diff --git a/charts/generic/experiments.yaml b/charts/generic/experiments.yaml index ea50d5c..76f552e 100644 --- a/charts/generic/experiments.yaml +++ b/charts/generic/experiments.yaml @@ -1335,7 +1335,6 @@ spec: app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest ---- --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -2037,7 +2036,6 @@ spec: app.kubernetes.io/service-kill: "true" app.kubernetes.io/version: latest - --- apiVersion: litmuschaos.io/v1alpha1 description: @@ -3044,7 +3042,6 @@ spec: - name: id-rsa mountPath: /mnt/ ---- --- apiVersion: litmuschaos.io/v1alpha1 description: diff --git a/charts/generic/generic.chartserviceversion.yaml b/charts/generic/generic.chartserviceversion.yaml index ce3f0ae..9042fb0 100644 --- a/charts/generic/generic.chartserviceversion.yaml +++ b/charts/generic/generic.chartserviceversion.yaml @@ -38,6 +38,7 @@ spec: - pod-memory-hog-exec - pod-network-partition - pod-http-latency + - pod-http-status-code - pod-http-modify-header - pod-http-modify-body - pod-http-reset-peer diff --git a/charts/generic/generic.package.yaml b/charts/generic/generic.package.yaml index a83f61c..3dd250d 100644 --- a/charts/generic/generic.package.yaml +++ b/charts/generic/generic.package.yaml @@ -75,6 +75,9 @@ experiments: - name: pod-http-latency CSV: pod-http-latency.chartserviceversion.yaml desc: "pod-http-latency" + - name: pod-http-status-code + CSV: pod-http-status-code.chartserviceversion.yaml + desc: "pod-http-status-code" - name: pod-http-modify-header CSV: pod-http-modify-header.chartserviceversion.yaml desc: "pod-http-modify-header" diff --git a/charts/generic/icons/pod-http-status-code.png b/charts/generic/icons/pod-http-status-code.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/charts/generic/icons/pod-http-status-code.png differ diff --git a/charts/generic/pod-http-status-code/engine.yaml b/charts/generic/pod-http-status-code/engine.yaml new file mode 100644 index 0000000..36f9cfc --- /dev/null +++ b/charts/generic/pod-http-status-code/engine.yaml @@ -0,0 +1,54 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-http-status-code-sa + experiments: + - name: pod-http-status-code + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + + # modified status code for the http response + # if no value is provided, a random status code from the supported code list will selected + # if an invalid status code is provided, the experiment will fail + # supported status code list: [200, 201, 202, 204, 300, 301, 302, 304, 307, 400, 401, 403, 404, 500, 501, 502, 503, 504 + - name: STATUS_CODE + value: '' + + # whether to modify the body as per the status code provided + - name: "MODIFY_RESPONSE_BODY" + value: "true" + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # provide the name of container runtime + # it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + \ No newline at end of file diff --git a/charts/generic/pod-http-status-code/experiment.yaml b/charts/generic/pod-http-status-code/experiment.yaml new file mode 100644 index 0000000..f8994df --- /dev/null +++ b/charts/generic/pod-http-status-code/experiment.yaml @@ -0,0 +1,141 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + It injects chaos inside the pod which modifies the status code of the response from the provided application server to desired status code provided by the user and reverts after a specified duration +kind: ChaosExperiment +metadata: + name: pod-http-status-code + labels: + name: pod-http-status-code + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-status-code + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # modified status code for the http response + # if no value is provided, a random status code from the supported code list will selected + # if an invalid status code is provided, the experiment will fail + # supported status code list: [200, 201, 202, 204, 300, 301, 302, 304, 307, 400, 401, 403, 404, 500, 501, 502, 503, 504] + - name: STATUS_CODE + value: '' + + # whether to modify the body as per the status code provided + - name: "MODIFY_RESPONSE_BODY" + value: "true" + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-status-code + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/charts/generic/pod-http-status-code/pod-http-status-code.chartserviceversion.yaml b/charts/generic/pod-http-status-code/pod-http-status-code.chartserviceversion.yaml new file mode 100644 index 0000000..af809c9 --- /dev/null +++ b/charts/generic/pod-http-status-code/pod-http-status-code.chartserviceversion.yaml @@ -0,0 +1,40 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-http-status-code + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-http-status-code + categoryDescription: > + it injects http status code chaos inside the pod which modifies the status code of the response from the provided application server to desired status code provided by user and reverts after specified duration + keywords: + - "pods" + - "kubernetes" + - "generic" + - "exec" + - "http" + - "status code" + - "response code" + platforms: + - "Minikube" + maturity: alpha + maintainers: + - name: Akash Shrivastava + email: akash.shrivastava@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-http-status-code + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-http-status-code/ + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-http-status-code/experiment.yaml \ No newline at end of file diff --git a/charts/generic/pod-http-status-code/rbac-psp.yaml b/charts/generic/pod-http-status-code/rbac-psp.yaml new file mode 100644 index 0000000..8318ccd --- /dev/null +++ b/charts/generic/pod-http-status-code/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-status-code-sa +subjects: +- kind: ServiceAccount + name: pod-http-status-code-sa + namespace: default diff --git a/charts/generic/pod-http-status-code/rbac.yaml b/charts/generic/pod-http-status-code/rbac.yaml new file mode 100644 index 0000000..5f117f5 --- /dev/null +++ b/charts/generic/pod-http-status-code/rbac.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-status-code-sa +subjects: +- kind: ServiceAccount + name: pod-http-status-code-sa + namespace: default diff --git a/experiments/generic/generic.chartserviceversion.yaml b/experiments/generic/generic.chartserviceversion.yaml index 8d540b1..a8b31b6 100644 --- a/experiments/generic/generic.chartserviceversion.yaml +++ b/experiments/generic/generic.chartserviceversion.yaml @@ -69,6 +69,8 @@ spec: description: "" - name: pod-http-modify-header description: "" + - name: pod-http-status-code + description: "" keywords: - Kubernetes - K8S diff --git a/experiments/generic/generic.package.yaml b/experiments/generic/generic.package.yaml index 65b0ab8..e816034 100644 --- a/experiments/generic/generic.package.yaml +++ b/experiments/generic/generic.package.yaml @@ -84,3 +84,6 @@ experiments: - name: pod-http-modify-header CSV: pod-http-modify-header.chartserviceversion.yaml desc: "pod-http-modify-header" + - name: pod-http-status-code + CSV: pod-http-status-code.chartserviceversion.yaml + desc: "pod-http-status-code" diff --git a/experiments/generic/icons/pod-http-status-code.png b/experiments/generic/icons/pod-http-status-code.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-http-status-code.png differ diff --git a/experiments/generic/pod-http-status-code/engine.yaml b/experiments/generic/pod-http-status-code/engine.yaml new file mode 100644 index 0000000..36f9cfc --- /dev/null +++ b/experiments/generic/pod-http-status-code/engine.yaml @@ -0,0 +1,54 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-http-status-code-sa + experiments: + - name: pod-http-status-code + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '30' + + # set chaos interval (in sec) as desired + - name: CHAOS_INTERVAL + value: '10' + + # modified status code for the http response + # if no value is provided, a random status code from the supported code list will selected + # if an invalid status code is provided, the experiment will fail + # supported status code list: [200, 201, 202, 204, 300, 301, 302, 304, 307, 400, 401, 403, 404, 500, 501, 502, 503, 504 + - name: STATUS_CODE + value: '' + + # whether to modify the body as per the status code provided + - name: "MODIFY_RESPONSE_BODY" + value: "true" + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # provide the name of container runtime + # it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + \ No newline at end of file diff --git a/experiments/generic/pod-http-status-code/experiment.yaml b/experiments/generic/pod-http-status-code/experiment.yaml new file mode 100644 index 0000000..f8994df --- /dev/null +++ b/experiments/generic/pod-http-status-code/experiment.yaml @@ -0,0 +1,141 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + It injects chaos inside the pod which modifies the status code of the response from the provided application server to desired status code provided by the user and reverts after a specified duration +kind: ChaosExperiment +metadata: + name: pod-http-status-code + labels: + name: pod-http-status-code + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-status-code + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # modified status code for the http response + # if no value is provided, a random status code from the supported code list will selected + # if an invalid status code is provided, the experiment will fail + # supported status code list: [200, 201, 202, 204, 300, 301, 302, 304, 307, 400, 401, 403, 404, 500, 501, 502, 503, 504] + - name: STATUS_CODE + value: '' + + # whether to modify the body as per the status code provided + - name: "MODIFY_RESPONSE_BODY" + value: "true" + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-status-code + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-http-status-code/pod-http-status-code.chartserviceversion.yaml b/experiments/generic/pod-http-status-code/pod-http-status-code.chartserviceversion.yaml new file mode 100644 index 0000000..af809c9 --- /dev/null +++ b/experiments/generic/pod-http-status-code/pod-http-status-code.chartserviceversion.yaml @@ -0,0 +1,40 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-http-status-code + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-http-status-code + categoryDescription: > + it injects http status code chaos inside the pod which modifies the status code of the response from the provided application server to desired status code provided by user and reverts after specified duration + keywords: + - "pods" + - "kubernetes" + - "generic" + - "exec" + - "http" + - "status code" + - "response code" + platforms: + - "Minikube" + maturity: alpha + maintainers: + - name: Akash Shrivastava + email: akash.shrivastava@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-http-status-code + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-http-status-code/ + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-http-status-code/experiment.yaml \ No newline at end of file diff --git a/experiments/generic/pod-http-status-code/rbac-psp.yaml b/experiments/generic/pod-http-status-code/rbac-psp.yaml new file mode 100644 index 0000000..8318ccd --- /dev/null +++ b/experiments/generic/pod-http-status-code/rbac-psp.yaml @@ -0,0 +1,85 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-status-code-sa +subjects: +- kind: ServiceAccount + name: pod-http-status-code-sa + namespace: default diff --git a/experiments/generic/pod-http-status-code/rbac.yaml b/experiments/generic/pod-http-status-code/rbac.yaml new file mode 100644 index 0000000..5f117f5 --- /dev/null +++ b/experiments/generic/pod-http-status-code/rbac.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-status-code-sa + namespace: default + labels: + name: pod-http-status-code-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-status-code-sa +subjects: +- kind: ServiceAccount + name: pod-http-status-code-sa + namespace: default