kerris

Note

This repository contains all the material of my talk "How Chaos Engineering Works: Implementing Failure Injection on Kubernetes with Rust".

Note: kerris is a toy/demo implementation of a chaos controller!

Overview

kerris is a Kubernetes chaos controller written in Rust. It introduces failures into your cluster by watching custom resources and acting on them via two components:

Controller — reconciles PodChaos and NetworkChaos custom resources
Daemon — a DaemonSet that runs on each node and executes low-level fault injection via containerd

Supported failure modes:

CRD	Actions
`PodChaos`	`pod-kill`, `container-kill`
`NetworkChaos`	packet loss

Requirements

To be able to play around with kerris you will need:

Setup

If you want to try kerris out you can run setup.sh, which automates steps 1–6 below. Or you can run these steps manually:

Create local Kubernetes cluster using kind:
```
kind create cluster
```

Build the container image for the controller and make it available in the cluster:

docker build -t kerris-controller:latest -f Dockerfile.controller .
kind load docker-image kerris-controller:latest

Build the container image for the daemon (or agent) and make it available in the cluster:

docker build -t kerris-daemon:latest -f Dockerfile.daemon .
kind load docker-image kerris-daemon:latest

Create kerris-system Namespace (required before applying manifests):
```
kubectl create namespace kerris-system
```

Apply CustomResourceDefinitions:

cargo run --bin crdgen | kubectl apply -f -

Install kerris:
```
kubectl apply -f manifests/
```

Run controller outside of the cluster

Warning

This setup works best with a single-node cluster.

This is useful during development to iterate quickly without rebuilding the container image.

Because the controller needs access to the daemon, you will need to port-forward the daemon locally:

kubectl --namespace kerris-system port-forward daemonsets/kerris-daemon 30666:30666

Make sure the controller is not deployed by either stopping the kerris-controller Deployment:

kubectl --namespace kerris-system scale deployment kerris-controller --replicas 0

or deleting it:

kubectl --namespace kerris-system delete deployments.apps kerris-controller

Now you can run the kerris-controller outside of the cluster using:

cargo run -- --daemon-addr http://localhost:30666

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
hack		hack
manifests		manifests
proto		proto
slides		slides
src		src
.gitignore		.gitignore
Cargo.lock		Cargo.lock
Cargo.toml		Cargo.toml
Dockerfile.controller		Dockerfile.controller
Dockerfile.daemon		Dockerfile.daemon
LICENSE		LICENSE
README.md		README.md
build.rs		build.rs
demo.tmux.sh		demo.tmux.sh
setup.sh		setup.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

kerris

Overview

Requirements

Setup

Run controller outside of the cluster

About

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

kerris

Overview

Requirements

Setup

Run controller outside of the cluster

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Contributors

Uh oh!

Languages