,0 +1,2959 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects network packet loss on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-network-loss + labels: + name: pod-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-loss + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: NETWORK_INTERFACE + value: 'eth0' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_PACKET_LOSS_PERCENTAGE + value: '100' #in PERCENTAGE + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # ime period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # it can be litmus or pumba + - name: LIB + value: 'litmus' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + IO stress on a app pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-io-stress + labels: + name: pod-io-stress + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-io-stress + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## specify the size as percentage of free space on the file system + ## default value 90 (in percentage) + - name: FILESYSTEM_UTILIZATION_PERCENTAGE + value: '10' + + ## we can specify the size in Gigabyte (Gb) also in place of percentage of free space + ## NOTE: for selecting this option FILESYSTEM_UTILIZATION_PERCENTAGE should be empty + - name: FILESYSTEM_UTILIZATION_BYTES + value: '' + + ## Total number of workers default value is 4 + - name: NUMBER_OF_WORKERS + value: '4' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + # provide volume mount path + - name: VOLUME_MOUNT_PATH + value: '' + + ## specify the comma separated target pods + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Provide the LIB here + # support litmus and pumba + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-io-stress + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Pod DNS Error injects dns failure/error in target pod containers +kind: ChaosExperiment +metadata: + name: pod-dns-error + labels: + name: pod-dns-error + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name pod-dns-error + command: + - /bin/bash + env: + - name: TARGET_CONTAINER + value: "" + + # provide lib image + - name: LIB_IMAGE + value: "litmuschaos/go-runner:latest" + + - name: TOTAL_CHAOS_DURATION + value: "60" # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: "" + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: "" + + - name: TARGET_PODS + value: "" + + # provide the name of container runtime, it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: "docker" + + # provide the socket file path + - name: SOCKET_PATH + value: "/var/run/docker.sock" + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: "parallel" + + # list of the target hostnames or kewywords eg. '["litmuschaos","chaosnative.io"]' . If empty all hostnames are targets + - name: TARGET_HOSTNAMES + value: "" + + # can be either exact or substring, determines whether the dns query has to match exactly with one of the targets or can have any of the targets as substring + - name: MATCH_SCHEME + value: "exact" + + labels: + experiment: pod-dns-error + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Give a memory hog on a node belonging to a deployment +kind: ChaosExperiment +metadata: + name: node-memory-hog + labels: + name: node-memory-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-memory-hog + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## Specify the size as percent of total node capacity Ex: '30' + ## NOTE: for selecting this option keep MEMORY_CONSUMPTION_MEBIBYTES empty + - name: MEMORY_CONSUMPTION_PERCENTAGE + value: '' + + ## Specify the amount of memory to be consumed in mebibytes + ## NOTE: for selecting this option keep MEMORY_CONSUMPTION_PERCENTAGE empty + - name: MEMORY_CONSUMPTION_MEBIBYTES + value: '' + + - name: NUMBER_OF_WORKERS + value: '1' + + # ENTER THE COMMA SEPARATED TARGET NODES NAME + - name: TARGET_NODES + value: '' + + - name: NODE_LABEL + value: '' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + ## it defines the sequence of chaos execution for multiple target nodes + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: node-memory-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: "Kills a container belonging to an application pod \n" +kind: ChaosExperiment +metadata: + name: container-kill + labels: + name: container-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name container-kill + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + - name: TARGET_PODS + value: '' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + - name: SIGNAL + value: 'SIGKILL' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: container-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Inject network packet corruption into application pod +kind: ChaosExperiment +metadata: + name: pod-network-corruption + labels: + name: pod-network-corruption + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-corruption + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: NETWORK_INTERFACE + value: 'eth0' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_PACKET_CORRUPTION_PERCENTAGE + value: '100' #in PERCENTAGE + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-network-corruption + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects cpu consumption on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-cpu-hog-exec + labels: + name: pod-cpu-hog-exec + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-cpu-hog-exec + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## Number of CPU cores to stress + - name: CPU_CORES + value: '1' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus + - name: LIB + value: 'litmus' + + # The command to kill the chaos process + - name: CHAOS_KILL_COMMAND + value: "kill $(find /proc -name exe -lname '*/md5sum' 2>&1 | grep -v 'Permission denied' | awk -F/ '{print $(NF-1)}')" + + - name: TARGET_PODS + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-cpu-hog-exec + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Fillup Ephemeral Storage of a Resource +kind: ChaosExperiment +metadata: + name: disk-fill + labels: + name: disk-fill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name disk-fill + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + - name: FILL_PERCENTAGE + value: '80' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # provide the data block size + # supported unit is KB + - name: DATA_BLOCK_SIZE + value: '256' + + - name: TARGET_PODS + value: '' + + - name: EPHEMERAL_STORAGE_MEBIBYTES + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # Provide the container runtime path + # Default set to docker container path + - name: CONTAINER_PATH + value: '/var/lib/docker/containers' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: disk-fill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/host-path-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kills the docker service on the application node to check the resiliency. +kind: ChaosExperiment +metadata: + name: docker-service-kill + labels: + name: docker-service-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name docker-service-kill + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '90' # in seconds + + # Period to wait before injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: LIB + value: 'litmus' + + - name: NODE_LABEL + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'ubuntu:16.04' + + # provide the target node name + - name: TARGET_NODE + value: '' + + labels: + name: docker-service-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/service-kill: "true" + app.kubernetes.io/version: latest + + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects http request latency on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-http-latency + labels: + name: pod-http-latency + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-latency + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: LATENCY + value: '2000' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-latency + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kills the kubelet service on the application node to check the resiliency. +kind: ChaosExperiment +metadata: + name: kubelet-service-kill + labels: + name: kubelet-service-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name kubelet-service-kill + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: LIB + value: 'litmus' + + - name: NODE_LABEL + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'ubuntu:16.04' + + # provide the target node name + - name: TARGET_NODE + value: '' + + labels: + name: kubelet-service-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/service-kill: "true" + app.kubernetes.io/version: latest + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects memory consumption on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-memory-hog-exec + labels: + name: pod-memory-hog-exec + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-memory-hog-exec + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## enter the amount of memory in megabytes to be consumed by the application pod + - name: MEMORY_CONSUMPTION + value: '500' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus + - name: LIB + value: 'litmus' + + # The command to kill the chaos process + - name: CHAOS_KILL_COMMAND + value: "kill $(find /proc -name exe -lname '*/dd' 2>&1 | grep -v 'Permission denied' | awk -F/ '{print $(NF-1)}' | head -n 1)" + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + - name: TARGET_PODS + value: '' + + labels: + name: pod-memory-hog-exec + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects 100% network packet loss on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-network-partition + labels: + name: pod-network-partition + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # performs CRUD operations on the network policies + - apiGroups: ["networking.k8s.io"] + resources: ["networkpolicies"] + verbs: ["create","delete","list","get"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-partition + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # ime period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # it should be litmus + - name: LIB + value: 'litmus' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide network policy type + # support ingress, egress, all values + - name: POLICY_TYPES + value: 'all' + + # provide labels of the destination pods + - name: POD_SELECTOR + value: '' + + # provide labels the destination namespaces + - name: NAMESPACE_SELECTOR + value: '' + + # provide comma separated ports + - name: PORTS + value: '' + + labels: + name: pod-network-partition + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Scale the application replicas and test the node autoscaling on cluster +kind: ChaosExperiment +metadata: + name: pod-autoscaler + labels: + name: pod-autoscaler + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # performs CRUD operations on the deployments and statefulsets + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get","patch","update"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-autoscaler + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Number of replicas to scale + - name: REPLICA_COUNT + value: '5' + + # PROVIDE THE LIB HERE + # ONLY LITMUS SUPPORTED + - name: LIB + value: 'litmus' + + labels: + name: pod-autoscaler + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + poweroff node +kind: ChaosExperiment +metadata: + name: node-poweroff + labels: + name: node-poweroff + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps","secrets"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-restart + command: + - /bin/bash + env: + - name: SSH_USER + value: 'root' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: REBOOT_COMMAND + value: '-o ServerAliveInterval=1 -o ServerAliveCountMax=1 "sudo systemctl poweroff --force --force" ; true' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # PROVIDE THE LIB HERE + # ONLY LITMUS SUPPORTED + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: "litmuschaos/go-runner:latest" + + # ENTER THE TARGET NODE NAME + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + # ENTER THE TARGET NODE IP + - name: TARGET_NODE_IP + value: '' + + labels: + name: node-poweroff + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: id-rsa + mountPath: /mnt/ + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Taint the node where application pod is scheduled +kind: ChaosExperiment +metadata: + name: node-taint + labels: + name: node-taint + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch","update"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-taint + command: + - /bin/bash + env: + + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # set taint label & effect + # key=value:effect or key:effect + - name: TAINTS + value: '' + + labels: + name: node-taint + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects cpu consumption on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-cpu-hog + labels: + name: pod-cpu-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-cpu-hog + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## Number of CPU cores to stress + - name: CPU_CORES + value: '1' + + ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. + ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING + - name: CPU_LOAD + value: '100' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus, pumba + - name: LIB + value: 'litmus' + + ## It is used in pumba lib only + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## It is used in pumba lib only + - name: STRESS_IMAGE + value: 'alexeiled/stress-ng:latest-ubuntu' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-cpu-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects network packet duplication on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-network-duplication + labels: + name: pod-network-duplication + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-duplication + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: RAMP_TIME + value: '' + + - name: TARGET_CONTAINER + value: '' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_INTERFACE + value: 'eth0' + + - name: NETWORK_PACKET_DUPLICATION_PERCENTAGE + value: '100' # in percentage + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-network-duplication + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Give a cpu spike on a node belonging to a deployment +kind: ChaosExperiment +metadata: + name: node-cpu-hog + labels: + name: node-cpu-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-cpu-hog + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## ENTER THE NUMBER OF CORES OF CPU FOR CPU HOGGING + ## OPTIONAL VALUE IN CASE OF EMPTY VALUE IT WILL TAKE NODE CPU CAPACITY + - name: NODE_CPU_CORE + value: '' + + ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. + ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING + - name: CPU_LOAD + value: '100' + + # ENTER THE COMMA SEPARATED TARGET NODES NAME + - name: TARGET_NODES + value: '' + + - name: NODE_LABEL + value: '' + + # PROVIDE THE LIB HERE + # ONLY LITMUS SUPPORTED + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + ## it defines the sequence of chaos execution for multiple target nodes + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: node-cpu-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects network latency on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-network-latency + labels: + name: pod-network-latency + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-latency + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + - name: NETWORK_INTERFACE + value: 'eth0' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_LATENCY + value: '2000' #in ms + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: JITTER + value: '0' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-network-latency + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Give IO disk stress on a node belonging to a deployment +kind: ChaosExperiment +metadata: + name: node-io-stress + labels: + name: node-io-stress + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-io-stress + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## specify the size as percentage of free space on the file system + ## default value 90 (in percentage) + - name: FILESYSTEM_UTILIZATION_PERCENTAGE + value: '10' + + ## we can specify the size in Gigabyte (Gb) also in place of percentage of free space + ## NOTE: for selecting this option FILESYSTEM_UTILIZATION_PERCENTAGE should be empty + - name: FILESYSTEM_UTILIZATION_BYTES + value: '' + + ## Number of core of CPU + - name: CPU + value: '1' + + ## Total number of workers default value is 4 + - name: NUMBER_OF_WORKERS + value: '4' + + ## Total number of vm workers + - name: VM_WORKERS + value: '1' + + ## enter the comma separated target nodes name + - name: TARGET_NODES + value: '' + + - name: NODE_LABEL + value: '' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + ## it defines the sequence of chaos execution for multiple target nodes + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: node-io-stress + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Pod DNS Spoof can spoof particular dns requests in target pod container to desired target hostnames +kind: ChaosExperiment +metadata: + name: pod-dns-spoof + labels: + name: pod-dns-spoof + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name pod-dns-spoof + command: + - /bin/bash + env: + - name: TARGET_CONTAINER + value: "" + + # provide lib image + - name: LIB_IMAGE + value: "litmuschaos/go-runner:latest" + + - name: TOTAL_CHAOS_DURATION + value: "60" # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: "" + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: "" + + - name: TARGET_PODS + value: "" + + # provide the name of container runtime, it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: "docker" + + # provide the socket file path + - name: SOCKET_PATH + value: "/var/run/docker.sock" + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: "parallel" + + # map of the target hostnames eg. '{"abc.com":"spoofabc.com"}' . If empty no queries will be spoofed + - name: SPOOF_MAP + value: "" + + labels: + experiment: pod-dns-spoof + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes a pod belonging to a deployment/statefulset/daemonset +kind: ChaosExperiment +metadata: + name: pod-delete + labels: + name: pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-delete + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '15' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: FORCE + value: 'true' + + - name: CHAOS_INTERVAL + value: '5' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: LIB + value: 'litmus' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects memory consumption on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-memory-hog + labels: + name: pod-memory-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-memory-hog + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## enter the amount of memory in megabytes to be consumed by the application pod + - name: MEMORY_CONSUMPTION + value: '500' + + ## Number of workers to perform stress + - name: NUMBER_OF_WORKERS + value: '1' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus, pumba + - name: LIB + value: 'litmus' + + ## It is used in pumba lib only + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## It is used in pumba lib only + - name: STRESS_IMAGE + value: 'alexeiled/stress-ng:latest-ubuntu' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + labels: + name: pod-memory-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Restart node +kind: ChaosExperiment +metadata: + name: node-restart + labels: + name: node-restart + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps","secrets"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-restart + command: + - /bin/bash + env: + - name: SSH_USER + value: 'root' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # PROVIDE THE LIB HERE + # ONLY LITMUS SUPPORTED + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: "litmuschaos/go-runner:latest" + + # ENTER THE TARGET NODE NAME + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + # ENTER THE TARGET NODE IP + - name: TARGET_NODE_IP + value: '' + + labels: + name: node-restart + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: id-rsa + mountPath: /mnt/ + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Drain the node where application pod is scheduled +kind: ChaosExperiment +metadata: + name: node-drain + labels: + name: node-drain + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-drain + command: + - /bin/bash + env: + + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + labels: + name: node-drain + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- diff --git a/experiments/generic/generic.chartserviceversion.yaml b/experiments/generic/generic.chartserviceversion.yaml new file mode 100644 index 0000000..fdb2047 --- /dev/null +++ b/experiments/generic/generic.chartserviceversion.yaml @@ -0,0 +1,101 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-09-26T10:28:08Z + name: generic + version: 0.1.16 + annotations: + categories: Kubernetes + chartDescription: Injects generic kubernetes chaos +spec: + displayName: Generic Chaos + categoryDescription: > + Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easier management and discovery. It will install all the experiments which can be used to inject chaos into containerized applications. + + experiments: + - name: pod-delete + description: "deletes a k8s pod" + - name: container-kill + description: "deletes a container in a k8s pod" + - name: pod-cpu-hog + description: "" + - name: pod-network-loss + description: "" + - name: pod-network-latency + description: "" + - name: pod-network-corruption + description: "" + - name: node-drain + description: "" + - name: node-cpu-hog + description: "" + - name: disk-fill + description: "" + - name: node-memory-hog + description: "" + - name: pod-memory-hog + description: "" + - name: kubelet-service-kill + description: "" + - name: pod-network-duplication + description: "" + - name: node-taint + description: "" + - name: docker-service-kill + description: "" + - name: pod-autoscaler + description: "" + - name: node-io-stress + description: "" + - name: pod-io-stress + description: "" + - name: node-restart + description: "" + - name: pod-dns-error + description: "" + - name: pod-dns-spoof + description: "" + - name: pod-cpu-hog-exec + description: "" + - name: pod-memory-hog-exec + description: "" + - name: pod-network-partition + description: "" + - name: pod-http-latency + description: "" + keywords: + - Kubernetes + - K8S + - Container + - Node + - Pod + - Disk + - IO + - Filesystem + - Network + - CPU + - Memory + - Stress + - Service + - DNS + - Scale + - Http + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: Kubernetes Website + url: https://kubernetes.io + - name: Source Code + url: https://github.com/kubernetes/kubernetes + - name: Kubernetes Slack + url: https://slack.kubernetes.io/ + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/contents/#generic + icon: + - url: https://raw.githubusercontent.com/litmuschaos/charthub.litmuschaos.io/master/public/litmus.ico + mediatype: image/png + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/experiments.yaml diff --git a/experiments/generic/generic.package.yaml b/experiments/generic/generic.package.yaml new file mode 100644 index 0000000..a26f3d2 --- /dev/null +++ b/experiments/generic/generic.package.yaml @@ -0,0 +1,77 @@ +packageName: generic +experiments: + - name: pod-delete + CSV: pod-delete.chartserviceversion.yaml + desc: "pod-delete" + - name: container-kill + CSV: container-kill.chartserviceversion.yaml + desc: "container-kill" + - name: pod-network-loss + CSV: pod-network-loss.chartserviceversion.yaml + desc: "Pod-network-loss" + - name: pod-network-latency + CSV: pod-network-latency.chartserviceversion.yaml + desc: "pod-network-latency" + - name: pod-cpu-hog + CSV: pod-cpu-hog.chartserviceversion.yaml + desc: "pod-cpu-hog" + - name: node-cpu-hog + CSV: node-cpu-hog.chartserviceversion.yaml + desc: "node-cpu-hog" + - name: disk-fill + CSV: disk-fill.chartserviceversion.yaml + desc: "disk-fill" + - name: node-drain + CSV: node-drain.chartserviceversion.yaml + desc: "node-drain" + - name: pod-network-corruption + CSV: pod-network-corruption.chartserviceversion.yaml + desc: "pod-network-corruption" + - name: node-memory-hog + CSV: node-memory-hog.chartserviceversion.yaml + desc: "node-memory-hog" + - name: pod-memory-hog + CSV: pod-memory-hog.chartserviceversion.yaml + desc: "pod-memory-hog" + - name: kubelet-service-kill + CSV: kubelet-service-kill.chartserviceversion.yaml + desc: "kubelet-service-kill" + - name: pod-network-duplication + CSV: pod-network-duplication.chartserviceversion.yaml + desc: "pod-network-duplication" + - name: node-taint + CSV: node-taint.chartserviceversion.yaml + desc: "node-taint" + - name: docker-service-kill + CSV: docker-service-kill.chartserviceversion.yaml + desc: "docker-service-kill" + - name: pod-autoscaler + CSV: pod-autoscaler.chartserviceversion.yaml + desc: "pod-autoscaler" + - name: node-io-stress + CSV: node-io-stress.chartserviceversion.yaml + desc: "node-io-stress" + - name: pod-io-stress + CSV: pod-io-stress.chartserviceversion.yaml + desc: "pod-io-stress" + - name: node-restart + CSV: node-restart.chartserviceversion.yaml + desc: "node-restart" + - name: pod-dns-error + CSV: pod-dns-error.chartserviceversion.yaml + desc: "pod-dns-error" + - name: pod-dns-spoof + CSV: pod-dns-spoof.chartserviceversion.yaml + desc: "pod-dns-spoof" + - name: pod-cpu-hog-exec + CSV: pod-cpu-hog-exec.chartserviceversion.yaml + desc: "pod-cpu-hog-exec" + - name: pod-memory-hog-exec + CSV: pod-memory-hog-exec.chartserviceversion.yaml + desc: "pod-memory-hog-exec" + - name: pod-network-partition + CSV: pod-network-partition.chartserviceversion.yaml + desc: "pod-network-partition" + - name: pod-http-latency + CSV: pod-http-latency.chartserviceversion.yaml + desc: "pod-http-latency" diff --git a/experiments/generic/icons/byoc-pod-delete.png b/experiments/generic/icons/byoc-pod-delete.png new file mode 100644 index 0000000..16aa7b4 Binary files /dev/null and b/experiments/generic/icons/byoc-pod-delete.png differ diff --git a/experiments/generic/icons/container-kill.png b/experiments/generic/icons/container-kill.png new file mode 100644 index 0000000..a7fb829 Binary files /dev/null and b/experiments/generic/icons/container-kill.png differ diff --git a/experiments/generic/icons/disk-fill.png b/experiments/generic/icons/disk-fill.png new file mode 100644 index 0000000..a0418ee Binary files /dev/null and b/experiments/generic/icons/disk-fill.png differ diff --git a/experiments/generic/icons/docker-service-kill.png b/experiments/generic/icons/docker-service-kill.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/docker-service-kill.png differ diff --git a/experiments/generic/icons/generic.png b/experiments/generic/icons/generic.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/generic.png differ diff --git a/experiments/generic/icons/kubelet-service-kill.png b/experiments/generic/icons/kubelet-service-kill.png new file mode 100644 index 0000000..6f9e54e Binary files /dev/null and b/experiments/generic/icons/kubelet-service-kill.png differ diff --git a/experiments/generic/icons/node-cpu-hog.png b/experiments/generic/icons/node-cpu-hog.png new file mode 100644 index 0000000..aa91993 Binary files /dev/null and b/experiments/generic/icons/node-cpu-hog.png differ diff --git a/experiments/generic/icons/node-drain.png b/experiments/generic/icons/node-drain.png new file mode 100644 index 0000000..35e8f31 Binary files /dev/null and b/experiments/generic/icons/node-drain.png differ diff --git a/experiments/generic/icons/node-io-stress.png b/experiments/generic/icons/node-io-stress.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/node-io-stress.png differ diff --git a/experiments/generic/icons/node-memory-hog.png b/experiments/generic/icons/node-memory-hog.png new file mode 100644 index 0000000..b50396f Binary files /dev/null and b/experiments/generic/icons/node-memory-hog.png differ diff --git a/experiments/generic/icons/node-restart.png b/experiments/generic/icons/node-restart.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/node-restart.png differ diff --git a/experiments/generic/icons/node-taint.png b/experiments/generic/icons/node-taint.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/node-taint.png differ diff --git a/experiments/generic/icons/pod-autoscaler.png b/experiments/generic/icons/pod-autoscaler.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-autoscaler.png differ diff --git a/experiments/generic/icons/pod-cpu-hog-exec.png b/experiments/generic/icons/pod-cpu-hog-exec.png new file mode 100644 index 0000000..c152ab5 Binary files /dev/null and b/experiments/generic/icons/pod-cpu-hog-exec.png differ diff --git a/experiments/generic/icons/pod-cpu-hog.png b/experiments/generic/icons/pod-cpu-hog.png new file mode 100644 index 0000000..c152ab5 Binary files /dev/null and b/experiments/generic/icons/pod-cpu-hog.png differ diff --git a/experiments/generic/icons/pod-delete.png b/experiments/generic/icons/pod-delete.png new file mode 100644 index 0000000..16aa7b4 Binary files /dev/null and b/experiments/generic/icons/pod-delete.png differ diff --git a/experiments/generic/icons/pod-dns-error.png b/experiments/generic/icons/pod-dns-error.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-dns-error.png differ diff --git a/experiments/generic/icons/pod-dns-spoof.png b/experiments/generic/icons/pod-dns-spoof.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-dns-spoof.png differ diff --git a/experiments/generic/icons/pod-http-latency.png b/experiments/generic/icons/pod-http-latency.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-http-latency.png differ diff --git a/experiments/generic/icons/pod-io-stress.png b/experiments/generic/icons/pod-io-stress.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-io-stress.png differ diff --git a/experiments/generic/icons/pod-memory-hog-exec.png b/experiments/generic/icons/pod-memory-hog-exec.png new file mode 100644 index 0000000..e49a468 Binary files /dev/null and b/experiments/generic/icons/pod-memory-hog-exec.png differ diff --git a/experiments/generic/icons/pod-memory-hog.png b/experiments/generic/icons/pod-memory-hog.png new file mode 100644 index 0000000..e49a468 Binary files /dev/null and b/experiments/generic/icons/pod-memory-hog.png differ diff --git a/experiments/generic/icons/pod-network-corruption.png b/experiments/generic/icons/pod-network-corruption.png new file mode 100644 index 0000000..719a526 Binary files /dev/null and b/experiments/generic/icons/pod-network-corruption.png differ diff --git a/experiments/generic/icons/pod-network-duplication.png b/experiments/generic/icons/pod-network-duplication.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-network-duplication.png differ diff --git a/experiments/generic/icons/pod-network-latency.png b/experiments/generic/icons/pod-network-latency.png new file mode 100644 index 0000000..9f34798 Binary files /dev/null and b/experiments/generic/icons/pod-network-latency.png differ diff --git a/experiments/generic/icons/pod-network-loss.png b/experiments/generic/icons/pod-network-loss.png new file mode 100644 index 0000000..5826e28 Binary files /dev/null and b/experiments/generic/icons/pod-network-loss.png differ diff --git a/experiments/generic/icons/pod-network-partition.png b/experiments/generic/icons/pod-network-partition.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-network-partition.png differ diff --git a/experiments/generic/kubelet-service-kill/engine.yaml b/experiments/generic/kubelet-service-kill/engine.yaml new file mode 100644 index 0000000..5ebc548 --- /dev/null +++ b/experiments/generic/kubelet-service-kill/engine.yaml @@ -0,0 +1,25 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: kubelet-service-kill-sa + experiments: + - name: kubelet-service-kill + spec: + components: + # nodeSelector: + # # provide the node labels + # kubernetes.io/hostname: 'node02' + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # provide the target node name + - name: TARGET_NODE + value: '' diff --git a/experiments/generic/kubelet-service-kill/experiment.yaml b/experiments/generic/kubelet-service-kill/experiment.yaml new file mode 100644 index 0000000..5f86d74 --- /dev/null +++ b/experiments/generic/kubelet-service-kill/experiment.yaml @@ -0,0 +1,84 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kills the kubelet service on the application node to check the resiliency. +kind: ChaosExperiment +metadata: + name: kubelet-service-kill + labels: + name: kubelet-service-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name kubelet-service-kill + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: LIB + value: 'litmus' + + - name: NODE_LABEL + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'ubuntu:16.04' + + # provide the target node name + - name: TARGET_NODE + value: '' + + labels: + name: kubelet-service-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/service-kill: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/kubelet-service-kill/kubelet-service-kill.chartserviceversion.yaml b/experiments/generic/kubelet-service-kill/kubelet-service-kill.chartserviceversion.yaml new file mode 100644 index 0000000..65f3032 --- /dev/null +++ b/experiments/generic/kubelet-service-kill/kubelet-service-kill.chartserviceversion.yaml @@ -0,0 +1,50 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-06-13T10:28:08Z + name: kubelet-service-kill + version: 0.1.3 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: kubelet-service-kill + categoryDescription: | + kubelet-service-kill contains killing kubelet service gracefully for a certain chaos duration. + - Causes replicas may be evicted or becomes unreachable on account on nodes turning unschedulable (Not Ready) due to kubelet service kill. + - The application node should be healthy once chaos is stopped and the services are reaccessable. + + keywords: + - Kubernetes + - K8S + - Kubelet + - Node + - Service + platforms: + - GKE + - Packet(Kubeadm) + - Minikube + - EKS + - AKS + maturity: alpha + maintainers: + - name: Udit Gaurav + email: udit.gaurav@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/kubelet-service-kill + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/kubelet-service-kill/ + - name: Video + url: + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/kubelet-service-kill/experiment.yaml diff --git a/experiments/generic/kubelet-service-kill/rbac-psp.yaml b/experiments/generic/kubelet-service-kill/rbac-psp.yaml new file mode 100644 index 0000000..fb2dac3 --- /dev/null +++ b/experiments/generic/kubelet-service-kill/rbac-psp.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kubelet-service-kill-sa + namespace: default + labels: + name: kubelet-service-kill-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubelet-service-kill-sa + labels: + name: kubelet-service-kill-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubelet-service-kill-sa + labels: + name: kubelet-service-kill-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubelet-service-kill-sa +subjects: +- kind: ServiceAccount + name: kubelet-service-kill-sa + namespace: default diff --git a/experiments/generic/kubelet-service-kill/rbac.yaml b/experiments/generic/kubelet-service-kill/rbac.yaml new file mode 100644 index 0000000..4840f37 --- /dev/null +++ b/experiments/generic/kubelet-service-kill/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kubelet-service-kill-sa + namespace: default + labels: + name: kubelet-service-kill-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubelet-service-kill-sa + labels: + name: kubelet-service-kill-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubelet-service-kill-sa + labels: + name: kubelet-service-kill-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubelet-service-kill-sa +subjects: +- kind: ServiceAccount + name: kubelet-service-kill-sa + namespace: default diff --git a/experiments/generic/node-cpu-hog/engine.yaml b/experiments/generic/node-cpu-hog/engine.yaml new file mode 100644 index 0000000..85f754f --- /dev/null +++ b/experiments/generic/node-cpu-hog/engine.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: node-cpu-hog-sa + experiments: + - name: node-cpu-hog + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## ENTER THE NUMBER OF CORES OF CPU FOR CPU HOGGING + ## OPTIONAL VALUE IN CASE OF EMPTY VALUE IT WILL TAKE NODE CPU CAPACITY + - name: NODE_CPU_CORE + value: '1' + + ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. + ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING + - name: CPU_LOAD + value: '0' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + # provide the comma separated target node names + - name: TARGET_NODES + value: '' diff --git a/experiments/generic/node-cpu-hog/experiment.yaml b/experiments/generic/node-cpu-hog/experiment.yaml new file mode 100644 index 0000000..c0a85dd --- /dev/null +++ b/experiments/generic/node-cpu-hog/experiment.yaml @@ -0,0 +1,104 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Give a cpu spike on a node belonging to a deployment +kind: ChaosExperiment +metadata: + name: node-cpu-hog + labels: + name: node-cpu-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-cpu-hog + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## ENTER THE NUMBER OF CORES OF CPU FOR CPU HOGGING + ## OPTIONAL VALUE IN CASE OF EMPTY VALUE IT WILL TAKE NODE CPU CAPACITY + - name: NODE_CPU_CORE + value: '' + + ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. + ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING + - name: CPU_LOAD + value: '100' + + # ENTER THE COMMA SEPARATED TARGET NODES NAME + - name: TARGET_NODES + value: '' + + - name: NODE_LABEL + value: '' + + # PROVIDE THE LIB HERE + # ONLY LITMUS SUPPORTED + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + ## it defines the sequence of chaos execution for multiple target nodes + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: node-cpu-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/node-cpu-hog/node-cpu-hog.chartserviceversion.yaml b/experiments/generic/node-cpu-hog/node-cpu-hog.chartserviceversion.yaml new file mode 100644 index 0000000..f479b53 --- /dev/null +++ b/experiments/generic/node-cpu-hog/node-cpu-hog.chartserviceversion.yaml @@ -0,0 +1,50 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-01-28T10:28:08Z + name: node-cpu-hog + version: 0.0.15 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: node-cpu-hog + categoryDescription: | + Node CPU hog contains chaos to disrupt the state of Kubernetes resources. Experiments can inject a CPU spike on a node where the application pod is scheduled. + - CPU hog on a particular node where the application deployment is available. + - After test, the recovery should be manual for the application pod and node in case they are not in an appropriate state. + keywords: + - Kubernetes + - K8S + - CPU + - Node + platforms: + - GKE + - EKS + - AKS + - Kind + - Rancher + - OpenShift(OKD) + maturity: alpha + chaosType: infra + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/node-cpu-hog + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/node-cpu-hog/ + - name: Video + url: https://www.youtube.com/watch?v=jpJttftsZqA + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/node-cpu-hog/experiment.yaml diff --git a/experiments/generic/node-cpu-hog/rbac-psp.yaml b/experiments/generic/node-cpu-hog/rbac-psp.yaml new file mode 100644 index 0000000..4ae8ce7 --- /dev/null +++ b/experiments/generic/node-cpu-hog/rbac-psp.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-cpu-hog-sa + namespace: default + labels: + name: node-cpu-hog-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-cpu-hog-sa + labels: + name: node-cpu-hog-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-cpu-hog-sa + labels: + name: node-cpu-hog-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-cpu-hog-sa +subjects: +- kind: ServiceAccount + name: node-cpu-hog-sa + namespace: default diff --git a/experiments/generic/node-cpu-hog/rbac.yaml b/experiments/generic/node-cpu-hog/rbac.yaml new file mode 100644 index 0000000..40e88cd --- /dev/null +++ b/experiments/generic/node-cpu-hog/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-cpu-hog-sa + namespace: default + labels: + name: node-cpu-hog-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-cpu-hog-sa + labels: + name: node-cpu-hog-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-cpu-hog-sa + labels: + name: node-cpu-hog-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-cpu-hog-sa +subjects: +- kind: ServiceAccount + name: node-cpu-hog-sa + namespace: default diff --git a/experiments/generic/node-drain/engine.yaml b/experiments/generic/node-drain/engine.yaml new file mode 100644 index 0000000..65a4216 --- /dev/null +++ b/experiments/generic/node-drain/engine.yaml @@ -0,0 +1,26 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: node-drain-sa + experiments: + - name: node-drain + spec: + components: + # nodeSelector: + # # provide the node labels + # kubernetes.io/hostname: 'node02' + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + # enter the target node name + - name: TARGET_NODE + value: '' + \ No newline at end of file diff --git a/experiments/generic/node-drain/experiment.yaml b/experiments/generic/node-drain/experiment.yaml new file mode 100644 index 0000000..8834d1d --- /dev/null +++ b/experiments/generic/node-drain/experiment.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Drain the node where application pod is scheduled +kind: ChaosExperiment +metadata: + name: node-drain + labels: + name: node-drain + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-drain + command: + - /bin/bash + env: + + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + labels: + name: node-drain + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/node-drain/node-drain.chartserviceversion.yaml b/experiments/generic/node-drain/node-drain.chartserviceversion.yaml new file mode 100644 index 0000000..9b513d9 --- /dev/null +++ b/experiments/generic/node-drain/node-drain.chartserviceversion.yaml @@ -0,0 +1,49 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-01-13T10:28:08Z + name: node-drain + version: 0.1.12 + annotations: + categories: Kubernetes + vendor: Mayadata + repository: https://github.com/litmuschaos/chaos-charts + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: node-drain + categoryDescription: > + Drain the node where application pod is scheduled + keywords: + - Kubernetes + - K8S + - Node + - Drain + platforms: + - GKE + - AWS(KOPS) + - Packet(Kubeadm) + - Konvoy + - EKS + - AKS + maturity: alpha + chaosType: infra + maintainers: + - name: shubham chaudhary + email: shubham.chaudhary@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/node-drain + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/node-drain/ + - name: Video + url: https://www.youtube.com/watch?v=LQVCZUQ4-ok + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/node-drain/experiment.yaml diff --git a/experiments/generic/node-drain/rbac-psp.yaml b/experiments/generic/node-drain/rbac-psp.yaml new file mode 100644 index 0000000..c1ddf8c --- /dev/null +++ b/experiments/generic/node-drain/rbac-psp.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-drain-sa + namespace: default + labels: + name: node-drain-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-drain-sa + labels: + name: node-drain-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-drain-sa + labels: + name: node-drain-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-drain-sa +subjects: +- kind: ServiceAccount + name: node-drain-sa + namespace: default diff --git a/experiments/generic/node-drain/rbac.yaml b/experiments/generic/node-drain/rbac.yaml new file mode 100644 index 0000000..e16cbd8 --- /dev/null +++ b/experiments/generic/node-drain/rbac.yaml @@ -0,0 +1,70 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-drain-sa + namespace: default + labels: + name: node-drain-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-drain-sa + labels: + name: node-drain-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-drain-sa + labels: + name: node-drain-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-drain-sa +subjects: +- kind: ServiceAccount + name: node-drain-sa + namespace: default diff --git a/experiments/generic/node-io-stress/engine.yaml b/experiments/generic/node-io-stress/engine.yaml new file mode 100644 index 0000000..938949f --- /dev/null +++ b/experiments/generic/node-io-stress/engine.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: node-io-stress-sa + experiments: + - name: node-io-stress + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## specify the size as percentage of free space on the file system + - name: FILESYSTEM_UTILIZATION_PERCENTAGE + value: '10' + + ## Number of core of CPU + - name: CPU + value: '1' + + ## Total number of workers default value is 4 + - name: NUMBER_OF_WORKERS + value: '4' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + # provide the comma separated target node names + - name: TARGET_NODES + value: '' diff --git a/experiments/generic/node-io-stress/experiment.yaml b/experiments/generic/node-io-stress/experiment.yaml new file mode 100644 index 0000000..0e46e7f --- /dev/null +++ b/experiments/generic/node-io-stress/experiment.yaml @@ -0,0 +1,116 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Give IO disk stress on a node belonging to a deployment +kind: ChaosExperiment +metadata: + name: node-io-stress + labels: + name: node-io-stress + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-io-stress + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## specify the size as percentage of free space on the file system + ## default value 90 (in percentage) + - name: FILESYSTEM_UTILIZATION_PERCENTAGE + value: '10' + + ## we can specify the size in Gigabyte (Gb) also in place of percentage of free space + ## NOTE: for selecting this option FILESYSTEM_UTILIZATION_PERCENTAGE should be empty + - name: FILESYSTEM_UTILIZATION_BYTES + value: '' + + ## Number of core of CPU + - name: CPU + value: '1' + + ## Total number of workers default value is 4 + - name: NUMBER_OF_WORKERS + value: '4' + + ## Total number of vm workers + - name: VM_WORKERS + value: '1' + + ## enter the comma separated target nodes name + - name: TARGET_NODES + value: '' + + - name: NODE_LABEL + value: '' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + ## it defines the sequence of chaos execution for multiple target nodes + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: node-io-stress + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/node-io-stress/node-io-stress.chartserviceversion.yaml b/experiments/generic/node-io-stress/node-io-stress.chartserviceversion.yaml new file mode 100644 index 0000000..2f990bc --- /dev/null +++ b/experiments/generic/node-io-stress/node-io-stress.chartserviceversion.yaml @@ -0,0 +1,49 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-09-12T10:28:08Z + name: node-io-stress + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: node-io-stress + categoryDescription: | + This experiment causes disk stress on the Kubernetes node. The experiment aims to verify the resiliency of applications that share this disk resource for ephemeral or persistent storage purposes.. + - Disk stress on a particular node filesystem where the application deployment is available. + - The amount of disk stress can be either specifed as the size in percentage of the total free space on the file system or simply in Gigabytes(GB) + keywords: + - Kubernetes + - K8S + - Disk + - IO + - Filesystem + - Node + platforms: + - GKE + - EKS + - AKS + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: udit.gaurav@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/node-io-stress + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/node-io-stress/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/node-io-stress/experiment.yaml diff --git a/experiments/generic/node-io-stress/rbac-psp.yaml b/experiments/generic/node-io-stress/rbac-psp.yaml new file mode 100644 index 0000000..ab12913 --- /dev/null +++ b/experiments/generic/node-io-stress/rbac-psp.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-io-stress-sa + namespace: default + labels: + name: node-io-stress-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-io-stress-sa + labels: + name: node-io-stress-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-io-stress-sa + labels: + name: node-io-stress-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-io-stress-sa +subjects: +- kind: ServiceAccount + name: node-io-stress-sa + namespace: default diff --git a/experiments/generic/node-io-stress/rbac.yaml b/experiments/generic/node-io-stress/rbac.yaml new file mode 100644 index 0000000..a6858e7 --- /dev/null +++ b/experiments/generic/node-io-stress/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-io-stress-sa + namespace: default + labels: + name: node-io-stress-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-io-stress-sa + labels: + name: node-io-stress-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-io-stress-sa + labels: + name: node-io-stress-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-io-stress-sa +subjects: +- kind: ServiceAccount + name: node-io-stress-sa + namespace: default diff --git a/experiments/generic/node-memory-hog/engine.yaml b/experiments/generic/node-memory-hog/engine.yaml new file mode 100644 index 0000000..8e6b01c --- /dev/null +++ b/experiments/generic/node-memory-hog/engine.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: node-memory-hog-sa + experiments: + - name: node-memory-hog + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + # provide the comma separated target node names + - name: TARGET_NODES + value: '' + + ## Specify the size as percent of total node capacity Ex: '30' + ## NOTE: for selecting this option keep MEMORY_CONSUMPTION_MEBIBYTES empty + - name: MEMORY_CONSUMPTION_PERCENTAGE + value: '0' + + ## Specify the amount of memory to be consumed in mebibytes + ## NOTE: for selecting this option keep MEMORY_CONSUMPTION_PERCENTAGE empty + - name: MEMORY_CONSUMPTION_MEBIBYTES + value: '0' diff --git a/experiments/generic/node-memory-hog/experiment.yaml b/experiments/generic/node-memory-hog/experiment.yaml new file mode 100644 index 0000000..f5f7b59 --- /dev/null +++ b/experiments/generic/node-memory-hog/experiment.yaml @@ -0,0 +1,107 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Give a memory hog on a node belonging to a deployment +kind: ChaosExperiment +metadata: + name: node-memory-hog + labels: + name: node-memory-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-memory-hog + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## Specify the size as percent of total node capacity Ex: '30' + ## NOTE: for selecting this option keep MEMORY_CONSUMPTION_MEBIBYTES empty + - name: MEMORY_CONSUMPTION_PERCENTAGE + value: '' + + ## Specify the amount of memory to be consumed in mebibytes + ## NOTE: for selecting this option keep MEMORY_CONSUMPTION_PERCENTAGE empty + - name: MEMORY_CONSUMPTION_MEBIBYTES + value: '' + + - name: NUMBER_OF_WORKERS + value: '1' + + # ENTER THE COMMA SEPARATED TARGET NODES NAME + - name: TARGET_NODES + value: '' + + - name: NODE_LABEL + value: '' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## percentage of total nodes to target + - name: NODES_AFFECTED_PERC + value: '' + + ## it defines the sequence of chaos execution for multiple target nodes + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: node-memory-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/node-memory-hog/node-memory-hog.chartserviceversion.yaml b/experiments/generic/node-memory-hog/node-memory-hog.chartserviceversion.yaml new file mode 100644 index 0000000..f6d7cf1 --- /dev/null +++ b/experiments/generic/node-memory-hog/node-memory-hog.chartserviceversion.yaml @@ -0,0 +1,50 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-03-28T10:28:08Z + name: node-memory-hog + version: 0.1.5 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: node-memory-hog + categoryDescription: | + Kubernetes Node memory hog contains chaos to disrupt the state of Kubernetes resources. Experiments can inject a memory spike on a node where the application pod is scheduled. + - Memory hog on a particular node where the application deployment is available. + - After the test, the recovery should be manual for the application pod and node in case they are not in an appropriate state. + keywords: + - Kubernetes + - K8S + - Memory + - Node + platforms: + - GKE + - EKS + - AKS + - Kind + - Rancher + - OpenShift(OKD) + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: udit.gaurav@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/node-memory-hog + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/node-memory-hog/ + - name: Video + url: https://www.youtube.com/watch?v=ECxlWgQ8F5w + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/node-memory-hog/experiment.yaml diff --git a/experiments/generic/node-memory-hog/rbac-psp.yaml b/experiments/generic/node-memory-hog/rbac-psp.yaml new file mode 100644 index 0000000..a6002c5 --- /dev/null +++ b/experiments/generic/node-memory-hog/rbac-psp.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-memory-hog-sa + namespace: default + labels: + name: node-memory-hog-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-memory-hog-sa + labels: + name: node-memory-hog-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-memory-hog-sa + labels: + name: node-memory-hog-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-memory-hog-sa +subjects: +- kind: ServiceAccount + name: node-memory-hog-sa + namespace: default diff --git a/experiments/generic/node-memory-hog/rbac.yaml b/experiments/generic/node-memory-hog/rbac.yaml new file mode 100644 index 0000000..74cd3eb --- /dev/null +++ b/experiments/generic/node-memory-hog/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-memory-hog-sa + namespace: default + labels: + name: node-memory-hog-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-memory-hog-sa + labels: + name: node-memory-hog-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-memory-hog-sa + labels: + name: node-memory-hog-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-memory-hog-sa +subjects: +- kind: ServiceAccount + name: node-memory-hog-sa + namespace: default diff --git a/experiments/generic/node-poweroff/engine.yaml b/experiments/generic/node-poweroff/engine.yaml new file mode 100644 index 0000000..68ac3a7 --- /dev/null +++ b/experiments/generic/node-poweroff/engine.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: node-poweroff-sa + experiments: + - name: node-poweroff + spec: + components: + # nodeSelector: + # # provide the node labels + # kubernetes.io/hostname: 'node02' + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + # ENTER THE TARGET NODE NAME + - name: TARGET_NODE + value: '' + + # ENTER THE TARGET NODE IP + - name: TARGET_NODE_IP + value: '' + + # ENTER THE USER TO BE USED FOR SSH AUTH + - name: SSH_USER + value: 'root' diff --git a/experiments/generic/node-poweroff/experiment.yaml b/experiments/generic/node-poweroff/experiment.yaml new file mode 100644 index 0000000..d598147 --- /dev/null +++ b/experiments/generic/node-poweroff/experiment.yaml @@ -0,0 +1,97 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + poweroff node +kind: ChaosExperiment +metadata: + name: node-poweroff + labels: + name: node-poweroff + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps","secrets"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-restart + command: + - /bin/bash + env: + - name: SSH_USER + value: 'root' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: REBOOT_COMMAND + value: '-o ServerAliveInterval=1 -o ServerAliveCountMax=1 "sudo systemctl poweroff --force --force" ; true' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # PROVIDE THE LIB HERE + # ONLY LITMUS SUPPORTED + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: "litmuschaos/go-runner:latest" + + # ENTER THE TARGET NODE NAME + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + # ENTER THE TARGET NODE IP + - name: TARGET_NODE_IP + value: '' + + labels: + name: node-poweroff + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: id-rsa + mountPath: /mnt/ diff --git a/experiments/generic/node-poweroff/node-poweroff.chartserviceversion.yaml b/experiments/generic/node-poweroff/node-poweroff.chartserviceversion.yaml new file mode 100644 index 0000000..566ca14 --- /dev/null +++ b/experiments/generic/node-poweroff/node-poweroff.chartserviceversion.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-01-28T10:28:08Z + name: node-poweroff + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: node-poweroff + categoryDescription: | + Node poweroff contains chaos experiment to poweroff a node via SSH. + keywords: + - Kubernetes + - K8S + - Poweroff + - Node + platforms: + - KVM/LibVirt based K8s + - EKS + maturity: alpha + chaosType: infra + maintainers: + - name: jordigilh + email: jordi.gil@gmail.com + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/node-restart + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/node-restart + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/node-poweroff/experiment.yaml diff --git a/experiments/generic/node-poweroff/rbac-psp.yaml b/experiments/generic/node-poweroff/rbac-psp.yaml new file mode 100644 index 0000000..93abac3 --- /dev/null +++ b/experiments/generic/node-poweroff/rbac-psp.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-poweroff-sa + namespace: default + labels: + name: node-poweroff-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-poweroff-sa + labels: + name: node-poweroff-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps","secrets"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-poweroff-sa + labels: + name: node-poweroff-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-poweroff-sa +subjects: +- kind: ServiceAccount + name: node-poweroff-sa + namespace: default diff --git a/experiments/generic/node-poweroff/rbac.yaml b/experiments/generic/node-poweroff/rbac.yaml new file mode 100644 index 0000000..16898df --- /dev/null +++ b/experiments/generic/node-poweroff/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-poweroff-sa + namespace: default + labels: + name: node-poweroff-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-poweroff-sa + labels: + name: node-poweroff-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps","secrets"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-poweroff-sa + labels: + name: node-poweroff-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-poweroff-sa +subjects: +- kind: ServiceAccount + name: node-poweroff-sa + namespace: default diff --git a/experiments/generic/node-restart/engine.yaml b/experiments/generic/node-restart/engine.yaml new file mode 100644 index 0000000..71e3d70 --- /dev/null +++ b/experiments/generic/node-restart/engine.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: node-restart-sa + experiments: + - name: node-restart + spec: + components: + # nodeSelector: + # # provide the node labels + # kubernetes.io/hostname: 'node02' + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + # ENTER THE TARGET NODE NAME + - name: TARGET_NODE + value: '' + + # ENTER THE TARGET NODE IP + - name: TARGET_NODE_IP + value: '' + + # ENTER THE USER TO BE USED FOR SSH AUTH + - name: SSH_USER + value: 'root' diff --git a/experiments/generic/node-restart/experiment.yaml b/experiments/generic/node-restart/experiment.yaml new file mode 100644 index 0000000..f36bf82 --- /dev/null +++ b/experiments/generic/node-restart/experiment.yaml @@ -0,0 +1,94 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Restart node +kind: ChaosExperiment +metadata: + name: node-restart + labels: + name: node-restart + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps","secrets"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-restart + command: + - /bin/bash + env: + - name: SSH_USER + value: 'root' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # PROVIDE THE LIB HERE + # ONLY LITMUS SUPPORTED + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: "litmuschaos/go-runner:latest" + + # ENTER THE TARGET NODE NAME + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + # ENTER THE TARGET NODE IP + - name: TARGET_NODE_IP + value: '' + + labels: + name: node-restart + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: id-rsa + mountPath: /mnt/ diff --git a/experiments/generic/node-restart/node-restart.chartserviceversion.yaml b/experiments/generic/node-restart/node-restart.chartserviceversion.yaml new file mode 100644 index 0000000..4eceec8 --- /dev/null +++ b/experiments/generic/node-restart/node-restart.chartserviceversion.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-01-28T10:28:08Z + name: node-restart + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: node-restart + categoryDescription: | + Node restart contains chaos to restart the node via SSH. + keywords: + - Kubernetes + - K8S + - Restart + - Node + platforms: + - KVM/LibVirt based K8s + - EKS + maturity: alpha + chaosType: infra + maintainers: + - name: machacekondra + email: machacek.ondra@gmail.com + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/node-restart + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/node-restart + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/node-restart/experiment.yaml diff --git a/experiments/generic/node-restart/rbac-psp.yaml b/experiments/generic/node-restart/rbac-psp.yaml new file mode 100644 index 0000000..b21b60b --- /dev/null +++ b/experiments/generic/node-restart/rbac-psp.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-restart-sa + namespace: default + labels: + name: node-restart-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-restart-sa + labels: + name: node-restart-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps","secrets"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-restart-sa + labels: + name: node-restart-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-restart-sa +subjects: +- kind: ServiceAccount + name: node-restart-sa + namespace: default diff --git a/experiments/generic/node-restart/rbac.yaml b/experiments/generic/node-restart/rbac.yaml new file mode 100644 index 0000000..9b48dd1 --- /dev/null +++ b/experiments/generic/node-restart/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-restart-sa + namespace: default + labels: + name: node-restart-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-restart-sa + labels: + name: node-restart-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps","secrets"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-restart-sa + labels: + name: node-restart-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-restart-sa +subjects: +- kind: ServiceAccount + name: node-restart-sa + namespace: default diff --git a/experiments/generic/node-taint/engine.yaml b/experiments/generic/node-taint/engine.yaml new file mode 100644 index 0000000..44cfc24 --- /dev/null +++ b/experiments/generic/node-taint/engine.yaml @@ -0,0 +1,31 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: node-taint-sa + experiments: + - name: node-taint + spec: + components: + # nodeSelector: + # # provide the node labels + # kubernetes.io/hostname: 'node02' + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + # set target node name + - name: TARGET_NODE + value: '' + + # set taint label & effect + # key=value:effect or key:effect + - name: TAINTS + value: 'node.kubernetes.io/unreachable:NoExecute' + \ No newline at end of file diff --git a/experiments/generic/node-taint/experiment.yaml b/experiments/generic/node-taint/experiment.yaml new file mode 100644 index 0000000..6845d02 --- /dev/null +++ b/experiments/generic/node-taint/experiment.yaml @@ -0,0 +1,90 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Taint the node where application pod is scheduled +kind: ChaosExperiment +metadata: + name: node-taint + labels: + name: node-taint + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch","update"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name node-taint + command: + - /bin/bash + env: + + - name: TARGET_NODE + value: '' + + - name: NODE_LABEL + value: '' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Provide the LIB here + # Only litmus supported + - name: LIB + value: 'litmus' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # set taint label & effect + # key=value:effect or key:effect + - name: TAINTS + value: '' + + labels: + name: node-taint + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/node-taint/node-taint.chartserviceversion.yaml b/experiments/generic/node-taint/node-taint.chartserviceversion.yaml new file mode 100644 index 0000000..6e19973 --- /dev/null +++ b/experiments/generic/node-taint/node-taint.chartserviceversion.yaml @@ -0,0 +1,49 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-01-13T10:28:08Z + name: node-taint + version: 0.1.2 + annotations: + categories: Kubernetes + vendor: Mayadata + repository: https://github.com/litmuschaos/chaos-charts + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: node-taint + categoryDescription: > + Taint the node where application pod is scheduled + keywords: + - Kubernetes + - K8S + - Node + - Taint + platforms: + - GKE + - AWS(KOPS) + - Packet(Kubeadm) + - Konvoy + - EKS + - AKS + maturity: alpha + chaosType: infra + maintainers: + - name: shubham chaudhary + email: shubham.chaudhary@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/node-taint + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/nodes/node-taint/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/node-taint/experiment.yaml diff --git a/experiments/generic/node-taint/rbac-psp.yaml b/experiments/generic/node-taint/rbac-psp.yaml new file mode 100644 index 0000000..1188ec7 --- /dev/null +++ b/experiments/generic/node-taint/rbac-psp.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-taint-sa + namespace: default + labels: + name: node-taint-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-taint-sa + labels: + name: node-taint-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch","update"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-taint-sa + labels: + name: node-taint-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-taint-sa +subjects: +- kind: ServiceAccount + name: node-taint-sa + namespace: default diff --git a/experiments/generic/node-taint/rbac.yaml b/experiments/generic/node-taint/rbac.yaml new file mode 100644 index 0000000..8981a55 --- /dev/null +++ b/experiments/generic/node-taint/rbac.yaml @@ -0,0 +1,70 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: node-taint-sa + namespace: default + labels: + name: node-taint-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: node-taint-sa + labels: + name: node-taint-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec","pods/eviction"] + verbs: ["get","list","create"] + # ignore daemonsets while draining the node + - apiGroups: ["apps"] + resources: ["daemonsets"] + verbs: ["list","get","delete"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch","update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: node-taint-sa + labels: + name: node-taint-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: node-taint-sa +subjects: +- kind: ServiceAccount + name: node-taint-sa + namespace: default diff --git a/experiments/generic/pod-autoscaler/engine.yaml b/experiments/generic/pod-autoscaler/engine.yaml new file mode 100644 index 0000000..65dfbf1 --- /dev/null +++ b/experiments/generic/pod-autoscaler/engine.yaml @@ -0,0 +1,28 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-autoscaler-sa + experiments: + - name: pod-autoscaler + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' + + # number of replicas to scale + - name: REPLICA_COUNT + value: '5' + \ No newline at end of file diff --git a/experiments/generic/pod-autoscaler/experiment.yaml b/experiments/generic/pod-autoscaler/experiment.yaml new file mode 100644 index 0000000..3950980 --- /dev/null +++ b/experiments/generic/pod-autoscaler/experiment.yaml @@ -0,0 +1,78 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Scale the application replicas and test the node autoscaling on cluster +kind: ChaosExperiment +metadata: + name: pod-autoscaler + labels: + name: pod-autoscaler + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # performs CRUD operations on the deployments and statefulsets + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get","patch","update"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-autoscaler + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Number of replicas to scale + - name: REPLICA_COUNT + value: '5' + + # PROVIDE THE LIB HERE + # ONLY LITMUS SUPPORTED + - name: LIB + value: 'litmus' + + labels: + name: pod-autoscaler + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-autoscaler/pod-autoscaler.chartserviceversion.yaml b/experiments/generic/pod-autoscaler/pod-autoscaler.chartserviceversion.yaml new file mode 100644 index 0000000..a22bc4c --- /dev/null +++ b/experiments/generic/pod-autoscaler/pod-autoscaler.chartserviceversion.yaml @@ -0,0 +1,47 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-08-08T10:28:08Z + name: pod-autoscaler + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-autoscaler + categoryDescription: | + The experiment aims to check the ability of nodes to accommodate the number of replicas a given application pod. + This experiment can be used for other scenarios as well, such as for checking the Node auto-scaling feature. For example, check if the pods are successfully rescheduled within a specified period in cases where the existing nodes are already running at the specified limits. + keywords: + - Kubernetes + - K8S + - Scale + - Pod + platforms: + - GKE + - EKS + - Minikube + - AKS + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: udit.gaurav@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-autoscaler + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-autoscaler/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-autoscaler/experiment.yaml diff --git a/experiments/generic/pod-autoscaler/rbac-psp.yaml b/experiments/generic/pod-autoscaler/rbac-psp.yaml new file mode 100644 index 0000000..49a03ac --- /dev/null +++ b/experiments/generic/pod-autoscaler/rbac-psp.yaml @@ -0,0 +1,71 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-autoscaler-sa + namespace: default + labels: + name: pod-autoscaler-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pod-autoscaler-sa + labels: + name: pod-autoscaler-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # performs CRUD operations on the deployments and statefulsets + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get","patch","update"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pod-autoscaler-sa + labels: + name: pod-autoscaler-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pod-autoscaler-sa +subjects: +- kind: ServiceAccount + name: pod-autoscaler-sa + namespace: default diff --git a/experiments/generic/pod-autoscaler/rbac.yaml b/experiments/generic/pod-autoscaler/rbac.yaml new file mode 100644 index 0000000..19114f1 --- /dev/null +++ b/experiments/generic/pod-autoscaler/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-autoscaler-sa + namespace: default + labels: + name: pod-autoscaler-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pod-autoscaler-sa + labels: + name: pod-autoscaler-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # performs CRUD operations on the deployments and statefulsets + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get","patch","update"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pod-autoscaler-sa + labels: + name: pod-autoscaler-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pod-autoscaler-sa +subjects: +- kind: ServiceAccount + name: pod-autoscaler-sa + namespace: default diff --git a/experiments/generic/pod-cpu-hog-exec/engine.yaml b/experiments/generic/pod-cpu-hog-exec/engine.yaml new file mode 100644 index 0000000..c793410 --- /dev/null +++ b/experiments/generic/pod-cpu-hog-exec/engine.yaml @@ -0,0 +1,30 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-cpu-hog-exec-sa + experiments: + - name: pod-cpu-hog-exec + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + #number of cpu cores to be consumed + #verify the resources the app has been launched with + - name: CPU_CORES + value: '1' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/experiments/generic/pod-cpu-hog-exec/experiment.yaml b/experiments/generic/pod-cpu-hog-exec/experiment.yaml new file mode 100644 index 0000000..a04eda9 --- /dev/null +++ b/experiments/generic/pod-cpu-hog-exec/experiment.yaml @@ -0,0 +1,105 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects cpu consumption on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-cpu-hog-exec + labels: + name: pod-cpu-hog-exec + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-cpu-hog-exec + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## Number of CPU cores to stress + - name: CPU_CORES + value: '1' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus + - name: LIB + value: 'litmus' + + # The command to kill the chaos process + - name: CHAOS_KILL_COMMAND + value: "kill $(find /proc -name exe -lname '*/md5sum' 2>&1 | grep -v 'Permission denied' | awk -F/ '{print $(NF-1)}')" + + - name: TARGET_PODS + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-cpu-hog-exec + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-cpu-hog-exec/pod-cpu-hog-exec.chartserviceversion.yaml b/experiments/generic/pod-cpu-hog-exec/pod-cpu-hog-exec.chartserviceversion.yaml new file mode 100644 index 0000000..65ef4e8 --- /dev/null +++ b/experiments/generic/pod-cpu-hog-exec/pod-cpu-hog-exec.chartserviceversion.yaml @@ -0,0 +1,51 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-06-16T10:28:08Z + name: pod-cpu-hog-exec + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-cpu-hog-exec + categoryDescription: | + pod-cpu-hog-exec contains chaos to consume CPU resouces of specified containers in Kubernetes pods. + - Causes high CPU resource consumption utilizing one or more cores by triggering md5sum commands + - The application pod should be healthy once chaos is stopped. Expectation is that service-requests should be served despite chaos. + keywords: + - Kubernetes + - K8S + - CPU + - Pod + - Exec + - Stress + platforms: + - GKE + - Packet(Kubeadm) + - Minikube + - EKS + - AKS + - Kind + maturity: alpha + maintainers: + - name: ksatchit + email: karthik@chaosnative.com + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-cpu-hog-exec + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-cpu-hog-exec/ + - name: Video + url: https://www.youtube.com/watch?v=MBGSPmZKb2I + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-cpu-hog-exec/experiment.yaml diff --git a/experiments/generic/pod-cpu-hog-exec/rbac-psp.yaml b/experiments/generic/pod-cpu-hog-exec/rbac-psp.yaml new file mode 100644 index 0000000..f1733be --- /dev/null +++ b/experiments/generic/pod-cpu-hog-exec/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-cpu-hog-exec-sa + namespace: default + labels: + name: pod-cpu-hog-exec-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-cpu-hog-exec-sa + namespace: default + labels: + name: pod-cpu-hog-exec-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-cpu-hog-exec-sa + namespace: default + labels: + name: pod-cpu-hog-exec-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-cpu-hog-exec-sa +subjects: +- kind: ServiceAccount + name: pod-cpu-hog-exec-sa + namespace: default diff --git a/experiments/generic/pod-cpu-hog-exec/rbac.yaml b/experiments/generic/pod-cpu-hog-exec/rbac.yaml new file mode 100644 index 0000000..9e80151 --- /dev/null +++ b/experiments/generic/pod-cpu-hog-exec/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-cpu-hog-exec-sa + namespace: default + labels: + name: pod-cpu-hog-exec-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-cpu-hog-exec-sa + namespace: default + labels: + name: pod-cpu-hog-exec-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-cpu-hog-exec-sa + namespace: default + labels: + name: pod-cpu-hog-exec-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-cpu-hog-exec-sa +subjects: +- kind: ServiceAccount + name: pod-cpu-hog-exec-sa + namespace: default diff --git a/experiments/generic/pod-cpu-hog/engine.yaml b/experiments/generic/pod-cpu-hog/engine.yaml new file mode 100644 index 0000000..d8875e7 --- /dev/null +++ b/experiments/generic/pod-cpu-hog/engine.yaml @@ -0,0 +1,36 @@ + +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-cpu-hog-sa + experiments: + - name: pod-cpu-hog + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: CPU_CORES + value: '1' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' diff --git a/experiments/generic/pod-cpu-hog/experiment.yaml b/experiments/generic/pod-cpu-hog/experiment.yaml new file mode 100644 index 0000000..45634a5 --- /dev/null +++ b/experiments/generic/pod-cpu-hog/experiment.yaml @@ -0,0 +1,127 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects cpu consumption on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-cpu-hog + labels: + name: pod-cpu-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-cpu-hog + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## Number of CPU cores to stress + - name: CPU_CORES + value: '1' + + ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. + ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING + - name: CPU_LOAD + value: '100' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus, pumba + - name: LIB + value: 'litmus' + + ## It is used in pumba lib only + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## It is used in pumba lib only + - name: STRESS_IMAGE + value: 'alexeiled/stress-ng:latest-ubuntu' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-cpu-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-cpu-hog/pod-cpu-hog.chartserviceversion.yaml b/experiments/generic/pod-cpu-hog/pod-cpu-hog.chartserviceversion.yaml new file mode 100644 index 0000000..5206115 --- /dev/null +++ b/experiments/generic/pod-cpu-hog/pod-cpu-hog.chartserviceversion.yaml @@ -0,0 +1,53 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-06-16T10:28:08Z + name: pod-cpu-hog + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-cpu-hog + categoryDescription: | + Pod-CPU-Hog contains chaos to consume CPU resouces of specified containers in Kubernetes pods. + - Causes CPU resource consumption on specified application containers using cgroups and litmus nsutil which consume CPU resources of the given target containers. + - It Can test the application's resilience to potential slowness/unavailability of some replicas due to high CPU load + - The application pod should be healthy once chaos is stopped. Expectation is that service-requests should be served despite chaos. + keywords: + - Kubernetes + - K8S + - CPU + - Pod + - Stress + platforms: + - GKE + - Packet(Kubeadm) + - Minikube + - EKS + - AKS + - Kind + maturity: alpha + maintainers: + - name: ksatchit + email: karthik@chaosnative.com + - name: Udit Gaurav + email: udit@chaosnative.com + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-cpu-hog + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-cpu-hog/ + - name: Video + url: https://www.youtube.com/watch?v=MBGSPmZKb2I + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-cpu-hog/experiment.yaml diff --git a/experiments/generic/pod-cpu-hog/rbac-psp.yaml b/experiments/generic/pod-cpu-hog/rbac-psp.yaml new file mode 100644 index 0000000..8952968 --- /dev/null +++ b/experiments/generic/pod-cpu-hog/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-cpu-hog-sa + namespace: default + labels: + name: pod-cpu-hog-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-cpu-hog-sa + namespace: default + labels: + name: pod-cpu-hog-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-cpu-hog-sa + namespace: default + labels: + name: pod-cpu-hog-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-cpu-hog-sa +subjects: +- kind: ServiceAccount + name: pod-cpu-hog-sa + namespace: default diff --git a/experiments/generic/pod-cpu-hog/rbac.yaml b/experiments/generic/pod-cpu-hog/rbac.yaml new file mode 100644 index 0000000..f045de3 --- /dev/null +++ b/experiments/generic/pod-cpu-hog/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-cpu-hog-sa + namespace: default + labels: + name: pod-cpu-hog-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-cpu-hog-sa + namespace: default + labels: + name: pod-cpu-hog-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-cpu-hog-sa + namespace: default + labels: + name: pod-cpu-hog-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-cpu-hog-sa +subjects: +- kind: ServiceAccount + name: pod-cpu-hog-sa + namespace: default diff --git a/experiments/generic/pod-delete/ansible/engine.yaml b/experiments/generic/pod-delete/ansible/engine.yaml new file mode 100644 index 0000000..871f8f2 --- /dev/null +++ b/experiments/generic/pod-delete/ansible/engine.yaml @@ -0,0 +1,31 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: pod-delete-sa + experiments: + - name: pod-delete + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + + # pod failures without '--force' & default terminationGracePeriodSeconds + - name: FORCE + value: 'false' diff --git a/experiments/generic/pod-delete/ansible/experiment.yaml b/experiments/generic/pod-delete/ansible/experiment.yaml new file mode 100644 index 0000000..86a289a --- /dev/null +++ b/experiments/generic/pod-delete/ansible/experiment.yaml @@ -0,0 +1,84 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes a pod belonging to a deployment/statefulset/daemonset +kind: ChaosExperiment +metadata: + name: pod-delete + labels: + name: pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "apps" + - "batch" + - "litmuschaos.io" + resources: + - "deployments" + - "jobs" + - "pods" + - "pods/log" + - "events" + - "configmaps" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/generic/pod_delete/pod_delete_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: TOTAL_CHAOS_DURATION + value: '15' + + # Period to wait before injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: FORCE + value: 'true' + + - name: CHAOS_INTERVAL + value: '5' + + - name: LIB_IMAGE + value: 'litmuschaos/pod-delete-helper:latest' + + - name: LIB + value: 'litmus' + labels: + name: pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-delete/ansible/powerfulseal_rbac.yaml b/experiments/generic/pod-delete/ansible/powerfulseal_rbac.yaml new file mode 100644 index 0000000..f53e37b --- /dev/null +++ b/experiments/generic/pod-delete/ansible/powerfulseal_rbac.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pod-delete-sa + labels: + name: pod-delete-sa +rules: +- apiGroups: ["","litmuschaos.io","batch","apps"] + resources: ["pods","deployments","pods/log","events","jobs","configmaps","chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pod-delete-sa + labels: + name: pod-delete-sa +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pod-delete-sa +subjects: +- kind: ServiceAccount + name: pod-delete-sa + namespace: default + diff --git a/experiments/generic/pod-delete/ansible/rbac.yaml b/experiments/generic/pod-delete/ansible/rbac.yaml new file mode 100644 index 0000000..6a1535b --- /dev/null +++ b/experiments/generic/pod-delete/ansible/rbac.yaml @@ -0,0 +1,40 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","litmuschaos.io","batch","apps"] + resources: ["pods","deployments","pods/log","events","jobs","chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-delete-sa +subjects: +- kind: ServiceAccount + name: pod-delete-sa + namespace: default + diff --git a/experiments/generic/pod-delete/engine.yaml b/experiments/generic/pod-delete/engine.yaml new file mode 100644 index 0000000..c211c73 --- /dev/null +++ b/experiments/generic/pod-delete/engine.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + # It can be active/stop + engineState: 'active' + chaosServiceAccount: pod-delete-sa + experiments: + - name: pod-delete + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + + # pod failures without '--force' & default terminationGracePeriodSeconds + - name: FORCE + value: 'false' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' diff --git a/experiments/generic/pod-delete/engine_nginx_getstarted.yaml b/experiments/generic/pod-delete/engine_nginx_getstarted.yaml new file mode 100644 index 0000000..043113f --- /dev/null +++ b/experiments/generic/pod-delete/engine_nginx_getstarted.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: nginx +spec: + appinfo: + appns: 'nginx' + applabel: 'app=nginx' + appkind: 'deployment' + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: pod-delete-sa + # It can be delete/retain + jobCleanUpPolicy: 'delete' + experiments: + - name: pod-delete + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + + # pod failures without '--force' & default terminationGracePeriodSeconds + - name: FORCE + value: 'false' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' diff --git a/experiments/generic/pod-delete/experiment.yaml b/experiments/generic/pod-delete/experiment.yaml new file mode 100644 index 0000000..46b9162 --- /dev/null +++ b/experiments/generic/pod-delete/experiment.yaml @@ -0,0 +1,106 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes a pod belonging to a deployment/statefulset/daemonset +kind: ChaosExperiment +metadata: + name: pod-delete + labels: + name: pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-delete + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '15' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: FORCE + value: 'true' + + - name: CHAOS_INTERVAL + value: '5' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: LIB + value: 'litmus' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-delete/pod-delete.chartserviceversion.yaml b/experiments/generic/pod-delete/pod-delete.chartserviceversion.yaml new file mode 100644 index 0000000..b5e42b6 --- /dev/null +++ b/experiments/generic/pod-delete/pod-delete.chartserviceversion.yaml @@ -0,0 +1,52 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-10-15T10:28:08Z + name: pod-delete + version: 0.1.13 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-delete + categoryDescription: | + Pod delete contains chaos to disrupt state of kubernetes resources. Experiments can inject random pod delete failures against specified application. + - Causes (forced/graceful) pod failure of random replicas of an application deployment. + - Tests deployment sanity (replica availability & uninterrupted service) and recovery workflows of the application pod. + + keywords: + - Kubernetes + - K8S + - Pod + platforms: + - GKE + - Konvoy + - Packet(Kubeadm) + - Minikube + - EKS + - AKS + - Kind + - Rancher + - OpenShift(OKD) + maturity: alpha + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-delete + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-delete/ + - name: Video + url: https://www.youtube.com/watch?v=X3JvY_58V9A + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-delete/experiment.yaml diff --git a/experiments/generic/pod-delete/python/engine.yaml b/experiments/generic/pod-delete/python/engine.yaml new file mode 100644 index 0000000..c211c73 --- /dev/null +++ b/experiments/generic/pod-delete/python/engine.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + # It can be active/stop + engineState: 'active' + chaosServiceAccount: pod-delete-sa + experiments: + - name: pod-delete + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + + # pod failures without '--force' & default terminationGracePeriodSeconds + - name: FORCE + value: 'false' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' diff --git a/experiments/generic/pod-delete/python/experiment.yaml b/experiments/generic/pod-delete/python/experiment.yaml new file mode 100644 index 0000000..d80a29d --- /dev/null +++ b/experiments/generic/pod-delete/python/experiment.yaml @@ -0,0 +1,90 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes a pod belonging to a deployment/statefulset/daemonset +kind: ChaosExperiment +metadata: + name: pod-delete + labels: + name: pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "apps" + - "apps.openshift.io" + - "argoproj.io" + - "batch" + - "litmuschaos.io" + resources: + - "deployments" + - "jobs" + - "pods" + - "pods/log" + - "replicationcontrollers" + - "deployments" + - "statefulsets" + - "daemonsets" + - "replicasets" + - "deploymentconfigs" + - "rollouts" + - "pods/exec" + - "events" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - "deletecollection" + image: "litmuschaos/py-runner:latest" + imagePullPolicy: Always + args: + - -c + - python3 -u experiment + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '15' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: FORCE + value: 'true' + + - name: CHAOS_INTERVAL + value: '5' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: LIB + value: 'litmus' + + - name: TARGET_PODS + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-delete + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-delete/python/rbac.yaml b/experiments/generic/pod-delete/python/rbac.yaml new file mode 100644 index 0000000..350173d --- /dev/null +++ b/experiments/generic/pod-delete/python/rbac.yaml @@ -0,0 +1,58 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: [""] + resources: ["pods","events"] + verbs: ["create","list","get","patch","update","delete","deletecollection"] +- apiGroups: [""] + resources: ["pods/exec","pods/log","replicationcontrollers"] + verbs: ["create","list","get"] +- apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] +- apiGroups: ["apps"] + resources: ["deployments","statefulsets","daemonsets","replicasets"] + verbs: ["list","get"] +- apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] +- apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] +- apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-delete-sa +subjects: +- kind: ServiceAccount + name: pod-delete-sa + namespace: default + diff --git a/experiments/generic/pod-delete/rbac-psp.yaml b/experiments/generic/pod-delete/rbac-psp.yaml new file mode 100644 index 0000000..e494e6b --- /dev/null +++ b/experiments/generic/pod-delete/rbac-psp.yaml @@ -0,0 +1,86 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-delete-sa +subjects: +- kind: ServiceAccount + name: pod-delete-sa + namespace: default + diff --git a/experiments/generic/pod-delete/rbac.yaml b/experiments/generic/pod-delete/rbac.yaml new file mode 100644 index 0000000..a3f4f5c --- /dev/null +++ b/experiments/generic/pod-delete/rbac.yaml @@ -0,0 +1,81 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-delete-sa + namespace: default + labels: + name: pod-delete-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-delete-sa +subjects: +- kind: ServiceAccount + name: pod-delete-sa + namespace: default + diff --git a/experiments/generic/pod-delete/rbac_nginx_getstarted.yaml b/experiments/generic/pod-delete/rbac_nginx_getstarted.yaml new file mode 100644 index 0000000..5ff2c83 --- /dev/null +++ b/experiments/generic/pod-delete/rbac_nginx_getstarted.yaml @@ -0,0 +1,77 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-delete-sa + namespace: nginx + labels: + name: pod-delete-sa +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-delete-sa + namespace: nginx + labels: + name: pod-delete-sa +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-delete-sa + namespace: nginx + labels: + name: pod-delete-sa +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-delete-sa +subjects: +- kind: ServiceAccount + name: pod-delete-sa + namespace: nginx \ No newline at end of file diff --git a/experiments/generic/pod-dns-error/engine.yaml b/experiments/generic/pod-dns-error/engine.yaml new file mode 100644 index 0000000..63f4a16 --- /dev/null +++ b/experiments/generic/pod-dns-error/engine.yaml @@ -0,0 +1,41 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos +spec: + appinfo: + appns: "default" + applabel: "app=nginx" + appkind: "deployment" + # It can be active/stop + engineState: "active" + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: "" + chaosServiceAccount: pod-dns-error-sa + experiments: + - name: pod-dns-error + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: "60" # in seconds + + # list of the target hostnames or kewywords eg. '["litmuschaos","chaosnative.io"]' . If empty all hostnames are targets + - name: TARGET_HOSTNAMES + value: "" + + # can be either exact or substring, determines whether the dns query has to match exactly with one of the targets or can have any of the targets as substring + - name: MATCH_SCHEME + value: "exact" + + # provide the name of container runtime, it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: "docker" + + # provide the socket file path + - name: SOCKET_PATH + value: "/var/run/docker.sock" + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: "" diff --git a/experiments/generic/pod-dns-error/experiment.yaml b/experiments/generic/pod-dns-error/experiment.yaml new file mode 100644 index 0000000..078c5c1 --- /dev/null +++ b/experiments/generic/pod-dns-error/experiment.yaml @@ -0,0 +1,115 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Pod DNS Error injects dns failure/error in target pod containers +kind: ChaosExperiment +metadata: + name: pod-dns-error + labels: + name: pod-dns-error + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name pod-dns-error + command: + - /bin/bash + env: + - name: TARGET_CONTAINER + value: "" + + # provide lib image + - name: LIB_IMAGE + value: "litmuschaos/go-runner:latest" + + - name: TOTAL_CHAOS_DURATION + value: "60" # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: "" + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: "" + + - name: TARGET_PODS + value: "" + + # provide the name of container runtime, it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: "docker" + + # provide the socket file path + - name: SOCKET_PATH + value: "/var/run/docker.sock" + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: "parallel" + + # list of the target hostnames or kewywords eg. '["litmuschaos","chaosnative.io"]' . If empty all hostnames are targets + - name: TARGET_HOSTNAMES + value: "" + + # can be either exact or substring, determines whether the dns query has to match exactly with one of the targets or can have any of the targets as substring + - name: MATCH_SCHEME + value: "exact" + + labels: + experiment: pod-dns-error + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-dns-error/pod-dns-error.chartserviceversion.yaml b/experiments/generic/pod-dns-error/pod-dns-error.chartserviceversion.yaml new file mode 100644 index 0000000..4ece88e --- /dev/null +++ b/experiments/generic/pod-dns-error/pod-dns-error.chartserviceversion.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-dns-error + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-dns-error + categoryDescription: > + Pod DNS Error injects dns failure/error in target pod containers + keywords: + - "Pod" + - K8S + - "Kubernetes" + - "DNS" + maturity: alpha + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + maintainers: + - name: gdsoumya + email: gdsoumya@chaosnative.com + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-dns-error + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/getstarted/ + - name: Video + url: + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-dns-error/experiment.yaml diff --git a/experiments/generic/pod-dns-error/rbac-psp.yaml b/experiments/generic/pod-dns-error/rbac-psp.yaml new file mode 100644 index 0000000..1e8bbfd --- /dev/null +++ b/experiments/generic/pod-dns-error/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-dns-error-sa + namespace: default + labels: + name: pod-dns-error-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-dns-error-sa + namespace: default + labels: + name: pod-dns-error-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-dns-error-sa + namespace: default + labels: + name: pod-dns-error-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-dns-error-sa +subjects: + - kind: ServiceAccount + name: pod-dns-error-sa + namespace: default diff --git a/experiments/generic/pod-dns-error/rbac.yaml b/experiments/generic/pod-dns-error/rbac.yaml new file mode 100644 index 0000000..84dc894 --- /dev/null +++ b/experiments/generic/pod-dns-error/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-dns-error-sa + namespace: default + labels: + name: pod-dns-error-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-dns-error-sa + namespace: default + labels: + name: pod-dns-error-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-dns-error-sa + namespace: default + labels: + name: pod-dns-error-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-dns-error-sa +subjects: + - kind: ServiceAccount + name: pod-dns-error-sa + namespace: default diff --git a/experiments/generic/pod-dns-spoof/engine.yaml b/experiments/generic/pod-dns-spoof/engine.yaml new file mode 100644 index 0000000..88f3a24 --- /dev/null +++ b/experiments/generic/pod-dns-spoof/engine.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos +spec: + appinfo: + appns: "default" + applabel: "app=nginx" + appkind: "deployment" + # It can be active/stop + engineState: "active" + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: "" + chaosServiceAccount: pod-dns-spoof-sa + experiments: + - name: pod-dns-spoof + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: "60" # in seconds + + # map of the target hostnames eg. '{"abc.com":"spoofabc.com"}' . If empty no queries will be spoofed + - name: SPOOF_MAP + value: '{"google.com":"fakegoogle.com"}' + + # provide the name of container runtime, it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: "docker" + + # provide the socket file path + - name: SOCKET_PATH + value: "/var/run/docker.sock" + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: "" diff --git a/experiments/generic/pod-dns-spoof/experiment.yaml b/experiments/generic/pod-dns-spoof/experiment.yaml new file mode 100644 index 0000000..f860599 --- /dev/null +++ b/experiments/generic/pod-dns-spoof/experiment.yaml @@ -0,0 +1,111 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Pod DNS Spoof can spoof particular dns requests in target pod container to desired target hostnames +kind: ChaosExperiment +metadata: + name: pod-dns-spoof + labels: + name: pod-dns-spoof + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name pod-dns-spoof + command: + - /bin/bash + env: + - name: TARGET_CONTAINER + value: "" + + # provide lib image + - name: LIB_IMAGE + value: "litmuschaos/go-runner:latest" + + - name: TOTAL_CHAOS_DURATION + value: "60" # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: "" + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: "" + + - name: TARGET_PODS + value: "" + + # provide the name of container runtime, it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: "docker" + + # provide the socket file path + - name: SOCKET_PATH + value: "/var/run/docker.sock" + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: "parallel" + + # map of the target hostnames eg. '{"abc.com":"spoofabc.com"}' . If empty no queries will be spoofed + - name: SPOOF_MAP + value: "" + + labels: + experiment: pod-dns-spoof + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-dns-spoof/pod-dns-spoof.chartserviceversion.yaml b/experiments/generic/pod-dns-spoof/pod-dns-spoof.chartserviceversion.yaml new file mode 100644 index 0000000..b179d30 --- /dev/null +++ b/experiments/generic/pod-dns-spoof/pod-dns-spoof.chartserviceversion.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-dns-spoof + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-dns-spoof + categoryDescription: > + Pod DNS Spoof can spoof particular dns requests in target pod container to desired target hostnames + keywords: + - "Pod" + - K8S + - "Kubernetes" + - "DNS" + maturity: alpha + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + maintainers: + - name: gdsoumya + email: gdsoumya@chaosnative.com + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-dns-spoof + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/getstarted/ + - name: Video + url: + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-dns-spoof/experiment.yaml diff --git a/experiments/generic/pod-dns-spoof/rbac-psp.yaml b/experiments/generic/pod-dns-spoof/rbac-psp.yaml new file mode 100644 index 0000000..106c044 --- /dev/null +++ b/experiments/generic/pod-dns-spoof/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-dns-spoof-sa + namespace: default + labels: + name: pod-dns-spoof-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-dns-spoof-sa + namespace: default + labels: + name: pod-dns-spoof-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-dns-spoof-sa + namespace: default + labels: + name: pod-dns-spoof-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-dns-spoof-sa +subjects: + - kind: ServiceAccount + name: pod-dns-spoof-sa + namespace: default diff --git a/experiments/generic/pod-dns-spoof/rbac.yaml b/experiments/generic/pod-dns-spoof/rbac.yaml new file mode 100644 index 0000000..6d2c76d --- /dev/null +++ b/experiments/generic/pod-dns-spoof/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-dns-spoof-sa + namespace: default + labels: + name: pod-dns-spoof-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-dns-spoof-sa + namespace: default + labels: + name: pod-dns-spoof-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-dns-spoof-sa + namespace: default + labels: + name: pod-dns-spoof-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-dns-spoof-sa +subjects: + - kind: ServiceAccount + name: pod-dns-spoof-sa + namespace: default diff --git a/experiments/generic/pod-http-latency/engine.yaml b/experiments/generic/pod-http-latency/engine.yaml new file mode 100644 index 0000000..bc226d8 --- /dev/null +++ b/experiments/generic/pod-http-latency/engine.yaml @@ -0,0 +1,41 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-http-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + # FYI, To see app label, apply kubectl get pods --show-labels + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-http-latency-sa + experiments: + - name: pod-http-latency + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: LATENCY + value: '2000' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # provide the name of container runtime + # it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' diff --git a/experiments/generic/pod-http-latency/experiment.yaml b/experiments/generic/pod-http-latency/experiment.yaml new file mode 100644 index 0000000..79ab473 --- /dev/null +++ b/experiments/generic/pod-http-latency/experiment.yaml @@ -0,0 +1,134 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects http request latency on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-http-latency + labels: + name: pod-http-latency + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-latency + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: LATENCY + value: '2000' #in ms + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-latency + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-http-latency/pod-http-latency.chartserviceversion.yaml b/experiments/generic/pod-http-latency/pod-http-latency.chartserviceversion.yaml new file mode 100644 index 0000000..d39adc4 --- /dev/null +++ b/experiments/generic/pod-http-latency/pod-http-latency.chartserviceversion.yaml @@ -0,0 +1,45 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2022-05-21T10:28:08Z + name: pod-http-latency + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-http-latency + categoryDescription: | + Pod-http-latency contains chaos to disrupt http requests of kubernetes pods. This experiment can inject random http response delays on the app replica pods. + - Causes flaky access to application replica by injecting http response delay using toxiproxy. + - The application pod should be healthy once chaos is stopped. Service-requests should be served despite chaos. + keywords: + - Kubernetes + - K8S + - HTTP + - Pod + - Latency + platforms: + - GKE + - Minikube + - EKS + maturity: alpha + maintainers: + - name: Akash Shrivastava + email: akash.shrivastava@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-http-latency + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-http-latency/ + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-http-latency/experiment.yaml diff --git a/experiments/generic/pod-http-latency/rbac-psp.yaml b/experiments/generic/pod-http-latency/rbac-psp.yaml new file mode 100644 index 0000000..3b472ee --- /dev/null +++ b/experiments/generic/pod-http-latency/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-latency-sa + namespace: default + labels: + name: pod-http-latency-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-latency-sa + namespace: default + labels: + name: pod-http-latency-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-latency-sa + namespace: default + labels: + name: pod-http-latency-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-latency-sa +subjects: +- kind: ServiceAccount + name: pod-http-latency-sa + namespace: default diff --git a/experiments/generic/pod-http-latency/rbac.yaml b/experiments/generic/pod-http-latency/rbac.yaml new file mode 100644 index 0000000..6c46d88 --- /dev/null +++ b/experiments/generic/pod-http-latency/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-latency-sa + namespace: default + labels: + name: pod-http-latency-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-latency-sa + namespace: default + labels: + name: pod-http-latency-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-latency-sa + namespace: default + labels: + name: pod-http-latency-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-latency-sa +subjects: +- kind: ServiceAccount + name: pod-http-latency-sa + namespace: default diff --git a/experiments/generic/pod-io-stress/engine.yaml b/experiments/generic/pod-io-stress/engine.yaml new file mode 100644 index 0000000..7a53571 --- /dev/null +++ b/experiments/generic/pod-io-stress/engine.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-io-stress-sa + experiments: + - name: pod-io-stress + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## specify the size as percentage of free space on the file system + - name: FILESYSTEM_UTILIZATION_PERCENTAGE + value: '10' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' diff --git a/experiments/generic/pod-io-stress/experiment.yaml b/experiments/generic/pod-io-stress/experiment.yaml new file mode 100644 index 0000000..40a4c74 --- /dev/null +++ b/experiments/generic/pod-io-stress/experiment.yaml @@ -0,0 +1,134 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + IO stress on a app pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-io-stress + labels: + name: pod-io-stress + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-io-stress + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '120' + + ## specify the size as percentage of free space on the file system + ## default value 90 (in percentage) + - name: FILESYSTEM_UTILIZATION_PERCENTAGE + value: '10' + + ## we can specify the size in Gigabyte (Gb) also in place of percentage of free space + ## NOTE: for selecting this option FILESYSTEM_UTILIZATION_PERCENTAGE should be empty + - name: FILESYSTEM_UTILIZATION_BYTES + value: '' + + ## Total number of workers default value is 4 + - name: NUMBER_OF_WORKERS + value: '4' + + ## Percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + # provide volume mount path + - name: VOLUME_MOUNT_PATH + value: '' + + ## specify the comma separated target pods + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # Provide the LIB here + # support litmus and pumba + - name: LIB + value: 'litmus' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-io-stress + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-io-stress/pod-io-stress.chartserviceversion.yaml b/experiments/generic/pod-io-stress/pod-io-stress.chartserviceversion.yaml new file mode 100644 index 0000000..8f7a010 --- /dev/null +++ b/experiments/generic/pod-io-stress/pod-io-stress.chartserviceversion.yaml @@ -0,0 +1,50 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-09-13T10:28:08Z + name: pod-io-stress + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-io-stress + categoryDescription: | + This experiment causes disk stress on the application pod. The experiment aims to verify the resiliency of applications that share this disk resource for ephemeral or persistent storage purposes. + - Consumes the disk available by executing filesystem IO stress as available memory or by providing the value in GB + - The application pod should be healthy once chaos is stopped. Expectation is that service-requests should be served despite chaos. + keywords: + - Kubernetes + - K8S + - Memory + - Pod + - IO + - Stress + platforms: + - GKE + - Packet(Kubeadm) + - Minikube + - EKS + - AKS + maturity: alpha + maintainers: + - name: Udit Gaurav + email: udit.gaurav@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-io-stress + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-io-stress/ + - name: Video + url: + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-io-stress/experiment.yaml diff --git a/experiments/generic/pod-io-stress/rbac-psp.yaml b/experiments/generic/pod-io-stress/rbac-psp.yaml new file mode 100644 index 0000000..755512a --- /dev/null +++ b/experiments/generic/pod-io-stress/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-io-stress-sa + namespace: default + labels: + name: pod-io-stress-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-io-stress-sa + namespace: default + labels: + name: pod-io-stress-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-io-stress-sa + namespace: default + labels: + name: pod-io-stress-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-io-stress-sa +subjects: +- kind: ServiceAccount + name: pod-io-stress-sa + namespace: default diff --git a/experiments/generic/pod-io-stress/rbac.yaml b/experiments/generic/pod-io-stress/rbac.yaml new file mode 100644 index 0000000..e80025d --- /dev/null +++ b/experiments/generic/pod-io-stress/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-io-stress-sa + namespace: default + labels: + name: pod-io-stress-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-io-stress-sa + namespace: default + labels: + name: pod-io-stress-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-io-stress-sa + namespace: default + labels: + name: pod-io-stress-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-io-stress-sa +subjects: +- kind: ServiceAccount + name: pod-io-stress-sa + namespace: default diff --git a/experiments/generic/pod-memory-hog-exec/engine.yaml b/experiments/generic/pod-memory-hog-exec/engine.yaml new file mode 100644 index 0000000..5bc6b0d --- /dev/null +++ b/experiments/generic/pod-memory-hog-exec/engine.yaml @@ -0,0 +1,29 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-memory-hog-exec-sa + experiments: + - name: pod-memory-hog-exec + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Enter the amount of memory in megabytes to be consumed by the application pod + - name: MEMORY_CONSUMPTION + value: '500' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/experiments/generic/pod-memory-hog-exec/experiment.yaml b/experiments/generic/pod-memory-hog-exec/experiment.yaml new file mode 100644 index 0000000..3f29e61 --- /dev/null +++ b/experiments/generic/pod-memory-hog-exec/experiment.yaml @@ -0,0 +1,106 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects memory consumption on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-memory-hog-exec + labels: + name: pod-memory-hog-exec + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-memory-hog-exec + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## enter the amount of memory in megabytes to be consumed by the application pod + - name: MEMORY_CONSUMPTION + value: '500' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus + - name: LIB + value: 'litmus' + + # The command to kill the chaos process + - name: CHAOS_KILL_COMMAND + value: "kill $(find /proc -name exe -lname '*/dd' 2>&1 | grep -v 'Permission denied' | awk -F/ '{print $(NF-1)}' | head -n 1)" + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + - name: TARGET_PODS + value: '' + + labels: + name: pod-memory-hog-exec + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-memory-hog-exec/pod-memory-hog-exec.chartserviceversion.yaml b/experiments/generic/pod-memory-hog-exec/pod-memory-hog-exec.chartserviceversion.yaml new file mode 100644 index 0000000..2e37699 --- /dev/null +++ b/experiments/generic/pod-memory-hog-exec/pod-memory-hog-exec.chartserviceversion.yaml @@ -0,0 +1,51 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-04-10T10:28:08Z + name: pod-memory-hog-exec + version: 0.1.4 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-memory-hog-exec + categoryDescription: | + pod-memory-hog-exec contains chaos to consume Memory resouces of specified containers in Kubernetes pods. + - Consumes the memory specified by executing a dd command against special files /dev/zero(input) and /dev/null(output) + - The application pod should be healthy once chaos is stopped. Expectation is that service-requests should be served despite chaos. + keywords: + - Kubernetes + - K8S + - Memory + - Pod + - Exec + - Stress + platforms: + - GKE + - Packet(Kubeadm) + - Minikube + - EKS + - AKS + - OpenShift(OKD) + maturity: alpha + maintainers: + - name: Udit Gaurav + email: udit@chaosnative.com + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-memory-hog-exec + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-memory-hog-exec/ + - name: Video + url: https://www.youtube.com/watch?v=HuAXg8W5Tzo + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-memory-hog-exec/experiment.yaml diff --git a/experiments/generic/pod-memory-hog-exec/rbac-psp.yaml b/experiments/generic/pod-memory-hog-exec/rbac-psp.yaml new file mode 100644 index 0000000..eb39cec --- /dev/null +++ b/experiments/generic/pod-memory-hog-exec/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-memory-hog-exec-sa + namespace: default + labels: + name: pod-memory-hog-exec-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-memory-hog-exec-sa + namespace: default + labels: + name: pod-memory-hog-exec-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-memory-hog-exec-sa + namespace: default + labels: + name: pod-memory-hog-exec-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-memory-hog-exec-sa +subjects: +- kind: ServiceAccount + name: pod-memory-hog-exec-sa + namespace: default diff --git a/experiments/generic/pod-memory-hog-exec/rbac.yaml b/experiments/generic/pod-memory-hog-exec/rbac.yaml new file mode 100644 index 0000000..d4da0ca --- /dev/null +++ b/experiments/generic/pod-memory-hog-exec/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-memory-hog-exec-sa + namespace: default + labels: + name: pod-memory-hog-exec-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-memory-hog-exec-sa + namespace: default + labels: + name: pod-memory-hog-exec-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-memory-hog-exec-sa + namespace: default + labels: + name: pod-memory-hog-exec-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-memory-hog-exec-sa +subjects: +- kind: ServiceAccount + name: pod-memory-hog-exec-sa + namespace: default diff --git a/experiments/generic/pod-memory-hog/engine.yaml b/experiments/generic/pod-memory-hog/engine.yaml new file mode 100644 index 0000000..e5b9c52 --- /dev/null +++ b/experiments/generic/pod-memory-hog/engine.yaml @@ -0,0 +1,36 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-memory-hog-sa + experiments: + - name: pod-memory-hog + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Enter the amount of memory in megabytes to be consumed by the application pod + - name: MEMORY_CONSUMPTION + value: '500' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' diff --git a/experiments/generic/pod-memory-hog/experiment.yaml b/experiments/generic/pod-memory-hog/experiment.yaml new file mode 100644 index 0000000..562182f --- /dev/null +++ b/experiments/generic/pod-memory-hog/experiment.yaml @@ -0,0 +1,127 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects memory consumption on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-memory-hog + labels: + name: pod-memory-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-memory-hog + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + ## enter the amount of memory in megabytes to be consumed by the application pod + - name: MEMORY_CONSUMPTION + value: '500' + + ## Number of workers to perform stress + - name: NUMBER_OF_WORKERS + value: '1' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus, pumba + - name: LIB + value: 'litmus' + + ## It is used in pumba lib only + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + ## It is used in pumba lib only + - name: STRESS_IMAGE + value: 'alexeiled/stress-ng:latest-ubuntu' + + ## provide the cluster runtime + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + labels: + name: pod-memory-hog + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-memory-hog/pod-memory-hog.chartserviceversion.yaml b/experiments/generic/pod-memory-hog/pod-memory-hog.chartserviceversion.yaml new file mode 100644 index 0000000..958f9e4 --- /dev/null +++ b/experiments/generic/pod-memory-hog/pod-memory-hog.chartserviceversion.yaml @@ -0,0 +1,51 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-06-16T10:28:08Z + name: pod-memory-hog + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-memory-hog + categoryDescription: | + Pod-Memory-Hog contains chaos to consume memory resouces of specified containers in Kubernetes pods. + - Causes memory resource consumption on specified application containers using cgroups and litmus nsutil that consume memory resources of the given target containers. + - It Can test the application's resilience to potential slowness/unavailability of some replicas due to high memory load + - The application pod should be healthy once chaos is stopped. Expectation is that service-requests should be served despite chaos. + keywords: + - Kubernetes + - K8S + - Memory + - Pod + - Stress + platforms: + - GKE + - Packet(Kubeadm) + - Minikube + - EKS + - AKS + - OpenShift(OKD) + maturity: alpha + maintainers: + - name: Udit Gaurav + email: udit@chaosnative.com + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-memory-hog + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-memory-hog/ + - name: Video + url: https://www.youtube.com/watch?v=HuAXg8W5Tzo + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-memory-hog/experiment.yaml diff --git a/experiments/generic/pod-memory-hog/rbac-psp.yaml b/experiments/generic/pod-memory-hog/rbac-psp.yaml new file mode 100644 index 0000000..3ad222d --- /dev/null +++ b/experiments/generic/pod-memory-hog/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-memory-hog-sa + namespace: default + labels: + name: pod-memory-hog-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-memory-hog-sa + namespace: default + labels: + name: pod-memory-hog-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-memory-hog-sa + namespace: default + labels: + name: pod-memory-hog-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-memory-hog-sa +subjects: +- kind: ServiceAccount + name: pod-memory-hog-sa + namespace: default diff --git a/experiments/generic/pod-memory-hog/rbac.yaml b/experiments/generic/pod-memory-hog/rbac.yaml new file mode 100644 index 0000000..61445c9 --- /dev/null +++ b/experiments/generic/pod-memory-hog/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-memory-hog-sa + namespace: default + labels: + name: pod-memory-hog-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-memory-hog-sa + namespace: default + labels: + name: pod-memory-hog-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-memory-hog-sa + namespace: default + labels: + name: pod-memory-hog-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-memory-hog-sa +subjects: +- kind: ServiceAccount + name: pod-memory-hog-sa + namespace: default diff --git a/experiments/generic/pod-network-corruption/engine.yaml b/experiments/generic/pod-network-corruption/engine.yaml new file mode 100644 index 0000000..c8cebb5 --- /dev/null +++ b/experiments/generic/pod-network-corruption/engine.yaml @@ -0,0 +1,38 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-network-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + # FYI, To see app label, apply kubectl get pods --show-labels + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-network-corruption-sa + experiments: + - name: pod-network-corruption + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + - name: NETWORK_PACKET_CORRUPTION_PERCENTAGE + value: '100' #in PERCENTAGE + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' diff --git a/experiments/generic/pod-network-corruption/experiment.yaml b/experiments/generic/pod-network-corruption/experiment.yaml new file mode 100644 index 0000000..7d7859a --- /dev/null +++ b/experiments/generic/pod-network-corruption/experiment.yaml @@ -0,0 +1,138 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Inject network packet corruption into application pod +kind: ChaosExperiment +metadata: + name: pod-network-corruption + labels: + name: pod-network-corruption + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-corruption + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: NETWORK_INTERFACE + value: 'eth0' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_PACKET_CORRUPTION_PERCENTAGE + value: '100' #in PERCENTAGE + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-network-corruption + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-network-corruption/pod-network-corruption.chartserviceversion.yaml b/experiments/generic/pod-network-corruption/pod-network-corruption.chartserviceversion.yaml new file mode 100644 index 0000000..c4991a9 --- /dev/null +++ b/experiments/generic/pod-network-corruption/pod-network-corruption.chartserviceversion.yaml @@ -0,0 +1,49 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-01-07T10:28:08Z + name: pod-network-corruption + version: 0.1.10 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-network-corruption + categoryDescription: | + Pod-network-corruption contains chaos to disrupt network connectivity to kubernetes pods. Experiments can inject percentage packet corruption on the app replica pods. + - Causes packet corruption of application replica by injecting packet corruption using pumba. + - The application pod should be healthy once chaos is stopped. Service-requests should be served (say, via alternate replicas) despite chaos. + keywords: + - Kubernetes + - K8S + - Network + - Pod + - Corruption + platforms: + - GKE + - Packet(Kubeadm) + - Minikube + - EKS + - AKS + maturity: alpha + maintainers: + - name: LaumiH + email: laura-marie.henning@stud.h-da.de + minKubeVersion: 1.12.0 + provider: + name: Laura-Marie Henning + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-network-corruption + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-network-corruption/ + - name: Video + url: https://www.youtube.com/watch?v=kSiLrIaILvs + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-network-corruption/experiment.yaml diff --git a/experiments/generic/pod-network-corruption/rbac-psp.yaml b/experiments/generic/pod-network-corruption/rbac-psp.yaml new file mode 100644 index 0000000..685855b --- /dev/null +++ b/experiments/generic/pod-network-corruption/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-corruption-sa + namespace: default + labels: + name: pod-network-corruption-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-corruption-sa + namespace: default + labels: + name: pod-network-corruption-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-corruption-sa + namespace: default + labels: + name: pod-network-corruption-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-corruption-sa +subjects: +- kind: ServiceAccount + name: pod-network-corruption-sa + namespace: default diff --git a/experiments/generic/pod-network-corruption/rbac.yaml b/experiments/generic/pod-network-corruption/rbac.yaml new file mode 100644 index 0000000..f0319df --- /dev/null +++ b/experiments/generic/pod-network-corruption/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-corruption-sa + namespace: default + labels: + name: pod-network-corruption-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-corruption-sa + namespace: default + labels: + name: pod-network-corruption-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-corruption-sa + namespace: default + labels: + name: pod-network-corruption-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-corruption-sa +subjects: +- kind: ServiceAccount + name: pod-network-corruption-sa + namespace: default diff --git a/experiments/generic/pod-network-duplication/engine.yaml b/experiments/generic/pod-network-duplication/engine.yaml new file mode 100644 index 0000000..d726f75 --- /dev/null +++ b/experiments/generic/pod-network-duplication/engine.yaml @@ -0,0 +1,39 @@ +# chaosengine.yaml +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-network-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + # FYI, To see app label, apply kubectl get pods --show-labels + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-network-duplication-sa + experiments: + - name: pod-network-duplication + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: NETWORK_PACKET_DUPLICATION_PERCENTAGE + value: '100' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' diff --git a/experiments/generic/pod-network-duplication/experiment.yaml b/experiments/generic/pod-network-duplication/experiment.yaml new file mode 100644 index 0000000..d286b2f --- /dev/null +++ b/experiments/generic/pod-network-duplication/experiment.yaml @@ -0,0 +1,135 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects network packet duplication on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-network-duplication + labels: + name: pod-network-duplication + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-duplication + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: RAMP_TIME + value: '' + + - name: TARGET_CONTAINER + value: '' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_INTERFACE + value: 'eth0' + + - name: NETWORK_PACKET_DUPLICATION_PERCENTAGE + value: '100' # in percentage + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-network-duplication + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-network-duplication/pod-network-duplication.chartserviceversion.yaml b/experiments/generic/pod-network-duplication/pod-network-duplication.chartserviceversion.yaml new file mode 100644 index 0000000..cec3785 --- /dev/null +++ b/experiments/generic/pod-network-duplication/pod-network-duplication.chartserviceversion.yaml @@ -0,0 +1,49 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-07-01T10:28:08Z + name: pod-network-duplication + version: 0.1.2 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-network-duplication + categoryDescription: | + Pod-network-duplication contains chaos to disrupt network connectivity to kubernetes pods. Experiments can inject percentage packet duplication on the app replica pods. + - Causes lossy access to application replica by injecting packet duplication using pumba. + - The application pod should be healthy once chaos is stopped. Service-requests should be served (say, via alternate replicas) despite chaos. + keywords: + - Kubernetes + - K8S + - Network + - Pod + - Duplication + platforms: + - GKE + - Minikube + - Packet(Kubeadm) + - EKS + - AKS + maturity: alpha + maintainers: + - name: Udit Gaurav + email: udit.gaurav@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-network-duplication + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-network-duplication/ + - name: Video + url: + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-network-duplication/experiment.yaml diff --git a/experiments/generic/pod-network-duplication/rbac-psp.yaml b/experiments/generic/pod-network-duplication/rbac-psp.yaml new file mode 100644 index 0000000..01acf1a --- /dev/null +++ b/experiments/generic/pod-network-duplication/rbac-psp.yaml @@ -0,0 +1,84 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-duplication-sa + namespace: default + labels: + name: pod-network-duplication-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-duplication-sa + namespace: default + labels: + name: pod-network-duplication-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-duplication-sa + namespace: default + labels: + name: pod-network-duplication-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-duplication-sa +subjects: +- kind: ServiceAccount + name: pod-network-duplication-sa + namespace: default diff --git a/experiments/generic/pod-network-duplication/rbac.yaml b/experiments/generic/pod-network-duplication/rbac.yaml new file mode 100644 index 0000000..d225750 --- /dev/null +++ b/experiments/generic/pod-network-duplication/rbac.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-duplication-sa + namespace: default + labels: + name: pod-network-duplication-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-duplication-sa + namespace: default + labels: + name: pod-network-duplication-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-duplication-sa + namespace: default + labels: + name: pod-network-duplication-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-duplication-sa +subjects: +- kind: ServiceAccount + name: pod-network-duplication-sa + namespace: default diff --git a/experiments/generic/pod-network-latency/engine.yaml b/experiments/generic/pod-network-latency/engine.yaml new file mode 100644 index 0000000..07aa28d --- /dev/null +++ b/experiments/generic/pod-network-latency/engine.yaml @@ -0,0 +1,41 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-network-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + # FYI, To see app label, apply kubectl get pods --show-labels + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-network-latency-sa + experiments: + - name: pod-network-latency + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: NETWORK_LATENCY + value: '2000' + + - name: JITTER + value: '0' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' diff --git a/experiments/generic/pod-network-latency/experiment.yaml b/experiments/generic/pod-network-latency/experiment.yaml new file mode 100644 index 0000000..89f92f1 --- /dev/null +++ b/experiments/generic/pod-network-latency/experiment.yaml @@ -0,0 +1,141 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects network latency on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-network-latency + labels: + name: pod-network-latency + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-latency + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + - name: NETWORK_INTERFACE + value: 'eth0' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_LATENCY + value: '2000' #in ms + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: JITTER + value: '0' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-network-latency + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-network-latency/pod-network-latency.chartserviceversion.yaml b/experiments/generic/pod-network-latency/pod-network-latency.chartserviceversion.yaml new file mode 100644 index 0000000..8e40c7a --- /dev/null +++ b/experiments/generic/pod-network-latency/pod-network-latency.chartserviceversion.yaml @@ -0,0 +1,49 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-10-11T10:28:08Z + name: pod-network-latency + version: 0.1.13 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-network-latency + categoryDescription: | + Pod-network-latency contains chaos to disrupt network connectivity of kubernetes pods. Experiments can inject random network delays on the app replica pods. + - Causes flaky access to application replica by injecting network delay using pumba. + - The application pod should be healthy once chaos is stopped. Service-requests should be served despite chaos. + keywords: + - Kubernetes + - K8S + - Network + - Pod + - Latency + platforms: + - GKE + - Minikube + - Packet(Kubeadm) + - EKS + - AKS + maturity: alpha + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-network-latency + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-network-latency/ + - name: Video + url: https://www.youtube.com/watch?v=QsQZyXVCcCw + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-network-latency/experiment.yaml diff --git a/experiments/generic/pod-network-latency/rbac-psp.yaml b/experiments/generic/pod-network-latency/rbac-psp.yaml new file mode 100644 index 0000000..ee147c7 --- /dev/null +++ b/experiments/generic/pod-network-latency/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-latency-sa + namespace: default + labels: + name: pod-network-latency-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-latency-sa + namespace: default + labels: + name: pod-network-latency-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-latency-sa + namespace: default + labels: + name: pod-network-latency-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-latency-sa +subjects: +- kind: ServiceAccount + name: pod-network-latency-sa + namespace: default diff --git a/experiments/generic/pod-network-latency/rbac.yaml b/experiments/generic/pod-network-latency/rbac.yaml new file mode 100644 index 0000000..4b65e6b --- /dev/null +++ b/experiments/generic/pod-network-latency/rbac.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-latency-sa + namespace: default + labels: + name: pod-network-latency-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-latency-sa + namespace: default + labels: + name: pod-network-latency-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-latency-sa + namespace: default + labels: + name: pod-network-latency-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-latency-sa +subjects: +- kind: ServiceAccount + name: pod-network-latency-sa + namespace: default diff --git a/experiments/generic/pod-network-loss/engine.yaml b/experiments/generic/pod-network-loss/engine.yaml new file mode 100644 index 0000000..36718dc --- /dev/null +++ b/experiments/generic/pod-network-loss/engine.yaml @@ -0,0 +1,40 @@ +# chaosengine.yaml +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-network-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + # FYI, To see app label, apply kubectl get pods --show-labels + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-network-loss-sa + experiments: + - name: pod-network-loss + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: NETWORK_PACKET_LOSS_PERCENTAGE + value: '100' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/experiments/generic/pod-network-loss/experiment.yaml b/experiments/generic/pod-network-loss/experiment.yaml new file mode 100644 index 0000000..069080b --- /dev/null +++ b/experiments/generic/pod-network-loss/experiment.yaml @@ -0,0 +1,138 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects network packet loss on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-network-loss + labels: + name: pod-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-loss + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + - name: NETWORK_INTERFACE + value: 'eth0' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_PACKET_LOSS_PERCENTAGE + value: '100' #in PERCENTAGE + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # ime period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # it can be litmus or pumba + - name: LIB + value: 'litmus' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/runtime-api-usage: "true" + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-network-loss/pod-network-loss.chartserviceversion.yaml b/experiments/generic/pod-network-loss/pod-network-loss.chartserviceversion.yaml new file mode 100644 index 0000000..71ae971 --- /dev/null +++ b/experiments/generic/pod-network-loss/pod-network-loss.chartserviceversion.yaml @@ -0,0 +1,48 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-10-11T10:28:08Z + name: pod-network-loss + version: 0.1.12 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-network-loss + categoryDescription: | + Pod-network-loss contains chaos to disrupt network connectivity to kubernetes pods. Experiments can inject percentage packet loss on the app replica pods. + - Causes loss of access to application replica by injecting packet loss using pumba. + - The application pod should be healthy once chaos is stopped. Service-requests should be served (say, via alternate replicas) despite chaos. + keywords: + - Kubernetes + - K8S + - Network + - Pod + - Loss + platforms: + - GKE + - Minikube + - Packet(Kubeadm) + - EKS + maturity: alpha + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-network-loss + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-network-loss/ + - name: Video + url: https://www.youtube.com/watch?v=jqvYy-nWc_I + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-network-loss/experiment.yaml diff --git a/experiments/generic/pod-network-loss/rbac-psp.yaml b/experiments/generic/pod-network-loss/rbac-psp.yaml new file mode 100644 index 0000000..d3af1b8 --- /dev/null +++ b/experiments/generic/pod-network-loss/rbac-psp.yaml @@ -0,0 +1,84 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-loss-sa + namespace: default + labels: + name: pod-network-loss-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-loss-sa + namespace: default + labels: + name: pod-network-loss-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-loss-sa + namespace: default + labels: + name: pod-network-loss-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-loss-sa +subjects: +- kind: ServiceAccount + name: pod-network-loss-sa + namespace: default diff --git a/experiments/generic/pod-network-loss/rbac.yaml b/experiments/generic/pod-network-loss/rbac.yaml new file mode 100644 index 0000000..caa0918 --- /dev/null +++ b/experiments/generic/pod-network-loss/rbac.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-loss-sa + namespace: default + labels: + name: pod-network-loss-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-loss-sa + namespace: default + labels: + name: pod-network-loss-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-loss-sa + namespace: default + labels: + name: pod-network-loss-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-loss-sa +subjects: +- kind: ServiceAccount + name: pod-network-loss-sa + namespace: default diff --git a/experiments/generic/pod-network-partition/engine.yaml b/experiments/generic/pod-network-partition/engine.yaml new file mode 100644 index 0000000..ef656e1 --- /dev/null +++ b/experiments/generic/pod-network-partition/engine.yaml @@ -0,0 +1,21 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-network-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + # FYI, To see app label, apply kubectl get pods --show-labels + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-network-partition-sa + experiments: + - name: pod-network-partition + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds diff --git a/experiments/generic/pod-network-partition/experiment.yaml b/experiments/generic/pod-network-partition/experiment.yaml new file mode 100644 index 0000000..7c2cde2 --- /dev/null +++ b/experiments/generic/pod-network-partition/experiment.yaml @@ -0,0 +1,100 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Injects 100% network packet loss on pods belonging to an app deployment +kind: ChaosExperiment +metadata: + name: pod-network-partition + labels: + name: pod-network-partition + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # performs CRUD operations on the network policies + - apiGroups: ["networking.k8s.io"] + resources: ["networkpolicies"] + verbs: ["create","delete","list","get"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-network-partition + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # ime period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # it should be litmus + - name: LIB + value: 'litmus' + + # provide the destination ips + # chaos injection will be triggered for these destination ips + - name: DESTINATION_IPS + value: '' + + # provide the destination hosts + # chaos injection will be triggered for these destination hosts + - name: DESTINATION_HOSTS + value: '' + + # provide network policy type + # support ingress, egress, all values + - name: POLICY_TYPES + value: 'all' + + # provide labels of the destination pods + - name: POD_SELECTOR + value: '' + + # provide labels the destination namespaces + - name: NAMESPACE_SELECTOR + value: '' + + # provide comma separated ports + - name: PORTS + value: '' + + labels: + name: pod-network-partition + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-network-partition/pod-network-partition.chartserviceversion.yaml b/experiments/generic/pod-network-partition/pod-network-partition.chartserviceversion.yaml new file mode 100644 index 0000000..89b3957 --- /dev/null +++ b/experiments/generic/pod-network-partition/pod-network-partition.chartserviceversion.yaml @@ -0,0 +1,43 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-08-25T10:28:08Z + name: pod-network-partition + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: pod-network-partition + categoryDescription: | + pod-network-partition contains chaos to disrupt network connectivity to kubernetes pods. Experiments can inject complete egress/ingress network loss based on label and namespace selectors. + - The application pod should be healthy once chaos is stopped. Service-requests should be served (say, via alternate replicas) despite chaos. + keywords: + - Kubernetes + - K8S + - Pod + - Network + - Partition + platforms: + - Minikube + - Packet(Kubeadm) + maturity: alpha + maintainers: + - name: ispeakc0de + email: shubham@chaosnative.com + minKubeVersion: 1.12.0 + provider: + name: ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-network-partition + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-network-partition/ + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-network-partition/experiment.yaml diff --git a/experiments/generic/pod-network-partition/rbac-psp.yaml b/experiments/generic/pod-network-partition/rbac-psp.yaml new file mode 100644 index 0000000..9335123 --- /dev/null +++ b/experiments/generic/pod-network-partition/rbac-psp.yaml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-partition-sa + namespace: default + labels: + name: pod-network-partition-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-partition-sa + namespace: default + labels: + name: pod-network-partition-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # performs CRUD operations on the network policies + - apiGroups: ["networking.k8s.io"] + resources: ["networkpolicies"] + verbs: ["create","delete","list","get"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-partition-sa + namespace: default + labels: + name: pod-network-partition-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-partition-sa +subjects: +- kind: ServiceAccount + name: pod-network-partition-sa + namespace: default diff --git a/experiments/generic/pod-network-partition/rbac.yaml b/experiments/generic/pod-network-partition/rbac.yaml new file mode 100644 index 0000000..e2a0ae7 --- /dev/null +++ b/experiments/generic/pod-network-partition/rbac.yaml @@ -0,0 +1,67 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-network-partition-sa + namespace: default + labels: + name: pod-network-partition-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-network-partition-sa + namespace: default + labels: + name: pod-network-partition-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # performs CRUD operations on the network policies + - apiGroups: ["networking.k8s.io"] + resources: ["networkpolicies"] + verbs: ["create","delete","list","get"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-network-partition-sa + namespace: default + labels: + name: pod-network-partition-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-network-partition-sa +subjects: +- kind: ServiceAccount + name: pod-network-partition-sa + namespace: default diff --git a/experiments/kafka/experiments.yaml b/experiments/kafka/experiments.yaml new file mode 100644 index 0000000..893dc2b --- /dev/null +++ b/experiments/kafka/experiments.yaml @@ -0,0 +1,249 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Detaching a persistent disk from a node/instance for kafka. +kind: ChaosExperiment +metadata: + name: kafka-broker-disk-failure + labels: + name: kafka-broker-disk-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "batch" + - "litmuschaos.io" + resources: + - "statefulsets" + - "secrets" + - "jobs" + - "pods/log" + - "events" + - "pods" + - "pods/exec" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "delete" + - "get" + - "list" + - "patch" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/kafka/kafka-broker-disk-failure/kafka-broker-disk-failure-ansible-logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: KAFKA_KIND + value: 'statefulset' + + - name: KAFKA_LIVENESS_STREAM + value: 'enabled' + + - name: KAFKA_LIVENESS_IMAGE + value: 'litmuschaos/kafka-client:ci' + + - name: KAFKA_CONSUMER_TIMEOUT + value: '30000' + + - name: TOTAL_CHAOS_DURATION + value: '15' + + - name: PROJECT_ID + value: '' + + - name: DISK_NAME + value: '' + + - name: ZONE_NAME + value: '' + + # GKE and AWS supported + - name: CLOUD_PLATFORM + value: 'GKE' + + - name: KAFKA_NAMESPACE + value: '' + + - name: KAFKA_LABEL + value: '' + + - name: KAFKA_BROKER + value: '' + + - name: KAFKA_INSTANCE_NAME + value: '' + + - name: KAFKA_REPLICATION_FACTOR + value: '' + + - name: KAFKA_SERVICE + value: '' + + - name: KAFKA_PORT + value: '' + + - name: ZOOKEEPER_NAMESPACE + value: '' + + - name: ZOOKEEPER_LABEL + value: '' + + - name: ZOOKEEPER_SERVICE + value: '' + + - name: ZOOKEEPER_PORT + value: '' + labels: + name: kafka-broker-disk-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: kafka-broker-disk-failure + mountPath: /tmp/ + + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deleting a kafka broker pod +kind: ChaosExperiment +metadata: + name: kafka-broker-pod-failure + labels: + name: kafka-broker-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for deriving the parent/owner details of the pod + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name kafka-broker-pod-failure + command: + - /bin/bash + env: + + - name: KAFKA_KIND + value: 'statefulset' + + - name: KAFKA_LIVENESS_STREAM + value: 'enable' + + - name: KAFKA_LIVENESS_IMAGE + value: 'litmuschaos/kafka-client:latest' + + # Recommended timeout for EKS platform: 60000 ms + - name: KAFKA_CONSUMER_TIMEOUT + value: '30000' #in ms + + - name: TOTAL_CHAOS_DURATION + value: '15' + + - name: CHAOS_INTERVAL + value: '5' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + - name: FORCE + value: 'true' + + - name: KAFKA_INSTANCE_NAME + value: '' + + - name: KAFKA_NAMESPACE + value: '' + + - name: KAFKA_LABEL + value: '' + + - name: KAFKA_BROKER + value: '' + + - name: KAFKA_REPLICATION_FACTOR + value: '' + + - name: KAFKA_SERVICE + value: '' + + - name: KAFKA_PORT + value: '' + + - name: ZOOKEEPER_NAMESPACE + value: '' + + - name: ZOOKEEPER_LABEL + value: '' + + - name: ZOOKEEPER_SERVICE + value: '' + + - name: ZOOKEEPER_PORT + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus + - name: LIB + value: 'litmus' + + labels: + name: kafka-broker-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- diff --git a/experiments/kafka/icons/kafka-broker-disk-failure.png b/experiments/kafka/icons/kafka-broker-disk-failure.png new file mode 100644 index 0000000..08321df Binary files /dev/null and b/experiments/kafka/icons/kafka-broker-disk-failure.png differ diff --git a/experiments/kafka/icons/kafka-broker-pod-failure.png b/experiments/kafka/icons/kafka-broker-pod-failure.png new file mode 100644 index 0000000..08321df Binary files /dev/null and b/experiments/kafka/icons/kafka-broker-pod-failure.png differ diff --git a/experiments/kafka/icons/kafka.png b/experiments/kafka/icons/kafka.png new file mode 100644 index 0000000..08321df Binary files /dev/null and b/experiments/kafka/icons/kafka.png differ diff --git a/experiments/kafka/kafka-broker-disk-failure/engine.yaml b/experiments/kafka/kafka-broker-disk-failure/engine.yaml new file mode 100644 index 0000000..56b1690 --- /dev/null +++ b/experiments/kafka/kafka-broker-disk-failure/engine.yaml @@ -0,0 +1,81 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: kafka-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=cp-kafka' + appkind: 'statefulset' + chaosServiceAccount: kafka-broker-disk-failure-sa + experiments: + - name: kafka-broker-disk-failure + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' + + # choose based on available kafka broker replicas + - name: KAFKA_REPLICATION_FACTOR + value: '3' + + # get via 'kubectl get pods --show-labels -n ' + - name: KAFKA_LABEL + value: 'app=cp-kafka' + + - name: KAFKA_NAMESPACE + value: 'default' + + # get via 'kubectl get svc -n ' + - name: KAFKA_SERVICE + value: 'kafka-cp-kafka-headless' + + # get via 'kubectl get svc -n ' + - name: KAFKA_PORT + value: '9092' + + # in milliseconds + - name: KAFKA_CONSUMER_TIMEOUT + value: '70000' + + # ensure to set the instance name if using KUDO operator + - name: KAFKA_INSTANCE_NAME + value: '' + + - name: ZOOKEEPER_NAMESPACE + value: 'default' + + # get via 'kubectl get pods --show-labels -n ' + - name: ZOOKEEPER_LABEL + value: 'app=cp-zookeeper' + + # get via 'kubectl get svc -n + - name: ZOOKEEPER_SERVICE + value: 'kafka-cp-zookeeper-headless' + + # get via 'kubectl get svc -n + - name: ZOOKEEPER_PORT + value: '2181' + + # get from google cloud console or 'gcloud projects list' + - name: PROJECT_ID + value: 'argon-tractor-237811' + + # attached to (in use by) node where 'kafka-0' is scheduled + - name: DISK_NAME + value: 'disk-1' + + - name: ZONE_NAME + value: 'us-central1-a' + + # Uses 'disk-1' attached to the node on which it is scheduled + - name: KAFKA_BROKER + value: 'kafka-0' + \ No newline at end of file diff --git a/experiments/kafka/kafka-broker-disk-failure/experiment.yaml b/experiments/kafka/kafka-broker-disk-failure/experiment.yaml new file mode 100644 index 0000000..b354d4e --- /dev/null +++ b/experiments/kafka/kafka-broker-disk-failure/experiment.yaml @@ -0,0 +1,118 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Detaching a persistent disk from a node/instance for kafka. +kind: ChaosExperiment +metadata: + name: kafka-broker-disk-failure + labels: + name: kafka-broker-disk-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "batch" + - "litmuschaos.io" + resources: + - "statefulsets" + - "secrets" + - "jobs" + - "pods/log" + - "events" + - "pods" + - "pods/exec" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "delete" + - "get" + - "list" + - "patch" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/kafka/kafka-broker-disk-failure/kafka-broker-disk-failure-ansible-logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: KAFKA_KIND + value: 'statefulset' + + - name: KAFKA_LIVENESS_STREAM + value: 'enabled' + + - name: KAFKA_LIVENESS_IMAGE + value: 'litmuschaos/kafka-client:ci' + + - name: KAFKA_CONSUMER_TIMEOUT + value: '30000' + + - name: TOTAL_CHAOS_DURATION + value: '15' + + - name: PROJECT_ID + value: '' + + - name: DISK_NAME + value: '' + + - name: ZONE_NAME + value: '' + + # GKE and AWS supported + - name: CLOUD_PLATFORM + value: 'GKE' + + - name: KAFKA_NAMESPACE + value: '' + + - name: KAFKA_LABEL + value: '' + + - name: KAFKA_BROKER + value: '' + + - name: KAFKA_INSTANCE_NAME + value: '' + + - name: KAFKA_REPLICATION_FACTOR + value: '' + + - name: KAFKA_SERVICE + value: '' + + - name: KAFKA_PORT + value: '' + + - name: ZOOKEEPER_NAMESPACE + value: '' + + - name: ZOOKEEPER_LABEL + value: '' + + - name: ZOOKEEPER_SERVICE + value: '' + + - name: ZOOKEEPER_PORT + value: '' + labels: + name: kafka-broker-disk-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: kafka-broker-disk-failure + mountPath: /tmp/ + diff --git a/experiments/kafka/kafka-broker-disk-failure/kafka-broker-disk-failure.chartserviceversion.yaml b/experiments/kafka/kafka-broker-disk-failure/kafka-broker-disk-failure.chartserviceversion.yaml new file mode 100644 index 0000000..1984037 --- /dev/null +++ b/experiments/kafka/kafka-broker-disk-failure/kafka-broker-disk-failure.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-11-15T10:28:08Z + name: kafka-broker-disk-failure + annotations: + categories: Kafka + vendor: Mayadata + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: kafka-broker-disk-failure + categoryDescription: | + Detaching a persistent disk from a node/instance for kafka + keywords: + - Kubernetes + - K8S + - Disk + - Kafka + platforms: + - GKE + - konvoy + maturity: alpha + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/kafka/kafka-broker-disk-failure + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/kafka-broker-disk-failure/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kafka/kafka-broker-disk-failure/experiment.yaml diff --git a/experiments/kafka/kafka-broker-disk-failure/rbac.yaml b/experiments/kafka/kafka-broker-disk-failure/rbac.yaml new file mode 100644 index 0000000..6d685b7 --- /dev/null +++ b/experiments/kafka/kafka-broker-disk-failure/rbac.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kafka-broker-disk-failure-sa + namespace: default + labels: + name: kafka-broker-disk-failure-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kafka-broker-disk-failure-sa + labels: + name: kafka-broker-disk-failure-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","litmuschaos.io","batch","apps"] + resources: ["pods","jobs","pods/log","events","pods/exec","statefulsets","secrets","chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kafka-broker-disk-failure-sa + labels: + name: kafka-broker-disk-failure-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kafka-broker-disk-failure-sa +subjects: +- kind: ServiceAccount + name: kafka-broker-disk-failure-sa + namespace: default + diff --git a/experiments/kafka/kafka-broker-pod-failure/engine.yaml b/experiments/kafka/kafka-broker-pod-failure/engine.yaml new file mode 100644 index 0000000..5a8b305 --- /dev/null +++ b/experiments/kafka/kafka-broker-pod-failure/engine.yaml @@ -0,0 +1,74 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: kafka-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=cp-kafka' + appkind: 'statefulset' + chaosServiceAccount: kafka-broker-pod-failure-sa + experiments: + - name: kafka-broker-pod-failure + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' + + # choose based on available kafka broker replicas + - name: KAFKA_REPLICATION_FACTOR + value: '3' + + # get via 'kubectl get pods --show-labels -n ' + - name: KAFKA_LABEL + value: 'app=cp-kafka' + + - name: KAFKA_NAMESPACE + value: 'default' + + # get via 'kubectl get svc -n ' + - name: KAFKA_SERVICE + value: 'kafka-cp-kafka-headless' + + # get via 'kubectl get svc -n ' + - name: KAFKA_PORT + value: '9092' + + # Recommended timeout for EKS platform: 60000 ms + - name: KAFKA_CONSUMER_TIMEOUT + value: '30000' # in milliseconds + + # ensure to set the instance name if using KUDO operator + - name: KAFKA_INSTANCE_NAME + value: '' + + - name: ZOOKEEPER_NAMESPACE + value: 'default' + + # get via 'kubectl get pods --show-labels -n ' + - name: ZOOKEEPER_LABEL + value: 'app=cp-zookeeper' + + # get via 'kubectl get svc -n + - name: ZOOKEEPER_SERVICE + value: 'kafka-cp-zookeeper-headless' + + # get via 'kubectl get svc -n + - name: ZOOKEEPER_PORT + value: '2181' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '20' + + # pod failures without '--force' & default terminationGracePeriodSeconds + - name: FORCE + value: 'false' + \ No newline at end of file diff --git a/experiments/kafka/kafka-broker-pod-failure/experiment.yaml b/experiments/kafka/kafka-broker-pod-failure/experiment.yaml new file mode 100644 index 0000000..5fae21d --- /dev/null +++ b/experiments/kafka/kafka-broker-pod-failure/experiment.yaml @@ -0,0 +1,127 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deleting a kafka broker pod +kind: ChaosExperiment +metadata: + name: kafka-broker-pod-failure + labels: + name: kafka-broker-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for deriving the parent/owner details of the pod + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name kafka-broker-pod-failure + command: + - /bin/bash + env: + + - name: KAFKA_KIND + value: 'statefulset' + + - name: KAFKA_LIVENESS_STREAM + value: 'enable' + + - name: KAFKA_LIVENESS_IMAGE + value: 'litmuschaos/kafka-client:latest' + + # Recommended timeout for EKS platform: 60000 ms + - name: KAFKA_CONSUMER_TIMEOUT + value: '30000' #in ms + + - name: TOTAL_CHAOS_DURATION + value: '15' + + - name: CHAOS_INTERVAL + value: '5' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + - name: FORCE + value: 'true' + + - name: KAFKA_INSTANCE_NAME + value: '' + + - name: KAFKA_NAMESPACE + value: '' + + - name: KAFKA_LABEL + value: '' + + - name: KAFKA_BROKER + value: '' + + - name: KAFKA_REPLICATION_FACTOR + value: '' + + - name: KAFKA_SERVICE + value: '' + + - name: KAFKA_PORT + value: '' + + - name: ZOOKEEPER_NAMESPACE + value: '' + + - name: ZOOKEEPER_LABEL + value: '' + + - name: ZOOKEEPER_SERVICE + value: '' + + - name: ZOOKEEPER_PORT + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus + - name: LIB + value: 'litmus' + + labels: + name: kafka-broker-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/kafka/kafka-broker-pod-failure/kafka-broker-pod-failure.chartserviceversion.yaml b/experiments/kafka/kafka-broker-pod-failure/kafka-broker-pod-failure.chartserviceversion.yaml new file mode 100644 index 0000000..e3702e0 --- /dev/null +++ b/experiments/kafka/kafka-broker-pod-failure/kafka-broker-pod-failure.chartserviceversion.yaml @@ -0,0 +1,45 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-11-15T10:28:08Z + name: kafka-broker-pod-failure + version: 0.1.6 + annotations: + categories: Kafka + vendor: Mayadata + repository: https://github.com/litmuschaos/chaos-charts + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: kafka-broker-pod-failure + categoryDescription: | + This chaos experiment kills (random or specified) kafka broker pods + keywords: + - Kubernetes + - K8S + - Pod + - Kafka + platforms: + - GKE + - EKS + - konvoy + maturity: alpha + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/kafka/kafka-broker-pod-failure + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/kafka/kafka-broker-pod-failure/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kafka/kafka-broker-pod-failure/experiment.yaml diff --git a/experiments/kafka/kafka-broker-pod-failure/rbac.yaml b/experiments/kafka/kafka-broker-pod-failure/rbac.yaml new file mode 100644 index 0000000..64fd1db --- /dev/null +++ b/experiments/kafka/kafka-broker-pod-failure/rbac.yaml @@ -0,0 +1,67 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kafka-broker-pod-failure-sa + namespace: default + labels: + name: kafka-broker-pod-failure-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kafka-broker-pod-failure-sa + labels: + name: kafka-broker-pod-failure-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for deriving the parent/owner details of the pod + - apiGroups: ["apps"] + resources: ["deployments","statefulsets"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kafka-broker-pod-failure-sa + labels: + name: kafka-broker-pod-failure-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kafka-broker-pod-failure-sa +subjects: +- kind: ServiceAccount + name: kafka-broker-pod-failure-sa + namespace: default + diff --git a/experiments/kafka/kafka.chartserviceversion.yaml b/experiments/kafka/kafka.chartserviceversion.yaml new file mode 100644 index 0000000..8293a4a --- /dev/null +++ b/experiments/kafka/kafka.chartserviceversion.yaml @@ -0,0 +1,40 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-11-13T10:28:08Z + name: kafka + version: 0.1.4 + annotations: + categories: Kafka + chartDescription: Injects chaos on kafka components +spec: + displayName: Kafka Chaos + categoryDescription: > + Kafka is used for building real-time data pipelines and streaming apps. It is horizontally scalable, fault-tolerant, fast, + and runs in production in thousands of companies + experiments: + - name: kafka-broker-pod-failure + description: "" + keywords: + - Kubernetes + - K8S + - Kafka + - Disk + - Pod + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: Kafka Website + url: http://kafka.apache.org/ + - name: Source Code + url: https://github.com/litmuschaos/litmus/tree/master/experiments/kafka + - name: Community Slack + url: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN + icon: + - url: + mediatype: + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kafka/experiments.yaml diff --git a/experiments/kafka/kafka.package.yaml b/experiments/kafka/kafka.package.yaml new file mode 100644 index 0000000..e4c401d --- /dev/null +++ b/experiments/kafka/kafka.package.yaml @@ -0,0 +1,8 @@ +packageName: kafka +experiments: + - name: kafka-broker-pod-failure + CSV: kafka-broker-pod-failure.chartserviceversion.yaml + desc: "kafka-broker-pod-failure" + - name: kafka-broker-disk-failure + CSV: kafka-broker-disk-failure.chartserviceversion.yaml + desc: "kafka-broker-disk-failure" diff --git a/experiments/kube-aws/aws-az-chaos/aws-az-chaos.chartserviceversion.yaml b/experiments/kube-aws/aws-az-chaos/aws-az-chaos.chartserviceversion.yaml new file mode 100755 index 0000000..1632138 --- /dev/null +++ b/experiments/kube-aws/aws-az-chaos/aws-az-chaos.chartserviceversion.yaml @@ -0,0 +1,35 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: aws-az-chaos + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: aws-az-chaos + categoryDescription: > + Execute aws-az chaos to detach the target zones from the load balancer + keywords: + - "zone" + - "load-balancer" + - "aws" + platforms: + - "AWS" + maturity: alpha + maintainers: + - name: oumkale + email: imkaleoum@gmail.com + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-python/tree/master/experiments/aws_az + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/aws/aws-az-chaos/ + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kube-aws/aws-az-chaos/experiment.yaml diff --git a/experiments/kube-aws/aws-az-chaos/engine.yaml b/experiments/kube-aws/aws-az-chaos/engine.yaml new file mode 100755 index 0000000..a7afbbc --- /dev/null +++ b/experiments/kube-aws/aws-az-chaos/engine.yaml @@ -0,0 +1,27 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: aws-az-chaos +spec: + # It can be active/stop + engineState: 'active' + chaosServiceAccount: aws-az-chaos-sa + experiments: + - name: aws-az-chaos + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + - name: CHAOS_INTERVAL + value: '30' + #LOAD_BALANCER_NAME name of the load balancer + - name: LOAD_BALANCER_NAME + value: "" + #LOAD_BALANCER_ZONES can be multiple, provide it by comma separated + - name: LOAD_BALANCER_ZONES + value: "" + - name: LOAD_BALANCERNAME_ARN + value: "na" + - name: AWS_SHARED_CREDENTIALS_FILE + value: "/tmp/cloud_config.yml" diff --git a/experiments/kube-aws/aws-az-chaos/experiment.yaml b/experiments/kube-aws/aws-az-chaos/experiment.yaml new file mode 100755 index 0000000..921723b --- /dev/null +++ b/experiments/kube-aws/aws-az-chaos/experiment.yaml @@ -0,0 +1,76 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Execute aws-az chaos to detach the target zones from the load balancer +kind: ChaosExperiment +metadata: + name: aws-az-chaos + labels: + name: aws-az-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/py-runner:latest" + imagePullPolicy: Always + args: + - -c + - python3 -u experiment -name aws-az-chaos + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + - name: CHAOS_INTERVAL + value: '30' + - name: LIB + value: 'litmus' + - name: LOAD_BALANCER_NAME + value: '' + - name: LOAD_BALANCER_ZONES + value: '' + - name: LOAD_BALANCERNAME_ARN + value: 'na' + - name: AWS_SHARED_CREDENTIALS_FILE + value: "/tmp/cloud_config.yml" + - name: RAMP_TIME + value: '' + labels: + name: aws-az-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/kube-aws/aws-az-chaos/rbac.yaml b/experiments/kube-aws/aws-az-chaos/rbac.yaml new file mode 100755 index 0000000..3d2284c --- /dev/null +++ b/experiments/kube-aws/aws-az-chaos/rbac.yaml @@ -0,0 +1,60 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: aws-az-chaos-sa + namespace: default + labels: + name: aws-az-chaos-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: aws-az-chaos-sa + namespace: default + labels: + name: aws-az-chaos-sa + app.kubernetes.io/part-of: litmus +rules: +# Create and monitor the experiment & helper pods +- apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] +# Performs CRUD operations on the events inside chaosengine and chaosresult +- apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] +# Fetch configmaps & secrets details and mount it to the experiment pod (if specified) +- apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] +# Track and get the runner, experiment, and helper pods log +- apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] +# for configuring and monitor the experiment job by the chaos-runner pod +- apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] +# for creation, status polling and deletion of litmus chaos resources used within a chaos workflow +- apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: aws-az-chaos-sa + namespace: default + labels: + name: aws-az-chaos-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: aws-az-chaos-sa +subjects: +- kind: ServiceAccount + name: aws-az-chaos-sa + namespace: default \ No newline at end of file diff --git a/experiments/kube-aws/ebs-loss-by-id/ebs-loss-by-id.chartserviceversion.yaml b/experiments/kube-aws/ebs-loss-by-id/ebs-loss-by-id.chartserviceversion.yaml new file mode 100644 index 0000000..9946442 --- /dev/null +++ b/experiments/kube-aws/ebs-loss-by-id/ebs-loss-by-id.chartserviceversion.yaml @@ -0,0 +1,43 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-10-28T10:28:08Z + name: ebs-loss-by-id + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: ebs-loss-by-id + categoryDescription: | + EBS Loss By ID contains chaos to disrupt state of infra resources. The experiment can induce ebs volume loss against specified application for the give EBS Volume(s). + - Causes ebs volume loss from node or ec2 instance for a certain chaos interval from total chaos duration. + - Tests deployment sanity (replica availability & uninterrupted service) and recovery workflows of the application pod + keywords: + - EBS + - Volume + - AWS + platforms: + - AWS + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: uditgaurav@mayadata.io + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/kube-aws/ebs-loss-by-id + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/aws/ebs-loss-by-id/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kube-aws/ebs-loss-by-id/experiment.yaml diff --git a/experiments/kube-aws/ebs-loss-by-id/engine.yaml b/experiments/kube-aws/ebs-loss-by-id/engine.yaml new file mode 100644 index 0000000..cdb3010 --- /dev/null +++ b/experiments/kube-aws/ebs-loss-by-id/engine.yaml @@ -0,0 +1,28 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + engineState: 'active' + chaosServiceAccount: ebs-loss-by-id-sa + experiments: + - name: ebs-loss-by-id + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos duration (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # set target ebs volume ID + - name: EBS_VOLUME_ID + value: '' + + # provide the region name of the instance + - name: REGION + value: '' diff --git a/experiments/kube-aws/ebs-loss-by-id/experiment.yaml b/experiments/kube-aws/ebs-loss-by-id/experiment.yaml new file mode 100644 index 0000000..143caf4 --- /dev/null +++ b/experiments/kube-aws/ebs-loss-by-id/experiment.yaml @@ -0,0 +1,88 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Detaching an ebs volume from ec2 instance. +kind: ChaosExperiment +metadata: + name: ebs-loss-by-id + labels: + name: ebs-loss-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name ebs-loss-by-id + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: EBS_VOLUME_ID + value: '' + + - name: REGION + value: '' + + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: ebs-loss-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/kube-aws/ebs-loss-by-id/rbac.yaml b/experiments/kube-aws/ebs-loss-by-id/rbac.yaml new file mode 100644 index 0000000..52a1c57 --- /dev/null +++ b/experiments/kube-aws/ebs-loss-by-id/rbac.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: ebs-loss-by-id-sa + namespace: default + labels: + name: ebs-loss-by-id-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: ebs-loss-by-id-sa + labels: + name: ebs-loss-by-id-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ebs-loss-by-id-sa + labels: + name: ebs-loss-by-id-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ebs-loss-by-id-sa +subjects: +- kind: ServiceAccount + name: ebs-loss-by-id-sa + namespace: default diff --git a/experiments/kube-aws/ebs-loss-by-tag/ebs-loss-by-tag.chartserviceversion.yaml b/experiments/kube-aws/ebs-loss-by-tag/ebs-loss-by-tag.chartserviceversion.yaml new file mode 100644 index 0000000..95eca97 --- /dev/null +++ b/experiments/kube-aws/ebs-loss-by-tag/ebs-loss-by-tag.chartserviceversion.yaml @@ -0,0 +1,43 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-05-15T10:28:08Z + name: ebs-loss-by-tag + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: ebs-loss-by-tag + categoryDescription: | + EBS Loss By Tag contains chaos to disrupt state of infra resources. The experiment can induce ebs volume loss against specified application for given volume tag. + - Causes ebs volume loss by tag from node or ec2 instance for certain chaos interval from total chaos duration. + - Tests deployment sanity (replica availability & uninterrupted service) and recovery workflows of the application pod + keywords: + - EBS + - Volume + - AWS + platforms: + - AWS + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: uditgaurav@mayadata.io + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/kube-aws/ebs-loss-by-tag + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/aws/ebs-loss-by-tag/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kube-aws/ebs-loss-by-tag/experiment.yaml diff --git a/experiments/kube-aws/ebs-loss-by-tag/engine.yaml b/experiments/kube-aws/ebs-loss-by-tag/engine.yaml new file mode 100644 index 0000000..a9212ef --- /dev/null +++ b/experiments/kube-aws/ebs-loss-by-tag/engine.yaml @@ -0,0 +1,32 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + engineState: 'active' + chaosServiceAccount: ebs-loss-by-tag-sa + experiments: + - name: ebs-loss-by-tag + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # provide EBS volume tag attached to the given instance + # it'll be in form of key:value (ex: 'team:devops') + - name: EBS_VOLUME_TAG + value: '' + + # provide the region name of the instance + - name: REGION + value: '' + + - name: VOLUME_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/experiments/kube-aws/ebs-loss-by-tag/experiment.yaml b/experiments/kube-aws/ebs-loss-by-tag/experiment.yaml new file mode 100644 index 0000000..54a4710 --- /dev/null +++ b/experiments/kube-aws/ebs-loss-by-tag/experiment.yaml @@ -0,0 +1,90 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Detaching an ebs volume from ec2 instance. +kind: ChaosExperiment +metadata: + name: ebs-loss-by-tag + labels: + name: ebs-loss-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name ebs-loss-by-tag + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + - name: RAMP_TIME + value: '' + + - name: EBS_VOLUME_TAG + value: '' + + - name: REGION + value: '' + + - name: SEQUENCE + value: 'parallel' + + - name: VOLUME_AFFECTED_PERC + value: '' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: ebs-loss-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/kube-aws/ebs-loss-by-tag/rbac.yaml b/experiments/kube-aws/ebs-loss-by-tag/rbac.yaml new file mode 100644 index 0000000..52ad320 --- /dev/null +++ b/experiments/kube-aws/ebs-loss-by-tag/rbac.yaml @@ -0,0 +1,62 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: ebs-loss-by-tag-sa + namespace: default + labels: + name: ebs-loss-by-tag-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: ebs-loss-by-tag-sa + labels: + name: ebs-loss-by-tag-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ebs-loss-by-tag-sa + labels: + name: ebs-loss-by-tag-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ebs-loss-by-tag-sa +subjects: +- kind: ServiceAccount + name: ebs-loss-by-tag-sa + namespace: default diff --git a/experiments/kube-aws/ec2-terminate-by-id/ec2-terminate-by-id.chartserviceversion.yaml b/experiments/kube-aws/ec2-terminate-by-id/ec2-terminate-by-id.chartserviceversion.yaml new file mode 100644 index 0000000..b8de45f --- /dev/null +++ b/experiments/kube-aws/ec2-terminate-by-id/ec2-terminate-by-id.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-10-28T10:28:08Z + name: ec2-terminate-by-id + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: Mayadata + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: ec2-terminate-by-id + categoryDescription: | + This experiment causes termination of an EC2 instance for a certain chaos duration. + - Causes termination of an EC2 instance provided by instance ID before bringing it back to running state after the specified chaos duration. + - It helps to check the performance of the application on the ec2 instance. + keywords: + - EC2 + - AWS + platforms: + - AWS + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: uditgaurav@mayadata.io + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/kube-aws/ec2-terminate-by-id + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/aws/ec2-terminate-by-id/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kube-aws/ec2-terminate-by-id/experiment.yaml diff --git a/experiments/kube-aws/ec2-terminate-by-id/engine.yaml b/experiments/kube-aws/ec2-terminate-by-id/engine.yaml new file mode 100644 index 0000000..efceae8 --- /dev/null +++ b/experiments/kube-aws/ec2-terminate-by-id/engine.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + engineState: 'active' + chaosServiceAccount: ec2-terminate-by-id-sa + experiments: + - name: ec2-terminate-by-id + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set interval duration (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # Instance ID of the target ec2 instance + # Multiple IDs can also be provided as comma separated values ex: id1,id2 + - name: EC2_INSTANCE_ID + value: '' + + # provide the region name of the instance + - name: REGION + value: '' + + # enable it if the target instance is a part of self-managed nodegroup. + - name: MANAGED_NODEGROUP + value: 'disable' \ No newline at end of file diff --git a/experiments/kube-aws/ec2-terminate-by-id/experiment.yaml b/experiments/kube-aws/ec2-terminate-by-id/experiment.yaml new file mode 100644 index 0000000..003f18d --- /dev/null +++ b/experiments/kube-aws/ec2-terminate-by-id/experiment.yaml @@ -0,0 +1,98 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stopping an EC2 instance identified by ID. +kind: ChaosExperiment +metadata: + name: ec2-terminate-by-id + labels: + name: ec2-terminate-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name ec2-terminate-by-id + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # enable it if the target instance is a part of self-managed nodegroup. + - name: MANAGED_NODEGROUP + value: 'disable' + + # Instance ID of the target ec2 instance + # Multiple IDs can also be provided as comma separated values ex: id1,id2 + - name: EC2_INSTANCE_ID + value: '' + + - name: REGION + value: '' + + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: ec2-terminate-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/kube-aws/ec2-terminate-by-id/rbac.yaml b/experiments/kube-aws/ec2-terminate-by-id/rbac.yaml new file mode 100644 index 0000000..0f7fb1c --- /dev/null +++ b/experiments/kube-aws/ec2-terminate-by-id/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: ec2-terminate-by-id-sa + namespace: default + labels: + name: ec2-terminate-by-id-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: ec2-terminate-by-id-sa + labels: + name: ec2-terminate-by-id-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ec2-terminate-by-id-sa + labels: + name: ec2-terminate-by-id-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ec2-terminate-by-id-sa +subjects: +- kind: ServiceAccount + name: ec2-terminate-by-id-sa + namespace: default \ No newline at end of file diff --git a/experiments/kube-aws/ec2-terminate-by-tag/ec2-terminate-by-tag.chartserviceversion.yaml b/experiments/kube-aws/ec2-terminate-by-tag/ec2-terminate-by-tag.chartserviceversion.yaml new file mode 100644 index 0000000..1caf610 --- /dev/null +++ b/experiments/kube-aws/ec2-terminate-by-tag/ec2-terminate-by-tag.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-04-15T10:28:08Z + name: ec2-terminate-by-tag + version: 0.1.0 + annotations: + categories: Kubernetes + vendor: Mayadata + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: ec2-terminate-by-tag + categoryDescription: | + This experiment causes termination of an EC2 instance for a certain chaos duration. + - Causes termination of an EC2 instance using instance tags before bringing it back to running state after the specified chaos duration. + - It helps to check the performance of the application on the ec2 instance. + keywords: + - EC2 + - AWS + platforms: + - AWS + maturity: alpha + chaosType: infra + maintainers: + - name: Udit Gaurav + email: uditgaurav@mayadata.io + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/kube-aws/ec2-terminate-by-tag + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/aws/ec2-terminate-by-tag/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kube-aws/ec2-terminate-by-tag/experiment.yaml diff --git a/experiments/kube-aws/ec2-terminate-by-tag/engine.yaml b/experiments/kube-aws/ec2-terminate-by-tag/engine.yaml new file mode 100644 index 0000000..6ed309d --- /dev/null +++ b/experiments/kube-aws/ec2-terminate-by-tag/engine.yaml @@ -0,0 +1,37 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos + namespace: default +spec: + engineState: 'active' + chaosServiceAccount: ec2-terminate-by-tag-sa + experiments: + - name: ec2-terminate-by-tag + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set interval duration (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # Instance Tag of the target ec2 instances + # ex: team:devops (key:value) + - name: INSTANCE_TAG + value: '' + + # provide the region name of the instance + - name: REGION + value: '' + + # enable it if the target instance is a part of self-managed nodegroup. + - name: MANAGED_NODEGROUP + value: 'disable' + + # Target the percentage of instance filtered from tag + - name: INSTANCE_AFFECTED_PERC + value: '' diff --git a/experiments/kube-aws/ec2-terminate-by-tag/experiment.yaml b/experiments/kube-aws/ec2-terminate-by-tag/experiment.yaml new file mode 100644 index 0000000..4356893 --- /dev/null +++ b/experiments/kube-aws/ec2-terminate-by-tag/experiment.yaml @@ -0,0 +1,100 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stopping an EC2 instance identified by tag. +kind: ChaosExperiment +metadata: + name: ec2-terminate-by-tag + labels: + name: ec2-terminate-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name ec2-terminate-by-tag + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: INSTANCE_TAG + value: '' + + # enable it if the target instance is a part of self-managed nodegroup. + - name: MANAGED_NODEGROUP + value: 'disable' + + - name: REGION + value: '' + + # Target the percentage of instance filtered from tag + - name: INSTANCE_AFFECTED_PERC + value: '' + + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: ec2-terminate-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/kube-aws/ec2-terminate-by-tag/rbac.yaml b/experiments/kube-aws/ec2-terminate-by-tag/rbac.yaml new file mode 100644 index 0000000..e03101d --- /dev/null +++ b/experiments/kube-aws/ec2-terminate-by-tag/rbac.yaml @@ -0,0 +1,66 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: ec2-terminate-by-tag-sa + namespace: default + labels: + name: ec2-terminate-by-tag-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: ec2-terminate-by-tag-sa + labels: + name: ec2-terminate-by-tag-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ec2-terminate-by-tag-sa + labels: + name: ec2-terminate-by-tag-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ec2-terminate-by-tag-sa +subjects: +- kind: ServiceAccount + name: ec2-terminate-by-tag-sa + namespace: default \ No newline at end of file diff --git a/experiments/kube-aws/experiments.yaml b/experiments/kube-aws/experiments.yaml new file mode 100644 index 0000000..22918b0 --- /dev/null +++ b/experiments/kube-aws/experiments.yaml @@ -0,0 +1,462 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stopping an EC2 instance identified by ID. +kind: ChaosExperiment +metadata: + name: ec2-terminate-by-id + labels: + name: ec2-terminate-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name ec2-terminate-by-id + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # enable it if the target instance is a part of self-managed nodegroup. + - name: MANAGED_NODEGROUP + value: 'disable' + + # Instance ID of the target ec2 instance + # Multiple IDs can also be provided as comma separated values ex: id1,id2 + - name: EC2_INSTANCE_ID + value: '' + + - name: REGION + value: '' + + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: ec2-terminate-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stopping an EC2 instance identified by tag. +kind: ChaosExperiment +metadata: + name: ec2-terminate-by-tag + labels: + name: ec2-terminate-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # for experiment to perform node status checks + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name ec2-terminate-by-tag + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: INSTANCE_TAG + value: '' + + # enable it if the target instance is a part of self-managed nodegroup. + - name: MANAGED_NODEGROUP + value: 'disable' + + - name: REGION + value: '' + + # Target the percentage of instance filtered from tag + - name: INSTANCE_AFFECTED_PERC + value: '' + + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: ec2-terminate-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Execute aws-az chaos to detach the target zones from the load balancer +kind: ChaosExperiment +metadata: + name: aws-az-chaos + labels: + name: aws-az-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/py-runner:latest" + imagePullPolicy: Always + args: + - -c + - python3 -u experiment -name aws-az-chaos + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + - name: CHAOS_INTERVAL + value: '30' + - name: LIB + value: 'litmus' + - name: LOAD_BALANCER_NAME + value: '' + - name: LOAD_BALANCER_ZONES + value: '' + - name: LOAD_BALANCERNAME_ARN + value: 'na' + - name: AWS_SHARED_CREDENTIALS_FILE + value: "/tmp/cloud_config.yml" + - name: RAMP_TIME + value: '' + labels: + name: aws-az-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Detaching an ebs volume from ec2 instance. +kind: ChaosExperiment +metadata: + name: ebs-loss-by-id + labels: + name: ebs-loss-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name ebs-loss-by-id + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + - name: EBS_VOLUME_ID + value: '' + + - name: REGION + value: '' + + - name: SEQUENCE + value: 'parallel' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: ebs-loss-by-id + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Detaching an ebs volume from ec2 instance. +kind: ChaosExperiment +metadata: + name: ebs-loss-by-tag + labels: + name: ebs-loss-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name ebs-loss-by-tag + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '30' + + - name: RAMP_TIME + value: '' + + - name: EBS_VOLUME_TAG + value: '' + + - name: REGION + value: '' + + - name: SEQUENCE + value: 'parallel' + + - name: VOLUME_AFFECTED_PERC + value: '' + + # Provide the path of aws credentials mounted from secret + - name: AWS_SHARED_CREDENTIALS_FILE + value: '/tmp/cloud_config.yml' + + # provide the LIB + # only litmus supported + - name: LIB + value: 'litmus' + + labels: + name: ebs-loss-by-tag + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- diff --git a/experiments/kube-aws/icons/aws-az-chaos.png b/experiments/kube-aws/icons/aws-az-chaos.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/kube-aws/icons/aws-az-chaos.png differ diff --git a/experiments/kube-aws/icons/ebs-loss-by-id.png b/experiments/kube-aws/icons/ebs-loss-by-id.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/kube-aws/icons/ebs-loss-by-id.png differ diff --git a/experiments/kube-aws/icons/ebs-loss-by-tag.png b/experiments/kube-aws/icons/ebs-loss-by-tag.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/kube-aws/icons/ebs-loss-by-tag.png differ diff --git a/experiments/kube-aws/icons/ec2-terminate-by-id.png b/experiments/kube-aws/icons/ec2-terminate-by-id.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/kube-aws/icons/ec2-terminate-by-id.png differ diff --git a/experiments/kube-aws/icons/ec2-terminate-by-tag.png b/experiments/kube-aws/icons/ec2-terminate-by-tag.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/kube-aws/icons/ec2-terminate-by-tag.png differ diff --git a/experiments/kube-aws/icons/k8-aws-ec2-terminate.png b/experiments/kube-aws/icons/k8-aws-ec2-terminate.png new file mode 100644 index 0000000..cb58737 Binary files /dev/null and b/experiments/kube-aws/icons/k8-aws-ec2-terminate.png differ diff --git a/experiments/kube-aws/icons/kube-aws.png b/experiments/kube-aws/icons/kube-aws.png new file mode 100644 index 0000000..fd09e34 Binary files /dev/null and b/experiments/kube-aws/icons/kube-aws.png differ diff --git a/experiments/kube-aws/kube-aws.chartserviceversion.yaml b/experiments/kube-aws/kube-aws.chartserviceversion.yaml new file mode 100644 index 0000000..b686a5a --- /dev/null +++ b/experiments/kube-aws/kube-aws.chartserviceversion.yaml @@ -0,0 +1,47 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-09-26T10:28:08Z + name: kube-aws + version: 0.1.16 + annotations: + categories: Kubernetes + chartDescription: Injects kube-aws kubernetes chaos +spec: + displayName: Kube AWS + categoryDescription: > + kube-aws contains chaos to disrupt state of aws resources running part of kubernetes cluster + experiments: + - name: ec2-terminate-by-id + description: "" + - name: ec2-terminate-by-tag + description: "" + - name: ebs-loss-by-id + description: "" + - name: ebs-loss-by-tag + description: "" + - name: aws-az-chaos + description: "" + keywords: + - AWS + - EC2 + - EBS + - AZ + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + - name: oumkale + email: imkaleoum@gmail.com + links: + - name: Kubernetes Website + url: https://kubernetes.io + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/kube-aws + - name: Source Code + url: https://github.com/litmuschaos/litmus-python/tree/master/experiments/aws_az + - name: Kubernetes Slack + url: https://slack.kubernetes.io/ + icon: + - url: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kube-aws/icons/kube-aws.png + mediatype: image/png + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/kube-aws/experiments.yaml diff --git a/experiments/kube-aws/kube-aws.package.yaml b/experiments/kube-aws/kube-aws.package.yaml new file mode 100644 index 0000000..db03f2e --- /dev/null +++ b/experiments/kube-aws/kube-aws.package.yaml @@ -0,0 +1,17 @@ +packageName: kube-aws +experiments: + - name: ec2-terminate-by-id + CSV: ec2-terminate-by-id.chartserviceversion.yaml + desc: "ec2-terminate-by-id" + - name: ec2-terminate-by-tag + CSV: ec2-terminate-by-tag.chartserviceversion.yaml + desc: "ec2-terminate-by-tag" + - name: ebs-loss-by-id + CSV: ebs-loss-by-id.chartserviceversion.yaml + desc: "ebs-loss-by-id" + - name: ebs-loss-by-tag + CSV: ebs-loss-by-tag.chartserviceversion.yaml + desc: "ebs-loss-by-tag" + - name: aws-az-chaos + CSV: aws-az-chaos.chartserviceversion.yaml + desc: "aws-az-chaos" diff --git a/experiments/kube-aws/rbac-admin.yaml b/experiments/kube-aws/rbac-admin.yaml new file mode 100644 index 0000000..f386c6c --- /dev/null +++ b/experiments/kube-aws/rbac-admin.yaml @@ -0,0 +1,35 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: chaos-admin + labels: + name: chaos-admin +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: chaos-admin + labels: + name: chaos-admin +rules: +- apiGroups: ["","apps","batch","extensions","litmuschaos.io","openebs.io","storage.k8s.io"] + resources: ["chaosengines","chaosexperiments","chaosresults","configmaps","cstorpools","cstorvolumereplicas","events","jobs","persistentvolumeclaims","persistentvolumes","pods","pods/exec","pods/log","secrets","storageclasses","chaosengines","chaosexperiments","chaosresults","configmaps","cstorpools","cstorvolumereplicas","daemonsets","deployments","events","jobs","persistentvolumeclaims","persistentvolumes","pods","pods/eviction","pods/exec","pods/log","replicasets","secrets","services","statefulsets","storageclasses"] + verbs: ["create","delete","get","list","patch","update"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list","patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: chaos-admin + labels: + name: chaos-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: chaos-admin +subjects: +- kind: ServiceAccount + name: chaos-admin + namespace: default diff --git a/experiments/longhorn/experiments.yaml b/experiments/longhorn/experiments.yaml new file mode 100644 index 0000000..e69de29 diff --git a/experiments/longhorn/icons/longhorn.png b/experiments/longhorn/icons/longhorn.png new file mode 100644 index 0000000..d4fd9c1 Binary files /dev/null and b/experiments/longhorn/icons/longhorn.png differ diff --git a/experiments/longhorn/longhorn.chartserviceversion.yaml b/experiments/longhorn/longhorn.chartserviceversion.yaml new file mode 100644 index 0000000..c1ae23b --- /dev/null +++ b/experiments/longhorn/longhorn.chartserviceversion.yaml @@ -0,0 +1,32 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-03-17T10:28:08Z + name: longhorn + version: 0.0.2 + annotations: + categories: longhorn + chartDescription: Injects chaos on longhorn components +spec: + displayName: Longhorn Chaos + categoryDescription: > + Longhorn is a distributed block storage system for Kubernetes + experiments: + keywords: + - Kubernetes + - Longhorn + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: Longhorn + url: https://rancher.com/project-longhorn-now-available-kubernetes/ + - name: Documentation + url: https://docs.rancher.cn/longhorn/#current-status + icon: + - url: + mediatype: + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/longhorn/experiments.yaml diff --git a/experiments/longhorn/longhorn.package.yaml b/experiments/longhorn/longhorn.package.yaml new file mode 100644 index 0000000..e37fbdb --- /dev/null +++ b/experiments/longhorn/longhorn.package.yaml @@ -0,0 +1,2 @@ +packageName: longhorn +experiments: \ No newline at end of file diff --git a/experiments/mongodb/experiments.yaml b/experiments/mongodb/experiments.yaml new file mode 100644 index 0000000..e69de29 diff --git a/experiments/mongodb/icons/mongodb.png b/experiments/mongodb/icons/mongodb.png new file mode 100644 index 0000000..ab6378f Binary files /dev/null and b/experiments/mongodb/icons/mongodb.png differ diff --git a/experiments/mongodb/mongodb.chartserviceversion.yaml b/experiments/mongodb/mongodb.chartserviceversion.yaml new file mode 100644 index 0000000..2849aab --- /dev/null +++ b/experiments/mongodb/mongodb.chartserviceversion.yaml @@ -0,0 +1,30 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-03-17T10:28:08Z + name: mongodb + version: 0.0.2 + annotations: + categories: mongodb + chartDescription: Injects chaos on mongodb components +spec: + displayName: MongoDB Chaos + categoryDescription: > + MongoDB is a general purpose, document-based, distributed database built for modern application developers and for the cloud era. + experiments: + keywords: + - Kubernetes + - MongoDB + maintainers: + - name: Sanjay1611 + email: sanjay.nathani@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: MongoDB Website + url: https://www.mongodb.com/ + icon: + - url: + mediatype: + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/mongodb/experiments.yaml diff --git a/experiments/mongodb/mongodb.package.yaml b/experiments/mongodb/mongodb.package.yaml new file mode 100644 index 0000000..1ad30e8 --- /dev/null +++ b/experiments/mongodb/mongodb.package.yaml @@ -0,0 +1,2 @@ +packageName: mongodb +experiments: diff --git a/experiments/mysql/experiments.yaml b/experiments/mysql/experiments.yaml new file mode 100644 index 0000000..e69de29 diff --git a/experiments/mysql/icons/mysql.png b/experiments/mysql/icons/mysql.png new file mode 100644 index 0000000..ee7382c Binary files /dev/null and b/experiments/mysql/icons/mysql.png differ diff --git a/experiments/mysql/mysql.chartserviceversion.yaml b/experiments/mysql/mysql.chartserviceversion.yaml new file mode 100644 index 0000000..540382a --- /dev/null +++ b/experiments/mysql/mysql.chartserviceversion.yaml @@ -0,0 +1,30 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-03-17T10:28:08Z + name: mysql + version: 0.0.2 + annotations: + categories: mysql + chartDescription: Injects chaos on mysql components +spec: + displayName: MySQL Chaos + categoryDescription: > + MySQL is an open-source relational database management system. + experiments: + keywords: + - Kubernetes + - MySQL + maintainers: + - name: atulabhi + email: atul.abhishek@openebs.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: mysql Website + url: https://www.mysql.com/ + icon: + - url: + mediatype: + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/mysql/experiments.yaml diff --git a/experiments/mysql/mysql.package.yaml b/experiments/mysql/mysql.package.yaml new file mode 100644 index 0000000..d844b9a --- /dev/null +++ b/experiments/mysql/mysql.package.yaml @@ -0,0 +1,2 @@ +packageName: mysql +experiments: diff --git a/experiments/openebs/experiments.yaml b/experiments/openebs/experiments.yaml new file mode 100644 index 0000000..fa6f3c3 --- /dev/null +++ b/experiments/openebs/experiments.yaml @@ -0,0 +1,1097 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Network loss to target pod belonging to a OpenEBS PVC +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-target-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-target-network-loss +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "storage.k8s.io" + resources: + - "jobs" + - "pods" + - "events" + - "services" + - "pods/log" + - "pods/exec" + - "configmaps" + - "secrets" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-target-network-loss/openebs_target_network_loss_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + - name: NETWORK_PACKET_LOSS_PERCENTAGE + value: '100' # in percentage + + - name: TOTAL_CHAOS_DURATION + value: '120' # in seconds + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-target-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-target-network-loss + # mountPath: /mnt + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill all openebs control plane pod and check if gets scheduled again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-control-plane-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-control-plane-chaos +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "litmuschaos.io" + - "batch" + - "apps" + resources: + - "pods" + - "pods/log" + - "deployments" + - "events" + - "jobs" + - "configmaps" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-control-plane-chaos/openebs_control_plane_chaos_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + ## Period to wait before injection of chaos + - name: RAMP_TIME + value: '' + + - name: FORCE + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus, powerfulseal + - name: LIB + value: 'litmus' + + labels: + name: openebs-control-plane-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Network loss to pool pod belonging to a OpenEBS PVC +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-network-loss +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "litmuschaos.io" + - "batch" + - "extensions" + - "storage.k8s.io" + - "openebs.io" + resources: + - "pods" + - "pods/log" + - "pods/exec" + - "events" + - "jobs" + - "configmaps" + - "services" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumeclaims" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + - "cstorpools" + - "cstorvolumereplicas" + - "replicasets" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-network-loss/openebs_pool_network_loss_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_PACKET_LOSS_PERCENTAGE + value: '100' # in percentage + + - name: TOTAL_CHAOS_DURATION + value: '120' # in seconds + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-pool-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Network delay to pool pod belonging to a OpenEBS PVC + This experiment is using pumba lib for network chaos +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-network-delay + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-network-delay +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "litmuschaos.io" + - "batch" + - "extensions" + - "storage.k8s.io" + - "openebs.io" + resources: + - "pods" + - "pods/exec" + - "jobs" + - "pods/log" + - "events" + - "configmaps" + - "services" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + - "cstorpools" + - "cstorvolumereplicas" + - "replicasets" + verbs: + - "create" + - "get" + - "list" + - "patch" + - "update" + - "delete" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-network-delay/openebs_pool_network_delay_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + # in milliseconds + - name: NETWORK_DELAY + value: '60000' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-pool-network-delay + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the OpenEBS NFS provisioner container and check if pods consuming the NFS PVs continue to be available and volumes are writable (RWM mode) +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-nfs-provisioner-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-nfs-provisioner-kill +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "litmuschaos.io" + - "batch" + - "extensions" + - "storage.k8s.io" + resources: + - "pods" + - "pods/exec" + - "pods/log" + - "deployments" + - "events" + - "jobs" + - "configmaps" + - "services" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosexperiments" + - "chaosresults" + - "chaosengines" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-nfs-provisioner-kill/openebs_nfs_provisioner_kill_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + # NFS default container + - name: TARGET_CONTAINER + value: 'nfs-provisioner' + + # Period to wait before injection of chaos in sec + - name: RAMP_TIME + value: '' + + # It supports pumba and containerd + - name: LIB + value: 'pumba' + + # LIB_IMAGE can be - gaiaadm/pumba:0.6.5, gprasath/crictl:ci + # For pumba image use: gaiaadm/pumba:0.6.5 + # For containerd image use: gprasath/crictl:ci + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + labels: + name: openebs-nfs-provisioner-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + configmaps: + - name: openebs-nfs-provisioner-kill + mountPath: /mnt/ + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the cstor target/Jiva controller pod and check if gets created again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-target-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-target-pod-failure +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "storage.k8s.io" + resources: + - "deployments" + - "jobs" + - "events" + - "pods" + - "pods/log" + - "pods/exec" + - "configmaps" + - "secrets" + - "services" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-target-pod-failure/openebs_target_pod_failure_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: FORCE + value: 'true' + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: CHAOS_INTERVAL + value: '15' + + - name: DEPLOY_TYPE + value: 'deployment' + + labels: + name: openebs-target-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-target-pod-failure + # mountPath: /mnt + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the pool pod and check if gets scheduled again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-pod-failure +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "openebs.io" + - "storage.k8s.io" + resources: + - "deployments" + - "replicasets" + - "jobs" + - "pods/log" + - "events" + - "pods" + - "configmaps" + - "secrets" + - "storageclasses" + - "persistentvolumeclaims" + - "cstorvolumereplicas" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-pod-failure/openebs_pool_pod_failure_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: default + + - name: OPENEBS_NS + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: CHAOS_ITERATIONS + value: '2' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-pool-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-pool-pod-failure + # mountPath: /mnt + + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the pool container and check if gets scheduled again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-container-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-container-failure +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "openebs.io" + - "storage.k8s.io" + resources: + - "replicasets" + - "events" + - "jobs" + - "pods" + - "pods/log" + - "pods/exec" + - "configmaps" + - "secrets" + - "persistentvolumeclaims" + - "cstorvolumereplicas" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-container-failure/openebs_pool_container_failure_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NS + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: LIVENESS_APP_LABEL + value: '' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + - name: DATA_PERSISTENCE + value: '' + + - name: CHAOS_ITERATIONS + value: '2' + + labels: + name: openebs-pool-container-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-pool-container-failure + # mountPath: /mnt + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the cstor target/Jiva controller container and check if gets created again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-target-container-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-target-container-failure +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "batch" + - "litmuschaos.io" + - "storage.k8s.io" + resources: + - "jobs" + - "pods" + - "events" + - "pods/exec" + - "pods/log" + - "configmaps" + - "secrets" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "delete" + - "get" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-target-container-failure/openebs_target_container_failure_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + - name: APP_PVC + value: '' + + # LIB_IMAGE can be - gaiaadm/pumba:0.6.5, gprasath/crictl:ci + # For pumba image use : gaiaadm/pumba:0.6.5 + # For containerd image use : gprasath/crictl:ci + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + # Specify the container runtime used , to pick the relevant chaos util + - name: CONTAINER_RUNTIME + value: 'docker' + + # TARGET_CONTAINER values: cstor-volume-mgmt , cstor-istgt + # For cstor-volume-istgt container kill use : cstor-istgt + # For volume-mgmt-kill container use : cstor-volume-mgmt + + - name: TARGET_CONTAINER + value: 'cstor-volume-mgmt' + + - name: FORCE + value: 'true' + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + - name: DEPLOY_TYPE + value: 'deployment' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + - name: SOAK_TIME + value: '60' + + labels: + name: openebs-target-container-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-target-container-failure + # mountPath: /mnt + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Network delay to target pod belonging to a deployment/statefulset/daemonset +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-target-network-delay + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-target-network-delay +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "storage.k8s.io" + resources: + - "jobs" + - "pods" + - "services" + - "events" + - "pods/exec" + - "pods/log" + - "configmaps" + - "secrets" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-target-network-delay/openebs_target_network_delay_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + - name: NETWORK_DELAY + value: '60000' # in milliseconds + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-target-network-delay + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-target-network-delay + # mountPath: /mnt + +--- +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + OpenEBS Pool Disk Loss contains chaos to disrupt state of infra resources. Experiments can inject disk loss against openEBS pool. +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-disk-loss +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "litmuschaos.io" + - "batch" + - "extensions" + - "storage.k8s.io" + - "openebs.io" + resources: + - "pods" + - "jobs" + - "pods/log" + - "events" + - "pods/exec" + - "cstorpools" + - "configmaps" + - "secrets" + - "storageclasses" + - "persistentvolumes" + - "persistentvolumeclaims" + - "cstorvolumereplicas" + - "chaosexperiments" + - "chaosresults" + - "chaosengines" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-disk-loss/openebs_pool_disk_loss_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before injection of chaos in sec + - name: RAMP_TIME + value: '' + + # GKE and AWS supported + - name: CLOUD_PLATFORM + value: 'GKE' + + - name: PROJECT_ID + value: '' + + - name: NODE_NAME + value: '' + + - name: DISK_NAME + value: '' + + - name: ZONE_NAME + value: '' + + - name: DEVICE_NAME + value: '' + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + labels: + name: openebs-pool-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + + configmaps: + - name: openebs-pool-disk-loss + mountPath: /mnt/ + + secrets: + - name: cloud-secret + mountPath: /tmp/ + +--- diff --git a/experiments/openebs/icons/openebs-control-plane-chaos.png b/experiments/openebs/icons/openebs-control-plane-chaos.png new file mode 100644 index 0000000..db1d3e7 Binary files /dev/null and b/experiments/openebs/icons/openebs-control-plane-chaos.png differ diff --git a/experiments/openebs/icons/openebs-nfs-provisioner-kill.png b/experiments/openebs/icons/openebs-nfs-provisioner-kill.png new file mode 100644 index 0000000..db1d3e7 Binary files /dev/null and b/experiments/openebs/icons/openebs-nfs-provisioner-kill.png differ diff --git a/experiments/openebs/icons/openebs-pool-container-failure.png b/experiments/openebs/icons/openebs-pool-container-failure.png new file mode 100644 index 0000000..db1d3e7 Binary files /dev/null and b/experiments/openebs/icons/openebs-pool-container-failure.png differ diff --git a/experiments/openebs/icons/openebs-pool-disk-loss.png b/experiments/openebs/icons/openebs-pool-disk-loss.png new file mode 100644 index 0000000..db1d3e7 Binary files /dev/null and b/experiments/openebs/icons/openebs-pool-disk-loss.png differ diff --git a/experiments/openebs/icons/openebs-pool-network-delay.png b/experiments/openebs/icons/openebs-pool-network-delay.png new file mode 100644 index 0000000..db1d3e7 Binary files /dev/null and b/experiments/openebs/icons/openebs-pool-network-delay.png differ diff --git a/experiments/openebs/icons/openebs-pool-network-loss.png b/experiments/openebs/icons/openebs-pool-network-loss.png new file mode 100644 index 0000000..db1d3e7 Binary files /dev/null and b/experiments/openebs/icons/openebs-pool-network-loss.png differ diff --git a/experiments/openebs/icons/openebs-pool-pod-failure.png b/experiments/openebs/icons/openebs-pool-pod-failure.png new file mode 100644 index 0000000..fdb3cd9 Binary files /dev/null and b/experiments/openebs/icons/openebs-pool-pod-failure.png differ diff --git a/experiments/openebs/icons/openebs-target-container-failure.png b/experiments/openebs/icons/openebs-target-container-failure.png new file mode 100644 index 0000000..bdd874d Binary files /dev/null and b/experiments/openebs/icons/openebs-target-container-failure.png differ diff --git a/experiments/openebs/icons/openebs-target-network-delay.png b/experiments/openebs/icons/openebs-target-network-delay.png new file mode 100644 index 0000000..0ce92ba Binary files /dev/null and b/experiments/openebs/icons/openebs-target-network-delay.png differ diff --git a/experiments/openebs/icons/openebs-target-network-loss.png b/experiments/openebs/icons/openebs-target-network-loss.png new file mode 100644 index 0000000..5826e28 Binary files /dev/null and b/experiments/openebs/icons/openebs-target-network-loss.png differ diff --git a/experiments/openebs/icons/openebs-target-pod-failure.png b/experiments/openebs/icons/openebs-target-pod-failure.png new file mode 100644 index 0000000..344632a Binary files /dev/null and b/experiments/openebs/icons/openebs-target-pod-failure.png differ diff --git a/experiments/openebs/icons/openebs.png b/experiments/openebs/icons/openebs.png new file mode 100644 index 0000000..db1d3e7 Binary files /dev/null and b/experiments/openebs/icons/openebs.png differ diff --git a/experiments/openebs/openebs-control-plane-chaos/engine.yaml b/experiments/openebs/openebs-control-plane-chaos/engine.yaml new file mode 100644 index 0000000..308982d --- /dev/null +++ b/experiments/openebs/openebs-control-plane-chaos/engine.yaml @@ -0,0 +1,20 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: control-plane-chaos + namespace: openebs +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'openebs' + applabel: 'name=maya-apiserver' + appkind: 'deployment' + chaosServiceAccount: control-plane-sa + experiments: + - name: openebs-control-plane-chaos + spec: + components: + env: + - name: FORCE + value: '' \ No newline at end of file diff --git a/experiments/openebs/openebs-control-plane-chaos/experiment.yaml b/experiments/openebs/openebs-control-plane-chaos/experiment.yaml new file mode 100644 index 0000000..805f39b --- /dev/null +++ b/experiments/openebs/openebs-control-plane-chaos/experiment.yaml @@ -0,0 +1,79 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill all openebs control plane pod and check if gets scheduled again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-control-plane-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-control-plane-chaos +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "litmuschaos.io" + - "batch" + - "apps" + resources: + - "pods" + - "pods/log" + - "deployments" + - "events" + - "jobs" + - "configmaps" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-control-plane-chaos/openebs_control_plane_chaos_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + ## Period to wait before injection of chaos + - name: RAMP_TIME + value: '' + + - name: FORCE + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus, powerfulseal + - name: LIB + value: 'litmus' + + labels: + name: openebs-control-plane-chaos + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/openebs/openebs-control-plane-chaos/openebs-control-plane-chaos.chartserviceversion.yaml b/experiments/openebs/openebs-control-plane-chaos/openebs-control-plane-chaos.chartserviceversion.yaml new file mode 100644 index 0000000..418f481 --- /dev/null +++ b/experiments/openebs/openebs-control-plane-chaos/openebs-control-plane-chaos.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: openebs-control-plane-chaos + version: 0.1.4 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-control-plane-chaos + categoryDescription: > + Kill all openebs control plane pods and check if gets scheduled again. + keywords: + - Kubernetes + - K8S + - OpenEBS + platforms: + - GKE + - EKS + maturity: alpha + chaosType: infra + maintainers: + - name: Raj Babu Das + email: raj.das@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-control-plane-chaos + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-control-plane-chaos/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-control-plane-chaos/experiment.yaml \ No newline at end of file diff --git a/experiments/openebs/openebs-control-plane-chaos/rbac.yaml b/experiments/openebs/openebs-control-plane-chaos/rbac.yaml new file mode 100644 index 0000000..6663ee0 --- /dev/null +++ b/experiments/openebs/openebs-control-plane-chaos/rbac.yaml @@ -0,0 +1,42 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: control-plane-sa + namespace: openebs + labels: + name: control-plane-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: control-plane-sa + namespace: openebs + labels: + name: control-plane-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","litmuschaos.io","batch","apps"] + resources: ["pods","deployments","pods/log","events","jobs","configmaps","chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: control-plane-sa + namespace: openebs + labels: + name: control-plane-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: control-plane-sa +subjects: +- kind: ServiceAccount + name: control-plane-sa + namespace: openebs diff --git a/experiments/openebs/openebs-nfs-provisioner-kill/engine.yaml b/experiments/openebs/openebs-nfs-provisioner-kill/engine.yaml new file mode 100644 index 0000000..012e6f9 --- /dev/null +++ b/experiments/openebs/openebs-nfs-provisioner-kill/engine.yaml @@ -0,0 +1,40 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nfs-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'minio' + applabel: 'app=minio' + appkind: 'deployment' + chaosServiceAccount: nfs-chaos-sa + experiments: + - name: openebs-nfs-provisioner-kill + spec: + components: + env: + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + - name: NFS_PROVISIONER_NAMESPACE + value: 'app-nfs-ns' + + - name: NFS_PROVISIONER_LABEL + value: 'app=nfs' + + - name: NFS_PVC + value: 'nfs-pvc-claim' + + - name: NFS_SVC + value: 'nfs-provisioner' + + - name: TARGET_CONTAINER + value: 'nfs-provisioner' + + # EXTERNAL_APP_CHECK can be true/false + - name: EXTERNAL_APP_CHECK + value: 'true' \ No newline at end of file diff --git a/experiments/openebs/openebs-nfs-provisioner-kill/experiment.yaml b/experiments/openebs/openebs-nfs-provisioner-kill/experiment.yaml new file mode 100644 index 0000000..99b2afb --- /dev/null +++ b/experiments/openebs/openebs-nfs-provisioner-kill/experiment.yaml @@ -0,0 +1,100 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the OpenEBS NFS provisioner container and check if pods consuming the NFS PVs continue to be available and volumes are writable (RWM mode) +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-nfs-provisioner-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-nfs-provisioner-kill +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "litmuschaos.io" + - "batch" + - "extensions" + - "storage.k8s.io" + resources: + - "pods" + - "pods/exec" + - "pods/log" + - "deployments" + - "events" + - "jobs" + - "configmaps" + - "services" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosexperiments" + - "chaosresults" + - "chaosengines" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-nfs-provisioner-kill/openebs_nfs_provisioner_kill_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + # NFS default container + - name: TARGET_CONTAINER + value: 'nfs-provisioner' + + # Period to wait before injection of chaos in sec + - name: RAMP_TIME + value: '' + + # It supports pumba and containerd + - name: LIB + value: 'pumba' + + # LIB_IMAGE can be - gaiaadm/pumba:0.6.5, gprasath/crictl:ci + # For pumba image use: gaiaadm/pumba:0.6.5 + # For containerd image use: gprasath/crictl:ci + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + labels: + name: openebs-nfs-provisioner-kill + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + configmaps: + - name: openebs-nfs-provisioner-kill + mountPath: /mnt/ diff --git a/experiments/openebs/openebs-nfs-provisioner-kill/openebs-nfs-provisioner-kill.chartserviceversion.yaml b/experiments/openebs/openebs-nfs-provisioner-kill/openebs-nfs-provisioner-kill.chartserviceversion.yaml new file mode 100644 index 0000000..db7b923 --- /dev/null +++ b/experiments/openebs/openebs-nfs-provisioner-kill/openebs-nfs-provisioner-kill.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: openebs-nfs-provisioner-kill + version: 0.1.3 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-nfs-kill-chaos + categoryDescription: > + Kill the OpenEBS NFS provisioner container and check if pods consuming the NFS PVs continue to be available and volumes are writable (RWM mode) + keywords: + - Kubernetes + - K8S + - OpenEBS + - NFS + platforms: + - GKE + maturity: alpha + chaosType: infra + maintainers: + - name: Raj Babu Das + email: raj.das@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-nfs-provisioner-kill + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-nfs-provisioner-kill/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-nfs-provisioner-kill/experiment.yaml \ No newline at end of file diff --git a/experiments/openebs/openebs-nfs-provisioner-kill/rbac.yaml b/experiments/openebs/openebs-nfs-provisioner-kill/rbac.yaml new file mode 100644 index 0000000..e8710ef --- /dev/null +++ b/experiments/openebs/openebs-nfs-provisioner-kill/rbac.yaml @@ -0,0 +1,37 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nfs-chaos-sa + namespace: default + labels: + name: nfs-chaos-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nfs-chaos-sa + labels: + name: nfs-chaos-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io"] + resources: ["pods","pods/exec","pods/log", "deployments","events","jobs","configmaps","services","persistentvolumeclaims","storageclasses","persistentvolumes","chaosexperiments","chaosresults","chaosengines"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: nfs-chaos-sa + labels: + name: nfs-chaos-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: nfs-chaos-sa +subjects: +- kind: ServiceAccount + name: nfs-chaos-sa + namespace: default diff --git a/experiments/openebs/openebs-pool-container-failure/engine.yaml b/experiments/openebs/openebs-pool-container-failure/engine.yaml new file mode 100644 index 0000000..7fe9a33 --- /dev/null +++ b/experiments/openebs/openebs-pool-container-failure/engine.yaml @@ -0,0 +1,29 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: pool-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pool-container-failure-sa + experiments: + - name: openebs-pool-container-failure + spec: + components: + env: + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + - name: APP_PVC + value: 'demo-nginx-claim' + + - name: DEPLOY_TYPE + value: 'deployment' \ No newline at end of file diff --git a/experiments/openebs/openebs-pool-container-failure/experiment.yaml b/experiments/openebs/openebs-pool-container-failure/experiment.yaml new file mode 100644 index 0000000..66f5bf9 --- /dev/null +++ b/experiments/openebs/openebs-pool-container-failure/experiment.yaml @@ -0,0 +1,97 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the pool container and check if gets scheduled again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-container-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-container-failure +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "openebs.io" + - "storage.k8s.io" + resources: + - "replicasets" + - "events" + - "jobs" + - "pods" + - "pods/log" + - "pods/exec" + - "configmaps" + - "secrets" + - "persistentvolumeclaims" + - "cstorvolumereplicas" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-container-failure/openebs_pool_container_failure_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NS + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: LIVENESS_APP_LABEL + value: '' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + - name: DATA_PERSISTENCE + value: '' + + - name: CHAOS_ITERATIONS + value: '2' + + labels: + name: openebs-pool-container-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-pool-container-failure + # mountPath: /mnt diff --git a/experiments/openebs/openebs-pool-container-failure/openebs-pool-container-failure.chartserviceversion.yaml b/experiments/openebs/openebs-pool-container-failure/openebs-pool-container-failure.chartserviceversion.yaml new file mode 100644 index 0000000..f8616d3 --- /dev/null +++ b/experiments/openebs/openebs-pool-container-failure/openebs-pool-container-failure.chartserviceversion.yaml @@ -0,0 +1,45 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-11-13T10:28:08Z + name: openebs-pool-container-failure + version: 0.1.13 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-pool-container-failure + categoryDescription: > + Kill the pool container and check if gets scheduled again. + keywords: + - Kubernetes + - K8S + - Storage Pool + - OpenEBS + platforms: + - GKE + - EKS + - OpenShift + maturity: alpha + chaosType: infra + maintainers: + - name: shubham chaudhary + email: shubham.chaudhary@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-pool-container-failure + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-pool-container-failure/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-pool-container-failure/experiment.yaml \ No newline at end of file diff --git a/experiments/openebs/openebs-pool-container-failure/rbac.yaml b/experiments/openebs/openebs-pool-container-failure/rbac.yaml new file mode 100644 index 0000000..a8427af --- /dev/null +++ b/experiments/openebs/openebs-pool-container-failure/rbac.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pool-container-failure-sa + namespace: default + labels: + name: pool-container-failure-sa + app.kubernetes.io/part-of: litmus +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pool-container-failure-sa + labels: + name: pool-container-failure-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io","openebs.io"] + resources: ["pods","jobs","events","pods/log","replicasets","pods/exec","configmaps","secrets","persistentvolumeclaims","cstorvolumereplicas","chaosexperiments","chaosresults","chaosengines"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pool-container-failure-sa + labels: + name: pool-container-failure-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pool-container-failure-sa +subjects: +- kind: ServiceAccount + name: pool-container-failure-sa + namespace: default diff --git a/experiments/openebs/openebs-pool-disk-loss/engine.yaml b/experiments/openebs/openebs-pool-disk-loss/engine.yaml new file mode 100644 index 0000000..39c7ef8 --- /dev/null +++ b/experiments/openebs/openebs-pool-disk-loss/engine.yaml @@ -0,0 +1,51 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: pool-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=busybox + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pool-disk-loss-sa + experiments: + - name: openebs-pool-disk-loss + spec: + components: + env: + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: APP_PVC + value: 'demo-nginx-claim' + + # GKE and AWS supported + - name: CLOUD_PLATFORM + value: 'GKE' + + # Enter the project id for gcp only + - name: PROJECT_ID + value: 'litmus-demo-123' + + # Enter the node name + - name: NODE_NAME + value: 'demo-node-123' + + # Enter the disk name + - name: DISK_NAME + value: 'demo-disk-123 ' + + # Enter the device name + - name: DEVICE_NAME + value: '/dev/sdb' + + # Enter the zone name + - name: ZONE_NAME + value: 'us-central1-a' + \ No newline at end of file diff --git a/experiments/openebs/openebs-pool-disk-loss/experiment.yaml b/experiments/openebs/openebs-pool-disk-loss/experiment.yaml new file mode 100644 index 0000000..622583e --- /dev/null +++ b/experiments/openebs/openebs-pool-disk-loss/experiment.yaml @@ -0,0 +1,111 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + OpenEBS Pool Disk Loss contains chaos to disrupt state of infra resources. Experiments can inject disk loss against openEBS pool. +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-disk-loss +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "litmuschaos.io" + - "batch" + - "extensions" + - "storage.k8s.io" + - "openebs.io" + resources: + - "pods" + - "jobs" + - "pods/log" + - "events" + - "pods/exec" + - "cstorpools" + - "configmaps" + - "secrets" + - "storageclasses" + - "persistentvolumes" + - "persistentvolumeclaims" + - "cstorvolumereplicas" + - "chaosexperiments" + - "chaosresults" + - "chaosengines" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-disk-loss/openebs_pool_disk_loss_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # Period to wait before injection of chaos in sec + - name: RAMP_TIME + value: '' + + # GKE and AWS supported + - name: CLOUD_PLATFORM + value: 'GKE' + + - name: PROJECT_ID + value: '' + + - name: NODE_NAME + value: '' + + - name: DISK_NAME + value: '' + + - name: ZONE_NAME + value: '' + + - name: DEVICE_NAME + value: '' + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + labels: + name: openebs-pool-disk-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + + configmaps: + - name: openebs-pool-disk-loss + mountPath: /mnt/ + + secrets: + - name: cloud-secret + mountPath: /tmp/ diff --git a/experiments/openebs/openebs-pool-disk-loss/openebs-pool-disk-loss.chartserviceversion.yaml b/experiments/openebs/openebs-pool-disk-loss/openebs-pool-disk-loss.chartserviceversion.yaml new file mode 100644 index 0000000..33e310d --- /dev/null +++ b/experiments/openebs/openebs-pool-disk-loss/openebs-pool-disk-loss.chartserviceversion.yaml @@ -0,0 +1,45 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2020-03-13T10:28:08Z + name: openebs-pool-disk-loss + version: 0.1.3 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-pool-disk-loss + categoryDescription: > + OpenEBS Pool Disk Loss contains chaos to disrupt state of infra resources. Experiments can inject disk loss against openEBS pool. + - Causes (forced/graceful) disk loss from the node disk pool. + - Tests deployment sanity (replica availability & uninterrupted service) and recovery workflows of the application pod. + keywords: + - Kubernetes + - K8S + - Storage Pool + - OpenEBS + platforms: + - GKE + maturity: alpha + chaosType: infra + maintainers: + - name: Raj Babu Das + email: raj.das@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-pool-disk-loss + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-pool-disk-loss/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-pool-disk-loss/experiment.yaml \ No newline at end of file diff --git a/experiments/openebs/openebs-pool-disk-loss/rbac.yaml b/experiments/openebs/openebs-pool-disk-loss/rbac.yaml new file mode 100644 index 0000000..a7ce983 --- /dev/null +++ b/experiments/openebs/openebs-pool-disk-loss/rbac.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pool-disk-loss-sa + namespace: default + labels: + name: pool-disk-loss-sa + app.kubernetes.io/part-of: litmus +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pool-disk-loss-sa + labels: + name: pool-disk-loss-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io","openebs.io"] + resources: ["pods", "pods/log", "jobs", "events", "pods/exec", "cstorpools", "configmaps", "secrets", "storageclasses", "persistentvolumes", "persistentvolumeclaims", "cstorvolumereplicas", "chaosexperiments", "chaosresults", "chaosengines"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pool-disk-loss-sa + labels: + name: pool-disk-loss-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pool-disk-loss-sa +subjects: +- kind: ServiceAccount + name: pool-disk-loss-sa + namespace: default diff --git a/experiments/openebs/openebs-pool-network-delay/engine.yaml b/experiments/openebs/openebs-pool-network-delay/engine.yaml new file mode 100644 index 0000000..72aec3d --- /dev/null +++ b/experiments/openebs/openebs-pool-network-delay/engine.yaml @@ -0,0 +1,25 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: pool-chaos + namespace: default +spec: + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pool-network-delay-sa + experiments: + - name: openebs-pool-network-delay + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: APP_PVC + value: 'demo-nginx-claim' + + # in milliseconds + - name: NETWORK_DELAY + value: '60000' diff --git a/experiments/openebs/openebs-pool-network-delay/experiment.yaml b/experiments/openebs/openebs-pool-network-delay/experiment.yaml new file mode 100644 index 0000000..f37baf4 --- /dev/null +++ b/experiments/openebs/openebs-pool-network-delay/experiment.yaml @@ -0,0 +1,93 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Network delay to pool pod belonging to a OpenEBS PVC + This experiment is using pumba lib for network chaos +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-network-delay + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-network-delay +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "litmuschaos.io" + - "batch" + - "extensions" + - "storage.k8s.io" + - "openebs.io" + resources: + - "pods" + - "pods/exec" + - "jobs" + - "pods/log" + - "events" + - "configmaps" + - "services" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + - "cstorpools" + - "cstorvolumereplicas" + - "replicasets" + verbs: + - "create" + - "get" + - "list" + - "patch" + - "update" + - "delete" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-network-delay/openebs_pool_network_delay_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + # in milliseconds + - name: NETWORK_DELAY + value: '60000' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-pool-network-delay + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/openebs/openebs-pool-network-delay/openebs-pool-network-delay.chartserviceversion.yaml b/experiments/openebs/openebs-pool-network-delay/openebs-pool-network-delay.chartserviceversion.yaml new file mode 100644 index 0000000..631b6e3 --- /dev/null +++ b/experiments/openebs/openebs-pool-network-delay/openebs-pool-network-delay.chartserviceversion.yaml @@ -0,0 +1,44 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: openebs-pool-network-delay + version: 0.1.4 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-pool-network-delay + categoryDescription: > + Network delay to pool pod belonging to a OpenEBS PVC + keywords: + - Kubernetes + - K8S + - Storage Pool + - OpenEBS + - Network + platforms: + - GKE + - EKS + maturity: alpha + chaosType: infra + maintainers: + - name: Raj Babu Das + email: raj.das@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-pool-network-delay + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-pool-network-delay/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-pool-network-delay/experiment.yaml \ No newline at end of file diff --git a/experiments/openebs/openebs-pool-network-delay/rbac.yaml b/experiments/openebs/openebs-pool-network-delay/rbac.yaml new file mode 100644 index 0000000..8db3c74 --- /dev/null +++ b/experiments/openebs/openebs-pool-network-delay/rbac.yaml @@ -0,0 +1,34 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pool-network-delay-sa + namespace: default + labels: + name: pool-network-delay-sa +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pool-network-delay-sa + labels: + name: pool-network-delay-sa +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io","openebs.io"] + resources: ["pods","pods/exec","pods/log","events","jobs","configmaps","services","persistentvolumeclaims","storageclasses","persistentvolumes","chaosengines","chaosexperiments","chaosresults","cstorpools","cstorvolumereplicas","replicasets"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pool-network-delay-sa + labels: + name: pool-network-delay-sa +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pool-network-delay-sa +subjects: +- kind: ServiceAccount + name: pool-network-delay-sa + namespace: default \ No newline at end of file diff --git a/experiments/openebs/openebs-pool-network-loss/engine.yaml b/experiments/openebs/openebs-pool-network-loss/engine.yaml new file mode 100644 index 0000000..8843b98 --- /dev/null +++ b/experiments/openebs/openebs-pool-network-loss/engine.yaml @@ -0,0 +1,27 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: pool-chaos + namespace: default +spec: + auxiliaryAppInfo: '' + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pool-network-loss-sa + experiments: + - name: openebs-pool-network-loss + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '120' # in seconds + + - name: APP_PVC + value: 'demo-nginx-claim' + + - name: NETWORK_PACKET_LOSS_PERCENTAGE + value: '100' diff --git a/experiments/openebs/openebs-pool-network-loss/experiment.yaml b/experiments/openebs/openebs-pool-network-loss/experiment.yaml new file mode 100644 index 0000000..6d896dd --- /dev/null +++ b/experiments/openebs/openebs-pool-network-loss/experiment.yaml @@ -0,0 +1,92 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Network loss to pool pod belonging to a OpenEBS PVC +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-network-loss +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "litmuschaos.io" + - "batch" + - "extensions" + - "storage.k8s.io" + - "openebs.io" + resources: + - "pods" + - "pods/log" + - "pods/exec" + - "events" + - "jobs" + - "configmaps" + - "services" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumeclaims" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + - "cstorpools" + - "cstorvolumereplicas" + - "replicasets" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-network-loss/openebs_pool_network_loss_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + - name: NETWORK_PACKET_LOSS_PERCENTAGE + value: '100' # in percentage + + - name: TOTAL_CHAOS_DURATION + value: '120' # in seconds + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-pool-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/openebs/openebs-pool-network-loss/openebs-pool-network-loss.chartserviceversion.yaml b/experiments/openebs/openebs-pool-network-loss/openebs-pool-network-loss.chartserviceversion.yaml new file mode 100644 index 0000000..e1fe3ae --- /dev/null +++ b/experiments/openebs/openebs-pool-network-loss/openebs-pool-network-loss.chartserviceversion.yaml @@ -0,0 +1,44 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: openebs-pool-network-loss + version: 0.1.3 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-pool-network-loss + categoryDescription: > + Network loss to pool pod belonging to a OpenEBS PVC + keywords: + - Kubernetes + - K8S + - Storage Pool + - OpenEBS + - Network + platforms: + - GKE + - EKS + maturity: alpha + chaosType: infra + maintainers: + - name: Raj Babu Das + email: raj.das@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-pool-network-loss + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-pool-network-loss/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-pool-network-loss/experiment.yaml \ No newline at end of file diff --git a/experiments/openebs/openebs-pool-network-loss/rbac.yaml b/experiments/openebs/openebs-pool-network-loss/rbac.yaml new file mode 100644 index 0000000..20dcfc4 --- /dev/null +++ b/experiments/openebs/openebs-pool-network-loss/rbac.yaml @@ -0,0 +1,35 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pool-network-loss-sa + namespace: default + labels: + name: pool-network-loss-sa +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pool-network-loss-sa + labels: + name: pool-network-loss-sa +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io","openebs.io"] + resources: ["pods","pods/exec","pods/log","events","jobs","configmaps","services","persistentvolumeclaims","storageclasses","persistentvolumes","chaosengines","chaosexperiments","chaosresults","cstorpools","cstorvolumereplicas","replicasets"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pool-network-loss-sa + labels: + name: pool-network-loss-sa +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pool-network-loss-sa +subjects: +- kind: ServiceAccount + name: pool-network-loss-sa + namespace: default diff --git a/experiments/openebs/openebs-pool-pod-failure/engine.yaml b/experiments/openebs/openebs-pool-pod-failure/engine.yaml new file mode 100644 index 0000000..cfc1490 --- /dev/null +++ b/experiments/openebs/openebs-pool-pod-failure/engine.yaml @@ -0,0 +1,28 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: pool-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pool-pod-failure-sa + experiments: + - name: openebs-pool-pod-failure + spec: + components: + env: + - name: CHAOS_ITERATIONS + value: '2' + + - name: APP_PVC + value: 'demo-nginx-claim' + + - name: DEPLOY_TYPE + value: 'deployment' \ No newline at end of file diff --git a/experiments/openebs/openebs-pool-pod-failure/experiment.yaml b/experiments/openebs/openebs-pool-pod-failure/experiment.yaml new file mode 100644 index 0000000..52b597b --- /dev/null +++ b/experiments/openebs/openebs-pool-pod-failure/experiment.yaml @@ -0,0 +1,97 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the pool pod and check if gets scheduled again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-pool-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-pool-pod-failure +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "openebs.io" + - "storage.k8s.io" + resources: + - "deployments" + - "replicasets" + - "jobs" + - "pods/log" + - "events" + - "pods" + - "configmaps" + - "secrets" + - "storageclasses" + - "persistentvolumeclaims" + - "cstorvolumereplicas" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-pool-pod-failure/openebs_pool_pod_failure_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: default + + - name: OPENEBS_NS + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: CHAOS_ITERATIONS + value: '2' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-pool-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-pool-pod-failure + # mountPath: /mnt + diff --git a/experiments/openebs/openebs-pool-pod-failure/openebs-pool-pod-failure.chartserviceversion.yaml b/experiments/openebs/openebs-pool-pod-failure/openebs-pool-pod-failure.chartserviceversion.yaml new file mode 100644 index 0000000..6c49ec1 --- /dev/null +++ b/experiments/openebs/openebs-pool-pod-failure/openebs-pool-pod-failure.chartserviceversion.yaml @@ -0,0 +1,45 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-11-12T10:28:08Z + name: openebs-pool-pod-failure + version: 0.1.12 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-pool-pod-failure + categoryDescription: > + Kill the pool pod and check if gets scheduled again. + keywords: + - Kubernetes + - K8S + - Storage Pool + - OpenEBS + platforms: + - GKE + - EKS + - OpenShift + maturity: alpha + chaosType: infra + maintainers: + - name: shubham chaudhary + email: shubham.chaudhary@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-pool-pod-failure + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-pool-pod-failure/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-pool-pod-failure/experiment.yaml diff --git a/experiments/openebs/openebs-pool-pod-failure/rbac.yaml b/experiments/openebs/openebs-pool-pod-failure/rbac.yaml new file mode 100644 index 0000000..4b6ac65 --- /dev/null +++ b/experiments/openebs/openebs-pool-pod-failure/rbac.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pool-pod-failure-sa + namespace: default + labels: + name: pool-pod-failure-sa +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: pool-pod-failure-sa + labels: + name: pool-pod-failure-sa +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io","openebs.io"] + resources: ["pods","jobs","deployments","pods/log","events","configmaps","secrets","replicasets","persistentvolumeclaims","storageclasses","cstorvolumereplicas","chaosexperiments","chaosresults","chaosengines"] + verbs: ["create","list","get","patch","update","delete"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: pool-pod-failure-sa + labels: + name: pool-pod-failure-sa +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: pool-pod-failure-sa +subjects: +- kind: ServiceAccount + name: pool-pod-failure-sa + namespace: default diff --git a/experiments/openebs/openebs-target-container-failure/engine.yaml b/experiments/openebs/openebs-target-container-failure/engine.yaml new file mode 100644 index 0000000..f082c2a --- /dev/null +++ b/experiments/openebs/openebs-target-container-failure/engine.yaml @@ -0,0 +1,32 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: target-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: target-container-failure-sa + experiments: + - name: openebs-target-container-failure + spec: + components: + env: + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + - name: TARGET_CONTAINER + value: 'cstor-istgt' + + - name: APP_PVC + value: 'demo-nginx-claim' + + - name: DEPLOY_TYPE + value: 'deployment' \ No newline at end of file diff --git a/experiments/openebs/openebs-target-container-failure/experiment.yaml b/experiments/openebs/openebs-target-container-failure/experiment.yaml new file mode 100644 index 0000000..ef432b5 --- /dev/null +++ b/experiments/openebs/openebs-target-container-failure/experiment.yaml @@ -0,0 +1,113 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the cstor target/Jiva controller container and check if gets created again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-target-container-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-target-container-failure +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "apps" + - "batch" + - "litmuschaos.io" + - "storage.k8s.io" + resources: + - "jobs" + - "pods" + - "events" + - "pods/exec" + - "pods/log" + - "configmaps" + - "secrets" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "delete" + - "get" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-target-container-failure/openebs_target_container_failure_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + - name: APP_PVC + value: '' + + # LIB_IMAGE can be - gaiaadm/pumba:0.6.5, gprasath/crictl:ci + # For pumba image use : gaiaadm/pumba:0.6.5 + # For containerd image use : gprasath/crictl:ci + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + # Specify the container runtime used , to pick the relevant chaos util + - name: CONTAINER_RUNTIME + value: 'docker' + + # TARGET_CONTAINER values: cstor-volume-mgmt , cstor-istgt + # For cstor-volume-istgt container kill use : cstor-istgt + # For volume-mgmt-kill container use : cstor-volume-mgmt + + - name: TARGET_CONTAINER + value: 'cstor-volume-mgmt' + + - name: FORCE + value: 'true' + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + - name: DEPLOY_TYPE + value: 'deployment' + + # provide the chaos interval + - name: CHAOS_INTERVAL + value: '10' + + # provide the total chaos duration + - name: TOTAL_CHAOS_DURATION + value: '20' + + - name: SOAK_TIME + value: '60' + + labels: + name: openebs-target-container-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-target-container-failure + # mountPath: /mnt diff --git a/experiments/openebs/openebs-target-container-failure/openebs-target-container-failure.chartserviceversion.yaml b/experiments/openebs/openebs-target-container-failure/openebs-target-container-failure.chartserviceversion.yaml new file mode 100644 index 0000000..f84c594 --- /dev/null +++ b/experiments/openebs/openebs-target-container-failure/openebs-target-container-failure.chartserviceversion.yaml @@ -0,0 +1,45 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-11-11T10:28:08Z + name: openebs-target-container-failure + version: 0.1.12 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-target-container-failure + categoryDescription: > + Kill the cstor target/Jiva controller container and check if gets created again + keywords: + - Kubernetes + - K8S + - Storage Controller + - OpenEBS + platforms: + - GKE + - EKS + - OpenShift + maturity: alpha + chaosType: infra + maintainers: + - name: shubham chaudhary + email: shubham.chaudhary@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-target-container-failure + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-target-container-failure/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-target-container-failure/experiment.yaml diff --git a/experiments/openebs/openebs-target-container-failure/rbac.yaml b/experiments/openebs/openebs-target-container-failure/rbac.yaml new file mode 100644 index 0000000..d8d38fe --- /dev/null +++ b/experiments/openebs/openebs-target-container-failure/rbac.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: target-container-failure-sa + namespace: default + labels: + name: target-container-failure-sa + app.kubernetes.io/part-of: litmus +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: target-container-failure-sa + labels: + name: target-container-failure-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","litmuschaos.io","batch","apps","storage.k8s.io"] + resources: ["pods","jobs","pods/log","pods/exec","events","configmaps","secrets","persistentvolumeclaims","storageclasses","persistentvolumes","chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: target-container-failure-sa + labels: + name: target-container-failure-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: target-container-failure-sa +subjects: +- kind: ServiceAccount + name: target-container-failure-sa + namespace: default diff --git a/experiments/openebs/openebs-target-network-delay/engine.yaml b/experiments/openebs/openebs-target-network-delay/engine.yaml new file mode 100644 index 0000000..4681601 --- /dev/null +++ b/experiments/openebs/openebs-target-network-delay/engine.yaml @@ -0,0 +1,35 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: target-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: target-network-delay-sa + experiments: + - name: openebs-target-network-delay + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: TARGET_CONTAINER + value: 'cstor-istgt' + + - name: APP_PVC + value: 'demo-nginx-claim' + + - name: DEPLOY_TYPE + value: 'deployment' + + - name: NETWORK_DELAY + value: '30000' + \ No newline at end of file diff --git a/experiments/openebs/openebs-target-network-delay/experiment.yaml b/experiments/openebs/openebs-target-network-delay/experiment.yaml new file mode 100644 index 0000000..30f554d --- /dev/null +++ b/experiments/openebs/openebs-target-network-delay/experiment.yaml @@ -0,0 +1,94 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Network delay to target pod belonging to a deployment/statefulset/daemonset +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-target-network-delay + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-target-network-delay +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "storage.k8s.io" + resources: + - "jobs" + - "pods" + - "services" + - "events" + - "pods/exec" + - "pods/log" + - "configmaps" + - "secrets" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-target-network-delay/openebs_target_network_delay_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + - name: NETWORK_DELAY + value: '60000' # in milliseconds + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-target-network-delay + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-target-network-delay + # mountPath: /mnt diff --git a/experiments/openebs/openebs-target-network-delay/openebs-target-network-delay.chartserviceversion.yaml b/experiments/openebs/openebs-target-network-delay/openebs-target-network-delay.chartserviceversion.yaml new file mode 100644 index 0000000..04578ed --- /dev/null +++ b/experiments/openebs/openebs-target-network-delay/openebs-target-network-delay.chartserviceversion.yaml @@ -0,0 +1,45 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-10-17T10:28:08Z + name: openebs-target-network-delay + version: 0.1.9 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: openebs-target-network-delay + categoryDescription: > + Network delay to Pod belonging to a OpenEBS PVC + keywords: + - OpenEBS + - Kubernetes + - K8S + - Network + platforms: + - GKE + - EKS + - OpenShift + maturity: alpha + chaosType: infra + maintainers: + - name: giri + email: giridhara.prasad@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-target-network-delay + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-target-network-delay/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-target-network-delay/experiment.yaml diff --git a/experiments/openebs/openebs-target-network-delay/rbac.yaml b/experiments/openebs/openebs-target-network-delay/rbac.yaml new file mode 100644 index 0000000..efba945 --- /dev/null +++ b/experiments/openebs/openebs-target-network-delay/rbac.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: target-network-delay-sa + namespace: default + labels: + name: target-network-delay-sa + app.kubernetes.io/part-of: litmus +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: target-network-delay-sa + labels: + name: target-network-delay-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io"] + resources: ["pods","pods/exec","pods/log","events","jobs","configmaps","secrets","services","persistentvolumeclaims","storageclasses","persistentvolumes","chaosexperiments","chaosresults","chaosengines"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: target-network-delay-sa + labels: + name: target-network-delay-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: target-network-delay-sa +subjects: +- kind: ServiceAccount + name: target-network-delay-sa + namespace: default diff --git a/experiments/openebs/openebs-target-network-loss/engine.yaml b/experiments/openebs/openebs-target-network-loss/engine.yaml new file mode 100644 index 0000000..ba3b3f9 --- /dev/null +++ b/experiments/openebs/openebs-target-network-loss/engine.yaml @@ -0,0 +1,31 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: target-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: target-network-loss-sa + experiments: + - name: openebs-target-network-loss + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '120' # in seconds + + - name: TARGET_CONTAINER + value: 'cstor-istgt' + + - name: APP_PVC + value: 'demo-nginx-claim' + + - name: DEPLOY_TYPE + value: 'deployment' diff --git a/experiments/openebs/openebs-target-network-loss/experiment.yaml b/experiments/openebs/openebs-target-network-loss/experiment.yaml new file mode 100644 index 0000000..45876c6 --- /dev/null +++ b/experiments/openebs/openebs-target-network-loss/experiment.yaml @@ -0,0 +1,94 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Network loss to target pod belonging to a OpenEBS PVC +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-target-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-target-network-loss +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "storage.k8s.io" + resources: + - "jobs" + - "pods" + - "events" + - "services" + - "pods/log" + - "pods/exec" + - "configmaps" + - "secrets" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-target-network-loss/openebs_target_network_loss_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: TC_IMAGE + value: 'gaiadocker/iproute2' + + # only pumba supported + # For pumba image use : gaiaadm/pumba:0.6.5 + - name: LIB_IMAGE + value: 'gaiaadm/pumba:0.6.5' + + - name: NETWORK_PACKET_LOSS_PERCENTAGE + value: '100' # in percentage + + - name: TOTAL_CHAOS_DURATION + value: '120' # in seconds + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + labels: + name: openebs-target-network-loss + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-target-network-loss + # mountPath: /mnt diff --git a/experiments/openebs/openebs-target-network-loss/openebs-target-network-loss.chartserviceversion.yaml b/experiments/openebs/openebs-target-network-loss/openebs-target-network-loss.chartserviceversion.yaml new file mode 100644 index 0000000..bb98d32 --- /dev/null +++ b/experiments/openebs/openebs-target-network-loss/openebs-target-network-loss.chartserviceversion.yaml @@ -0,0 +1,45 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-10-17T10:28:08Z + name: openebs-target-network-loss + version: 0.1.9 + annotations: + categories: Kubernetes + vendor: CNCF + support: https://slack.kubernetes.io/ +spec: + displayName: openebs-target-network-loss + categoryDescription: > + Network loss to the target pod belonging to an OpenEBS PVC + keywords: + - Kubernetes + - K8S + - OpenEBS + - Network + platforms: + - GKE + - EKS + - OpenShift + maturity: alpha + chaosType: infra + maintainers: + - name: giri + email: giridhara.prasad@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-target-network-loss + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-target-network-loss/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-target-network-loss/experiment.yaml diff --git a/experiments/openebs/openebs-target-network-loss/rbac.yaml b/experiments/openebs/openebs-target-network-loss/rbac.yaml new file mode 100644 index 0000000..1a29e6d --- /dev/null +++ b/experiments/openebs/openebs-target-network-loss/rbac.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: target-network-loss-sa + namespace: default + labels: + name: target-network-loss-sa + app.kubernetes.io/part-of: litmus +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: target-network-loss-sa + labels: + name: target-network-loss-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io"] + resources: ["pods","pods/exec","pods/log","events","jobs","configmaps","secrets","services","persistentvolumeclaims","storageclasses","persistentvolumes","chaosexperiments","chaosresults","chaosengines"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: target-network-loss-sa + labels: + name: target-network-loss-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: target-network-loss-sa +subjects: +- kind: ServiceAccount + name: target-network-loss-sa + namespace: default diff --git a/experiments/openebs/openebs-target-pod-failure/engine.yaml b/experiments/openebs/openebs-target-pod-failure/engine.yaml new file mode 100644 index 0000000..e014e9a --- /dev/null +++ b/experiments/openebs/openebs-target-pod-failure/engine.yaml @@ -0,0 +1,31 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: target-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: target-pod-failure-sa + experiments: + - name: openebs-target-pod-failure + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '60' + + - name: FORCE + value: 'true' + + - name: APP_PVC + value: 'demo-nginx-claim' + + - name: DEPLOY_TYPE + value: 'deployment' \ No newline at end of file diff --git a/experiments/openebs/openebs-target-pod-failure/experiment.yaml b/experiments/openebs/openebs-target-pod-failure/experiment.yaml new file mode 100644 index 0000000..c2ef483 --- /dev/null +++ b/experiments/openebs/openebs-target-pod-failure/experiment.yaml @@ -0,0 +1,105 @@ +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kill the cstor target/Jiva controller pod and check if gets created again +kind: ChaosExperiment +metadata: + labels: + litmuschaos.io/name: openebs + name: openebs-target-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest + name: openebs-target-pod-failure +spec: + definition: + scope: Cluster + permissions: + - apiGroups: + - "" + - "extensions" + - "apps" + - "batch" + - "litmuschaos.io" + - "storage.k8s.io" + resources: + - "deployments" + - "jobs" + - "events" + - "pods" + - "pods/log" + - "pods/exec" + - "configmaps" + - "secrets" + - "services" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + - "persistentvolumeclaims" + - "storageclasses" + - "persistentvolumes" + verbs: + - "create" + - "get" + - "delete" + - "list" + - "patch" + - "update" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + image: "litmuschaos/ansible-runner:latest" + imagePullPolicy: Always + args: + - -c + - ansible-playbook ./experiments/openebs/openebs-target-pod-failure/openebs_target_pod_failure_ansible_logic.yml -i /etc/ansible/hosts -vv; exit 0 + command: + - /bin/bash + env: + - name: ANSIBLE_STDOUT_CALLBACK + value: 'default' + + - name: OPENEBS_NAMESPACE + value: 'openebs' + + - name: APP_PVC + value: '' + + - name: FORCE + value: 'true' + + - name: LIVENESS_APP_LABEL + value: '' + + - name: LIVENESS_APP_NAMESPACE + value: '' + + - name: DATA_PERSISTENCE + value: '' + + - name: TOTAL_CHAOS_DURATION + value: '60' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: CHAOS_INTERVAL + value: '15' + + - name: DEPLOY_TYPE + value: 'deployment' + + labels: + name: openebs-target-pod-failure + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + #configmaps: + #- name: openebs-target-pod-failure + # mountPath: /mnt diff --git a/experiments/openebs/openebs-target-pod-failure/openebs-target-pod-failure.chartserviceversion.yaml b/experiments/openebs/openebs-target-pod-failure/openebs-target-pod-failure.chartserviceversion.yaml new file mode 100644 index 0000000..c04aef4 --- /dev/null +++ b/experiments/openebs/openebs-target-pod-failure/openebs-target-pod-failure.chartserviceversion.yaml @@ -0,0 +1,46 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-11-11T10:28:08Z + name: openebs-target-pod-failure + version: 0.1.11 + annotations: + categories: OpenEBS + vendor: CNCF + support: https://slack.openebs.io/ +spec: + displayName: openebs-target-pod-failure + categoryDescription: > + Kill the cstor target/Jiva controller pod and check if gets created again + keywords: + - Kubernetes + - K8S + - Storage Controller + - OpenEBS + platforms: + - GKE + - EKS + - OpenShift + maturity: alpha + chaosType: infra + maintainers: + - name: shubham chaudhary + email: shubham.chaudhary@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-ansible/tree/master/experiments/openebs/openebs-target-pod-failure + - name: Documentation + url: https://v1-docs.litmuschaos.io/docs/openebs-target-pod-failure/ + - name: Video + url: + icon: + - url: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/openebs-target-pod-failure/experiment.yaml + diff --git a/experiments/openebs/openebs-target-pod-failure/rbac.yaml b/experiments/openebs/openebs-target-pod-failure/rbac.yaml new file mode 100644 index 0000000..79fa90b --- /dev/null +++ b/experiments/openebs/openebs-target-pod-failure/rbac.yaml @@ -0,0 +1,42 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: target-pod-failure-sa + namespace: default + labels: + name: target-pod-failure-sa + app.kubernetes.io/part-of: litmus +--- +# Source: openebs/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: target-pod-failure-sa + labels: + name: target-pod-failure-sa + app.kubernetes.io/part-of: litmus +rules: +- apiGroups: ["","apps","litmuschaos.io","batch","extensions","storage.k8s.io"] + resources: ["pods","jobs","pods/log","deployments","pods/exec","events","chaosexperiments","chaosresults","chaosengines","configmaps","secrets","services","persistentvolumeclaims","storageclasses","persistentvolumes"] + verbs: ["create","list","get","patch","update","delete"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: target-pod-failure-sa + labels: + name: target-pod-failure-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: target-pod-failure-sa +subjects: +- kind: ServiceAccount + name: target-pod-failure-sa + namespace: default + diff --git a/experiments/openebs/openebs.chartserviceversion.yaml b/experiments/openebs/openebs.chartserviceversion.yaml new file mode 100644 index 0000000..6cdaf94 --- /dev/null +++ b/experiments/openebs/openebs.chartserviceversion.yaml @@ -0,0 +1,63 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2019-08-27T10:28:08Z + name: openebs + version: 0.1.8 + annotations: + categories: OpenEBS + vendor: MayaData + support: https://slack.openebs.io/ + chartDescription: Injects generic openebs chaos +spec: + displayName: OpenEBS + categoryDescription: > + OpenEBS is the most active Container Attached Storage project. OpenEBS enables your DevOps teams to have their own storage policies for every workload and it is truly Kubernetes native and 100% in userspace. + + experiments: + - name: openebs-pool-pod-failure + description: "" + - name: openebs-pool-container-failure + description: "" + - name: openebs-target-pod-failure + description: "" + - name: openebs-target-container-failure + description: "" + - name: openebs-target-network-delay + description: "" + - name: openebs-target-network-loss + description: "" + - name: openebs-pool-network-delay + description: "" + - name: openebs-pool-network-loss + description: "" + - name: openebs-control-plane-chaos + description: "" + - name: openebs-pool-disk-loss + description: "" + - name: openebs-nfs-provisioner-kill + description: "" + keywords: + - Kubernetes + - K8S + - OpenEBS + - CAS + - Storage + - Network + - Pod + - Pool + maintainers: + - name: ksatchit + email: karthik.s@mayadata.io + minKubeVersion: 1.12.0 + provider: + name: Mayadata + links: + - name: OpenEBS Website + url: https://openebs.io + - name: Source Code + url: https://github.com/openebs/openebs + icon: + - url: https://raw.githubusercontent.com/litmuschaos/charthub.litmuschaos.io/master/public/icons/openebs.png + mediatype: image/png + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/openebs/experiments.yaml diff --git a/experiments/openebs/openebs.package.yaml b/experiments/openebs/openebs.package.yaml new file mode 100644 index 0000000..0f18e73 --- /dev/null +++ b/experiments/openebs/openebs.package.yaml @@ -0,0 +1,35 @@ +packageName: openebs +experiments: + - name: openebs-pool-pod-failure + CSV: openebs-pool-pod-failure.chartserviceversion.yaml + desc: "openebs-pool-pod-failure" + - name: openebs-pool-container-failure + CSV: openebs-pool-container-failure.chartserviceversion.yaml + desc: "openebs-pool-container-failure" + - name: openebs-target-pod-failure + CSV: openebs-target-pod-failure.chartserviceversion.yaml + desc: "openebs-target-pod-failure" + - name: openebs-target-container-failure + CSV: openebs-target-container-failure.chartserviceversion.yaml + desc: "openebs-target-container-failure" + - name: openebs-target-network-delay + CSV: openebs-target-network-delay.chartserviceversion.yaml + desc: "openebs-target-network-delay" + - name: openebs-target-network-loss + CSV: openebs-target-network-loss.chartserviceversion.yaml + desc: "openebs-target-network-loss" + - name: openebs-control-plane-chaos + CSV: openebs-control-plane-chaos.chartserviceversion.yaml + desc: "openebs-control-plane-chaos" + - name: openebs-pool-network-delay + CSV: openebs-pool-network-delay.chartserviceversion.yaml + desc: "openebs-pool-network-delay" + - name: openebs-pool-network-loss + CSV: openebs-pool-network-loss.chartserviceversion.yaml + desc: "openebs-pool-network-loss" + - name: openebs-pool-disk-loss + CSV: openebs-pool-disk-loss.chartserviceversion.yaml + desc: "openebs-pool-disk-loss" + - name: openebs-nfs-provisioner-kill + CSV: openebs-nfs-provisioner-kill.chartserviceversion.yaml + desc: "openebs-nfs-provisioner-kill" \ No newline at end of file diff --git a/experiments/openebs/sample_openebs_engine_with_data_persistency_enabled.yaml b/experiments/openebs/sample_openebs_engine_with_data_persistency_enabled.yaml new file mode 100644 index 0000000..7a59e6e --- /dev/null +++ b/experiments/openebs/sample_openebs_engine_with_data_persistency_enabled.yaml @@ -0,0 +1,30 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: openebs-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: -sa + experiments: + - name: + spec: + components: + env: + - name: TARGET_CONTAINER + value: 'cstor-istgt' + - name: APP_PVC + value: 'demo-nginx-claim' + configMaps: + - name: map1 + mountPath: '/mnt' + secrets: + - name: secret1 + mountPath: '/tmp' \ No newline at end of file diff --git a/experiments/vmware/experiments.yaml b/experiments/vmware/experiments.yaml new file mode 100644 index 0000000..61882e3 --- /dev/null +++ b/experiments/vmware/experiments.yaml @@ -0,0 +1,99 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stops one or more VMs for a certain chaos duration. +kind: ChaosExperiment +metadata: + name: vm-poweroff + labels: + name: vm-poweroff + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name vm-poweroff + command: + - /bin/bash + env: + + - name: VCENTERSERVER + valueFrom: + secretKeyRef: + name: vcenter-secret + key: VCENTERSERVER + + - name: VCENTERUSER + valueFrom: + secretKeyRef: + name: vcenter-secret + key: VCENTERUSER + + - name: VCENTERPASS + valueFrom: + secretKeyRef: + name: vcenter-secret + key: VCENTERPASS + + # provide the VM MOIDs as comma separated values + - name: APP_VM_MOIDS + value: '' + + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + - name: LIB + value: 'litmus' + + - name: RAMP_TIME + value: '' + + # parallel or sequence; the mode of chaos sequence, defaults to parallel + - name: SEQUENCE + value: 'parallel' + + labels: + experiment: vm-poweroff + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- diff --git a/experiments/vmware/icons/vm-poweroff.png b/experiments/vmware/icons/vm-poweroff.png new file mode 100644 index 0000000..50807e5 Binary files /dev/null and b/experiments/vmware/icons/vm-poweroff.png differ diff --git a/experiments/vmware/icons/vmware.png b/experiments/vmware/icons/vmware.png new file mode 100644 index 0000000..50807e5 Binary files /dev/null and b/experiments/vmware/icons/vmware.png differ diff --git a/experiments/vmware/vm-poweroff/engine.yaml b/experiments/vmware/vm-poweroff/engine.yaml new file mode 100644 index 0000000..a9fa88a --- /dev/null +++ b/experiments/vmware/vm-poweroff/engine.yaml @@ -0,0 +1,27 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: vmware-vm-chaos + namespace: default +spec: + # It can be active/stop + engineState: 'active' + #ex. values: ns1:name=percona,ns2:run=nginx + auxiliaryAppInfo: '' + chaosServiceAccount: vm-poweroff-sa + experiments: + - name: vm-poweroff + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + # provide VM MOIDs as comma separated values + - name: APP_VM_MOIDS + value: '' diff --git a/experiments/vmware/vm-poweroff/experiment.yaml b/experiments/vmware/vm-poweroff/experiment.yaml new file mode 100644 index 0000000..1562815 --- /dev/null +++ b/experiments/vmware/vm-poweroff/experiment.yaml @@ -0,0 +1,97 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Stops one or more VMs for a certain chaos duration. +kind: ChaosExperiment +metadata: + name: vm-poweroff + labels: + name: vm-poweroff + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Cluster + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name vm-poweroff + command: + - /bin/bash + env: + + - name: VCENTERSERVER + valueFrom: + secretKeyRef: + name: vcenter-secret + key: VCENTERSERVER + + - name: VCENTERUSER + valueFrom: + secretKeyRef: + name: vcenter-secret + key: VCENTERUSER + + - name: VCENTERPASS + valueFrom: + secretKeyRef: + name: vcenter-secret + key: VCENTERPASS + + # provide the VM MOIDs as comma separated values + - name: APP_VM_MOIDS + value: '' + + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '30' + + - name: LIB + value: 'litmus' + + - name: RAMP_TIME + value: '' + + # parallel or sequence; the mode of chaos sequence, defaults to parallel + - name: SEQUENCE + value: 'parallel' + + labels: + experiment: vm-poweroff + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/vmware/vm-poweroff/rbac.yaml b/experiments/vmware/vm-poweroff/rbac.yaml new file mode 100644 index 0000000..4bbd8ee --- /dev/null +++ b/experiments/vmware/vm-poweroff/rbac.yaml @@ -0,0 +1,63 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: vm-poweroff-sa + namespace: default + labels: + name: vm-poweroff-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: vm-poweroff-sa + labels: + name: vm-poweroff-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["secrets","configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: vm-poweroff-sa + labels: + name: vm-poweroff-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: vm-poweroff-sa +subjects: +- kind: ServiceAccount + name: vm-poweroff-sa + namespace: default + diff --git a/experiments/vmware/vm-poweroff/vm-poweroff.chartserviceversion.yaml b/experiments/vmware/vm-poweroff/vm-poweroff.chartserviceversion.yaml new file mode 100644 index 0000000..0b2ad00 --- /dev/null +++ b/experiments/vmware/vm-poweroff/vm-poweroff.chartserviceversion.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-04-29T10:28:08Z + name: vm-poweroff + annotations: + categories: vmware + vendor: Wipro, ChaosNative + support: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN +spec: + displayName: vm-poweroff + categoryDescription: | + This experiment causes power-off of target VMWare VM(s) for a certain chaos duration: + - Causes power-off of the VMWare VM(s) provided by the Moid(s) of the instance. + - It helps to check the performance of the application/services on the instance. + - Currently, the experiment is supported for vsphere version 6.X (Support for 7.X will be added soon). + + keywords: + - Vmware + - VM + platforms: + - vmware + maturity: alpha + maintainers: + - name: Delphine Joyneer, Neelanjan Manna + email: golkonda.joyneer@wipro.com, neelanjan@chaosnative.com + provider: + name: Wipro, ChaosNative + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/vmware/vm-poweroff + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/vmware/vm-poweroff/ + - name: Video + url: + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/vmware/vm-poweroff/experiment.yaml diff --git a/experiments/vmware/vmware.chartserviceversion.yaml b/experiments/vmware/vmware.chartserviceversion.yaml new file mode 100644 index 0000000..1d04eab --- /dev/null +++ b/experiments/vmware/vmware.chartserviceversion.yaml @@ -0,0 +1,35 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-04-29T10:28:08Z + name: vmware + version: 0.1.0 + annotations: + categories: vmware + chartDescription: Injects chaos on VMWare components +spec: + displayName: VMWare Chaos + categoryDescription: > + Contains chaos to disrupt the state of VMWare resources + experiments: + - name: vm-poweroff + description: "" + keywords: + - vmware + - VM + maintainers: + - name: Delphine Joyneer, Neelanjan Manna + email: golkonda.joyneer@wipro.com, neelanjan@chaosnative.com + provider: + name: Wipro, ChaosNative + links: + - name: Kubernetes Website + url: https://kubernetes.io + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/vmware + - name: Community Slack + url: https://app.slack.com/client/T09NY5SBT/CNXNB0ZTN + icon: + - url: + mediatype: + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/vmware/experiments.yaml diff --git a/experiments/vmware/vmware.package.yaml b/experiments/vmware/vmware.package.yaml new file mode 100644 index 0000000..3fe0e48 --- /dev/null +++ b/experiments/vmware/vmware.package.yaml @@ -0,0 +1,5 @@ +packageName: vmware +experiments: + - name: vm-poweroff + CSV: vm-poweroff.chartserviceversion.yaml + desc: "vm-poweroff" diff --git a/scenarios/icons/bank-of-anthos.png b/scenarios/icons/bank-of-anthos.png new file mode 100644 index 0000000..ba9028d Binary files /dev/null and b/scenarios/icons/bank-of-anthos.png differ diff --git a/scenarios/icons/pod-delete.png b/scenarios/icons/pod-delete.png new file mode 100644 index 0000000..16aa7b4 Binary files /dev/null and b/scenarios/icons/pod-delete.png differ diff --git a/scenarios/icons/pod-memory-hog.png b/scenarios/icons/pod-memory-hog.png new file mode 100644 index 0000000..e49a468 Binary files /dev/null and b/scenarios/icons/pod-memory-hog.png differ diff --git a/scenarios/icons/podtato-head.png b/scenarios/icons/podtato-head.png new file mode 100644 index 0000000..59e9f28 Binary files /dev/null and b/scenarios/icons/podtato-head.png differ diff --git a/scenarios/icons/sock-shop-promProbe.png b/scenarios/icons/sock-shop-promProbe.png new file mode 100644 index 0000000..00b4a19 Binary files /dev/null and b/scenarios/icons/sock-shop-promProbe.png differ diff --git a/scenarios/icons/sock-shop.png b/scenarios/icons/sock-shop.png new file mode 100644 index 0000000..00b4a19 Binary files /dev/null and b/scenarios/icons/sock-shop.png differ diff --git a/scenarios/pod-delete/pod-delete.chartserviceversion.yaml b/scenarios/pod-delete/pod-delete.chartserviceversion.yaml new file mode 100644 index 0000000..244bbc7 --- /dev/null +++ b/scenarios/pod-delete/pod-delete.chartserviceversion.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-05-24T10:28:08Z + name: pod-delete + version: 0.1.0 + annotations: + categories: pod-delete + chartDescription: Deletes a k8s pod +spec: + displayName: Pod Delete + categoryDescription: > + Pod delete contains chaos to disrupt state of kubernetes resources. Experiments can inject random pod delete failures against specified application. + experiments: + - name: pod-delete + description: "This experiment injects random pod delete failures against specified application." + keywords: + - Kubernetes + - Podtato-head + - Pod + platforms: + - GKE + - Minikube + - Packet(Kubeadm) + - EKS + - AKS + maintainers: + - name: oumkale + email: oumkale@chaosnative.com + provider: + name: ChaosNative + links: + - name: Kubernetes Slack + url: https://slack.kubernetes.io/ + - name: Documentation + url: https://docs.litmuschaos.io/docs/chaoshub/#generic-chaos + icon: + - url: + mediatype: "" diff --git a/scenarios/pod-delete/workflow.yaml b/scenarios/pod-delete/workflow.yaml new file mode 100644 index 0000000..4c39419 --- /dev/null +++ b/scenarios/pod-delete/workflow.yaml @@ -0,0 +1,159 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: argowf-chaos-pod-delete- + namespace: litmus + labels: + subject: "{{workflow.parameters.appNamespace}}_kube-proxy" +spec: + entrypoint: argowf-chaos + serviceAccountName: argo-chaos + securityContext: + runAsUser: 1000 + runAsNonRoot: true + arguments: + parameters: + - name: adminModeNamespace + value: "litmus" + - name: appNamespace + value: "kube-system" + templates: + - name: argowf-chaos + steps: + - - name: install-experiment + template: install-experiment + - - name: run-chaos + template: run-chaos + - - name: revert-chaos + template: revert-chaos + + - name: install-experiment + inputs: + artifacts: + - name: install-experiment + path: /tmp/pod-delete.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + description: + message: | + Deletes a pod belonging to a deployment/statefulset/daemonset + kind: ChaosExperiment + metadata: + name: pod-delete + spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "apps" + - "batch" + - "litmuschaos.io" + resources: + - "deployments" + - "jobs" + - "pods" + - "pods/log" + - "events" + - "configmaps" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-delete + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '15' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: FORCE + value: 'true' + + - name: CHAOS_INTERVAL + value: '5' + + - name: LIB + value: 'litmus' + labels: + name: pod-delete + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl apply -f /tmp/pod-delete.yaml -n {{workflow.parameters.adminModeNamespace}}", + ] + + - name: run-chaos + inputs: + artifacts: + - name: run-chaos + path: /tmp/chaosengine.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + kind: ChaosEngine + metadata: + name: kube-proxy-pod-delete-chaos + namespace: {{workflow.parameters.adminModeNamespace}} + labels: + context: "{{workflow.parameters.appNamespace}}_kube-proxy" + spec: + appinfo: + appns: kube-system + applabel: "k8s-app=kube-proxy" + appkind: daemonset + jobCleanUpPolicy: retain + engineState: 'active' + chaosServiceAccount: litmus-admin + experiments: + - name: pod-delete + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: "60" + - name: CHAOS_INTERVAL + value: "10" + - name: FORCE + value: "false" + container: + image: litmuschaos/litmus-checker:latest + args: ["-file=/tmp/chaosengine.yaml","-saveName=/tmp/engine-name"] + + - name: revert-chaos + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl delete chaosengine kube-proxy-pod-delete-chaos -n {{workflow.parameters.adminModeNamespace}}", + ] diff --git a/scenarios/pod-delete/workflow_cron.yaml b/scenarios/pod-delete/workflow_cron.yaml new file mode 100644 index 0000000..1311b4e --- /dev/null +++ b/scenarios/pod-delete/workflow_cron.yaml @@ -0,0 +1,163 @@ +apiVersion: argoproj.io/v1alpha1 +kind: CronWorkflow +metadata: + name: argo-chaos-pod-delete-cron-wf + namespace: litmus + labels: + subject: "{{workflow.parameters.appNamespace}}_kube-proxy" +spec: + schedule: "0 * * * *" + concurrencyPolicy: "Forbid" + startingDeadlineSeconds: 0 + workflowSpec: + entrypoint: argowf-chaos + serviceAccountName: argo-chaos + securityContext: + runAsUser: 1000 + runAsNonRoot: true + arguments: + parameters: + - name: adminModeNamespace + value: "litmus" + - name: appNamespace + value: "kube-system" + templates: + - name: argowf-chaos + steps: + - - name: install-experiment + template: install-experiment + - - name: run-chaos + template: run-chaos + - - name: revert-chaos + template: revert-chaos + + - name: install-experiment + inputs: + artifacts: + - name: install-experiment + path: /tmp/pod-delete.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + description: + message: | + Deletes a pod belonging to a deployment/statefulset/daemonset + kind: ChaosExperiment + metadata: + name: pod-delete + spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "apps" + - "batch" + - "litmuschaos.io" + resources: + - "deployments" + - "jobs" + - "pods" + - "pods/log" + - "events" + - "configmaps" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - apiGroups: + - "" + resources: + - "nodes" + verbs: + - "get" + - "list" + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-delete + command: + - /bin/bash + env: + + - name: TOTAL_CHAOS_DURATION + value: '15' + + # Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # provide the kill count + - name: KILL_COUNT + value: '' + + - name: FORCE + value: 'true' + + - name: CHAOS_INTERVAL + value: '5' + + - name: LIB + value: 'litmus' + labels: + name: pod-delete + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl apply -f /tmp/pod-delete.yaml -n {{workflow.parameters.adminModeNamespace}}", + ] + + - name: run-chaos + inputs: + artifacts: + - name: run-chaos + path: /tmp/chaosengine.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + kind: ChaosEngine + metadata: + name: kube-proxy-pod-delete-chaos + namespace: {{workflow.parameters.adminModeNamespace}} + labels: + context: "{{workflow.parameters.appNamespace}}_kube-proxy" + spec: + appinfo: + appns: kube-system + applabel: "k8s-app=kube-proxy" + appkind: daemonset + jobCleanUpPolicy: retain + engineState: 'active' + chaosServiceAccount: litmus-admin + experiments: + - name: pod-delete + spec: + components: + env: + - name: TOTAL_CHAOS_DURATION + value: "60" + - name: CHAOS_INTERVAL + value: "10" + - name: FORCE + value: "false" + container: + image: litmuschaos/litmus-checker:latest + args: ["-file=/tmp/chaosengine.yaml","-saveName=/tmp/engine-name"] + + - name: revert-chaos + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl delete chaosengine kube-proxy-pod-delete-chaos -n {{workflow.parameters.adminModeNamespace}}", + ] diff --git a/scenarios/pod-memory-hog/pod-memory-hog.chartserviceversion.yaml b/scenarios/pod-memory-hog/pod-memory-hog.chartserviceversion.yaml new file mode 100644 index 0000000..fc67c5f --- /dev/null +++ b/scenarios/pod-memory-hog/pod-memory-hog.chartserviceversion.yaml @@ -0,0 +1,40 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-05-24T10:28:08Z + name: pod-memory-hog + version: 0.1.0 + annotations: + categories: pod-memory-hog + chartDescription: Injects memory chaos on a k8s pod +spec: + displayName: Pod Memory Hog + categoryDescription: > + Pod-Memory-Hog contains chaos to consume memory resouces of specified containers in Kubernetes pods + and revert the chaos + experiments: + - name: pod-memory-hog + description: "Injects memory chaos on a k8s pod" + keywords: + - Kubernetes + - Podtato-head + - Pod + platforms: + - GKE + - Minikube + - Packet(Kubeadm) + - EKS + - AKS + maintainers: + - name: oumkale + email: oumkale@chaosnative.com + provider: + name: ChaosNative + links: + - name: Kubernetes Slack + url: https://slack.kubernetes.io/ + - name: Documentation + url: https://docs.litmuschaos.io/docs/chaoshub/#generic-chaos + icon: + - url: + mediatype: "" diff --git a/scenarios/pod-memory-hog/workflow.yaml b/scenarios/pod-memory-hog/workflow.yaml new file mode 100644 index 0000000..eba531a --- /dev/null +++ b/scenarios/pod-memory-hog/workflow.yaml @@ -0,0 +1,159 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: argowf-chaos-pod-memory-hog- + namespace: litmus + labels: + subject: "{{workflow.parameters.appNamespace}}_kube-proxy" +spec: + entrypoint: argowf-chaos + serviceAccountName: argo-chaos + securityContext: + runAsUser: 1000 + runAsNonRoot: true + arguments: + parameters: + - name: adminModeNamespace + value: "litmus" + - name: appNamespace + value: "kube-system" + templates: + - name: argowf-chaos + steps: + - - name: install-experiment + template: install-experiment + - - name: run-chaos + template: run-chaos + - - name: revert-chaos + template: revert-chaos + + - name: install-experiment + inputs: + artifacts: + - name: install-experiment + path: /tmp/pod-memory-hog.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + description: + message: | + Injects memory consumption on pods belonging to an app deployment + kind: ChaosExperiment + metadata: + name: pod-memory-hog + spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "batch" + - "litmuschaos.io" + resources: + - "jobs" + - "pods" + - "pods/log" + - "events" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name pod-memory-hog + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '10' + + ## enter the amount of memory in megabytes to be consumed by the application pod + - name: MEMORY_CONSUMPTION + value: '500' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus, powerfulseal, chaoskube + - name: LIB + value: 'litmus' + + - name: TARGET_POD + value: '' + + labels: + name: pod-memory-hog + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl apply -f /tmp/pod-memory-hog.yaml -n {{workflow.parameters.adminModeNamespace}}", + ] + + - name: run-chaos + inputs: + artifacts: + - name: run-chaos + path: /tmp/chaosengine.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + kind: ChaosEngine + metadata: + name: kube-proxy-pod-memory-hog-chaos + namespace: {{workflow.parameters.adminModeNamespace}} + labels: + context: "{{workflow.parameters.appNamespace}}_kube-proxy" + spec: + appinfo: + appns: kube-system + applabel: "k8s-app=kube-proxy" + appkind: daemonset + jobCleanUpPolicy: retain + engineState: 'active' + chaosServiceAccount: litmus-admin + experiments: + - name: pod-memory-hog + spec: + components: + env: + - name: TARGET_CONTAINER + value: 'kube-proxy' + + - name: MEMORY_CONSUMPTION + value: '500' + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: CHAOS_KILL_COMMAND + value: "kill -9 $(ps afx | grep \"[dd] if /dev/zero\" | awk '{print $1}' | tr '\n' ' ')" + container: + image: litmuschaos/litmus-checker:latest + args: ["-file=/tmp/chaosengine.yaml","-saveName=/tmp/engine-name"] + + - name: revert-chaos + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl delete chaosengine kube-proxy-pod-memory-hog-chaos -n {{workflow.parameters.adminModeNamespace}}", + ] diff --git a/scenarios/pod-memory-hog/workflow_cron.yaml b/scenarios/pod-memory-hog/workflow_cron.yaml new file mode 100644 index 0000000..9f2100f --- /dev/null +++ b/scenarios/pod-memory-hog/workflow_cron.yaml @@ -0,0 +1,163 @@ +apiVersion: argoproj.io/v1alpha1 +kind: CronWorkflow +metadata: + name: argo-chaos-pod-memory-cron-wf + namespace: litmus + labels: + subject: "{{workflow.parameters.appNamespace}}_kube-proxy" +spec: + schedule: "0 * * * *" + concurrencyPolicy: "Forbid" + startingDeadlineSeconds: 0 + workflowSpec: + entrypoint: argowf-chaos + serviceAccountName: argo-chaos + securityContext: + runAsUser: 1000 + runAsNonRoot: true + arguments: + parameters: + - name: adminModeNamespace + value: "litmus" + - name: appNamespace + value: "kube-system" + templates: + - name: argowf-chaos + steps: + - - name: install-experiment + template: install-experiment + - - name: run-chaos + template: run-chaos + - - name: revert-chaos + template: revert-chaos + + - name: install-experiment + inputs: + artifacts: + - name: install-experiment + path: /tmp/pod-memory-hog.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + description: + message: | + Injects memory consumption on pods belonging to an app deployment + kind: ChaosExperiment + metadata: + name: pod-memory-hog + spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "batch" + - "litmuschaos.io" + resources: + - "jobs" + - "pods" + - "pods/log" + - "events" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + image: "litmuschaos/go-runner:latest" + args: + - -c + - ./experiments -name pod-memory-hog + command: + - /bin/bash + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + + - name: CHAOS_INTERVAL + value: '10' + + ## enter the amount of memory in megabytes to be consumed by the application pod + - name: MEMORY_CONSUMPTION + value: '500' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + ## Period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + ## env var that describes the library used to execute the chaos + ## default: litmus. Supported values: litmus, powerfulseal, chaoskube + - name: LIB + value: 'litmus' + + - name: TARGET_POD + value: '' + + labels: + name: pod-memory-hog + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl apply -f /tmp/pod-memory-hog.yaml -n {{workflow.parameters.adminModeNamespace}}", + ] + + - name: run-chaos + inputs: + artifacts: + - name: run-chaos + path: /tmp/chaosengine.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + kind: ChaosEngine + metadata: + name: kube-proxy-pod-memory-hog-chaos + namespace: {{workflow.parameters.adminModeNamespace}} + labels: + context: "{{workflow.parameters.appNamespace}}_kube-proxy" + spec: + appinfo: + appns: kube-system + applabel: "k8s-app=kube-proxy" + appkind: daemonset + jobCleanUpPolicy: retain + engineState: 'active' + chaosServiceAccount: litmus-admin + experiments: + - name: pod-memory-hog + spec: + components: + env: + - name: TARGET_CONTAINER + value: 'kube-proxy' + + - name: MEMORY_CONSUMPTION + value: '500' + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + - name: CHAOS_KILL_COMMAND + value: "kill -9 $(ps afx | grep \"[dd] if /dev/zero\" | awk '{print $1}' | tr '\n' ' ')" + container: + image: litmuschaos/litmus-checker:latest + args: ["-file=/tmp/chaosengine.yaml","-saveName=/tmp/engine-name"] + + - name: revert-chaos + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl delete chaosengine kube-proxy-pod-memory-hog-chaos -n {{workflow.parameters.adminModeNamespace}}", + ] diff --git a/scenarios/podtato-head/podtato-head.chartserviceversion.yaml b/scenarios/podtato-head/podtato-head.chartserviceversion.yaml new file mode 100644 index 0000000..bc4c726 --- /dev/null +++ b/scenarios/podtato-head/podtato-head.chartserviceversion.yaml @@ -0,0 +1,40 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + createdAt: 2021-05-24T10:28:08Z + name: podtato-head + version: 0.1.0 + annotations: + categories: podtato-head + chartDescription: Injects chaos on podtato-head application +spec: + displayName: Podtato-head Chaos + categoryDescription: > + It install podtato-head application, inject chaos on podtato-head, uninstall the application + and revert the chaos + experiments: + - name: pod-delete + description: "Deletes a k8s pod" + keywords: + - Kubernetes + - Podtato-head + - Pod + platforms: + - GKE + - Minikube + - Packet(Kubeadm) + - EKS + - AKS + maintainers: + - name: oumkale + email: oumkale@chaosnative.com + provider: + name: ChaosNative + links: + - name: Kubernetes Slack + url: https://slack.kubernetes.io/ + - name: Documentation + url: https://docs.litmuschaos.io/docs/chaoshub/#generic-chaos + icon: + - url: + mediatype: "" diff --git a/scenarios/podtato-head/workflow.yaml b/scenarios/podtato-head/workflow.yaml new file mode 100644 index 0000000..355456b --- /dev/null +++ b/scenarios/podtato-head/workflow.yaml @@ -0,0 +1,114 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: argowf-podtato-head-chaos- + namespace: litmus + labels: + subject : "{{workflow.parameters.adminModeNamespace}}_podtato-main" +spec: + entrypoint: argowf-chaos + serviceAccountName: argo-chaos + securityContext: + runAsUser: 1000 + runAsNonRoot: true + arguments: + parameters: + - name: adminModeNamespace + value: "litmus" + templates: + - name: argowf-chaos + steps: + - - name: install-application + template: install-application + - - name: install-chaos-experiments + template: install-chaos-experiments + - - name: pod-delete + template: pod-delete + - - name: revert-chaos + template: revert-chaos + - name: delete-application + template: delete-application + + - name: install-application + container: + image: litmuschaos/litmus-app-deployer:latest + args: ["-namespace={{workflow.parameters.adminModeNamespace}}","-typeName=resilient","-operation=apply","-timeout=400", "-app=podtato-head","-scope=namespace"] + + - name: install-chaos-experiments + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + - "kubectl apply -f https://hub.litmuschaos.io/api/chaos/master?file=charts/generic/experiments.yaml -n + {{workflow.parameters.adminModeNamespace}} ; sleep 30" + + - name: pod-delete + inputs: + artifacts: + - name: pod-delete + path: /tmp/chaosengine.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + kind: ChaosEngine + metadata: + name: podtato-main-pod-delete-chaos + namespace: {{workflow.parameters.adminModeNamespace}} + labels: + context: "{{workflow.parameters.adminModeNamespace}}_podtato-main" + spec: + appinfo: + appns: {{workflow.parameters.adminModeNamespace}} + applabel: 'name=podtato-main' + appkind: 'deployment' + engineState: 'active' + chaosServiceAccount: litmus-admin + jobCleanUpPolicy: 'retain' + components: + runner: + imagePullPolicy: Always + experiments: + - name: pod-delete + spec: + probe: + - name: "check-podtato-main-access-url" + type: "httpProbe" + httpProbe/inputs: + url: "http://podtato-main.{{workflow.parameters.adminModeNamespace}}.svc.cluster.local:9000" + insecureSkipVerify: false + method: + get: + criteria: "==" + responseCode: "200" + mode: "Continuous" + runProperties: + probeTimeout: 1 + interval: 1 + retry: 1 + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + # pod failures without '--force' & default terminationGracePeriodSeconds + - name: FORCE + value: 'false' + container: + image: litmuschaos/litmus-checker:latest + args: ["-file=/tmp/chaosengine.yaml","-saveName=/tmp/engine-name"] + + - name: delete-application + container: + image: litmuschaos/litmus-app-deployer:latest + args: ["-namespace={{workflow.parameters.adminModeNamespace}}","-typeName=resilient","-operation=delete","-app=podtato-head"] + + - name: revert-chaos + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl delete chaosengine podtato-main-pod-delete-chaos -n {{workflow.parameters.adminModeNamespace}}", + ] \ No newline at end of file diff --git a/scenarios/podtato-head/workflow_cron.yaml b/scenarios/podtato-head/workflow_cron.yaml new file mode 100644 index 0000000..083367b --- /dev/null +++ b/scenarios/podtato-head/workflow_cron.yaml @@ -0,0 +1,118 @@ +apiVersion: argoproj.io/v1alpha1 +kind: CronWorkflow +metadata: + name: argowf-podtato-head-chaos-cron-wf + namespace: litmus + labels: + subject : "{{workflow.parameters.adminModeNamespace}}_podtato-head" +spec: + schedule: "0 * * * *" + concurrencyPolicy: "Forbid" + startingDeadlineSeconds: 0 + workflowSpec: + entrypoint: argowf-chaos + serviceAccountName: argo-chaos + securityContext: + runAsUser: 1000 + runAsNonRoot: true + arguments: + parameters: + - name: adminModeNamespace + value: "litmus" + templates: + - name: argowf-chaos + steps: + - - name: install-application + template: install-application + - - name: install-chaos-experiments + template: install-chaos-experiments + - - name: pod-delete + template: pod-delete + - - name: revert-chaos + template: revert-chaos + - name: delete-application + template: delete-application + + - name: install-application + container: + image: litmuschaos/litmus-app-deployer:latest + args: ["-namespace={{workflow.parameters.adminModeNamespace}}","-typeName=resilient","-operation=apply","-timeout=400", "-app=podtato-head","-scope=namespace"] + + - name: install-chaos-experiments + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + - "kubectl apply -f https://hub.litmuschaos.io/api/chaos/master?file=charts/generic/experiments.yaml -n + {{workflow.parameters.adminModeNamespace}} ; sleep 30" + + - name: pod-delete + inputs: + artifacts: + - name: pod-delete + path: /tmp/chaosengine.yaml + raw: + data: | + apiVersion: litmuschaos.io/v1alpha1 + kind: ChaosEngine + metadata: + name: podtato-main-pod-delete-chaos + namespace: {{workflow.parameters.adminModeNamespace}} + labels: + context: "{{workflow.parameters.adminModeNamespace}}_podtato-main" + spec: + appinfo: + appns: {{workflow.parameters.adminModeNamespace}} + applabel: 'name=podtato-main' + appkind: 'deployment' + engineState: 'active' + chaosServiceAccount: litmus-admin + jobCleanUpPolicy: 'retain' + components: + runner: + imagePullPolicy: Always + experiments: + - name: pod-delete + spec: + probe: + - name: "check-podtato-main-access-url" + type: "httpProbe" + httpProbe/inputs: + url: "http://podtato-main.{{workflow.parameters.adminModeNamespace}}.svc.cluster.local:9000" + insecureSkipVerify: false + method: + get: + criteria: "==" + responseCode: "200" + mode: "Continuous" + runProperties: + probeTimeout: 1 + interval: 1 + retry: 1 + components: + env: + - name: TOTAL_CHAOS_DURATION + value: '30' + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + # pod failures without '--force' & default terminationGracePeriodSeconds + - name: FORCE + value: 'false' + container: + image: litmuschaos/litmus-checker:latest + args: ["-file=/tmp/chaosengine.yaml","-saveName=/tmp/engine-name"] + + - name: delete-application + container: + image: litmuschaos/litmus-app-deployer:latest + args: ["-namespace={{workflow.parameters.adminModeNamespace}}","-typeName=resilient","-operation=delete","-app=podtato-head"] + + - name: revert-chaos + container: + image: litmuschaos/k8s:latest + command: [sh, -c] + args: + [ + "kubectl delete chaosengine podtato-main-pod-delete-chaos -n {{workflow.parameters.adminModeNamespace}}", + ] \ No newline at end of file