Skip to content

Commit

Permalink
feat: add apiserver overload gvk
Browse files Browse the repository at this point in the history
Signed-off-by: r3drun3 <simone.ragonesi@sighup.io>
  • Loading branch information
R3DRUN3 committed Nov 30, 2023
1 parent f41cbcd commit 19f5db3
Show file tree
Hide file tree
Showing 15 changed files with 478 additions and 8 deletions.
9 changes: 9 additions & 0 deletions PROJECT
Original file line number Diff line number Diff line change
Expand Up @@ -71,4 +71,13 @@ resources:
kind: ConfigMapDestroyer
path: stackzoo.io/khaos/api/v1alpha1
version: v1alpha1
- api:
crdVersion: v1
namespaced: true
controller: true
domain: stackzoo.io
group: khaos
kind: ApiServerOverload
path: stackzoo.io/khaos/api/v1alpha1
version: v1alpha1
version: "3"
20 changes: 13 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,16 +13,21 @@ Through the implementation of custom controllers and resources, Khaos facilitate
Khaos is an **unopinionated** operator, in the sense that it provides simple and *atomic primitives* that engineers can use as building blocks in order to compose their preferred chaos strategy.
Currently, Khaos does not implement *cronjobs*; any scheduling of Khaos Custom Resources is delegated to external logic outside the cluster, possibly through a GitOps approach.

> [!WARNING]
> This operator will introduce fault and unpredicatbility in you rinfrastructure, use with caution
## Supported features
- [X] Delete pods
- [x] Delete cluster nodes
- [X] Delete secrets
- [X] Delete configmaps
- [X] Inject resource constraints in pods
- [X] Add o remove labels in pods
- [X] Flood api server with calls
- [X] Exec commands inside pods (**experimental**).



## Local Testing and Debugging
First of all clone the repository:
```console
Expand Down Expand Up @@ -80,13 +85,14 @@ Install and list the operator CRDs with the following command:
make install && kubectl get crds

NAME CREATED AT
commandinjections.khaos.stackzoo.io 2023-11-29T08:09:59Z
configmapdestroyers.khaos.stackzoo.io 2023-11-29T08:09:59Z
containerresourcechaos.khaos.stackzoo.io 2023-11-29T08:09:59Z
nodedestroyers.khaos.stackzoo.io 2023-11-29T08:09:59Z
poddestroyers.khaos.stackzoo.io 2023-11-29T08:09:59Z
podlabelchaos.khaos.stackzoo.io 2023-11-29T08:09:59Z
secretdestroyers.khaos.stackzoo.io 2023-11-29T08:09:59Z
apiserveroverloads.khaos.stackzoo.io 2023-11-30T06:25:59Z
commandinjections.khaos.stackzoo.io 2023-11-30T06:25:59Z
configmapdestroyers.khaos.stackzoo.io 2023-11-30T06:25:59Z
containerresourcechaos.khaos.stackzoo.io 2023-11-30T06:25:59Z
nodedestroyers.khaos.stackzoo.io 2023-11-30T06:25:59Z
poddestroyers.khaos.stackzoo.io 2023-11-30T06:25:59Z
podlabelchaos.khaos.stackzoo.io 2023-11-30T06:25:59Z
secretdestroyers.khaos.stackzoo.io 2023-11-30T06:25:59Z
```

In order to run the operator on your cluster (current context - i.e. whatever cluster `kubectl cluster-info` shows) run:
Expand Down
59 changes: 59 additions & 0 deletions api/v1alpha1/apiserveroverload_types.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
/*
Copyright 2023.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package v1alpha1

import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.

// ApiServerOverloadSpec defines the desired state of ApiServerOverload
type ApiServerOverloadSpec struct {
//DurationSeconds int64 `json:"durationSeconds"`
}

// ApiServerOverloadStatus defines the observed state of ApiServerOverload
type ApiServerOverloadStatus struct {
ExecutedTimestamp string `json:"executedTimestamp,omitempty"`
}

//+kubebuilder:object:root=true
//+kubebuilder:subresource:status

// ApiServerOverload is the Schema for the apiserveroverloads API
type ApiServerOverload struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`

Spec ApiServerOverloadSpec `json:"spec,omitempty"`
Status ApiServerOverloadStatus `json:"status,omitempty"`
}

//+kubebuilder:object:root=true

// ApiServerOverloadList contains a list of ApiServerOverload
type ApiServerOverloadList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ApiServerOverload `json:"items"`
}

func init() {
SchemeBuilder.Register(&ApiServerOverload{}, &ApiServerOverloadList{})
}
89 changes: 89 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 7 additions & 0 deletions cmd/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,13 @@ func main() {
setupLog.Error(err, "unable to create controller", "controller", "ConfigMapDestroyer")
os.Exit(1)
}
if err = (&controller.ApiServerOverloadReconciler{
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
}).SetupWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create controller", "controller", "ApiServerOverload")
os.Exit(1)
}
//+kubebuilder:scaffold:builder

if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {
Expand Down
47 changes: 47 additions & 0 deletions config/crd/bases/khaos.stackzoo.io_apiserveroverloads.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: apiserveroverloads.khaos.stackzoo.io
spec:
group: khaos.stackzoo.io
names:
kind: ApiServerOverload
listKind: ApiServerOverloadList
plural: apiserveroverloads
singular: apiserveroverload
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ApiServerOverload is the Schema for the apiserveroverloads API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ApiServerOverloadSpec defines the desired state of ApiServerOverload
type: object
status:
description: ApiServerOverloadStatus defines the observed state of ApiServerOverload
properties:
executedTimestamp:
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
3 changes: 3 additions & 0 deletions config/crd/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ resources:
- bases/khaos.stackzoo.io_commandinjections.yaml
- bases/khaos.stackzoo.io_podlabelchaos.yaml
- bases/khaos.stackzoo.io_configmapdestroyers.yaml
- bases/khaos.stackzoo.io_apiserveroverloads.yaml
#+kubebuilder:scaffold:crdkustomizeresource

patches:
Expand All @@ -21,6 +22,7 @@ patches:
#- path: patches/webhook_in_commandinjections.yaml
#- path: patches/webhook_in_podlabelchaos.yaml
#- path: patches/webhook_in_configmapdestroyers.yaml
#- path: patches/webhook_in_apiserveroverloads.yaml
#+kubebuilder:scaffold:crdkustomizewebhookpatch

# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
Expand All @@ -32,6 +34,7 @@ patches:
#- path: patches/cainjection_in_commandinjections.yaml
#- path: patches/cainjection_in_podlabelchaos.yaml
#- path: patches/cainjection_in_configmapdestroyers.yaml
#- path: patches/cainjection_in_apiserveroverloads.yaml
#+kubebuilder:scaffold:crdkustomizecainjectionpatch

# [WEBHOOK] To enable webhook, uncomment the following section
Expand Down
31 changes: 31 additions & 0 deletions config/rbac/apiserveroverload_editor_role.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# permissions for end users to edit apiserveroverloads.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: apiserveroverload-editor-role
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: khaos
app.kubernetes.io/part-of: khaos
app.kubernetes.io/managed-by: kustomize
name: apiserveroverload-editor-role
rules:
- apiGroups:
- khaos.stackzoo.io
resources:
- apiserveroverloads
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- khaos.stackzoo.io
resources:
- apiserveroverloads/status
verbs:
- get
27 changes: 27 additions & 0 deletions config/rbac/apiserveroverload_viewer_role.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
# permissions for end users to view apiserveroverloads.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: apiserveroverload-viewer-role
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: khaos
app.kubernetes.io/part-of: khaos
app.kubernetes.io/managed-by: kustomize
name: apiserveroverload-viewer-role
rules:
- apiGroups:
- khaos.stackzoo.io
resources:
- apiserveroverloads
verbs:
- get
- list
- watch
- apiGroups:
- khaos.stackzoo.io
resources:
- apiserveroverloads/status
verbs:
- get
Loading

0 comments on commit 19f5db3

Please sign in to comment.