ivanch/litmus-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: adds pod-network-rate-limit fault

Browse Source 
Signed-off-by: neelanjan00 <neelanjan.manna@harness.io>
This commit is contained in:
neelanjan00
2025-07-28 16:16:21 +05:30
parent 55299cbc7a
commit caeb1a389d
7 changed files with 426 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

153
faults/kubernetes/experiments.yaml
View File

@@ -3830,3 +3830,156 @@ spec:
app.kubernetes.io/version: ci
---
apiVersion: litmuschaos.io/v1alpha1
description:
message: |
Injects network rate limit on pods belonging to an app deployment
kind: ChaosExperiment
metadata:
name: pod-network-rate-limit
labels:
name: pod-network-rate-limit
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: chaosexperiment
app.kubernetes.io/version: ci
spec:
definition:
scope: Namespaced
permissions:
# Create and monitor the experiment & helper pods
- apiGroups: [""]
resources: ["pods"]
verbs:
[
"create",
"delete",
"get",
"list",
"patch",
"update",
"deletecollection",
]
# Performs CRUD operations on the events inside chaosengine and chaosresult
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "get", "list", "patch", "update"]
# Fetch configmaps details and mount it to the experiment pod (if specified)
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "list"]
# Track and get the runner, experiment, and helper pods log
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get", "list", "watch"]
# for creating and managing to execute commands inside target container
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["get", "list", "create"]
# deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets})
- apiGroups: ["apps"]
resources: ["deployments", "statefulsets", "replicasets", "daemonsets"]
verbs: ["list", "get"]
# deriving the parent/owner details of the pod(if parent is deploymentConfig)
- apiGroups: ["apps.openshift.io"]
resources: ["deploymentconfigs"]
verbs: ["list", "get"]
# deriving the parent/owner details of the pod(if parent is deploymentConfig)
- apiGroups: [""]
resources: ["replicationcontrollers"]
verbs: ["get", "list"]
# deriving the parent/owner details of the pod(if parent is argo-rollouts)
- apiGroups: ["argoproj.io"]
resources: ["rollouts"]
verbs: ["list", "get"]
# for configuring and monitor the experiment job by the chaos-runner pod
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["create", "list", "get", "delete", "deletecollection"]
# for creation, status polling and deletion of litmus chaos resources used within a chaos workflow
- apiGroups: ["litmuschaos.io"]
resources: ["chaosengines", "chaosexperiments", "chaosresults"]
verbs: ["create", "list", "get", "patch", "update", "delete"]
image: "litmuschaos.docker.scarf.sh/litmuschaos/go-runner:latest"
imagePullPolicy: Always
args:
- -c
- ./experiments -name pod-network-rate-limit
command:
- /bin/bash
env:
- name: TARGET_CONTAINER
value: ""
# provide lib image
- name: LIB_IMAGE
value: "litmuschaos.docker.scarf.sh/litmuschaos/go-runner:latest"
- name: NETWORK_INTERFACE
value: "eth0"
- name: NETWORK_BANDWIDTH
value: "1mbit"
- name: BURST
value: "32kb"
- name: LIMIT
value: "2mb"
- name: MIN_BURST
value: ""
- name: PEAK_RATE
value: ""
- name: TOTAL_CHAOS_DURATION
value: "60" # in seconds
# time period to wait before and after injection of chaos in sec
- name: RAMP_TIME
value: ""
## percentage of total pods to target
- name: PODS_AFFECTED_PERC
value: ""
- name: TARGET_PODS
value: ""
# To select pods on specific node(s)
- name: NODE_LABEL
value: ""
# provide the name of container runtime
# it supports docker, containerd, crio
- name: CONTAINER_RUNTIME
value: "containerd"
# provide the destination ips
# chaos injection will be triggered for these destination ips
- name: DESTINATION_IPS
value: ""
# provide the destination hosts
# chaos injection will be triggered for these destination hosts
- name: DESTINATION_HOSTS
value: ""
# provide the socket file path
- name: SOCKET_PATH
value: "/run/containerd/containerd.sock"
## it defines the sequence of chaos execution for multiple target pods
## supported values: serial, parallel
- name: SEQUENCE
value: "parallel"
labels:
name: pod-network-rate-limit
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: experiment-job
app.kubernetes.io/runtime-api-usage: "true"
app.kubernetes.io/version: ci
---

BIN
faults/kubernetes/icons/pod-network-rate-limit.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

3
faults/kubernetes/kubernetes.chartserviceversion.yaml
View File

@@ -103,6 +103,9 @@ spec:
- name: pod-http-reset-peer
description: It injects pod-http-reset-peer chaos in a Kubernetes pod.
displayName: "Pod HTTP Reset Peer"
- name: pod-network-rate-limit
description: It injects pod-network-rate-limit chaos in a Kubernetes pod.
displayName: "Pod Network Rate Limit"
keywords:
- Kubernetes
maintainers:

3
faults/kubernetes/kubernetes.package.yaml
View File

@@ -97,3 +97,6 @@ faults:
- name: node-network-loss
CSV: node-network-loss.chartserviceversion.yaml
desc: "node-network-loss"
- name: pod-network-rate-limit
CSV: pod-network-rate-limit.chartserviceversion.yaml
desc: "pod-network-rate-limit"

83
faults/kubernetes/pod-network-rate-limit/engine.yaml Normal file
View File

@@ -0,0 +1,83 @@
---
apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
name: nginx-network-chaos
namespace: default
spec:
# It can be active/stop
engineState: "active"
terminationGracePeriodSeconds: 30
appinfo:
appns: ""
# FYI, To see app label, apply kubectl get pods --show-labels
applabel: ""
appkind: ""
chaosServiceAccount: pod-network-rate-limit-sa
experiments:
- name: pod-network-rate-limit
spec:
components:
env:
- name: TARGET_CONTAINER
value: ""
- name: NETWORK_INTERFACE
value: "eth0"
- name: NETWORK_BANDWIDTH
value: "1mbit"
- name: BURST
value: "32kb"
- name: LIMIT
value: "2mb"
- name: MIN_BURST
value: ""
- name: PEAK_RATE
value: ""
- name: TOTAL_CHAOS_DURATION
value: "60" # in seconds
# time period to wait before and after injection of chaos in sec
- name: RAMP_TIME
value: ""
## percentage of total pods to target
- name: PODS_AFFECTED_PERC
value: ""
- name: TARGET_PODS
value: ""
# To select pods on specific node(s)
- name: NODE_LABEL
value: ""
# provide the name of container runtime
# it supports docker, containerd, crio
- name: CONTAINER_RUNTIME
value: "containerd"
# provide the destination ips
# chaos injection will be triggered for these destination ips
- name: DESTINATION_IPS
value: ""
# provide the destination hosts
# chaos injection will be triggered for these destination hosts
- name: DESTINATION_HOSTS
value: ""
# provide the socket file path
- name: SOCKET_PATH
value: "/run/containerd/containerd.sock"
## it defines the sequence of chaos execution for multiple target pods
## supported values: serial, parallel
- name: SEQUENCE
value: "parallel"

151
faults/kubernetes/pod-network-rate-limit/fault.yaml Normal file
View File

@@ -0,0 +1,151 @@
---
apiVersion: litmuschaos.io/v1alpha1
description:
message: |
Injects network rate limit on pods belonging to an app deployment
kind: ChaosExperiment
metadata:
name: pod-network-rate-limit
labels:
name: pod-network-rate-limit
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: chaosexperiment
app.kubernetes.io/version: ci
spec:
definition:
scope: Namespaced
permissions:
# Create and monitor the experiment & helper pods
- apiGroups: [""]
resources: ["pods"]
verbs:
[
"create",
"delete",
"get",
"list",
"patch",
"update",
"deletecollection",
]
# Performs CRUD operations on the events inside chaosengine and chaosresult
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "get", "list", "patch", "update"]
# Fetch configmaps details and mount it to the experiment pod (if specified)
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "list"]
# Track and get the runner, experiment, and helper pods log
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get", "list", "watch"]
# for creating and managing to execute commands inside target container
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["get", "list", "create"]
# deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets})
- apiGroups: ["apps"]
resources: ["deployments", "statefulsets", "replicasets", "daemonsets"]
verbs: ["list", "get"]
# deriving the parent/owner details of the pod(if parent is deploymentConfig)
- apiGroups: ["apps.openshift.io"]
resources: ["deploymentconfigs"]
verbs: ["list", "get"]
# deriving the parent/owner details of the pod(if parent is deploymentConfig)
- apiGroups: [""]
resources: ["replicationcontrollers"]
verbs: ["get", "list"]
# deriving the parent/owner details of the pod(if parent is argo-rollouts)
- apiGroups: ["argoproj.io"]
resources: ["rollouts"]
verbs: ["list", "get"]
# for configuring and monitor the experiment job by the chaos-runner pod
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["create", "list", "get", "delete", "deletecollection"]
# for creation, status polling and deletion of litmus chaos resources used within a chaos workflow
- apiGroups: ["litmuschaos.io"]
resources: ["chaosengines", "chaosexperiments", "chaosresults"]
verbs: ["create", "list", "get", "patch", "update", "delete"]
image: "litmuschaos.docker.scarf.sh/litmuschaos/go-runner:latest"
imagePullPolicy: Always
args:
- -c
- ./experiments -name pod-network-rate-limit
command:
- /bin/bash
env:
- name: TARGET_CONTAINER
value: ""
# provide lib image
- name: LIB_IMAGE
value: "litmuschaos.docker.scarf.sh/litmuschaos/go-runner:latest"
- name: NETWORK_INTERFACE
value: "eth0"
- name: NETWORK_BANDWIDTH
value: "1mbit"
- name: BURST
value: "32kb"
- name: LIMIT
value: "2mb"
- name: MIN_BURST
value: ""
- name: PEAK_RATE
value: ""
- name: TOTAL_CHAOS_DURATION
value: "60" # in seconds
# time period to wait before and after injection of chaos in sec
- name: RAMP_TIME
value: ""
## percentage of total pods to target
- name: PODS_AFFECTED_PERC
value: ""
- name: TARGET_PODS
value: ""
# To select pods on specific node(s)
- name: NODE_LABEL
value: ""
# provide the name of container runtime
# it supports docker, containerd, crio
- name: CONTAINER_RUNTIME
value: "containerd"
# provide the destination ips
# chaos injection will be triggered for these destination ips
- name: DESTINATION_IPS
value: ""
# provide the destination hosts
# chaos injection will be triggered for these destination hosts
- name: DESTINATION_HOSTS
value: ""
# provide the socket file path
- name: SOCKET_PATH
value: "/run/containerd/containerd.sock"
## it defines the sequence of chaos execution for multiple target pods
## supported values: serial, parallel
- name: SEQUENCE
value: "parallel"
labels:
name: pod-network-rate-limit
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: experiment-job
app.kubernetes.io/runtime-api-usage: "true"
app.kubernetes.io/version: ci

33
faults/kubernetes/pod-network-rate-limit/pod-network-rate-limit.chartserviceversion.yaml Normal file
View File

@@ -0,0 +1,33 @@
---
apiVersion: litmuschaos.io/v1alpha1
kind: ChartServiceVersion
metadata:
name: pod-network-rate-limit
version: 0.1.0
annotations:
categories: Kubernetes
vendor: LitmusChaos
spec:
displayName: Pod Network Rate Limit
categoryDescription: |
Pod-network-rate-limit fault add the network rate limit to kubernetes pods
keywords:
- Kubernetes
platforms:
- GKE
- Minikube
- Packet(Kubeadm)
- EKS
maintainers:
- name: Neelanjan Manna
email: neelanjan.manna@harness.io
minKubeVersion: 1.12.0
labels:
app.kubernetes.io/component: chartserviceversion
app.kubernetes.io/version: ci
links:
- name: Permissions
url: https://developer.harness.io/docs/chaos-engineering/use-harness-ce/chaos-faults/kubernetes/pod/pod-network-rate-limit/#permissions-required
icon:
- base64data: ""
mediatype: ""