From c7e7a411c28e7ee3e363898fb4eb9215e2db19bb Mon Sep 17 00:00:00 2001 From: navinjoy Date: Wed, 28 Oct 2020 09:49:41 -0700 Subject: [PATCH] added 3 new experiments for kubernetes (#356) * added 3 new experiments for kubernetes Signed-off-by: Navin Jammula --- .DS_Store | Bin 0 -> 6148 bytes .../k8-alb-ingress-controller/Readme.md | 10 +++ .../k8-alb-ingress-controller/engine.yaml | 39 ++++++++++++ .../k8-alb-ingress-controller/experiment.yaml | 58 ++++++++++++++++++ ...ngress-controller.chartserviceversion.yaml | 33 ++++++++++ .../k8-alb-ingress-controller/rbac-admin.yaml | 38 ++++++++++++ charts/generic/k8-kube-proxy/Readme.md | 10 +++ charts/generic/k8-kube-proxy/engine.yaml | 39 ++++++++++++ charts/generic/k8-kube-proxy/experiment.yaml | 58 ++++++++++++++++++ .../k8-kube-proxy.chartserviceversion.yaml | 33 ++++++++++ charts/generic/k8-kube-proxy/rbac-admin.yaml | 38 ++++++++++++ 11 files changed, 356 insertions(+) create mode 100644 .DS_Store create mode 100644 charts/generic/k8-alb-ingress-controller/Readme.md create mode 100644 charts/generic/k8-alb-ingress-controller/engine.yaml create mode 100644 charts/generic/k8-alb-ingress-controller/experiment.yaml create mode 100644 charts/generic/k8-alb-ingress-controller/k8-alb-ingress-controller.chartserviceversion.yaml create mode 100644 charts/generic/k8-alb-ingress-controller/rbac-admin.yaml create mode 100644 charts/generic/k8-kube-proxy/Readme.md create mode 100644 charts/generic/k8-kube-proxy/engine.yaml create mode 100644 charts/generic/k8-kube-proxy/experiment.yaml create mode 100644 charts/generic/k8-kube-proxy/k8-kube-proxy.chartserviceversion.yaml create mode 100644 charts/generic/k8-kube-proxy/rbac-admin.yaml diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..bbda36e075f5f8e69e9d47208ff5a842264897ed GIT binary patch literal 6148 zcmeHKJ8l9o5S(5ozFt@?*o;Y~OrjZy8Y_9A{kQ{JlCI4`0XKDEoH6xHI{by=>(4 zk8gW4DnJFO02QDDRN%1+WPNSsk3E*BQ2{FO0t(pop}-AmVjt+A4h-G`0H+AMVeY*I zuvh?C6Z=3!U>a0lP&Hc&4Laf_^J-!r7`>Hi$N9z6MQb2ODnJE>3QS_z zTK)fk-|7E{B(A6c6?iEHbh=zEJ3J|C>*#S-YYTi0x13+N8RkyG;N=+T1>4-ZW$e#hzg+>LQt-v34Ock>L literal 0 HcmV?d00001 diff --git a/charts/generic/k8-alb-ingress-controller/Readme.md b/charts/generic/k8-alb-ingress-controller/Readme.md new file mode 100644 index 0000000..5f71043 --- /dev/null +++ b/charts/generic/k8-alb-ingress-controller/Readme.md @@ -0,0 +1,10 @@ +# Remote namespace +* navigate to current directory `charts/generic/k8-alb-ingress-controller/` +* Apply experiments for K8 - `kubectl apply -f experiment.yaml` +* Validate the experiments for k8 - `kubectl get chaosexperiments` +* Setup RBAC as admin mode - `kubectl apply -f rbac-admin.yaml` +* Create pod Experiment - for health experiment for IKS 1.0 -`kubectl create -f engine.yaml` +* Validate experiment - `kubectl get pods -w` +* Validate logs - `kubectl logs -f ` +* Clean up chaosexperiment -`kubectl delete -f engine.yaml` +* Clean up rbac-admin -`kubectl delete -f rbac-admin.yaml` diff --git a/charts/generic/k8-alb-ingress-controller/engine.yaml b/charts/generic/k8-alb-ingress-controller/engine.yaml new file mode 100644 index 0000000..9fb851a --- /dev/null +++ b/charts/generic/k8-alb-ingress-controller/engine.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: k8-alb-ingress-controller + namespace: default +spec: + appinfo: + appns: 'default' + applabel: "app=alb-ingress-controller" + appkind: deployment + annotationCheck: 'false' + engineState: 'active' + chaosServiceAccount: chaos-admin + monitoring: false + jobCleanUpPolicy: 'retain' + experiments: + - name: k8-pod-delete + spec: + components: + env: + # set chaos namespace + - name: NAME_SPACE + value: addon-alb-ingress-controller-ns + # set chaos label name + - name: LABEL_NAME + value: app=alb-ingress-controller + # pod endpoint + - name: APP_ENDPOINT + value: 'localhost' + - name: FILE + value: 'pod-custom-kill-health.json' + - name: REPORT + value: 'true' + - name: REPORT_ENDPOINT + value: 'none' + - name: TEST_NAMESPACE + value: 'default' + + diff --git a/charts/generic/k8-alb-ingress-controller/experiment.yaml b/charts/generic/k8-alb-ingress-controller/experiment.yaml new file mode 100644 index 0000000..0105ff3 --- /dev/null +++ b/charts/generic/k8-alb-ingress-controller/experiment.yaml @@ -0,0 +1,58 @@ +# Generic Chaos experiment for Application team, who want to participate in Game Day +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes a pod belonging to a deployment/statefulset/daemonset +kind: ChaosExperiment +metadata: + name: k8-pod-delete +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: ["","apps","batch"] + resources: ["jobs","deployments","daemonsets"] + verbs: ["create","list","get","patch","delete"] + - apiGroups: ["","litmuschaos.io"] + resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"] + verbs: ["get","create","update","patch","delete","list"] + - apiGroups: [""] + resources: ["nodes"] + verbs : ["get","list"] + labels: + name: k8-pod-delete + app.kubernetes.io/part-of: litmus + image: "litmuschaos/chaostoolkit:latest" + args: + - -c + - python /app/chaos/chaostest/kubernetes/k8_wrapper.py ; exit 0 + command: + - /bin/bash + env: + + - name: CHAOSTOOLKIT_IN_POD + value: 'true' + + - name: FILE + value: 'pod-app-kill-count.json' + + - name: NAME_SPACE + value: '' + + - name: LABEL_NAME + value: '' + + - name: APP_ENDPOINT + value: '' + + - name: PERCENTAGE + value: '50' + + - name: REPORT + value: 'true' + + - name: REPORT_ENDPOINT + value: 'none' + + - name: TEST_NAMESPACE + value: 'default' diff --git a/charts/generic/k8-alb-ingress-controller/k8-alb-ingress-controller.chartserviceversion.yaml b/charts/generic/k8-alb-ingress-controller/k8-alb-ingress-controller.chartserviceversion.yaml new file mode 100644 index 0000000..635546f --- /dev/null +++ b/charts/generic/k8-alb-ingress-controller/k8-alb-ingress-controller.chartserviceversion.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: k8-pod-delete + version: 0.0.4 + annotations: + categories: Kubernetes + vendor: CNCF + createdAt: 2020-02-24T10:28:08Z + support: https://slack.kubernetes.io/ +spec: + displayName: k8-pod-delete + categoryDescription: | + K8 Pod delete contains chaos to disrupt state of kubernetes resources. It uses chaostoolkit to inject random pod delete failures against specified applications + keywords: + - Kubernetes + - State + platforms: + - Minikube + maturity: alpha + maintainers: + - name: Navin + email: navin_kumarj@intuit.com + minKubeVersion: 1.12.0 + provider: + name: Intuit + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-python/tree/master/chaos-test + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/k8-pod-delete/experiment.yaml diff --git a/charts/generic/k8-alb-ingress-controller/rbac-admin.yaml b/charts/generic/k8-alb-ingress-controller/rbac-admin.yaml new file mode 100644 index 0000000..85a7c8d --- /dev/null +++ b/charts/generic/k8-alb-ingress-controller/rbac-admin.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: chaos-admin + labels: + name: chaos-admin +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: chaos-admin + labels: + name: chaos-admin +rules: + - apiGroups: ["","apps","batch"] + resources: ["jobs","deployments","daemonsets"] + verbs: ["create","list","get","patch","delete"] + - apiGroups: ["","litmuschaos.io"] + resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"] + verbs: ["get","create","update","patch","delete","list"] + - apiGroups: [""] + resources: ["nodes"] + verbs : ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: chaos-admin + labels: + name: chaos-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: chaos-admin +subjects: +- kind: ServiceAccount + name: chaos-admin + namespace: default diff --git a/charts/generic/k8-kube-proxy/Readme.md b/charts/generic/k8-kube-proxy/Readme.md new file mode 100644 index 0000000..d98bcf1 --- /dev/null +++ b/charts/generic/k8-kube-proxy/Readme.md @@ -0,0 +1,10 @@ +# Remote namespace +* navigate to current directory `charts/generic/k8-kube-proxy/` +* Apply experiments for K8 - `kubectl apply -f experiment.yaml` +* Validate the experiments for k8 - `kubectl get chaosexperiments` +* Setup RBAC as admin mode - `kubectl apply -f rbac-admin.yaml` +* Create pod Experiment - for health experiment for IKS 1.0 -`kubectl create -f engine.yaml` +* Validate experiment - `kubectl get pods -w` +* Validate logs - `kubectl logs -f ` +* Clean up chaosexperiment -`kubectl delete -f engine.yaml` +* Clean up rbac-admin -`kubectl delete -f rbac-admin.yaml` diff --git a/charts/generic/k8-kube-proxy/engine.yaml b/charts/generic/k8-kube-proxy/engine.yaml new file mode 100644 index 0000000..3e82a01 --- /dev/null +++ b/charts/generic/k8-kube-proxy/engine.yaml @@ -0,0 +1,39 @@ +apiVersion: litmuschaos.io/v1alpha1 +kind: ChaosEngine +metadata: + name: k8-kube-proxy + namespace: default +spec: + appinfo: + appns: 'default' + applabel: "k8s-app=kube-proxy" + appkind: deployment + annotationCheck: 'false' + engineState: 'active' + chaosServiceAccount: chaos-admin + monitoring: false + jobCleanUpPolicy: 'retain' + experiments: + - name: k8-pod-delete + spec: + components: + env: + # set chaos namespace + - name: NAME_SPACE + value: kube-system + # set chaos label name + - name: LABEL_NAME + value: k8s-app=kube-proxy + # pod endpoint + - name: APP_ENDPOINT + value: 'localhost' + - name: FILE + value: 'pod-custom-kill-health.json' + - name: REPORT + value: 'true' + - name: REPORT_ENDPOINT + value: 'none' + - name: TEST_NAMESPACE + value: 'default' + + diff --git a/charts/generic/k8-kube-proxy/experiment.yaml b/charts/generic/k8-kube-proxy/experiment.yaml new file mode 100644 index 0000000..0105ff3 --- /dev/null +++ b/charts/generic/k8-kube-proxy/experiment.yaml @@ -0,0 +1,58 @@ +# Generic Chaos experiment for Application team, who want to participate in Game Day +apiVersion: litmuschaos.io/v1alpha1 +description: + message: | + Deletes a pod belonging to a deployment/statefulset/daemonset +kind: ChaosExperiment +metadata: + name: k8-pod-delete +spec: + definition: + scope: Namespaced + permissions: + - apiGroups: ["","apps","batch"] + resources: ["jobs","deployments","daemonsets"] + verbs: ["create","list","get","patch","delete"] + - apiGroups: ["","litmuschaos.io"] + resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"] + verbs: ["get","create","update","patch","delete","list"] + - apiGroups: [""] + resources: ["nodes"] + verbs : ["get","list"] + labels: + name: k8-pod-delete + app.kubernetes.io/part-of: litmus + image: "litmuschaos/chaostoolkit:latest" + args: + - -c + - python /app/chaos/chaostest/kubernetes/k8_wrapper.py ; exit 0 + command: + - /bin/bash + env: + + - name: CHAOSTOOLKIT_IN_POD + value: 'true' + + - name: FILE + value: 'pod-app-kill-count.json' + + - name: NAME_SPACE + value: '' + + - name: LABEL_NAME + value: '' + + - name: APP_ENDPOINT + value: '' + + - name: PERCENTAGE + value: '50' + + - name: REPORT + value: 'true' + + - name: REPORT_ENDPOINT + value: 'none' + + - name: TEST_NAMESPACE + value: 'default' diff --git a/charts/generic/k8-kube-proxy/k8-kube-proxy.chartserviceversion.yaml b/charts/generic/k8-kube-proxy/k8-kube-proxy.chartserviceversion.yaml new file mode 100644 index 0000000..635546f --- /dev/null +++ b/charts/generic/k8-kube-proxy/k8-kube-proxy.chartserviceversion.yaml @@ -0,0 +1,33 @@ +apiVersion: litmuchaos.io/v1alpha1 +kind: ChartServiceVersion +metadata: + name: k8-pod-delete + version: 0.0.4 + annotations: + categories: Kubernetes + vendor: CNCF + createdAt: 2020-02-24T10:28:08Z + support: https://slack.kubernetes.io/ +spec: + displayName: k8-pod-delete + categoryDescription: | + K8 Pod delete contains chaos to disrupt state of kubernetes resources. It uses chaostoolkit to inject random pod delete failures against specified applications + keywords: + - Kubernetes + - State + platforms: + - Minikube + maturity: alpha + maintainers: + - name: Navin + email: navin_kumarj@intuit.com + minKubeVersion: 1.12.0 + provider: + name: Intuit + links: + - name: Source Code + url: https://github.com/litmuschaos/litmus-python/tree/master/chaos-test + icon: + - url: + mediatype: "" + chaosexpcrdlink: https://raw.githubusercontent.com/litmuschaos/chaos-charts/master/charts/generic/k8-pod-delete/experiment.yaml diff --git a/charts/generic/k8-kube-proxy/rbac-admin.yaml b/charts/generic/k8-kube-proxy/rbac-admin.yaml new file mode 100644 index 0000000..85a7c8d --- /dev/null +++ b/charts/generic/k8-kube-proxy/rbac-admin.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: chaos-admin + labels: + name: chaos-admin +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: chaos-admin + labels: + name: chaos-admin +rules: + - apiGroups: ["","apps","batch"] + resources: ["jobs","deployments","daemonsets"] + verbs: ["create","list","get","patch","delete"] + - apiGroups: ["","litmuschaos.io"] + resources: ["pods","configmaps","events","services","chaosengines","chaosexperiments","chaosresults","deployments","jobs"] + verbs: ["get","create","update","patch","delete","list"] + - apiGroups: [""] + resources: ["nodes"] + verbs : ["get","list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: chaos-admin + labels: + name: chaos-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: chaos-admin +subjects: +- kind: ServiceAccount + name: chaos-admin + namespace: default