ivanch/litmus-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
15a0ec5d48ae3b3a94afb95c69761926607e429a
litmus-hub/charts/generic/node-taint/experiment.yaml
Shubham Chaudhary f174f7ab65 chore(rbac): Adding minimal rbac permissions with comments description (#513) 
* chore(rbac): Adding minimal rbac permissions with comments description

Signed-off-by: shubham chaudhary <shubham@chaosnative.com>

* chore(chart): Adding minimal rbac permissions in charts

Signed-off-by: shubham chaudhary <shubham@chaosnative.com>
2021-10-26 16:25:53 +05:30

91 lines
2.8 KiB
YAML
Raw Blame History

---
apiVersion: litmuschaos.io/v1alpha1
description:
message: |
Taint the node where application pod is scheduled
kind: ChaosExperiment
metadata:
name: node-taint
labels:
name: node-taint
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: chaosexperiment
app.kubernetes.io/version: latest
spec:
definition:
scope: Cluster
permissions:
# Create and monitor the experiment & helper pods
- apiGroups: [""]
resources: ["pods"]
verbs: ["create","delete","get","list","patch","update", "deletecollection"]
# Performs CRUD operations on the events inside chaosengine and chaosresult
- apiGroups: [""]
resources: ["events"]
verbs: ["create","get","list","patch","update"]
# Fetch configmaps details and mount it to the experiment pod (if specified)
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get","list",]
# Track and get the runner, experiment, and helper pods log
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
# for creating and managing to execute comands inside target container
- apiGroups: [""]
resources: ["pods/exec","pods/eviction"]
verbs: ["get","list","create"]
# ignore daemonsets while draining the node
- apiGroups: ["apps"]
resources: ["daemonsets"]
verbs: ["list","get","delete"]
# for configuring and monitor the experiment job by the chaos-runner pod
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["create","list","get","delete","deletecollection"]
# for creation, status polling and deletion of litmus chaos resources used within a chaos workflow
- apiGroups: ["litmuschaos.io"]
resources: ["chaosengines","chaosexperiments","chaosresults"]
verbs: ["create","list","get","patch","update","delete"]
# for experiment to perform node status checks
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get","list","patch","update"]
image: "litmuschaos/go-runner:latest"
imagePullPolicy: Always
args:
- -c
- ./experiments -name node-taint
command:
- /bin/bash
env:
- name: TARGET_NODE
value: ''
- name: NODE_LABEL
value: ''
- name: TOTAL_CHAOS_DURATION
value: '60'
# Provide the LIB here
# Only litmus supported
- name: LIB
value: 'litmus'
# Period to wait before and after injection of chaos in sec
- name: RAMP_TIME
value: ''
# set taint label & effect
# key=value:effect or key:effect
- name: TAINTS
value: ''
labels:
name: node-taint
app.kubernetes.io/part-of: litmus
app.kubernetes.io/component: experiment-job
app.kubernetes.io/version: latest
Reference in New Issue View Git Blame Copy Permalink