Skip to content

GCP VM Disk Loss By Label

Introduction

  • It causes chaos to disrupt the state of GCP persistent disk volume filtered using a label by detaching it from its VM instance for a certain chaos duration.

Scenario: detach the gcp disk

GCP VM Disk Loss By Label

Uses

View the uses of the experiment

coming soon

Prerequisites

Verify the prerequisites
  • Ensure that Kubernetes Version > 1.17
  • Ensure that the Chaos Operator is running by executing kubectl get pods in operator namespace (typically, litmus).If not, install from here
  • Ensure that the gcp-vm-disk-loss-by-label experiment resource is available in the cluster by executing kubectl get chaosexperiments in the desired namespace. If not, install from here
  • Ensure that your service account has an editor access or owner access for the GCP project.
  • Ensure that the target disk volume is not a boot disk of any VM instance.

  • Ensure to create a Kubernetes secret having the GCP service account credentials in the default namespace. A sample secret file looks like:

    apiVersion: v1
kind: Secret
metadata:
  name: cloud-secret
type: Opaque
stringData:
  type: 
  project_id: 
  private_key_id: 
  private_key: 
  client_email: 
  client_id: 
  auth_uri: 
  token_uri: 
  auth_provider_x509_cert_url: 
  client_x509_cert_url:

Default Validations

View the default validations
  • All the disk volumes having the target label are attached to their respective instances

Minimal RBAC configuration example (optional)

NOTE

If you are using this experiment as part of a litmus workflow scheduled constructed & executed from chaos-center, then you may be making use of the litmus-admin RBAC, which is pre installed in the cluster as part of the agent setup.

View the Minimal RBAC permissions 

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: gcp-vm-disk-loss-by-label-sa
  namespace: default
  labels:
    name: gcp-vm-disk-loss-by-label-sa
    app.kubernetes.io/part-of: litmus
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: gcp-vm-disk-loss-by-label-sa
  labels:
    name: gcp-vm-disk-loss-by-label-sa
    app.kubernetes.io/part-of: litmus
rules:
  # Create and monitor the experiment & helper pods
  - apiGroups: [""]
    resources: ["pods"]
    verbs: ["create","delete","get","list","patch","update", "deletecollection"]
  # Performs CRUD operations on the events inside chaosengine and chaosresult
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create","get","list","patch","update"]
  # Fetch configmaps & secrets details and mount it to the experiment pod (if specified)
  - apiGroups: [""]
    resources: ["secrets","configmaps"]
    verbs: ["get","list",]
  # Track and get the runner, experiment, and helper pods log 
  - apiGroups: [""]
    resources: ["pods/log"]
    verbs: ["get","list","watch"]  
  # for configuring and monitor the experiment job by the chaos-runner pod
  - apiGroups: ["batch"]
    resources: ["jobs"]
    verbs: ["create","list","get","delete","deletecollection"]
  # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow
  - apiGroups: ["litmuschaos.io"]
    resources: ["chaosengines","chaosexperiments","chaosresults"]
    verbs: ["create","list","get","patch","update","delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: gcp-vm-disk-loss-by-label-sa
  labels:
    name: gcp-vm-disk-loss-by-label-sa
    app.kubernetes.io/part-of: litmus
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: gcp-vm-disk-loss-by-label-sa
subjects:
- kind: ServiceAccount
  name: gcp-vm-disk-loss-by-label-sa
  namespace: default
Use this sample RBAC manifest to create a chaosServiceAccount in the desired (app) namespace. This example consists of the minimum necessary role permissions to execute the experiment.

Experiment tunables

check the experiment tunables

Mandatory Fields


Variables Description Notes
GCP_PROJECT_ID The ID of the GCP Project of which the disk volumes are a part of All the target disk volumes should belong to a single GCP Project
DISK_VOLUME_LABEL Label of the targeted non-boot persistent disk volume The DISK_VOLUME_LABEL should be provided as key:value or key if the corresponding value is empty ex: disk:target-disk
ZONES The zone of target disk volumes Only one zone can be provided i.e. all target disks should lie in the same zone

Optional Fields


Variables Description Notes
TOTAL_CHAOS_DURATION The total time duration for chaos insertion (sec) Defaults to 30s
CHAOS_INTERVAL The interval (in sec) between the successive chaos iterations (sec) Defaults to 30s
DISK_AFFECTED_PERC The percentage of total disks filtered using the label to target Defaults to 0 (corresponds to 1 disk), provide numeric value only
SEQUENCE It defines sequence of chaos execution for multiple disks Default value: parallel. Supported: serial, parallel
RAMP_TIME Period to wait before and after injection of chaos in sec

Experiment Examples

Common Experiment Tunables

Refer the common attributes to tune the common tunables for all the experiments.

Detach Volumes By Label

It contains the label of disk volumes to be subjected to disk loss chaos. It will detach all the disks with the label DISK_VOLUME_LABEL in zone ZONES within the GCP_PROJECT_ID project. It re-attaches the disk volume after waiting for the specified TOTAL_CHAOS_DURATION duration.

NOTE: The DISK_VOLUME_LABEL accepts only one label and ZONES also accepts only one zone name. Therefore, all the disks must lie in the same zone.

Use the following example to tune this:

apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
  name: engine-nginx
spec:
  engineState: "active"
  annotationCheck: "false"
  chaosServiceAccount: gcp-vm-disk-loss-by-label-sa
  experiments:
  - name: gcp-vm-disk-loss-by-label
    spec:
      components:
        env:
        - name: DISK_VOLUME_LABEL
          value: 'disk:target-disk'

        - name: ZONES
          value: 'us-east1-b'

        - name: GCP_PROJECT_ID
          value: 'my-project-4513'

        - name: TOTAL_CHAOS_DURATION
          value: '60'

Mutiple Iterations Of Chaos

The multiple iterations of chaos can be tuned via setting CHAOS_INTERVAL ENV. Which defines the delay between each iteration of chaos.

Use the following example to tune this:

apiVersion: litmuschaos.io/v1alpha1
kind: ChaosEngine
metadata:
  name: engine-nginx
spec:
  engineState: "active"
  annotationCheck: "false"
  chaosServiceAccount: gcp-vm-disk-loss-by-label-sa
  experiments:
  - name: gcp-vm-disk-loss-by-label
    spec:
      components:
        env:
        - name: CHAOS_INTERVAL
          value: '15'

        - name: TOTAL_CHAOS_DURATION
          value: '60'

        - name: DISK_VOLUME_LABEL
          value: 'disk:target-disk'

        - name: ZONES
          value: 'us-east1-b'

        - name: GCP_PROJECT_ID
          value: 'my-project-4513'