diff --git a/website/docs/architecture/chaos-control-plane.md b/website/docs/architecture/chaos-control-plane.md index 84e44821..132ca3dc 100644 --- a/website/docs/architecture/chaos-control-plane.md +++ b/website/docs/architecture/chaos-control-plane.md @@ -32,7 +32,7 @@ Chaos control plane consists of micro-services responsible for the functioning o ## Standard Chaos Control Plane Flow -1. The User logs in to the ChaosCenter using a valid login credential. A default project is created for the user on initial login. Every user is a part of a project and has a role assigned to them. To schedule a chaos experiment, the user needs to have an Editor or Owner role assigned in the project. +1. The User logs in to the ChaosCenter using a valid login credential. A default project is created for the user on initial login. Every user is a part of a project and has a role assigned to them. To schedule a chaos experiment, the user needs to have an Owner role assigned in the project. 2. The user uploads a Chaos Experiment manifest using the ChaosCenter, which is received by the Backend Server. 3. Backend Server stores the manifest in the Database and also sends it to the Chaos Infrastructure. 4. Chaos Infrastructure uses the Chaos Experiment manifest to inject chaos into the target resources. The steps of the Chaos Experiment execution can be visualized using the ChaosCenter. diff --git a/website/docs/concepts/teaming.md b/website/docs/concepts/teaming.md index b684ca80..9515905f 100644 --- a/website/docs/concepts/teaming.md +++ b/website/docs/concepts/teaming.md @@ -10,12 +10,12 @@ The ChaosCenter has a built in teaming feature to facilitate collaboration betwe ## Project level roles -Each user has a default project created on user creation by the admin for which they maintain a project level `Owner` access. Every `Owner` has the ability to invite other users into their project with different permission levels, namely `Editor`, and `Viewer`. +Each user has a default project created on user creation by the admin for which they maintain a project level `Owner` access. Every `Owner` has the ability to invite other users into their project with different permission levels, namely `Executor`, and `Viewer`. Teaming is based on the following principles and each user can have one of the 3 project roles: -- **Owner:** One who created the project and owns it. Only the owner has permission to manage(invite or remove) the members in his/her project. The owner can schedule chaos experiments, update and delete chaos experiments. -- **Editor:** Members invited with the editor role can do everything an owner can except for managing the project. +- **Owner:** One who created the project and owns it. Only the owner has permission to manage(invite or remove) the members in his/her project. The owner can create resources such as infrastructures, probes, hubs, experiments, etc, schedule chaos experiments, update and delete chaos experiments.They have both create and execute perimissions. +- **Executor:** Members invited with the executor role only have execute and view permissions which allow them to run/stop experiments, use probes etc, they don't have any create/delete permissions. - **Viewer:** Members having a viewer role can only view the analytics related to the chaos experiments and the chaos experiments themselves, but are not given permission to schedule chaos experiments in the project. ## Role privileges @@ -26,7 +26,7 @@ Teaming is based on the following principles and each user can have one of the 3 - Invite other users for the following roles: - Viewer - - Editor + - Executor - View the list of team members with other details including their role in the project, email-id, date-time of joining the project team. - Rename your project. - Remove a member from your project. @@ -34,7 +34,7 @@ Teaming is based on the following principles and each user can have one of the 3 - Edit the user role in case the invitation is pending. - Cancel the invitation. -**_As a Viewer or Editor you can:_** +**_As a Viewer or Executor you can:_** - Check and Accept/Decline the received invitations. - Switch and browse any project you are a member of. diff --git a/website/docs/getting-started/installation.md b/website/docs/getting-started/installation.md index 6707764d..4399660f 100644 --- a/website/docs/getting-started/installation.md +++ b/website/docs/getting-started/installation.md @@ -1,6 +1,6 @@ --- id: installation -title: ChaosCenter cluster scope installation +title: ChaosCenter installation sidebar_label: Installation --- @@ -100,10 +100,62 @@ Visit https://docs.litmuschaos.io to find more info. > **Note:** Litmus uses Kubernetes CRDs to define chaos intent. Helm3 handles CRDs better than Helm2. Before you start running a chaos experiment, verify if Litmus is installed correctly. -### **Install Litmus using kubectl** +## **Install Litmus using kubectl** In this method the users need to install mongo first via helm and then apply the installation manifest. Follow the instructions [here](https://github.com/litmuschaos/litmus/tree/master/chaoscenter#installation-steps-for-litmus-300-beta9). +### **Install mongo** + + ```bash + helm repo add bitnami https://charts.bitnami.com/bitnami + ``` + +Mongo Values + +```bash + auth: + enabled: true + rootPassword: "1234" + # -- existingSecret Existing secret with MongoDB(®) credentials (keys: `mongodb-passwords`, `mongodb-root-password`, `mongodb-metrics-password`, ` mongodb-replica-set-key`) + existingSecret: "" +architecture: replicaset +replicaCount: 3 +persistence: + enabled: true +volumePermissions: + enabled: true +metrics: + enabled: false + prometheusRule: + enabled: false + +# bitnami/mongodb is not yet supported on ARM. +# Using unofficial tools to build bitnami/mongodb (arm64 support) +# more info: https://github.com/ZCube/bitnami-compat +#image: +# registry: ghcr.io/zcube +# repository: bitnami-compat/mongodb +# tag: 6.0.5 +``` + +```bash +helm install my-release bitnami/mongodb --values mongo-values.yml -n --create-namespace +``` + +Litmus supports for HTTP and HTTPS mode of installation. + +### Basic installation (HTTP based and allows all origins) + +Applying the manifest file will install all the required service account configuration and ChaosCenter in namespaced scope. + +```bash + kubectl apply -f https://raw.githubusercontent.com/litmuschaos/litmus/master/chaoscenter/manifests/litmus-getting-started.yaml -n +``` + +### Advanced installation (HTTPS based and CORS rules apply) + +For advanced installation visit [here](../user-guides/chaoscenter-advanced-installation.md) + --- ## **Verify your installation** @@ -182,6 +234,9 @@ http://172.17.0.3:31846/ > Where `172.17.0.3` is my NodeIP and `31846` is the frontend service PORT. If using a LoadBalancer, the only change would be to provide a `:`. [Learn more about how to access ChaosCenter with LoadBalancer](../user-guides/setup-without-ingress.md#with-loadbalancer) + +**NOTE:** With advanced installation CORS rules are applied, once manifest is applied frontend loadbalancer IP needs to be added in the `ALLOWED_ORIGINS` environment in both auth and graphql server deployment. + You should be able to see the Login Page of Litmus ChaosCenter. The **default credentials** are ```yaml @@ -197,7 +252,7 @@ By default you are assigned with a default project with Owner permissions. ## Learn more -- [Install ChaosCenter in Namespace Scope](../user-guides/chaoscenter-namespace-scope-installation.md) +- [Install ChaosCenter with HTTPS](../user-guides/chaoscenter-advanced-installation.md) - [Connect External Chaos Infrastructures to ChaosCenter](../user-guides/chaos-infrastructure-installation.md) - [Setup Endpoints and Access ChaosCenter without Ingress](../user-guides/setup-without-ingress.md) - [Setup Endpoints and Access ChaosCenter with Ingress](../user-guides/setup-with-ingress.md) diff --git a/website/docs/user-guides/chaoscenter-advanced-installation.md b/website/docs/user-guides/chaoscenter-advanced-installation.md new file mode 100644 index 00000000..1c810992 --- /dev/null +++ b/website/docs/user-guides/chaoscenter-advanced-installation.md @@ -0,0 +1,260 @@ +--- +id: chaoscenter-advanced-installation +title: ChaosCenter Advanced Installation +sidebar_label: Setup with HTTPS +--- + +--- + +## Prerequisites + +- Kubernetes 1.17 or later + +- A Persistent volume of 20GB + +:::note +Recommend to have a Persistent volume(PV) of 20GB, You can start with 1GB for test purposes as well. This PV is used as persistent storage to store the chaos config and chaos-metrics in the Portal. By default, litmus install would use the default storage class to allocate the PV. Provide this value +::: + +- [Helm3](https://v3.helm.sh/) or [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl) + +## Installation + +Users looking to use Litmus for the first time have two options available to them today. One way is to use a hosted Litmus service like [Harness Chaos Engineering SaaS](https://app.harness.io/auth/#/signin). Alternatively, users looking for some more flexibility can install Litmus into their own Kubernetes cluster. + +Users choosing the self-hosted option can refer to our Install and Configure docs for installing alternate versions and more detailed instructions. + +import Tabs from '@theme/Tabs'; +import TabItem from '@theme/TabItem'; + + + + Installation of Self-Hosted Litmus can be done using either of the below methods: +
  • Helm3 chart
    • +
  • Kubectl yaml spec file
    • +
    + Refer to the below details for Self-Hosted Litmus installation. +     + + Harness offers a free service for community members which makes getting started with Litmus easy. Create an account to get started. Once logged in, create a new hosted control plane and connect to it via the up CLI. Litmus can be used as a hosted cloud service using Harness Chaos Engineering SaaS. Harness Chaos Engineering SaaS executes your Chaos Experiments in the cloud by managing all your Chaos Control Plane components, while the Chaos Execution Plane components exist on your Kubernetes cluster as part of an external chaos infrastructure. +

    + To get started with Harness Chaos Engineering SaaS, visit Harness Chaos Engineering SaaS and register for free. You can skip the below installation steps. +     +     + +### Install Litmus using Helm + +The helm chart will install all the required service account configuration and ChaosCenter. + +The following steps will help you install Litmus ChaosCenter via helm. + +#### Step-1: Add the litmus helm repository + +```bash +helm repo add litmuschaos https://litmuschaos.github.io/litmus-helm/ +helm repo list +``` + +#### Step-2: Create the namespace on which you want to install Litmus ChaosCenter + +- The ChaosCenter can be placed in any namespace, but for this scenario we are choose `litmus` as the namespace. + +```bash +kubectl create ns litmus +``` + +#### Step-3: Install Litmus ChaosCenter + +```bash +helm install chaos litmuschaos/litmus --namespace=litmus --set portal.frontend.service.type=NodePort +``` + +> **Note:** If your Kubernetes cluster isn't local, you may want not to expose Litmus via `NodePort`. If so, remove `--set portal.frontend.service.type=NodePort` option. To connect to Litmus UI from your laptop, you can use `port-forward svc/chaos-litmus-frontend-service 9091:9091`. Then you can use your browser and open `127.0.0.1:9091`. + +- Litmus helm chart depends on `bitnami/mongodb` [helm chart](https://github.com/bitnami/charts/tree/main/bitnami/mongodb), which uses a mongodb image not supported on ARM. If you want to install Litmus on an ARM-based server, please replace the default one with your custom mongodb arm image as shown below. + + ```bash + helm install chaos litmuschaos/litmus --namespace=litmus \ + --set portal.frontend.service.type=NodePort \ + --set mongodb.image.registry= \ + --set mongodb.image.repository= \ + --set mongodb.image.tag= + ``` + +Expected Output + +``` +NAME: chaos +LAST DEPLOYED: Tue Jun 15 19:20:09 2021 +NAMESPACE: litmus +STATUS: deployed +REVISION: 1 +TEST SUITE: None +NOTES: +Thank you for installing litmus 😀 + +Your release is named chaos and its installed to namespace: litmus. + +Visit https://docs.litmuschaos.io to find more info. +``` + +> **Note:** Litmus uses Kubernetes CRDs to define chaos intent. Helm3 handles CRDs better than Helm2. Before you start running a chaos experiment, verify if Litmus is installed correctly. + +## **Install Litmus using kubectl** + +In this method the users need to install mongo first via helm and then apply the installation manifest. Follow the instructions [here](https://github.com/litmuschaos/litmus/tree/master/chaoscenter#installation-steps-for-litmus-300-beta9). + +### **Install mongo** + + ```bash + helm repo add bitnami https://charts.bitnami.com/bitnami + ``` + +Mongo Values + +```bash + auth: + enabled: true + rootPassword: "1234" + # -- existingSecret Existing secret with MongoDB(®) credentials (keys: `mongodb-passwords`, `mongodb-root-password`, `mongodb-metrics-password`, ` mongodb-replica-set-key`) + existingSecret: "" +architecture: replicaset +replicaCount: 3 +persistence: + enabled: true +volumePermissions: + enabled: true +metrics: + enabled: false + prometheusRule: + enabled: false + +# bitnami/mongodb is not yet supported on ARM. +# Using unofficial tools to build bitnami/mongodb (arm64 support) +# more info: https://github.com/ZCube/bitnami-compat +#image: +# registry: ghcr.io/zcube +# repository: bitnami-compat/mongodb +# tag: 6.0.5 +``` + +```bash +helm install my-release bitnami/mongodb --values mongo-values.yml -n --create-namespace +``` + +Litmus supports for HTTP and HTTPS mode of installation. + +### Advanced installation (HTTPS based and CORS rules apply) + +1. Generate TLS certificates: You can provide your own certificates or can generate using [this](https://github.com/litmuschaos/litmus/blob/master/chaoscenter/mtls-helper.sh) bash script. + +2. Create secret + + ```bash + kubectl create secret generic tls-secret --from-file=ca.crt=ca.crt --from-file=tls.crt=tls.crt --from-file=tls.key=tls.key -n + ``` +3. Applying the manifest file will install all the required service account configuration and ChaosCenter in namespaced scope. + +```bash +kubectl apply -f https://raw.githubusercontent.com/litmuschaos/litmus/master/chaoscenter/manifests/litmus-installation.yaml -n +``` + +--- + +## **Verify your installation** + +#### **Verify if the frontend, server, and database pods are running** + +- Check the pods in the namespace where you installed Litmus: + + ```bash + kubectl get pods -n litmus + ``` + + Expected Output + + ```bash + NAME READY STATUS RESTARTS AGE + litmusportal-server-6fd57cc89-6w5pn 1/1 Running 0 57s + litmusportal-auth-server-7b596fff9-5s6g5 1/1 Running 0 57s + litmusportal-frontend-55974fcf59-cxxrf 1/1 Running 0 58s + my-release-mongodb-0 1/1 Running 0 63s + my-release-mongodb-1 1/1 Running 0 63s + my-release-mongodb-2 1/1 Running 0 62s + my-release-mongodb-arbiter-0 1/1 Running 0 64s + + ``` + +- Check the services running in the namespace where you installed Litmus: + + ```bash + kubectl get svc -n litmus + ``` + + Expected Output + + ```bash + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE + chaos-exporter ClusterIP 10.68.45.7 8080/TCP 23h + litmusportal-auth-server-service NodePort 10.68.34.91 9003:32368/TCP,3030:31051/TCP 23h + litmusportal-frontend-service NodePort 10.68.43.68 9091:30070/TCP 23h + litmusportal-server-service NodePort 10.68.33.242 9002:32455/TCP,8000:30722/TCP 23h + my-release-mongodb-arbiter-headless ClusterIP None 27017/TCP 23h + my-release-mongodb-headless ClusterIP None 27017/TCP 23h + workflow-controller-metrics ClusterIP 10.68.33.65 9090/TCP 23h + ``` + +--- + +## **Accessing the ChaosCenter** + +To setup and login to ChaosCenter expand the available services just created and copy the `PORT` of the `litmusportal-frontend-service` service + +```bash +kubectl get svc -n litmus +``` + +Expected Output + +```bash +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +litmusportal-frontend-service NodePort 10.43.79.17 9091:31846/TCP 102s +litmusportal-server-service NodePort 10.43.30.54 9002:31245/TCP,8000:32714/TCP 101s +litmusportal-auth-server-service NodePort 10.43.81.108 9003:32618/TCP,3030:31899/TCP 101s +mongo-service ClusterIP 10.43.227.10 27017/TCP 101s +mongo-headless-service ClusterIP None 27017/TCP 101s +``` + +> **Note**: In this case, the PORT for `litmusportal-frontend-service` is `31846`. Yours will be different. + +Once you have the PORT copied in your clipboard, simply use your IP and PORT in this manner `:` to access the Litmus ChaosCenter. + +For example: + +```yaml +https://172.17.0.3:31846/ +``` + +> Where `172.17.0.3` is my NodeIP and `31846` is the frontend service PORT. If using a LoadBalancer, the only change would be to provide a `:`. [Learn more about how to access ChaosCenter with LoadBalancer](../user-guides/setup-without-ingress.md#with-loadbalancer) + + +**NOTE:** With advanced installation CORS rules are applied, once manifest is applied frontend loadbalancer IP needs to be added in the `ALLOWED_ORIGINS` environment in both auth and graphql server deployment. + +You should be able to see the Login Page of Litmus ChaosCenter. The **default credentials** are + +```yaml +Username: admin +Password: litmus +``` + + + +By default you are assigned with a default project with Owner permissions. + + + +## Learn more + +- [Install ChaosCenter with HTTP](../getting-started/installation.md) +- [Setup Endpoints and Access ChaosCenter without Ingress](setup-without-ingress.md) +- [Setup Endpoints and Access ChaosCenter with Ingress](setup-with-ingress.md) diff --git a/website/docs/user-guides/chaoscenter-cluster-scope-installation.md b/website/docs/user-guides/chaoscenter-cluster-scope-installation.md deleted file mode 100644 index cd23323f..00000000 --- a/website/docs/user-guides/chaoscenter-cluster-scope-installation.md +++ /dev/null @@ -1,203 +0,0 @@ ---- -id: chaoscenter-cluster-scope-installation -title: ChaosCenter Cluster Scope Installation -sidebar_label: Cluster Scope ---- - ---- - -## Prerequisites - -Before deploying LitmusChaos, make sure the following items are there - -- Kubernetes 1.17 or later - -- A Persistent volume of 20GB - - :::note - Recommend to have a Persistent volume(PV) of 20GB, You can start with 1GB for test purposes as well. This PV is used as persistent storage to store the chaos config and chaos-metrics in the Portal. By default, litmus install would use the default storage class to allocate the PV. Provide this value - ::: - -- [Helm3](https://v3.helm.sh/) or [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl) - -## Installation - -Installation of Litmus can be done using either of the below methods - -- [Helm3](#install-litmus-using-helm) chart -- [Kubectl](#install-litmus-using-kubectl) yaml spec file - -### Install Litmus using Helm - -The helm chart will install all the required service account configuration and ChaosCenter. - -The following steps will help you install Litmus ChaosCenter via helm. - -#### Step-1: Add the litmus helm repository - -```bash -helm repo add litmuschaos https://litmuschaos.github.io/litmus-helm/ -helm repo list -``` - -#### Step-2: Create the namespace on which you want to install Litmus ChaosCenter - -- The chaoscenter components can be placed in any namespace, though it is typically placed in "litmus". - -```bash -kubectl create ns litmus -``` - -#### Step-3: Install Litmus ChaosCenter - -```bash -helm install chaos litmuschaos/litmus --namespace=litmus -``` - -Expected Output - -``` -NAME: chaos -LAST DEPLOYED: Tue Jun 15 19:20:09 2021 -NAMESPACE: litmus -STATUS: deployed -REVISION: 1 -TEST SUITE: None -NOTES: -Thank you for installing litmus 😀 - -Your release is named chaos and its installed to namespace: litmus. - -Visit https://docs.litmuschaos.io to find more info. -``` - -> **Note:** Litmus uses Kubernetes CRDs to define chaos intent. Helm3 handles CRDs better than Helm2. Before you start running a chaos experiment, verify if Litmus is installed correctly. - -### **Install Litmus using kubectl** - -#### **Install Litmus ChaosCenter** - -Applying the manifest file will install all the required service account configuration and ChaosCenter. - -```bash -kubectl apply -f https://litmuschaos.github.io/litmus/3.8.0/litmus-cluster-scope-3.8.0.yaml -``` - -> If you are installing Litmus in any other namespace apart from `litmus` namespace, make sure to change the same in the manifest too `https://litmuschaos.github.io/litmus/3.8.0/litmus-namespaced-3.8.0.yaml`. - -## **Verify your installation** - -#### **Verify if the frontend, server, and database pods are running** - -- Check the pods in the namespace where you installed Litmus: - - ```bash - kubectl get pods -n litmus - ``` - - Expected Output - - ```bash - NAME READY STATUS RESTARTS AGE - litmusportal-server-6fd57cc89-6w5pn 1/1 Running 0 57s - litmusportal-auth-server-7b596fff9-5s6g5 1/1 Running 0 57s - mongo-0 1/1 Running 0 57s - litmusportal-frontend-55974fcf59-cxxrf 1/1 Running 0 58s - ``` - -- Check the services running in the namespace where you installed Litmus: - - ```bash - kubectl get svc -n litmus - ``` - - Expected Output - - ```bash - NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE - litmusportal-frontend-service NodePort 10.43.79.17 9091:31846/TCP 102s - litmusportal-server-service NodePort 10.43.30.54 9002:31245/TCP,8000:32714/TCP 101s - litmusportal-auth-server-service NodePort 10.43.81.108 9003:32618/TCP,3030:31899/TCP 101s - mongo-service ClusterIP 10.43.227.10 27017/TCP 101s - mongo-headless-service ClusterIP None 27017/TCP 101s - ``` - ---- - -#### **Verify Successful Registration of the Self Chaos Delegate post [Account Configuration](setup-without-ingress)** - -Once the project is created, the cluster is automatically registered as a chaos target via installation of [Chaos Delegate](../getting-started/resources.md#chaosagents). This is represented as [Self Chaos Delegate](../getting-started/resources.md#types-of-chaosagents) in [ChaosCenter](../getting-started/resources.md#chaoscenter). - -```bash -kubectl get pods -n litmus -``` - -```bash -NAME READY STATUS RESTARTS AGE -chaos-exporter-547b59d887-4dm58 1/1 Running 0 5m27s -chaos-operator-ce-84ddc8f5d7-l8c6d 1/1 Running 0 5m27s -event-tracker-5bc478cbd7-xlflb 1/1 Running 0 5m28s -litmusportal-frontend-97c8bf86b-mx89w 1/1 Running 0 15m -litmusportal-server-6fd57cc89-6w5pn 1/1 Running 0 15m -litmusportal-auth-server-7b596fff9-5s6g5 1/1 Running 0 15m -mongo-0 1/1 Running 0 15m -subscriber-958948965-qbx29 1/1 Running 0 5m30s -workflow-controller-78fc7b6c6-w82m7 1/1 Running 0 5m32s -``` - -## Resource Requirements of Control-plane components - -The Resource requests provided here have been estimated using data gathered manually through different methods - - -- Using command `kubectl top` -- Recommendations from Vertical-Pod-Autoscaler -- Recommendations by a great utility [Goldilocks](https://github.com/FairwindsOps/goldilocks). - -These resources are getting monitored continuously and the information below will be updated as the metrics changes. - -:::note -**The metrics given below shows resources consumed when ChaosCenter is used at medium scale.The resources may need to be increased when used at higher scale.** -::: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    PodContainerCPUMemory
    litmusportal-frontendlitmusportal-frontend25m300M
    litmusportal-serverauth-server25m150M
    litmusportal-servergraphql-server25m350M
    mongodbmongodb25m350M
    - -## Resources - - - -## Learn more - -- [Install ChaosCenter in Namespace Scope](chaoscenter-namespace-scope-installation.md) -- [Setup Endpoints and Access ChaosCenter without Ingress](setup-without-ingress.md) -- [Setup Endpoints and Access ChaosCenter with Ingress](setup-with-ingress.md) diff --git a/website/docs/user-guides/chaoscenter-namespace-scope-installation.md b/website/docs/user-guides/chaoscenter-namespace-scope-installation.md deleted file mode 100644 index bf904f2c..00000000 --- a/website/docs/user-guides/chaoscenter-namespace-scope-installation.md +++ /dev/null @@ -1,259 +0,0 @@ ---- -id: chaoscenter-namespace-scope-installation -title: ChaosCenter Namespace Scope Installation -sidebar_label: Namespace Scope ---- - ---- - -## Prerequisites - -Before deploying LitmusChaos, make sure the following items are there - -- Kubernetes 1.17 or later - -- A Persistent volume of 20GB - - :::note - Recommend to have a Persistent volume(PV) of 20GB, You can start with 1GB for test purposes as well. This PV is used as persistent storage to store the chaos config and chaos-metrics in the Portal. By default, litmus install would use the default storage class to allocate the PV. Provide this value - ::: - -- [Helm3](https://v3.helm.sh/) or [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl) - -## Installation - -Installation of Litmus can be done using either of the below methods - -- [Helm3](#install-litmus-using-helm) chart -- [Kubectl](#install-litmus-using-kubectl) yaml spec file - -### **Install Litmus using Helm** - -The helm chart will install all the required service account configuration and ChaosCenter. - -The following steps will help you install Litmus ChaosCenter via helm. - -#### Step-1: Add the litmus helm repository - -```bash -helm repo add litmuschaos https://litmuschaos.github.io/litmus-helm/ -helm repo list -``` - -#### Step-2: Create the namespace on which you want to install Litmus ChaosCenter [Required only if namespace isn't there] - -- The chaoscenter components can be placed in any namespace, though it is typically placed in "litmus". - -```bash -kubectl create ns litmus -``` - -> The ChaosCenter can be placed in any namespace, though it is typically placed in `litmus`. Ignore if you already have the namespace where you want to install Litmus created. - -#### Step-3: Install the required Litmus CRDs - -The cluster-admin or an equivalent user with the right permissions are required to install the CRDs upfront. - -```bash -kubectl apply -f https://raw.githubusercontent.com/litmuschaos/litmus/master/chaoscenter/manifests/litmus-portal-crds.yml -``` - -Expected Output - -```bash -customresourcedefinition.apiextensions.k8s.io/clusterworkflowtemplates.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/cronworkflows.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/workflows.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/workflowtemplates.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/chaosengines.litmuschaos.io created -customresourcedefinition.apiextensions.k8s.io/chaosexperiments.litmuschaos.io created -customresourcedefinition.apiextensions.k8s.io/chaosresults.litmuschaos.io created -customresourcedefinition.apiextensions.k8s.io/eventtrackerpolicies.eventtracker.litmuschaos.io created -``` - -#### Step-4: Install Litmus ChaosCenter - -```bash -helm install chaos litmuschaos/litmus --namespace=litmus --set portalScope=namespace -``` - -Expected Output - -```bash -NAME: chaos -LAST DEPLOYED: Tue Jun 15 19:20:09 2021 -NAMESPACE: litmus -STATUS: deployed -REVISION: 1 -TEST SUITE: None -NOTES: -Thank you for installing litmus 😀 - -Your release is named chaos and its installed to namespace: litmus. - -Visit https://docs.litmuschaos.io/ to find more info. - -``` - -> **Note:** Litmus uses Kubernetes CRDs to define chaos intent. Helm3 handles CRDs better than Helm2. Before you start running a chaos experiment, verify if Litmus is installed correctly. - -### **Install Litmus using kubectl** - -#### **Set the namespace on which you want to install Litmus ChaosCenter** - -> Create a namespace `kubectl create ns ` - -```bash -kubectl create ns litmus -``` - -Expected Output - -```bash -NAME STATUS AGE -litmus Active 2s -``` - -#### **Install the required Litmus CRDs** - -The cluster-admin or an equivalent user with the right permissions are required to install the CRDs upfront. - -```bash -kubectl apply -f https://raw.githubusercontent.com/litmuschaos/litmus/master/chaoscenter/manifests/litmus-portal-crds.yml -``` - -Expected Output - -```bash -customresourcedefinition.apiextensions.k8s.io/clusterworkflowtemplates.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/cronworkflows.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/workflows.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/workflowtasksets.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/workflowtemplates.argoproj.io created -customresourcedefinition.apiextensions.k8s.io/chaosengines.litmuschaos.io created -customresourcedefinition.apiextensions.k8s.io/chaosexperiments.litmuschaos.io created -customresourcedefinition.apiextensions.k8s.io/chaosresults.litmuschaos.io created -customresourcedefinition.apiextensions.k8s.io/eventtrackerpolicies.eventtracker.litmuschaos.io created -``` - -#### **Install Litmus ChaosCenter** - -Applying the manifest file will install all the required service account configuration and ChaosCenter. - -```bash -kubectl apply -f https://raw.githubusercontent.com/litmuschaos/litmus/master/mkdocs/docs/3.8.0/litmus-namespaced-3.8.0.yaml -n -``` - -> You need to provide the Namespace in place of `Your Namespace`, that you have created eariler for the litmuschaos Installation - -Expected Output - -```bash -role.rbac.authorization.k8s.io/argo-role-for-litmusportal-server created -rolebinding.rbac.authorization.k8s.io/argo-rb-for-litmusportal-server created -role.rbac.authorization.k8s.io/litmus-namespace-scope-for-litmusportal-server created -rolebinding.rbac.authorization.k8s.io/litmus-namespace-scope-rb-for-litmusportal-server created -role.rbac.authorization.k8s.io/subscriber-role-for-litmusportal-server created -rolebinding.rbac.authorization.k8s.io/subscriber-rb-for-litmusportal-server created -role.rbac.authorization.k8s.io/litmus-admin-role-for-litmusportal-server created -rolebinding.rbac.authorization.k8s.io/litmus-admin-rb-for-litmusportal-server created -role.rbac.authorization.k8s.io/chaos-role-for-litmusportal-server created -rolebinding.rbac.authorization.k8s.io/chaos-rb-for-litmusportal-server created -role.rbac.authorization.k8s.io/event-tracker-role-for-litmusportal-server created -rolebinding.rbac.authorization.k8s.io/event-tracker-rb-for-litmusportal-server created -role.rbac.authorization.k8s.io/litmus-server-role created -rolebinding.rbac.authorization.k8s.io/litmus-server-rb created -serviceaccount/litmus-server-account created -secret/litmus-portal-admin-secret created -configmap/litmus-portal-admin-config created -configmap/litmusportal-frontend-nginx-configuration created -deployment.apps/litmusportal-frontend created -service/litmusportal-frontend-service created -deployment.apps/litmusportal-server created -service/litmusportal-server-service created -deployment.apps/litmusportal-auth-server created -service/litmusportal-auth-server-service created -statefulset.apps/mongo created -service/mongo-service created -service/mongo-headless-service created -``` - -## **Verify your installation** - ---- - -#### **Verify if the frontend, server, and database pods are running** - -- Check the pods in the namespace where you installed Litmus: - - ```bash - kubectl get pods -n litmus - ``` - - Expected Output - - ```bash - NAME READY STATUS RESTARTS AGE - litmusportal-server-6fd57cc89-6w5pn 1/1 Running 0 57s - litmusportal-auth-server-7b596fff9-5s6g5 1/1 Running 0 57s - mongo-0 1/1 Running 0 57s - litmusportal-frontend-55974fcf59-cxxrf 1/1 Running 0 58s - ``` - -- Check the services running in the namespace where you installed Litmus: - - ```bash - kubectl get svc -n litmus - ``` - - Expected Output - - ```bash - NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE - litmusportal-frontend-service NodePort 10.43.79.17 9091:31846/TCP 102s - litmusportal-server-service NodePort 10.43.30.54 9002:31245/TCP,8000:32714/TCP 101s - litmusportal-auth-server-service NodePort 10.43.81.108 9003:32618/TCP,3030:31899/TCP 101s - mongo-service ClusterIP 10.43.227.10 27017/TCP 101s - mongo-headless-service ClusterIP None 27017/TCP 101s - ``` - -> Note: With the namespace mode of the control panel, we need to set the endpoint of the chaos center ui according to the use case for external Chaos Delegates. By default, it is `http://litmusportal-frontend-service:9091` - -To alter, Apply: - -```bash -kubectl set env deployment/litmusportal-server -n litmus --containers="graphql-server" CHAOS_CENTER_UI_ENDPOINT="http://172.132.44.44:3231" -``` - ---- - -#### **Verify Successful Registration of the Self Chaos Delegate post [Account Configuration](setup-without-ingress)** - -Once the project is created, the cluster is automatically registered as a chaos target via installation of [Chaos Delegate](../getting-started/resources.md#chaosagents). This is represented as [Self Chaos Delegate](../getting-started/resources.md#types-of-chaosagents) in [ChaosCenter](../getting-started/resources.md#chaosagents). - -```bash -kubectl get pods -n litmus -``` - -```bash -NAME READY STATUS RESTARTS AGE -chaos-exporter-547b59d887-4dm58 1/1 Running 0 5m27s -chaos-operator-ce-84ddc8f5d7-l8c6d 1/1 Running 0 5m27s -event-tracker-5bc478cbd7-xlflb 1/1 Running 0 5m28s -litmusportal-frontend-97c8bf86b-mx89w 1/1 Running 0 15m -litmusportal-server-6fd57cc89-6w5pn 1/1 Running 0 15m -litmusportal-auth-server-7b596fff9-5s6g5 1/1 Running 0 15m -mongo-0 1/1 Running 0 15m -subscriber-958948965-qbx29 1/1 Running 0 5m30s -workflow-controller-78fc7b6c6-w82m7 1/1 Running 0 5m32s -``` - -## Resources - - - -## Learn more - -- [Install ChaosCenter in Cluster Scope](chaoscenter-cluster-scope-installation.md) -- [Setup Endpoints and Access ChaosCenter without Ingress](setup-without-ingress.md) -- [Setup Endpoints and Access ChaosCenter with Ingress](setup-with-ingress.md) diff --git a/website/docs/user-guides/chaoscenter-oauth-dex-installation.md b/website/docs/user-guides/chaoscenter-oauth-dex-installation.md index 6fa3a895..88b8aea0 100644 --- a/website/docs/user-guides/chaoscenter-oauth-dex-installation.md +++ b/website/docs/user-guides/chaoscenter-oauth-dex-installation.md @@ -56,7 +56,7 @@ curl https://raw.githubusercontent.com/litmuschaos/litmus/master/litmus-portal/d redirectURIs: - '/auth/dex/callback' - 'http://localhost:8080/auth/dex/callback' # Included for local testing purposes - - 'https:///auth/dex/calllback' #TODO: Replace with you frontend URL + - 'https:///auth/dex/callback' #TODO: Replace with you frontend URL name: 'LitmusPortalAuthBackend' secret: ZXhhbXBsZS1hcHAtc2VjcmV0 oauth2: @@ -161,7 +161,8 @@ Go to http://litmusportal-frontend-service/auth/dex/login, you should be prompte ## Learn more -- [Install ChaosCenter in Namespace Scope](../user-guides/chaoscenter-namespace-scope-installation.md) +- [Install ChaosCenter with HTTP](../getting-started/installation.md)) +- [Install ChaosCenter with HTTPS](chaoscenter-advanced-installation.md)) - [Connect External Chaos Delegates to ChaosCenter](../user-guides/chaos-infrastructure-installation.md) - [Setup Endpoints and Access ChaosCenter without Ingress](../user-guides/setup-without-ingress.md) - [Setup Endpoints and Access ChaosCenter with Ingress](../user-guides/setup-with-ingress.md) diff --git a/website/docs/user-guides/create-infrastructure.md b/website/docs/user-guides/create-infrastructure.md index 5d3fc792..077348c2 100644 --- a/website/docs/user-guides/create-infrastructure.md +++ b/website/docs/user-guides/create-infrastructure.md @@ -63,6 +63,8 @@ Optionally, you can also specify the node selectors and Kubernetes tolerations f Click `Done` +**NOTE:** For HTTPS mode of installation of Chaoscenter, you will need to set `SKIP_SSL_VERIFY` as `true` in the infrastructure deployment yaml. + The newly created infrastructure will appear in the list of infrastructures: diff --git a/website/docs/user-guides/invite-team-member.md b/website/docs/user-guides/invite-team-member.md index 03f4f018..1afe8527 100644 --- a/website/docs/user-guides/invite-team-member.md +++ b/website/docs/user-guides/invite-team-member.md @@ -18,7 +18,7 @@ In the team tab, click the `New member` button as shown below: ## 2. Select all the members to be invited -From the list of all available members, choose the ones you want to collaborate on your chaos with and decide what project level access they should have to your project (Viewer/Editor) and hit the same button. +From the list of all available members, choose the ones you want to collaborate on your chaos with and decide what project level access they should have to your project (Viewer/Executor) and hit the same button. diff --git a/website/docs/user-guides/overview.md b/website/docs/user-guides/overview.md index 6eb1e37a..7c253a23 100644 --- a/website/docs/user-guides/overview.md +++ b/website/docs/user-guides/overview.md @@ -8,7 +8,7 @@ sidebar_label: Overview The User Guides section details Processes, User-flows and How-tos detailing all sorts of experiments in various environments. Technical details and inner workings of the various components are explained in the [Concepts](../concepts/overview.md) section. -### [Advanced Installation](chaoscenter-cluster-scope-installation.md) +### [Advanced Installation](chaoscenter-advanced-installation.md) Install ChaosCenter and Chaos Infrastructure in various environment configurations. diff --git a/website/docs/user-guides/setup-with-ingress.md b/website/docs/user-guides/setup-with-ingress.md index 31ff8816..29df17c0 100644 --- a/website/docs/user-guides/setup-with-ingress.md +++ b/website/docs/user-guides/setup-with-ingress.md @@ -8,10 +8,10 @@ sidebar_label: Setup With Ingress ## Prerequisites -Before setting up endpoint with Ingress make sure the [Litmus ChaosCenter](../getting-started/resources.md#chaoscenter) is installed in either one of these scopes +Before setting up endpoint with Ingress make sure the [Litmus ChaosCenter](../getting-started/resources.md#chaoscenter) is installed -- [Cluster Scope](chaoscenter-cluster-scope-installation.md) -- [Namespace Scope](chaoscenter-namespace-scope-installation.md) +- [Install ChaosCenter with HTTP](../getting-started/installation.md)) +- [Install ChaosCenter with HTTPS](chaoscenter-advanced-installation.md) ## Install ChaosCenter with Ingress @@ -151,5 +151,5 @@ kubectl apply -f -n ## Learn more - [Setup Endpoints and Access ChaosCenter without Ingress](setup-without-ingress.md) -- [Install ChaosCenter in Namespace Scope](chaoscenter-namespace-scope-installation.md) -- [Install ChaosCenter in Cluster Scope](chaoscenter-cluster-scope-installation.md) +- [Install ChaosCenter with HTTP](../getting-started/installation.md)) +- [Install ChaosCenter with HTTPS](chaoscenter-advanced-installation.md) diff --git a/website/docs/user-guides/setup-without-ingress.md b/website/docs/user-guides/setup-without-ingress.md index fbb53bd5..97f47338 100644 --- a/website/docs/user-guides/setup-without-ingress.md +++ b/website/docs/user-guides/setup-without-ingress.md @@ -10,8 +10,8 @@ sidebar_label: Setup without Ingress Before setting up endpoint without Ingress make sure the [Litmus ChaosCenter](../getting-started/resources.md#chaoscenter) is installed in either one of these scopes -- [Cluster Scope](chaoscenter-cluster-scope-installation.md) -- [Namespace Scope](chaoscenter-namespace-scope-installation.md) +- [Install ChaosCenter with HTTP](../getting-started/installation.md)) +- [Install ChaosCenter with HTTPS](chaoscenter-advanced-installation.md) ## **With NodePort** @@ -77,5 +77,5 @@ By default you are assigned with a default project with Owner permissions. ## Learn more - [Setup Endpoints and Access ChaosCenter with Ingress](setup-with-ingress.md) -- [Install ChaosCenter in Namespace Scope](chaoscenter-namespace-scope-installation.md) -- [Install ChaosCenter in Cluster Scope](chaoscenter-cluster-scope-installation.md) +- [Install ChaosCenter with HTTP](../getting-started/installation.md)) +- [Install ChaosCenter with HTTPS](chaoscenter-advanced-installation.md) diff --git a/website/docs/user-guides/uninstall-litmus.md b/website/docs/user-guides/uninstall-litmus.md index bee683dc..141e3d64 100644 --- a/website/docs/user-guides/uninstall-litmus.md +++ b/website/docs/user-guides/uninstall-litmus.md @@ -6,25 +6,25 @@ sidebar_label: Uninstall Litmus --- -## Chaos Delegate +## Chaos Infrastructure -To disconnect the [Chaos Delegate](../getting-started/resources.md#chaosagents) connected to the [ChaosCenter](../getting-started/resources.md#chaoscenter), follow these steps - +To disconnect the [Chaos Infrastructure](../getting-started/resources.md#chaosagents) connected to the [ChaosCenter](../getting-started/resources.md#chaoscenter), follow these steps - -1. Remove the ChaosEngines of the respective Chaos Delegate +1. Remove the ChaosEngines of the respective Chaos Infrastructure ```bash - kubectl delete chaosengine --all - + kubectl delete chaosengine --all - ``` > If ChaosEngines is unable to delete successfully then the Kubernetes finalizers need to be removed manually. -2. Login to the ChaosCenter and navigate to the Chaos Delegates Tab. -3. Click on the `Disconnect icon` Disconnect Icon of the respective Chaos Delegate you want to disconnect. -4. On the Modal that appears, confirm your selection by clicking `Yes` and the selected Chaos Delegate would be disconnected from the ChaosCenter. +2. Login to the ChaosCenter and navigate to the Chaos Infrastructures Page. +3. Click on the three dot menu and select `Disable` of the respective Chaos Infrastructure you want to disconnect. +4. On the Modal that appears, confirm your selection by clicking `Yes` and the selected Chaos Infrastructure would be disconnected from the ChaosCenter. :::note - The above disconnect would remove the subscriber component from Chaos Delegate and thus removing the connectivity between the Chaos Delegate and the ChaosCenter. + The above disconnect would remove the subscriber component from Chaos Infrastructure and thus removing the connectivity between the Chaos Infrastructure and the ChaosCenter. - If the Chaos Delegate is not reachable it would remove only the entry from the database of the ChaosCenter + If the Chaos Infrastructure is not reachable it would remove only the entry from the database of the ChaosCenter ::: ### Remove the CRs @@ -34,41 +34,31 @@ To remove the CRs Litmus uses, use the following command: - To remove individual CRs ```bash -kubectl delete chaosexperiments -n -kubectl delete chaosresults -n -kubectl delete workflows -n -kubectl delete cronworkflows -n -kubectl delete eventtrackerpolicies -n +kubectl delete chaosexperiments -n +kubectl delete chaosresults -n +kubectl delete workflows -n +kubectl delete cronworkflows -n +kubectl delete eventtrackerpolicies -n ``` - To remove all CRs ```bash -kubectl delete chaosengine,chaosexperiments,chaosresults --all -kubectl delete workflows cronworflows --all -kubectl delete eventtrackerpolicies -n +kubectl delete chaosengine,chaosexperiments,chaosresults --all +kubectl delete workflows cronworflows --all +kubectl delete eventtrackerpolicies -n ``` ### Delete the Deployments -To remove the respective deployments of the Chaos Delegates you need to manually delete them. +To remove the respective deployments of the Chaos Infrastructures you need to manually delete them. ```bash -kubectl delete deployment chaos-operator-ce event-tracker workflow-controller chaos-exporter -n +kubectl delete deployment chaos-operator-ce event-tracker workflow-controller chaos-exporter -n ``` ### Removing Service Account, Role Bindings and Roles -#### For Cluster Scope - -```bash -kubectl delete sa argo argo-chaos litmus-admin litmus-cluster-scope event-tracker-sa -n - -kubectl delete clusterrolebindings argo-binding chaos-cluster-role-binding event-tracker-clusterole-binding litmus-admin litmus-cluster-scope subscriber-cluster-role-binding -kubectl delete clusterrole litmus-admin chaos-cluster-role subscriber-cluster-role event-tracker-cluster-role litmus-cluster-scope argo-aggregate-to-admin argo-aggregate-to-edit argo-aggregate-to-view argo-cluster-role -``` - -#### For Namespace Scope - ```bash kubectl delete sa rolebindings role --all -n ``` @@ -77,10 +67,6 @@ kubectl delete sa rolebindings role --all -n ## Remove the Litmus CRDs -:::note -If the Litmus CRDs are deleted in the Cluster Scope all the respective custom resources in the individual namespaces would stop working. -::: - To remove all the CRDs Litmus uses, use the following command: ```bash @@ -91,30 +77,12 @@ kubectl delete -f https://raw.githubusercontent.com/litmuschaos/litmus/master/li ## ChaosCenter -> To remove the Self Chaos Delegate Resources you need to follow the above Chaos Delegate Uninstall process +> To remove the Chaos Infrastructure Resources you need to follow the above Chaos Infrastructure Uninstall process To uninstall the ChaosCenter from the system, follow these steps - ### Using Kubectl -#### For Cluster Scope - -- **Litmus 3.8.0** - - ```bash - kubectl delete -f https://litmuschaos.github.io/litmus/3.8.0/litmus-cluster-scope-3.8.0.yaml - ``` - - > To delete any specific version of the ChaosCenter, replace the above command with the below command. `kubectl delete -f https://raw.githubusercontent.com/litmuschaos/litmus//docs/.yaml` - -- **Litmus Master Manifest** - - ```bash - kubectl delete -f https://raw.githubusercontent.com/litmuschaos/litmus/master/litmus-portal/manifests/cluster-k8s-manifest.yml - ``` - -#### For Namespace Scope - ```bash kubectl delete -f ${LITMUS_PORTAL_NAMESPACE}-ns-scoped-litmus-portal-manifest.yml -n ${LITMUS_PORTAL_NAMESPACE} ``` @@ -122,8 +90,7 @@ kubectl delete -f ${LITMUS_PORTAL_NAMESPACE}-ns-scoped-litmus-portal-manifest.ym ### Using Helm ```bash -helm uninstall litmuschaos --namespace litmus -kubectl delete ns litmus +helm uninstall litmuschaos --namespace +kubectl delete ns ``` -> The namespace doesn't have to be `litmus` necessarily, instead it should be the same namespace where Litmus ChaosCenter is installed. diff --git a/website/sidebars.js b/website/sidebars.js index 8ee061a7..2cda8426 100644 --- a/website/sidebars.js +++ b/website/sidebars.js @@ -40,8 +40,7 @@ module.exports = { { "ChaosCenter": [ "user-guides/chaoscenter-oauth-dex-installation", - "user-guides/chaoscenter-cluster-scope-installation", - "user-guides/chaoscenter-namespace-scope-installation", + "user-guides/chaoscenter-advanced-installation", "user-guides/setup-without-ingress", "user-guides/setup-with-ingress" ]