---
apiVersion: litmuschaos.io/v1alpha1
description:
  message: |
    Injects network packet duplication on pods belonging to an app deployment
kind: ChaosExperiment
metadata:
  name: pod-network-duplication
  labels:
    name: pod-network-duplication
    app.kubernetes.io/part-of: litmus
    app.kubernetes.io/component: chaosexperiment
    app.kubernetes.io/version: ci
spec:
  definition:
    scope: Namespaced
    permissions:
      # Create and monitor the experiment & helper pods
      - apiGroups: [""]
        resources: ["pods"]
        verbs:
          [
            "create",
            "delete",
            "get",
            "list",
            "patch",
            "update",
            "deletecollection",
          ]
      # Performs CRUD operations on the events inside chaosengine and chaosresult
      - apiGroups: [""]
        resources: ["events"]
        verbs: ["create", "get", "list", "patch", "update"]
      # Fetch configmaps details and mount it to the experiment pod (if specified)
      - apiGroups: [""]
        resources: ["configmaps"]
        verbs: ["get", "list"]
      # Track and get the runner, experiment, and helper pods log
      - apiGroups: [""]
        resources: ["pods/log"]
        verbs: ["get", "list", "watch"]
      # for creating and managing to execute commands inside target container
      - apiGroups: [""]
        resources: ["pods/exec"]
        verbs: ["get", "list", "create"]
      # deriving the parent/owner details of the pod(if parent is anyof {deployment, statefulset, daemonsets})
      - apiGroups: ["apps"]
        resources: ["deployments", "statefulsets", "replicasets", "daemonsets"]
        verbs: ["list", "get"]
      # deriving the parent/owner details of the pod(if parent is deploymentConfig)
      - apiGroups: ["apps.openshift.io"]
        resources: ["deploymentconfigs"]
        verbs: ["list", "get"]
      # deriving the parent/owner details of the pod(if parent is deploymentConfig)
      - apiGroups: [""]
        resources: ["replicationcontrollers"]
        verbs: ["get", "list"]
      # deriving the parent/owner details of the pod(if parent is argo-rollouts)
      - apiGroups: ["argoproj.io"]
        resources: ["rollouts"]
        verbs: ["list", "get"]
      # for configuring and monitor the experiment job by the chaos-runner pod
      - apiGroups: ["batch"]
        resources: ["jobs"]
        verbs: ["create", "list", "get", "delete", "deletecollection"]
      # for creation, status polling and deletion of litmus chaos resources used within a chaos workflow
      - apiGroups: ["litmuschaos.io"]
        resources: ["chaosengines", "chaosexperiments", "chaosresults"]
        verbs: ["create", "list", "get", "patch", "update", "delete"]
    image: "litmuschaos.docker.scarf.sh/litmuschaos/go-runner:latest"
    imagePullPolicy: Always
    args:
      - -c
      - ./experiments -name pod-network-duplication
    command:
      - /bin/bash
    env:
      - name: TOTAL_CHAOS_DURATION
        value: "60"

      - name: RAMP_TIME
        value: ""

      - name: TARGET_CONTAINER
        value: ""

      - name: TC_IMAGE
        value: "gaiadocker/iproute2"

      - name: NETWORK_INTERFACE
        value: "eth0"

      - name: NETWORK_PACKET_DUPLICATION_PERCENTAGE
        value: "100" # in percentage

      - name: TARGET_PODS
        value: ""

      # To select pods on specific node(s)
      - name: NODE_LABEL
        value: ""

      ## percentage of total pods to target
      - name: PODS_AFFECTED_PERC
        value: ""

      - name: LIB_IMAGE
        value: "litmuschaos.docker.scarf.sh/litmuschaos/go-runner:latest"

      # provide the name of container runtime
      # for litmus LIB, it supports docker, containerd, crio
      # for pumba LIB, it supports docker only
      - name: CONTAINER_RUNTIME
        value: "containerd"

      - name: DEFAULT_HEALTH_CHECK
        value: "false"

      # provide the destination ips
      # chaos injection will be triggered for these destination ips
      - name: DESTINATION_IPS
        value: ""

      # provide the destination hosts
      # chaos injection will be triggered for these destination hosts
      - name: DESTINATION_HOSTS
        value: ""

      # provide the socket file path
      - name: SOCKET_PATH
        value: "/run/containerd/containerd.sock"

      ## it defines the sequence of chaos execution for multiple target pods
      ## supported values: serial, parallel
      - name: SEQUENCE
        value: "parallel"

    labels:
      name: pod-network-duplication
      app.kubernetes.io/part-of: litmus
      app.kubernetes.io/component: experiment-job
      app.kubernetes.io/runtime-api-usage: "true"
      app.kubernetes.io/version: ci