Skip to main content


This topic describes the prerequisites that you need to fulfill before executing chaos experiments and steps to execute chaos experiments on your target environments.

Required permissions

  • Obtain the permissions required and prepare your target system (VM or K8s):

    • Prepare yourself with the right permissions (Chaos Resources Role Permissions in Access Control). Your target system or application can reside on a VM or a K8s cluster, prepare accordingly.
    • Prepare yourself with the respective permissions on the cloud account or the Kubernetes cluster or the VM (Kube RBAC, IAM Roles): Depending on the platform where you wish to execute your chaos experiments, you will need specific permissions.
  • Enable the necessary Feature Flags (as a general step) and corresponding sanity checks (such as places to click, and entities to see enabled): Some features may be behind a Feature Flag. You can contact Harness Support to enable the flag feature for your account.

  • Prepare network connectivity, firewall rules (if any), and identify proxy requirements,.

  • Identify application (or infrastructure) steady-state parameters (even if this requires manual effort)- using APMs or logs or other methods: You can use resilience probes to monitor your application and validate the data.

  • Identify image registry requirements and steps to set up the registry with secrets: Chaos experiments use Docker images that need to be stored in a repository. In HCE, these images are hosted in image registry.

  • Identify specific needs, especially for Kubernetes. You might need to specify the following while creating a chaos experiment:

    • Namespace quotas: Ensure that you configure the namespace in the right manner to limit the exposure of all services of your application.
    • Workload-specific labels or annotations
    • Workload resource limits
    • Proxy environments for outbound container
    • Specific nodes or groups where workloads should reside
  • Identify permissions for advanced use cases, which may vary, such as SCC, IRSA, etc.: For advanced use cases, you may require the administrator to control the pods in your cluster, that requires security policies, such as PSP, Kyverno to enforce runtime security, and so on.

  • ChaosHub requirements and connectivity to Git sources: To add custom chaos experiments based on your requirements, you can add a custom ChaosHub.

Steps to create and execute a HCE experiment

You can execute a chaos experiment by:

  1. Fulfilling the resource requirements: In this step, you can create resources or get the required permissions to create the necessary resources.

  2. Adding an environment: A chaos experiment is performed within a chaos environment that houses the necessary infrastructure.

  3. Adding a chaos infrastructure: The required chaos infrastructure is created within a chaos environment.

  4. Validating the chaos infrastructure installation: Once you create your chaos infrastructure, ensure that it has been created in the right manner.

  5. Creating a demo application: You can either create a demo application or use your application on which you can execute chaos experiments.

  6. Creating and running a chaos experiment: Once you have set up your application, you can decide which resources to target and execute the chaos experiments on.

The steps mentioned earlier required some reading and exploring, but if you want a head start to your chaos journey, enter automated onboarding and guided onboarding.

These onboarding methods will guide you in creating and executing chaos experiments with the click of a button, without the hassle of explicitly creating environment, infrastructure and other entities!