diff --git a/charts/generic/experiments.yaml b/charts/generic/experiments.yaml index eb4d5ad..5bc26cf 100644 --- a/charts/generic/experiments.yaml +++ b/charts/generic/experiments.yaml @@ -1061,7 +1061,123 @@ spec: apiVersion: litmuschaos.io/v1alpha1 description: message: | - Drain the node where application pod is scheduled + it injects http modify body chaos inside the pod which modifies the body of the response from the provided application server to the body string provided by user and reverts after specified duration +kind: ChaosExperiment +metadata: + name: pod-http-modify-body + labels: + name: pod-http-modify-body + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: + - "" + - "batch" + - "apps" + - "litmuschaos.io" + resources: + - "jobs" + - "pods" + - "pods/log" + - "events" + - "deployments" + - "replicasets" + - "pods/exec" + - "chaosengines" + - "chaosexperiments" + - "chaosresults" + verbs: + - "create" + - "list" + - "get" + - "patch" + - "update" + - "delete" + - "deletecollection" + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-modify-body + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # provide the body string to overwrite the response body + - name: RESPONSE_BODY + value: '' + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-modify-body + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest + +--- +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Kills the kubelet service on the application node to check the resiliency. kind: ChaosExperiment metadata: name: node-drain diff --git a/charts/generic/generic.chartserviceversion.yaml b/charts/generic/generic.chartserviceversion.yaml index 3041d24..42b5f2b 100644 --- a/charts/generic/generic.chartserviceversion.yaml +++ b/charts/generic/generic.chartserviceversion.yaml @@ -38,6 +38,7 @@ spec: - pod-memory-hog-exec - pod-network-partition - pod-http-latency + - pod-http-modify-body - pod-http-reset-peer keywords: - Kubernetes diff --git a/charts/generic/generic.package.yaml b/charts/generic/generic.package.yaml index 492f22f..799ffe0 100644 --- a/charts/generic/generic.package.yaml +++ b/charts/generic/generic.package.yaml @@ -75,6 +75,9 @@ experiments: - name: pod-http-latency CSV: pod-http-latency.chartserviceversion.yaml desc: "pod-http-latency" + - name: pod-http-modify-body + CSV: pod-http-modify-body.chartserviceversion.yaml + desc: "pod-http-modify-body" - name: pod-http-reset-peer CSV: pod-http-reset-peer.chartserviceversion.yaml - desc: "pod-http-reset-peer" \ No newline at end of file + desc: "pod-http-reset-peer" diff --git a/charts/generic/icons/pod-http-modify-body.png b/charts/generic/icons/pod-http-modify-body.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/charts/generic/icons/pod-http-modify-body.png differ diff --git a/charts/generic/pod-http-modify-body/engine.yaml b/charts/generic/pod-http-modify-body/engine.yaml new file mode 100644 index 0000000..cdf0688 --- /dev/null +++ b/charts/generic/pod-http-modify-body/engine.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-http-modify-body-sa + experiments: + - name: pod-http-modify-body + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # provide the body string to overwrite the response body + - name: RESPONSE_BODY + value: '' + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # provide the name of container runtime + # it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/charts/generic/pod-http-modify-body/experiment.yaml b/charts/generic/pod-http-modify-body/experiment.yaml new file mode 100644 index 0000000..97bfea6 --- /dev/null +++ b/charts/generic/pod-http-modify-body/experiment.yaml @@ -0,0 +1,135 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + It injects the chaos inside the pod which modifies the body of the response from the provided application server to the body string provided by the user and reverts after a specified duration +kind: ChaosExperiment +metadata: + name: pod-http-modify-body + labels: + name: pod-http-modify-body + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-modify-body + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # provide the body string to overwrite the response body + # if no value is provided, response will be an empty body. + - name: RESPONSE_BODY + value: '' + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-modify-body + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/charts/generic/pod-http-modify-body/pod-http-modify-body.chartserviceversion.yaml b/charts/generic/pod-http-modify-body/pod-http-modify-body.chartserviceversion.yaml new file mode 100644 index 0000000..1a66390 --- /dev/null +++ b/charts/generic/pod-http-modify-body/pod-http-modify-body.chartserviceversion.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-http-modify-body + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-http-modify-body + categoryDescription: > + it injects http modify body chaos inside the pod which modifies the body of the response from the provided application server to the body string provided by user and reverts after specified duration + keywords: + - "pods" + - "kubernetes" + - "generic" + - "exec" + - "http" + - "response body" + platforms: + - "Minikube" + maturity: alpha + maintainers: + - name: Akash Shrivastava + email: akash.shrivastava@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-http-modify-body + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-http-modify-body/ + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-http-modify-body/experiment.yaml \ No newline at end of file diff --git a/charts/generic/pod-http-modify-body/rbac-psp.yaml b/charts/generic/pod-http-modify-body/rbac-psp.yaml new file mode 100644 index 0000000..2869bde --- /dev/null +++ b/charts/generic/pod-http-modify-body/rbac-psp.yaml @@ -0,0 +1,84 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-modify-body-sa +subjects: +- kind: ServiceAccount + name: pod-http-modify-body-sa + namespace: default diff --git a/charts/generic/pod-http-modify-body/rbac.yaml b/charts/generic/pod-http-modify-body/rbac.yaml new file mode 100644 index 0000000..584be62 --- /dev/null +++ b/charts/generic/pod-http-modify-body/rbac.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-modify-body-sa +subjects: +- kind: ServiceAccount + name: pod-http-modify-body-sa + namespace: default diff --git a/charts/generic/pod-http-reset-peer/experiment.yaml b/charts/generic/pod-http-reset-peer/experiment.yaml index 0b93b57..ec36fc5 100644 --- a/charts/generic/pod-http-reset-peer/experiment.yaml +++ b/charts/generic/pod-http-reset-peer/experiment.yaml @@ -1,7 +1,7 @@ apiVersion: litmuschaos.io/v1alpha1 description: message: | - it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration + it injects chaos into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after a specified duration kind: ChaosExperiment metadata: name: pod-http-reset-peer diff --git a/experiments/generic/experiments.yaml b/experiments/generic/experiments.yaml index b2e295d..1f0811d 100644 --- a/experiments/generic/experiments.yaml +++ b/experiments/generic/experiments.yaml @@ -1222,122 +1222,6 @@ spec: app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest ---- -apiVersion: litmuschaos.io/v1alpha1 -description: - message: | - it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration -kind: ChaosExperiment -metadata: - name: pod-http-reset-peer - labels: - name: pod-http-reset-peer - app.kubernetes.io/part-of: litmus - app.kubernetes.io/component: chaosexperiment - app.kubernetes.io/version: latest -spec: - definition: - scope: Namespaced - permissions: - - apiGroups: - - "" - - "batch" - - "apps" - - "litmuschaos.io" - resources: - - "jobs" - - "pods" - - "pods/log" - - "events" - - "deployments" - - "replicasets" - - "pods/exec" - - "chaosengines" - - "chaosexperiments" - - "chaosresults" - verbs: - - "create" - - "list" - - "get" - - "patch" - - "update" - - "delete" - - "deletecollection" - image: "litmuschaos/go-runner:latest" - imagePullPolicy: Always - args: - - -c - - ./experiments -name pod-http-reset-peer - command: - - /bin/bash - env: - - - name: TARGET_CONTAINER - value: '' - - # provide lib image - - name: LIB_IMAGE - value: 'litmuschaos/go-runner:latest' - - # reset timeout specifies after how much duration to reset the connection - - name: RESET_TIMEOUT - value: '0' #in ms - - # port of the target service - - name: TARGET_SERVICE_PORT - value: "80" - - # port on which the proxy will listen - - name: PROXY_PORT - value: "20000" - - # network interface on which the proxy will listen - - name: NETWORK_INTERFACE - value: "eth0" - - - name: TOTAL_CHAOS_DURATION - value: '60' # in seconds - - # Time period to wait before and after injection of chaos in sec - - name: RAMP_TIME - value: '' - - # lib can be litmus or pumba - - name: LIB - value: 'litmus' - - # percentage of total pods to target - - name: PODS_AFFECTED_PERC - value: '' - - - name: TARGET_PODS - value: '' - - # provide the name of container runtime - # for litmus LIB, it supports docker, containerd, crio - # for pumba LIB, it supports docker only - - name: CONTAINER_RUNTIME - value: 'docker' - - # provide the socket file path - - name: SOCKET_PATH - value: '/var/run/docker.sock' - - # To select pods on specific node(s) - - name: NODE_LABEL - value: '' - - ## it defines the sequence of chaos execution for multiple target pods - ## supported values: serial, parallel - - name: SEQUENCE - value: 'parallel' - - labels: - name: pod-http-reset-peer - app.kubernetes.io/part-of: litmus - app.kubernetes.io/component: experiment-job - app.kubernetes.io/version: latest - --- apiVersion: litmuschaos.io/v1alpha1 description: diff --git a/experiments/generic/generic.chartserviceversion.yaml b/experiments/generic/generic.chartserviceversion.yaml index 83546a5..f764798 100644 --- a/experiments/generic/generic.chartserviceversion.yaml +++ b/experiments/generic/generic.chartserviceversion.yaml @@ -63,6 +63,8 @@ spec: description: "" - name: pod-http-latency description: "" + - name: pod-http-modify-body + description: "" - name: pod-http-reset-peer description: "" keywords: diff --git a/experiments/generic/generic.package.yaml b/experiments/generic/generic.package.yaml index 492f22f..799ffe0 100644 --- a/experiments/generic/generic.package.yaml +++ b/experiments/generic/generic.package.yaml @@ -75,6 +75,9 @@ experiments: - name: pod-http-latency CSV: pod-http-latency.chartserviceversion.yaml desc: "pod-http-latency" + - name: pod-http-modify-body + CSV: pod-http-modify-body.chartserviceversion.yaml + desc: "pod-http-modify-body" - name: pod-http-reset-peer CSV: pod-http-reset-peer.chartserviceversion.yaml - desc: "pod-http-reset-peer" \ No newline at end of file + desc: "pod-http-reset-peer" diff --git a/experiments/generic/icons/pod-http-modify-body.png b/experiments/generic/icons/pod-http-modify-body.png new file mode 100644 index 0000000..5d13f6b Binary files /dev/null and b/experiments/generic/icons/pod-http-modify-body.png differ diff --git a/experiments/generic/pod-http-modify-body/engine.yaml b/experiments/generic/pod-http-modify-body/engine.yaml new file mode 100644 index 0000000..cdf0688 --- /dev/null +++ b/experiments/generic/pod-http-modify-body/engine.yaml @@ -0,0 +1,42 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: nginx-chaos +spec: + # It can be active/stop + engineState: 'active' + appinfo: + appns: 'default' + applabel: 'app=nginx' + appkind: 'deployment' + chaosServiceAccount: pod-http-modify-body-sa + experiments: + - name: pod-http-modify-body + spec: + components: + env: + # set chaos duration (in sec) as desired + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # provide the body string to overwrite the response body + - name: RESPONSE_BODY + value: '' + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # provide the name of container runtime + # it supports docker, containerd, crio + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + ## percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + \ No newline at end of file diff --git a/experiments/generic/pod-http-modify-body/experiment.yaml b/experiments/generic/pod-http-modify-body/experiment.yaml new file mode 100644 index 0000000..97bfea6 --- /dev/null +++ b/experiments/generic/pod-http-modify-body/experiment.yaml @@ -0,0 +1,135 @@ +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + It injects the chaos inside the pod which modifies the body of the response from the provided application server to the body string provided by the user and reverts after a specified duration +kind: ChaosExperiment +metadata: + name: pod-http-modify-body + labels: + name: pod-http-modify-body + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: chaosexperiment + app.kubernetes.io/version: latest +spec: + definition: + scope: Namespaced + permissions: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + image: "litmuschaos/go-runner:latest" + imagePullPolicy: Always + args: + - -c + - ./experiments -name pod-http-modify-body + command: + - /bin/bash + env: + + - name: TARGET_CONTAINER + value: '' + + # provide lib image + - name: LIB_IMAGE + value: 'litmuschaos/go-runner:latest' + + # provide the body string to overwrite the response body + # if no value is provided, response will be an empty body. + - name: RESPONSE_BODY + value: '' + + # port of the target service + - name: TARGET_SERVICE_PORT + value: "80" + + # port on which the proxy will listen + - name: PROXY_PORT + value: "20000" + + # network interface on which the proxy will listen + - name: NETWORK_INTERFACE + value: "eth0" + + - name: TOTAL_CHAOS_DURATION + value: '60' # in seconds + + # Time period to wait before and after injection of chaos in sec + - name: RAMP_TIME + value: '' + + # lib can be litmus or pumba + - name: LIB + value: 'litmus' + + # percentage of total pods to target + - name: PODS_AFFECTED_PERC + value: '' + + - name: TARGET_PODS + value: '' + + # provide the name of container runtime + # for litmus LIB, it supports docker, containerd, crio + # for pumba LIB, it supports docker only + - name: CONTAINER_RUNTIME + value: 'docker' + + # provide the socket file path + - name: SOCKET_PATH + value: '/var/run/docker.sock' + + # To select pods on specific node(s) + - name: NODE_LABEL + value: '' + + ## it defines the sequence of chaos execution for multiple target pods + ## supported values: serial, parallel + - name: SEQUENCE + value: 'parallel' + + labels: + name: pod-http-modify-body + app.kubernetes.io/part-of: litmus + app.kubernetes.io/component: experiment-job + app.kubernetes.io/version: latest diff --git a/experiments/generic/pod-http-modify-body/pod-http-modify-body.chartserviceversion.yaml b/experiments/generic/pod-http-modify-body/pod-http-modify-body.chartserviceversion.yaml new file mode 100644 index 0000000..1a66390 --- /dev/null +++ b/experiments/generic/pod-http-modify-body/pod-http-modify-body.chartserviceversion.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: pod-http-modify-body + version: 0.1.0 + annotations: + categories: generic +spec: + displayName: pod-http-modify-body + categoryDescription: > + it injects http modify body chaos inside the pod which modifies the body of the response from the provided application server to the body string provided by user and reverts after specified duration + keywords: + - "pods" + - "kubernetes" + - "generic" + - "exec" + - "http" + - "response body" + platforms: + - "Minikube" + maturity: alpha + maintainers: + - name: Akash Shrivastava + email: akash.shrivastava@harness.io + minKubeVersion: 1.12.0 + provider: + name: Harness + labels: + app.kubernetes.io/component: chartserviceversion + app.kubernetes.io/version: latest + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-go/tree/master/experiments/generic/pod-http-modify-body + - name: Documentation + url: https://litmuschaos.github.io/litmus/experiments/categories/pods/pod-http-modify-body/ + icon: + - base64data: "" + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/pod-http-modify-body/experiment.yaml \ No newline at end of file diff --git a/experiments/generic/pod-http-modify-body/rbac-psp.yaml b/experiments/generic/pod-http-modify-body/rbac-psp.yaml new file mode 100644 index 0000000..2869bde --- /dev/null +++ b/experiments/generic/pod-http-modify-body/rbac-psp.yaml @@ -0,0 +1,84 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] + # use litmus psp + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: ["litmus"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-modify-body-sa +subjects: +- kind: ServiceAccount + name: pod-http-modify-body-sa + namespace: default diff --git a/experiments/generic/pod-http-modify-body/rbac.yaml b/experiments/generic/pod-http-modify-body/rbac.yaml new file mode 100644 index 0000000..584be62 --- /dev/null +++ b/experiments/generic/pod-http-modify-body/rbac.yaml @@ -0,0 +1,79 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +rules: + # Create and monitor the experiment & helper pods + - apiGroups: [""] + resources: ["pods"] + verbs: ["create","delete","get","list","patch","update", "deletecollection"] + # Performs CRUD operations on the events inside chaosengine and chaosresult + - apiGroups: [""] + resources: ["events"] + verbs: ["create","get","list","patch","update"] + # Fetch configmaps details and mount it to the experiment pod (if specified) + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get","list",] + # Track and get the runner, experiment, and helper pods log + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get","list","watch"] + # for creating and managing to execute comands inside target container + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["get","list","create"] + # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) + - apiGroups: ["apps"] + resources: ["deployments","statefulsets","replicasets", "daemonsets"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: ["apps.openshift.io"] + resources: ["deploymentconfigs"] + verbs: ["list","get"] + # deriving the parent/owner details of the pod(if parent is deploymentConfig) + - apiGroups: [""] + resources: ["replicationcontrollers"] + verbs: ["get","list"] + # deriving the parent/owner details of the pod(if parent is argo-rollouts) + - apiGroups: ["argoproj.io"] + resources: ["rollouts"] + verbs: ["list","get"] + # for configuring and monitor the experiment job by the chaos-runner pod + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["create","list","get","delete","deletecollection"] + # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow + - apiGroups: ["litmuschaos.io"] + resources: ["chaosengines","chaosexperiments","chaosresults"] + verbs: ["create","list","get","patch","update","delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pod-http-modify-body-sa + namespace: default + labels: + name: pod-http-modify-body-sa + app.kubernetes.io/part-of: litmus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: pod-http-modify-body-sa +subjects: +- kind: ServiceAccount + name: pod-http-modify-body-sa + namespace: default diff --git a/experiments/generic/pod-http-reset-peer/experiment.yaml b/experiments/generic/pod-http-reset-peer/experiment.yaml index 0b93b57..ec36fc5 100644 --- a/experiments/generic/pod-http-reset-peer/experiment.yaml +++ b/experiments/generic/pod-http-reset-peer/experiment.yaml @@ -1,7 +1,7 @@ apiVersion: litmuschaos.io/v1alpha1 description: message: | - it injects http reset into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after the specified duration + it injects chaos into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after a specified duration kind: ChaosExperiment metadata: name: pod-http-reset-peer