feat(chaos): add kubelet-restart chaos test

[harshshekhar15]

Signed-off-by: Harsh Shekhar harsh.shekhar@mayadata.io

This PR intends to do the following:

• Add Kubera chaos test - TCID-KUBELET-RESTART.
• Add docker install in Dockerfile.

Exact application name that is under test.

Storage engine that is under test

OpenEBS version if required.

Assumptions of this PR

Notes to reviewer.

Anything else we need to know?

Versions:

$ Kubernetes version
$ Kubernetes platform
$ kubectl version

[gprasath]

it needs to be restarted on the node where the pods are scheduled

[gprasath]

• If restarted, it will be recreated immediately. Can we stop kubelet container, wait till node gets into NotReady.
• The pods in the respective node should be rescheduled on some other node if resources are available.
• Once things are set, you can start kubelet container back on the node.

[gprasath]

To do this, we need root access right?

[harshshekhar15]

@gprasath it will restart the docker on the node in which the pod is scheduled. We have made use of Docker out of Docker for this. We have mounted the host's docker socket to this pod for this.

[harshshekhar15]

@gprasath what will happen to the statefulsets scheduled on that node if we stop the kubelet till node is in NotReady state?

[harshshekhar15]

Yes we need root access, so we are running the container with securityContext -- privileged: true

[gprasath]

@gprasath what will happen to the statefulsets scheduled on that node if we stop the kubelet till node is in NotReady state?

That statefulset replica pod will be in pending state if the node is not ready

[gprasath]

@gprasath it will restart the docker on the node in which the pod is scheduled. We have made use of Docker out of Docker for this. We have mounted the host's docker socket to this pod for this.

Restart is instantaneous. There won't be any considerable impact.

[harshshekhar15]

@gprasath I think I was not clear -- the above command will restart kubelet container running on the host node itself.

[gprasath]

when restarting, pods will not enter not running state as it becomes online immediately

[harshshekhar15]

@gprasath we are verifying if Kubera is working fine post the restart.

[gprasath]

restart won't have any impact.

[gprasath]

default pod eviction timeout is 5 minutes. There will be an impact in container status if and only if this is violated @harshshekhar15

[AmitKumarDas]

How do we ensure kubera pods & the restart job are running on same node?

[harshshekhar15]

@AmitKumarDas some of the Kubera pods will be present on whatever node the job's pod is scheduled.

[gprasath]

where do we create this secret?
can we add more info about this.

[harshshekhar15]

@gprasath we are creating this secret post installing Kubera as a part of litmus pre-requisites, ref - https://github.com/mayadata-io/oep-e2e/blob/master/litmus/prerequisite/docker-secret.yml

[gprasath]

Add comment in the places where we use this secret

[gprasath]

And can you add a readme for this scenario, describing the procedure

[amitbhatt818]

/lgtm

[AmitKumarDas]

Do we restart kubelet of specific nodes?
We may target those node where specific app is running.
Otherwise this might result in flakiness.
Please prove otherwise if this will not result in flakiness.

[harshshekhar15]

@AmitKumarDas no we are not specifying any node, on whichever node the job's pod is scheduled it will restart docker on that host node.This will not result in flakiness as there is not much effects of kubelet restart on Kubera components, just that the pod of any statefulset scheduled on that node will go into NotReady state and will be back to Ready state as soon as kubelet starts running on that node.

[gprasath]

Can we check the status of node where the chaos is injected?

[gprasath]

Enhancement to this test: #892