CF app stop

CF app stop fault stops a Cloud Foundry app and later starts it.

Use cases

CF app stop:

• Checks resilience against abrupt stopping of the application components/microservices.
• Validates the effectiveness of disaster recovery and high availability of the app.

Mandatory tunables

Tunable	Description	Notes
cfDeploymentPlatform	Deployment platform used for cloud foundry with respect to where the infrastructure is hosted.	Supports local and vSphere. For more information, go to CF deployment platform.
organization	Organization where the target app resides.	For example, dev-org
space	Space where the target app resides.	The space must reside within the given organization. For example, dev-space
app	The app to be stopped.	The app must reside within the given organization and space. For example, cf-app

Optional tunables

Tunable	Description	Notes
faultInjectorPort	Local server port used by the fault-injector utility.	Default: 50320. If the default port is unavailable, a random port in the range of 50320-51320 is selected. For more information, go to fault injector port.
duration	Duration through which chaos is injected into the target resource (in seconds).	Default: 30s. For more information, go to chaos duration.
skipSSLValidation	Skip SSL validation while invoking CF APIs.	Supports true and false. Default: false. For more information, go to skip SSL validation.
rampTime	Period to wait before and after injecting chaos (in seconds).	Defaults to 0.

CF secrets

The following Cloud Foundry secrets reside on the same machine where the chaos infrastructure is executed. These secrets are provided in the /etc/linux-chaos-infrastructure/cf.env file in the following format:

CF_API_ENDPOINT=XXXXXXXXXXXXXXXXXXX
CF_USERNAME=XXXXXXXXXXXXXXXXXXXXXXX
CF_PASSWORD=XXXXXXXXXXXXXXXXXXXXXXX
UAA_SERVER_ENDPOINT=XXXXXXXXXXXXXXX

info

If the secrets file is not provided, the secrets are attempted to be derived from environment variables and the config file by the fault-injector.

ENV name	Description	Example
CF_API_ENDPOINT	API endpoint for the CF setup	https://api.system.cf-setup.com
CF_USERNAME	Username for the CF user	username
CF_PASSWORD	Password for the CF user	password
UAA_SERVER_ENDPOINT	API endpoint for the UAA server for the CF setup	https://uaa.system.cf-setup.com

Fault injector ENVs and config file

If /etc/linux-chaos-infrastructure/cf.env file is not provided, fault-injector attempts to derive the secrets from environment variables or a configuration file. Any secret that is re-declared will be overridden in the following order of decreasing precedence:

1. /etc/linux-chaos-infrastructure/cf.env file
2. Environment variables
3. Configuration file

The configuration file should be provided at /etc/linux-chaos-infrastructure/cf-fault-injector.yaml:

cf-api-endpoint: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
username: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
password: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
uaa-server-endpoint: XXXXXXXXXXXXXXXXXXXXXXXXXX

A mapping between all the three formats for providing the secrets is as follows:

cf.env	ENV	cf-fault-injector.yaml
CF_API_ENDPOINT	CF_API_ENDPOINT	cf-api-endpoint
CF_USERNAME	USERNAME	username
CF_PASSWORD	PASSWORD	password
UAA_SERVER_ENDPOINT	UAA_SERVER_ENDPOINT	uaa-server-endpoint

vSphere secrets

These secrets are provided only if vSphere is used as the deployment platform for CF.

The following vSphere secrets reside on the same machine where the chaos infrastructure is executed. These secrets are provided in the /etc/linux-chaos-infrastructure/vsphere.env file in the following format:

GOVC_URL=XXXXXXXXXXXXXXXXXXXXXX
GOVC_USERNAME=XXXXXXXXXXXXXXXXX
GOVC_PASSWORD=XXXXXXXXXXXXXXXXX
GOVC_INSECURE=XXXXXXXXXXXXXXXXX
VM_NAME=XXXXXXXXXXXXXXXXXXXXXXX
VM_USERNAME=XXXXXXXXXXXXXXXXXXX
VM_PASSWORD=XXXXXXXXXXXXXXXXXXX

ENV Name	Description	Notes
GOVC_URL	Endpoint for vSphere	For example, 192.168.214.244
GOVC_USERNAME	Username for the vSphere user	For example, username
GOVC_PASSWORD	Password for the vSphere user	For example, password
GOVC_INSECURE	Skip SSL validation for govc commands	For example, true
VM_NAME	Name of the vSphere VM where the fault-injector utility is installed	For example, cf-vm
VM_USERNAME	Username for the VM guest user	For example, root
VM_PASSWORD	Password for the VM guest user	For example, password

CF deployment platform

The cfDeploymentPlatform input variable determines the deployment platform used for CF with respect to the infrastructure.

• The deployment platform can be local, that is, the same environment used by the infrastructure, or a remote machine.
• The deployment platform is where the fault-injector utility executes.

The following YAML snippet illustrates the use of this environment variable:

# cf deployment platform
apiVersion: litmuchaos.io/v1alpha1
kind: LinuxFault
metadata:
  name: cf-app-stop
  labels:
    name: app-stop
spec:
  cfAppStop/inputs:
    duration: 30s
    cfDeploymentPlatform: vSphere
    app: cf-app
    organization: dev-org
    space: dev-space

Skip SSL validation

The skipSSLValidation input variable determines whether to skip SSL validation for calling the CF APIs.

The following YAML snippet illustrates the use of this environment variable:

# skip ssl validation for cf
apiVersion: litmuchaos.io/v1alpha1
kind: LinuxFault
metadata:
  name: cf-app-stop
  labels:
    name: app-stop
spec:
  cfAppStop/inputs:
    duration: 30s
    cfDeploymentPlatform: vSphere
    app: cf-app
    organization: dev-org
    space: dev-space
    skipSSLValidation: true

Fault injector port

The faultInjectorPort input variable determines the port used for the fault-injector local server.

The following YAML snippet illustrates the use of this environment variable:

# fault injector port
apiVersion: litmuchaos.io/v1alpha1
kind: LinuxFault
metadata:
  name: cf-app-stop
  labels:
    name: app-stop
spec:
  cfAppStop/inputs:
    duration: 30s
    cfDeploymentPlatform: local
    app: cf-app
    organization: dev-org
    space: dev-space
    faultInjectorPort: 50331