--- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects memory consumption on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-memory-hog-exec labels: name: pod-memory-hog-exec app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-memory-hog-exec command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' ## enter the amount of memory in megabytes to be consumed by the application pod - name: MEMORY_CONSUMPTION value: '500' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' ## Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # The command to kill the chaos process - name: CHAOS_KILL_COMMAND value: "kill $(find /proc -name exe -lname '*/dd' 2>&1 | grep -v 'Permission denied' | awk -F/ '{print $(NF-1)}' | head -n 1)" ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' - name: TARGET_PODS value: '' labels: name: pod-memory-hog-exec app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Pod DNS Spoof can spoof particular dns requests in target pod container to desired target hostnames kind: ChaosExperiment metadata: name: pod-dns-spoof labels: name: pod-dns-spoof app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" args: - -c - ./experiments -name pod-dns-spoof command: - /bin/bash env: - name: TARGET_CONTAINER value: "" # provide lib image - name: LIB_IMAGE value: "litmuschaos/go-runner:latest" - name: TOTAL_CHAOS_DURATION value: "60" # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: "" ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: "" - name: TARGET_PODS value: "" # provide the name of container runtime, it supports docker, containerd, crio - name: CONTAINER_RUNTIME value: "docker" # provide the socket file path - name: SOCKET_PATH value: "/var/run/docker.sock" ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: "parallel" # map of the target hostnames eg. '{"abc.com":"spoofabc.com"}' . If empty no queries will be spoofed - name: SPOOF_MAP value: "" labels: experiment: pod-dns-spoof app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Scale the application replicas and test the node autoscaling on cluster kind: ChaosExperiment metadata: name: pod-autoscaler labels: name: pod-autoscaler app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # performs CRUD operations on the deployments and statefulsets - apiGroups: ["apps"] resources: ["deployments","statefulsets"] verbs: ["list","get","patch","update"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-autoscaler command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # Number of replicas to scale - name: REPLICA_COUNT value: '5' labels: name: pod-autoscaler app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | IO stress on a app pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-io-stress labels: name: pod-io-stress app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-io-stress command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '120' ## specify the size as percentage of free space on the file system ## default value 90 (in percentage) - name: FILESYSTEM_UTILIZATION_PERCENTAGE value: '10' ## we can specify the size in Gigabyte (Gb) also in place of percentage of free space ## NOTE: for selecting this option FILESYSTEM_UTILIZATION_PERCENTAGE should be empty - name: FILESYSTEM_UTILIZATION_BYTES value: '' ## Total number of workers default value is 4 - name: NUMBER_OF_WORKERS value: '4' ## Percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' # provide volume mount path - name: VOLUME_MOUNT_PATH value: '' ## specify the comma separated target pods - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## provide the cluster runtime - name: CONTAINER_RUNTIME value: 'docker' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-io-stress app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Inject network packet corruption into application pod kind: ChaosExperiment metadata: name: pod-network-corruption labels: name: pod-network-corruption app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-network-corruption command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' - name: NETWORK_INTERFACE value: 'eth0' - name: TC_IMAGE value: 'gaiadocker/iproute2' - name: NETWORK_PACKET_CORRUPTION_PERCENTAGE value: '100' #in PERCENTAGE - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'docker' # provide the destination ips # chaos injection will be triggered for these destination ips - name: DESTINATION_IPS value: '' # provide the destination hosts # chaos injection will be triggered for these destination hosts - name: DESTINATION_HOSTS value: '' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-network-corruption app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Restart node kind: ChaosExperiment metadata: name: node-restart labels: name: node-restart app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps","secrets"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-restart command: - /bin/bash env: - name: SSH_USER value: 'root' - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: "litmuschaos/go-runner:latest" # ENTER THE TARGET NODE NAME - name: TARGET_NODE value: '' - name: NODE_LABEL value: '' # ENTER THE TARGET NODE IP - name: TARGET_NODE_IP value: '' labels: name: node-restart app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest secrets: - name: id-rsa mountPath: /mnt/ --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects memory consumption on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-memory-hog labels: name: pod-memory-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-memory-hog command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' ## enter the amount of memory in megabytes to be consumed by the application pod - name: MEMORY_CONSUMPTION value: '500' ## Number of workers to perform stress - name: NUMBER_OF_WORKERS value: '1' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' ## Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## It is used in pumba lib only - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## It is used in pumba lib only - name: STRESS_IMAGE value: 'alexeiled/stress-ng:latest-ubuntu' ## provide the cluster runtime - name: CONTAINER_RUNTIME value: 'docker' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' labels: name: pod-memory-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects http request latency on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-http-latency labels: name: pod-http-latency app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-http-latency command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # set latency value for the chaos - name: LATENCY value: '2000' #in ms # port of the target service - name: TARGET_SERVICE_PORT value: "80" # port on which the proxy will listen - name: PROXY_PORT value: "20000" # network interface on which the proxy will listen - name: NETWORK_INTERFACE value: "eth0" - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-http-latency app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Pod DNS Error injects dns failure/error in target pod containers kind: ChaosExperiment metadata: name: pod-dns-error labels: name: pod-dns-error app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" args: - -c - ./experiments -name pod-dns-error command: - /bin/bash env: - name: TARGET_CONTAINER value: "" # provide lib image - name: LIB_IMAGE value: "litmuschaos/go-runner:latest" - name: TOTAL_CHAOS_DURATION value: "60" # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: "" ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: "" - name: TARGET_PODS value: "" # provide the name of container runtime, it supports docker, containerd, crio - name: CONTAINER_RUNTIME value: "docker" # provide the socket file path - name: SOCKET_PATH value: "/var/run/docker.sock" ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: "parallel" # list of the target hostnames or kewywords eg. '["litmuschaos","chaosnative.io"]' . If empty all hostnames are targets - name: TARGET_HOSTNAMES value: "" # can be either exact or substring, determines whether the dns query has to match exactly with one of the targets or can have any of the targets as substring - name: MATCH_SCHEME value: "exact" labels: experiment: pod-dns-error app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Give IO disk stress on a node belonging to a deployment kind: ChaosExperiment metadata: name: node-io-stress labels: name: node-io-stress app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-io-stress command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '120' ## specify the size as percentage of free space on the file system ## default value 90 (in percentage) - name: FILESYSTEM_UTILIZATION_PERCENTAGE value: '10' ## we can specify the size in Gigabyte (Gb) also in place of percentage of free space ## NOTE: for selecting this option FILESYSTEM_UTILIZATION_PERCENTAGE should be empty - name: FILESYSTEM_UTILIZATION_BYTES value: '' ## Number of core of CPU - name: CPU value: '1' ## Total number of workers default value is 4 - name: NUMBER_OF_WORKERS value: '4' ## Total number of vm workers - name: VM_WORKERS value: '1' ## enter the comma separated target nodes name - name: TARGET_NODES value: '' - name: NODE_LABEL value: '' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## percentage of total nodes to target - name: NODES_AFFECTED_PERC value: '' ## it defines the sequence of chaos execution for multiple target nodes ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: node-io-stress app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | it injects chaos into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after a specified duration kind: ChaosExperiment metadata: name: pod-http-reset-peer labels: name: pod-http-reset-peer app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-http-reset-peer command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # reset timeout specifies after how much duration to reset the connection - name: RESET_TIMEOUT value: '0' #in ms # port of the target service - name: TARGET_SERVICE_PORT value: "80" # port on which the proxy will listen - name: PROXY_PORT value: "20000" # network interface on which the proxy will listen - name: NETWORK_INTERFACE value: "eth0" - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'docker' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-http-reset-peer app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Give a memory hog on a node belonging to a deployment kind: ChaosExperiment metadata: name: node-memory-hog labels: name: node-memory-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-memory-hog command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '120' ## Specify the size as percent of total node capacity Ex: '30' ## NOTE: for selecting this option keep MEMORY_CONSUMPTION_MEBIBYTES empty - name: MEMORY_CONSUMPTION_PERCENTAGE value: '' ## Specify the amount of memory to be consumed in mebibytes ## NOTE: for selecting this option keep MEMORY_CONSUMPTION_PERCENTAGE empty - name: MEMORY_CONSUMPTION_MEBIBYTES value: '' - name: NUMBER_OF_WORKERS value: '1' # ENTER THE COMMA SEPARATED TARGET NODES NAME - name: TARGET_NODES value: '' - name: NODE_LABEL value: '' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## percentage of total nodes to target - name: NODES_AFFECTED_PERC value: '' ## it defines the sequence of chaos execution for multiple target nodes ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: node-memory-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects 100% network packet loss on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-network-partition labels: name: pod-network-partition app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # performs CRUD operations on the network policies - apiGroups: ["networking.k8s.io"] resources: ["networkpolicies"] verbs: ["create","delete","list","get"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-network-partition command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # ime period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide the destination ips # chaos injection will be triggered for these destination ips - name: DESTINATION_IPS value: '' # provide the destination hosts # chaos injection will be triggered for these destination hosts - name: DESTINATION_HOSTS value: '' # provide network policy type # support ingress, egress, all values - name: POLICY_TYPES value: 'all' # provide labels of the destination pods - name: POD_SELECTOR value: '' # provide labels the destination namespaces - name: NAMESPACE_SELECTOR value: '' # provide comma separated ports - name: PORTS value: '' labels: name: pod-network-partition app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Drain the node where application pod is scheduled kind: ChaosExperiment metadata: name: node-drain labels: name: node-drain app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec","pods/eviction"] verbs: ["get","list","create"] # ignore daemonsets while draining the node - apiGroups: ["apps"] resources: ["daemonsets"] verbs: ["list","get","delete"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list","patch"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-drain command: - /bin/bash env: - name: TARGET_NODE value: '' - name: NODE_LABEL value: '' - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' labels: name: node-drain app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects cpu consumption on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-cpu-hog labels: name: pod-cpu-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-cpu-hog command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' ## Number of CPU cores to stress - name: CPU_CORES value: '1' ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING - name: CPU_LOAD value: '100' ## Percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' ## Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## It is used in pumba lib only - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## It is used in pumba lib only - name: STRESS_IMAGE value: 'alexeiled/stress-ng:latest-ubuntu' ## provide the cluster runtime - name: CONTAINER_RUNTIME value: 'docker' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-cpu-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects cpu consumption on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-cpu-hog-exec labels: name: pod-cpu-hog-exec app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-cpu-hog-exec command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' ## Number of CPU cores to stress - name: CPU_CORES value: '1' ## Percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' ## Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # The command to kill the chaos process - name: CHAOS_KILL_COMMAND value: "kill $(find /proc -name exe -lname '*/md5sum' 2>&1 | grep -v 'Permission denied' | awk -F/ '{print $(NF-1)}')" - name: TARGET_PODS value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-cpu-hog-exec app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | It injects chaos inside the pod which modifies the status code of the response from the provided application server to desired status code provided by the user and reverts after a specified duration kind: ChaosExperiment metadata: name: pod-http-status-code labels: name: pod-http-status-code app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-http-status-code command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # modified status code for the http response # if no value is provided, a random status code from the supported code list will selected # if an invalid status code is provided, the experiment will fail # supported status code list: [200, 201, 202, 204, 300, 301, 302, 304, 307, 400, 401, 403, 404, 500, 501, 502, 503, 504] - name: STATUS_CODE value: '' # whether to modify the body as per the status code provided - name: "MODIFY_RESPONSE_BODY" value: "true" # port of the target service - name: TARGET_SERVICE_PORT value: "80" # port on which the proxy will listen - name: PROXY_PORT value: "20000" # network interface on which the proxy will listen - name: NETWORK_INTERFACE value: "eth0" - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'docker' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-http-status-code app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Fillup Ephemeral Storage of a Resource kind: ChaosExperiment metadata: name: disk-fill labels: name: disk-fill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name disk-fill command: - /bin/bash env: - name: TARGET_CONTAINER value: '' - name: FILL_PERCENTAGE value: '80' - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide the data block size # supported unit is KB - name: DATA_BLOCK_SIZE value: '256' - name: TARGET_PODS value: '' - name: EPHEMERAL_STORAGE_MEBIBYTES value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # Provide the container runtime path # Default set to docker container path - name: CONTAINER_PATH value: '/var/lib/docker/containers' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: disk-fill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/host-path-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects network packet loss on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-network-loss labels: name: pod-network-loss app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-network-loss command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' - name: NETWORK_INTERFACE value: 'eth0' - name: TC_IMAGE value: 'gaiadocker/iproute2' - name: NETWORK_PACKET_LOSS_PERCENTAGE value: '100' #in PERCENTAGE - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # ime period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'docker' # provide the destination ips # chaos injection will be triggered for these destination ips - name: DESTINATION_IPS value: '' # provide the destination hosts # chaos injection will be triggered for these destination hosts - name: DESTINATION_HOSTS value: '' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-network-loss app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Taint the node where application pod is scheduled kind: ChaosExperiment metadata: name: node-taint labels: name: node-taint app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec","pods/eviction"] verbs: ["get","list","create"] # ignore daemonsets while draining the node - apiGroups: ["apps"] resources: ["daemonsets"] verbs: ["list","get","delete"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list","patch","update"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-taint command: - /bin/bash env: - name: TARGET_NODE value: '' - name: NODE_LABEL value: '' - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # set taint label & effect # key=value:effect or key:effect - name: TAINTS value: '' labels: name: node-taint app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects network latency on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-network-latency labels: name: pod-network-latency app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-network-latency command: - /bin/bash env: - name: TARGET_CONTAINER value: '' - name: NETWORK_INTERFACE value: 'eth0' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' - name: TC_IMAGE value: 'gaiadocker/iproute2' - name: NETWORK_LATENCY value: '2000' #in ms - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' - name: JITTER value: '0' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'docker' # provide the destination ips # chaos injection will be triggered for these destination ips - name: DESTINATION_IPS value: '' # provide the destination hosts # chaos injection will be triggered for these destination hosts - name: DESTINATION_HOSTS value: '' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-network-latency app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects network packet duplication on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-network-duplication labels: name: pod-network-duplication app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-network-duplication command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' - name: RAMP_TIME value: '' - name: TARGET_CONTAINER value: '' - name: TC_IMAGE value: 'gaiadocker/iproute2' - name: NETWORK_INTERFACE value: 'eth0' - name: NETWORK_PACKET_DUPLICATION_PERCENTAGE value: '100' # in percentage - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'docker' # provide the destination ips # chaos injection will be triggered for these destination ips - name: DESTINATION_IPS value: '' # provide the destination hosts # chaos injection will be triggered for these destination hosts - name: DESTINATION_HOSTS value: '' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-network-duplication app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Kills the kubelet service on the application node to check the resiliency. kind: ChaosExperiment metadata: name: kubelet-service-kill labels: name: kubelet-service-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name kubelet-service-kill command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' - name: NODE_LABEL value: '' # provide lib image - name: LIB_IMAGE value: 'ubuntu:16.04' # provide the target node name - name: TARGET_NODE value: '' labels: name: kubelet-service-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/service-kill: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: "Kills a container belonging to an application pod \n" kind: ChaosExperiment metadata: name: container-kill labels: name: container-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name container-kill command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' - name: TARGET_PODS value: '' # provide the chaos interval - name: CHAOS_INTERVAL value: '10' - name: SIGNAL value: 'SIGKILL' # provide the socket file path - name: SOCKET_PATH value: '/var/run/docker.sock' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'docker' # provide the total chaos duration - name: TOTAL_CHAOS_DURATION value: '20' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: container-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Give a cpu spike on a node belonging to a deployment kind: ChaosExperiment metadata: name: node-cpu-hog labels: name: node-cpu-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-cpu-hog command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## ENTER THE NUMBER OF CORES OF CPU FOR CPU HOGGING ## OPTIONAL VALUE IN CASE OF EMPTY VALUE IT WILL TAKE NODE CPU CAPACITY - name: NODE_CPU_CORE value: '' ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING - name: CPU_LOAD value: '100' # ENTER THE COMMA SEPARATED TARGET NODES NAME - name: TARGET_NODES value: '' - name: NODE_LABEL value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## percentage of total nodes to target - name: NODES_AFFECTED_PERC value: '' ## it defines the sequence of chaos execution for multiple target nodes ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: node-cpu-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | It injects the chaos inside the pod which modifies the header of the request/response from the provided application server to the headers provided by the user and reverts after a specified duration kind: ChaosExperiment metadata: name: pod-http-modify-header labels: name: pod-http-modify-header app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-http-modify-header command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # map of headers to modify/add; Eg: {"X-Litmus-Test-Header": "X-Litmus-Test-Value"} # to remove a header, just set the value to ""; Eg: {"X-Litmus-Test-Header": ""} - name: HEADERS_MAP value: '{}' # whether to modify response headers or request headers. Accepted values: request, response - name: HEADER_MODE value: 'response' # port of the target service - name: TARGET_SERVICE_PORT value: "80" # port on which the proxy will listen - name: PROXY_PORT value: "20000" # network interface on which the proxy will listen - name: NETWORK_INTERFACE value: "eth0" - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-http-modify-header app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | <<<<<<< HEAD Pod DNS Spoof can spoof particular dns requests in target pod container to desired target hostnames kind: ChaosExperiment metadata: name: pod-dns-spoof labels: name: pod-dns-spoof app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" args: - -c - ./experiments -name pod-dns-spoof command: - /bin/bash env: - name: TARGET_CONTAINER value: "" # provide lib image - name: LIB_IMAGE value: "litmuschaos/go-runner:latest" - name: TOTAL_CHAOS_DURATION value: "60" # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: "" ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: "" - name: TARGET_PODS value: "" # provide the name of container runtime, it supports docker, containerd, crio - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: "parallel" # map of the target hostnames eg. '{"abc.com":"spoofabc.com"}' . If empty no queries will be spoofed - name: SPOOF_MAP value: "" labels: experiment: pod-dns-spoof app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | poweroff node kind: ChaosExperiment metadata: name: node-poweroff labels: name: node-poweroff app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps","secrets"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-restart command: - /bin/bash env: - name: SSH_USER value: 'root' - name: TOTAL_CHAOS_DURATION value: '60' - name: REBOOT_COMMAND value: '-o ServerAliveInterval=1 -o ServerAliveCountMax=1 "sudo systemctl poweroff --force --force" ; true' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: "litmuschaos/go-runner:latest" # ENTER THE TARGET NODE NAME - name: TARGET_NODE value: '' - name: NODE_LABEL value: '' # ENTER THE TARGET NODE IP - name: TARGET_NODE_IP value: '' labels: name: node-poweroff app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest secrets: - name: id-rsa mountPath: /mnt/ --- apiVersion: litmuschaos.io/v1alpha1 description: message: | It injects chaos inside the pod which modifies the status code of the response from the provided application server to desired status code provided by the user and reverts after a specified duration kind: ChaosExperiment metadata: name: pod-http-status-code labels: name: pod-http-status-code app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-http-status-code command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # modified status code for the http response # if no value is provided, a random status code from the supported code list will selected # if an invalid status code is provided, the experiment will fail # supported status code list: [200, 201, 202, 204, 300, 301, 302, 304, 307, 400, 401, 403, 404, 500, 501, 502, 503, 504] - name: STATUS_CODE value: '' # whether to modify the body as per the status code provided - name: "MODIFY_RESPONSE_BODY" value: "true" # port of the target service - name: TARGET_SERVICE_PORT value: "80" # port on which the proxy will listen - name: PROXY_PORT value: "20000" # network interface on which the proxy will listen - name: NETWORK_INTERFACE value: "eth0" - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-http-status-code app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Inject network packet corruption into application pod kind: ChaosExperiment metadata: name: pod-network-corruption labels: name: pod-network-corruption app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-network-corruption command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' - name: NETWORK_INTERFACE value: 'eth0' - name: TC_IMAGE value: 'gaiadocker/iproute2' - name: NETWORK_PACKET_CORRUPTION_PERCENTAGE value: '100' #in PERCENTAGE - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'containerd' # provide the destination ips # chaos injection will be triggered for these destination ips - name: DESTINATION_IPS value: '' # provide the destination hosts # chaos injection will be triggered for these destination hosts - name: DESTINATION_HOSTS value: '' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-network-corruption app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects 100% network packet loss on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-network-partition labels: name: pod-network-partition app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # performs CRUD operations on the network policies - apiGroups: ["networking.k8s.io"] resources: ["networkpolicies"] verbs: ["create","delete","list","get"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-network-partition command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # ime period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide the destination ips # chaos injection will be triggered for these destination ips - name: DESTINATION_IPS value: '' # provide the destination hosts # chaos injection will be triggered for these destination hosts - name: DESTINATION_HOSTS value: '' # provide network policy type # support ingress, egress, all values - name: POLICY_TYPES value: 'all' # provide labels of the destination pods - name: POD_SELECTOR value: '' # provide labels the destination namespaces - name: NAMESPACE_SELECTOR value: '' # provide comma separated ports - name: PORTS value: '' labels: name: pod-network-partition app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Taint the node where application pod is scheduled kind: ChaosExperiment metadata: name: node-taint labels: name: node-taint app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec","pods/eviction"] verbs: ["get","list","create"] # ignore daemonsets while draining the node - apiGroups: ["apps"] resources: ["daemonsets"] verbs: ["list","get","delete"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list","patch","update"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-taint command: - /bin/bash env: - name: TARGET_NODE value: '' - name: NODE_LABEL value: '' - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # set taint label & effect # key=value:effect or key:effect - name: TAINTS value: '' labels: name: node-taint app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | it injects chaos into the pod which stops outgoing http requests by resetting the TCP connection and then reverts back to the original state after a specified duration kind: ChaosExperiment metadata: name: pod-http-reset-peer labels: name: pod-http-reset-peer app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-http-reset-peer command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # reset timeout specifies after how much duration to reset the connection - name: RESET_TIMEOUT value: '0' #in ms # port of the target service - name: TARGET_SERVICE_PORT value: "80" # port on which the proxy will listen - name: PROXY_PORT value: "20000" # network interface on which the proxy will listen - name: NETWORK_INTERFACE value: "eth0" - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-http-reset-peer app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Drain the node where application pod is scheduled kind: ChaosExperiment metadata: name: node-drain labels: name: node-drain app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec","pods/eviction"] verbs: ["get","list","create"] # ignore daemonsets while draining the node - apiGroups: ["apps"] resources: ["daemonsets"] verbs: ["list","get","delete"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list","patch"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-drain command: - /bin/bash env: - name: TARGET_NODE value: '' - name: NODE_LABEL value: '' - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' labels: name: node-drain app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Deletes a pod belonging to a deployment/statefulset/daemonset kind: ChaosExperiment metadata: name: pod-delete labels: name: pod-delete app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-delete command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '15' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' - name: FORCE value: 'true' - name: CHAOS_INTERVAL value: '5' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-delete app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects cpu consumption on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-cpu-hog labels: name: pod-cpu-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-cpu-hog command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' ## Number of CPU cores to stress - name: CPU_CORES value: '1' ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING - name: CPU_LOAD value: '100' ## Percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' ## Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## It is used in pumba lib only - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## It is used in pumba lib only - name: STRESS_IMAGE value: 'alexeiled/stress-ng:latest-ubuntu' ## provide the cluster runtime - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-cpu-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects memory consumption on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-memory-hog-exec labels: name: pod-memory-hog-exec app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-memory-hog-exec command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' ## enter the amount of memory in megabytes to be consumed by the application pod - name: MEMORY_CONSUMPTION value: '500' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' ## Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # The command to kill the chaos process - name: CHAOS_KILL_COMMAND value: "kill $(find /proc -name exe -lname '*/dd' 2>&1 | grep -v 'Permission denied' | awk -F/ '{print $(NF-1)}' | head -n 1)" ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' - name: TARGET_PODS value: '' labels: name: pod-memory-hog-exec app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Kills the kubelet service on the application node to check the resiliency. kind: ChaosExperiment metadata: name: kubelet-service-kill labels: name: kubelet-service-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name kubelet-service-kill command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' - name: NODE_LABEL value: '' # provide lib image - name: LIB_IMAGE value: 'ubuntu:16.04' # provide the target node name - name: TARGET_NODE value: '' labels: name: kubelet-service-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/service-kill: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Give a cpu spike on a node belonging to a deployment kind: ChaosExperiment metadata: name: node-cpu-hog labels: name: node-cpu-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-cpu-hog command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## ENTER THE NUMBER OF CORES OF CPU FOR CPU HOGGING ## OPTIONAL VALUE IN CASE OF EMPTY VALUE IT WILL TAKE NODE CPU CAPACITY - name: NODE_CPU_CORE value: '' ## LOAD CPU WITH GIVEN PERCENT LOADING FOR THE CPU STRESS WORKERS. ## 0 IS EFFECTIVELY A SLEEP (NO LOAD) AND 100 IS FULL LOADING - name: CPU_LOAD value: '100' # ENTER THE COMMA SEPARATED TARGET NODES NAME - name: TARGET_NODES value: '' - name: NODE_LABEL value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## percentage of total nodes to target - name: NODES_AFFECTED_PERC value: '' ## it defines the sequence of chaos execution for multiple target nodes ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: node-cpu-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: "Kills a container belonging to an application pod \n" kind: ChaosExperiment metadata: name: container-kill labels: name: container-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name container-kill command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' - name: TARGET_PODS value: '' # provide the chaos interval - name: CHAOS_INTERVAL value: '10' - name: SIGNAL value: 'SIGKILL' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'containerd' # provide the total chaos duration - name: TOTAL_CHAOS_DURATION value: '20' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: container-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Fillup Ephemeral Storage of a Resource kind: ChaosExperiment metadata: name: disk-fill labels: name: disk-fill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name disk-fill command: - /bin/bash env: - name: TARGET_CONTAINER value: '' - name: FILL_PERCENTAGE value: '80' - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide the data block size # supported unit is KB - name: DATA_BLOCK_SIZE value: '256' - name: TARGET_PODS value: '' - name: EPHEMERAL_STORAGE_MEBIBYTES value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # Provide the container runtime path # Default set to docker container path - name: CONTAINER_PATH value: '/var/lib/docker/containers' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: disk-fill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/host-path-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Pod DNS Error injects dns failure/error in target pod containers kind: ChaosExperiment metadata: name: pod-dns-error labels: name: pod-dns-error app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" args: - -c - ./experiments -name pod-dns-error command: - /bin/bash env: - name: TARGET_CONTAINER value: "" # provide lib image - name: LIB_IMAGE value: "litmuschaos/go-runner:latest" - name: TOTAL_CHAOS_DURATION value: "60" # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: "" ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: "" - name: TARGET_PODS value: "" # provide the name of container runtime, it supports docker, containerd, crio - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: "parallel" # list of the target hostnames or kewywords eg. '["litmuschaos","chaosnative.io"]' . If empty all hostnames are targets - name: TARGET_HOSTNAMES value: "" # can be either exact or substring, determines whether the dns query has to match exactly with one of the targets or can have any of the targets as substring - name: MATCH_SCHEME value: "exact" labels: experiment: pod-dns-error app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Restart node kind: ChaosExperiment metadata: name: node-restart labels: name: node-restart app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps","secrets"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-restart command: - /bin/bash env: - name: SSH_USER value: 'root' - name: TOTAL_CHAOS_DURATION value: '60' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: "litmuschaos/go-runner:latest" # ENTER THE TARGET NODE NAME - name: TARGET_NODE value: '' - name: NODE_LABEL value: '' # ENTER THE TARGET NODE IP - name: TARGET_NODE_IP value: '' labels: name: node-restart app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest secrets: - name: id-rsa mountPath: /mnt/ --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects cpu consumption on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-cpu-hog-exec labels: name: pod-cpu-hog-exec app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-cpu-hog-exec command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' ## Number of CPU cores to stress - name: CPU_CORES value: '1' ## Percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' ## Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # The command to kill the chaos process - name: CHAOS_KILL_COMMAND value: "kill $(find /proc -name exe -lname '*/md5sum' 2>&1 | grep -v 'Permission denied' | awk -F/ '{print $(NF-1)}')" - name: TARGET_PODS value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-cpu-hog-exec app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects memory consumption on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-memory-hog labels: name: pod-memory-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-memory-hog command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '60' ## enter the amount of memory in megabytes to be consumed by the application pod - name: MEMORY_CONSUMPTION value: '500' ## Number of workers to perform stress - name: NUMBER_OF_WORKERS value: '1' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' ## Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## It is used in pumba lib only - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## It is used in pumba lib only - name: STRESS_IMAGE value: 'alexeiled/stress-ng:latest-ubuntu' ## provide the cluster runtime - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' labels: name: pod-memory-hog app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- --- apiVersion: litmuschaos.io/v1alpha1 description: message: | IO stress on a app pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-io-stress labels: name: pod-io-stress app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-io-stress command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '120' ## specify the size as percentage of free space on the file system ## default value 90 (in percentage) - name: FILESYSTEM_UTILIZATION_PERCENTAGE value: '10' ## we can specify the size in Gigabyte (Gb) also in place of percentage of free space ## NOTE: for selecting this option FILESYSTEM_UTILIZATION_PERCENTAGE should be empty - name: FILESYSTEM_UTILIZATION_BYTES value: '' ## Total number of workers default value is 4 - name: NUMBER_OF_WORKERS value: '4' ## Percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' # provide volume mount path - name: VOLUME_MOUNT_PATH value: '' ## specify the comma separated target pods - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## provide the cluster runtime - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-io-stress app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Give IO disk stress on a node belonging to a deployment kind: ChaosExperiment metadata: name: node-io-stress labels: name: node-io-stress app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-io-stress command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '120' ## specify the size as percentage of free space on the file system ## default value 90 (in percentage) - name: FILESYSTEM_UTILIZATION_PERCENTAGE value: '10' ## we can specify the size in Gigabyte (Gb) also in place of percentage of free space ## NOTE: for selecting this option FILESYSTEM_UTILIZATION_PERCENTAGE should be empty - name: FILESYSTEM_UTILIZATION_BYTES value: '' ## Number of core of CPU - name: CPU value: '1' ## Total number of workers default value is 4 - name: NUMBER_OF_WORKERS value: '4' ## Total number of vm workers - name: VM_WORKERS value: '1' ## enter the comma separated target nodes name - name: TARGET_NODES value: '' - name: NODE_LABEL value: '' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' ## percentage of total nodes to target - name: NODES_AFFECTED_PERC value: '' ## it defines the sequence of chaos execution for multiple target nodes ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: node-io-stress app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Injects network packet loss on pods belonging to an app deployment kind: ChaosExperiment metadata: name: pod-network-loss labels: name: pod-network-loss app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-network-loss command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' - name: NETWORK_INTERFACE value: 'eth0' - name: TC_IMAGE value: 'gaiadocker/iproute2' - name: NETWORK_PACKET_LOSS_PERCENTAGE value: '100' #in PERCENTAGE - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # ime period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'containerd' # provide the destination ips # chaos injection will be triggered for these destination ips - name: DESTINATION_IPS value: '' # provide the destination hosts # chaos injection will be triggered for these destination hosts - name: DESTINATION_HOSTS value: '' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-network-loss app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/runtime-api-usage: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | ======= >>>>>>> master It injects the chaos inside the pod which modifies the body of the response from the provided application server to the body string provided by the user and reverts after a specified duration kind: ChaosExperiment metadata: name: pod-http-modify-body labels: name: pod-http-modify-body app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-http-modify-body command: - /bin/bash env: - name: TARGET_CONTAINER value: '' # provide lib image - name: LIB_IMAGE value: 'litmuschaos/go-runner:latest' # provide the body string to overwrite the response body # if no value is provided, response will be an empty body. - name: RESPONSE_BODY value: '' # port of the target service - name: TARGET_SERVICE_PORT value: "80" # port on which the proxy will listen - name: PROXY_PORT value: "20000" # network interface on which the proxy will listen - name: NETWORK_INTERFACE value: "eth0" - name: TOTAL_CHAOS_DURATION value: '60' # in seconds # Time period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # provide the name of container runtime # for litmus LIB, it supports docker, containerd, crio # for pumba LIB, it supports docker only - name: CONTAINER_RUNTIME value: 'containerd' # provide the socket file path - name: SOCKET_PATH value: '/run/containerd/containerd.sock' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-http-modify-body app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | poweroff node kind: ChaosExperiment metadata: name: node-poweroff labels: name: node-poweroff app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps & secrets details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps","secrets"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name node-restart command: - /bin/bash env: - name: SSH_USER value: 'root' - name: TOTAL_CHAOS_DURATION value: '60' - name: REBOOT_COMMAND value: '-o ServerAliveInterval=1 -o ServerAliveCountMax=1 "sudo systemctl poweroff --force --force" ; true' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' # provide lib image - name: LIB_IMAGE value: "litmuschaos/go-runner:latest" # ENTER THE TARGET NODE NAME - name: TARGET_NODE value: '' - name: NODE_LABEL value: '' # ENTER THE TARGET NODE IP - name: TARGET_NODE_IP value: '' labels: name: node-poweroff app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest secrets: - name: id-rsa mountPath: /mnt/ --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Kills the docker service on the application node to check the resiliency. kind: ChaosExperiment metadata: name: docker-service-kill labels: name: docker-service-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Cluster permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] # for experiment to perform node status checks - apiGroups: [""] resources: ["nodes"] verbs: ["get","list"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name docker-service-kill command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '90' # in seconds # Period to wait before injection of chaos in sec - name: RAMP_TIME value: '' - name: NODE_LABEL value: '' # provide lib image - name: LIB_IMAGE value: 'ubuntu:16.04' # provide the target node name - name: TARGET_NODE value: '' labels: name: docker-service-kill app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/service-kill: "true" app.kubernetes.io/version: latest --- apiVersion: litmuschaos.io/v1alpha1 description: message: | Deletes a pod belonging to a deployment/statefulset/daemonset kind: ChaosExperiment metadata: name: pod-delete labels: name: pod-delete app.kubernetes.io/part-of: litmus app.kubernetes.io/component: chaosexperiment app.kubernetes.io/version: latest spec: definition: scope: Namespaced permissions: # Create and monitor the experiment & helper pods - apiGroups: [""] resources: ["pods"] verbs: ["create","delete","get","list","patch","update", "deletecollection"] # Performs CRUD operations on the events inside chaosengine and chaosresult - apiGroups: [""] resources: ["events"] verbs: ["create","get","list","patch","update"] # Fetch configmaps details and mount it to the experiment pod (if specified) - apiGroups: [""] resources: ["configmaps"] verbs: ["get","list",] # Track and get the runner, experiment, and helper pods log - apiGroups: [""] resources: ["pods/log"] verbs: ["get","list","watch"] # for creating and managing to execute comands inside target container - apiGroups: [""] resources: ["pods/exec"] verbs: ["get","list","create"] # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets}) - apiGroups: ["apps"] resources: ["deployments","statefulsets","replicasets", "daemonsets"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: ["apps.openshift.io"] resources: ["deploymentconfigs"] verbs: ["list","get"] # deriving the parent/owner details of the pod(if parent is deploymentConfig) - apiGroups: [""] resources: ["replicationcontrollers"] verbs: ["get","list"] # deriving the parent/owner details of the pod(if parent is argo-rollouts) - apiGroups: ["argoproj.io"] resources: ["rollouts"] verbs: ["list","get"] # for configuring and monitor the experiment job by the chaos-runner pod - apiGroups: ["batch"] resources: ["jobs"] verbs: ["create","list","get","delete","deletecollection"] # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow - apiGroups: ["litmuschaos.io"] resources: ["chaosengines","chaosexperiments","chaosresults"] verbs: ["create","list","get","patch","update","delete"] image: "litmuschaos/go-runner:latest" imagePullPolicy: Always args: - -c - ./experiments -name pod-delete command: - /bin/bash env: - name: TOTAL_CHAOS_DURATION value: '15' # Period to wait before and after injection of chaos in sec - name: RAMP_TIME value: '' - name: FORCE value: 'true' - name: CHAOS_INTERVAL value: '5' ## percentage of total pods to target - name: PODS_AFFECTED_PERC value: '' - name: TARGET_PODS value: '' # To select pods on specific node(s) - name: NODE_LABEL value: '' ## it defines the sequence of chaos execution for multiple target pods ## supported values: serial, parallel - name: SEQUENCE value: 'parallel' labels: name: pod-delete app.kubernetes.io/part-of: litmus app.kubernetes.io/component: experiment-job app.kubernetes.io/version: latest ---