Chaos engineering experiments on Kubernetes using Litmus
Learn how to use the open-source Litmus tool to conduct chaos experiments on your Kubernetes cluster, find bugs and vulnerabilities before they reach production, and make your cluster more resilient.
Written by
Head of Developer Relations @ vCluster
Written by
Head of Developer Relations @ vCluster
Litmus is an open-source tool to do chaos experiments on Kubernetes clusters, introducing unexpected failures to a system to test its resiliency. With Litmus, you can actually create chaos experiments, find bugs fast, and fix them before they ever reach the production phase. It turns out to be a great way to make a Kubernetes cluster more resilient. In this tutorial, I will walk you through the Litmus installation process on a Kubernetes cluster, and create/run the below experiments on it:
- Pod Deletion
- Pod Autoscaler
Before we get into setup and what Litmus can do, be sure to check out our video guide...
Prerequisites
- A Kubernetes cluster you control. We'll take advantage of Civo's super-fast managed k3s service to experiment with this quickly.
- kubectl installed, and the
kubeconfigfile for your cluster downloaded.
Getting up and running with Litmus
Once you have the Kubernetes cluster ready, install the LitmusChaos Operator:
$ kubectl apply -f https://litmuschaos.github.io/litmus/litmus-operator-v1.9.0.yamlnamespace/litmus createdserviceaccount/litmus createdclusterrole.rbac.authorization.k8s.io/litmus createdclusterrolebinding.rbac.authorization.k8s.io/litmus createddeployment.apps/chaos-operator-ce createdcustomresourcedefinition.apiextensions.k8s.io/chaosengines.litmuschaos.io createdcustomresourcedefinition.apiextensions.k8s.io/chaosexperiments.litmuschaos.io createdcustomresourcedefinition.apiextensions.k8s.io/chaosresults.litmuschaos.io created
This installs all the required Custom Resource Definitions and Operator. You should be able to see Litmus running in its own namespace:
$ kubectl get pods -n litmusNAME READY STATUS RESTARTS AGEchaos-operator-ce-56449c7d75-lt8jc 1/1 Running 0 90s$ kubectl get crds | grep chaoschaosengines.litmuschaos.io 2020-11-06T14:23:59Zchaosexperiments.litmuschaos.io 2020-11-06T14:24:00Zchaosresults.litmuschaos.io 2020-11-06T14:24:00Z$ kubectl api-resources | grep chaoschaosengines litmuschaos.io true ChaosEnginechaosexperiments litmuschaos.io true ChaosExperimentchaosresults litmuschaos.io true ChaosResult
Below are the 3 CRDs (Definitions taken from the official repository):
- ChaosEngine: A resource to link a Kubernetes application or Kubernetes node to a ChaosExperiment. ChaosEngine is watched by Litmus' Chaos-Operator which then invokes Chaos-Experiments
- ChaosExperiment: A resource to group the configuration parameters of a chaos experiment. ChaosExperiment CRs are created by the operator when experiments are invoked by ChaosEngine.
- ChaosResult: A resource to hold the results of a chaos-experiment. The Chaos-exporter reads the results and exports the metrics into a configured Prometheus server.
Now It's the time to create some chaos experiments!
Step 1 - Prepare your cluster
Create a new namespace, demo and Service Account (sa.yaml) that can be used by the chaos engine with below contents:
apiVersion: v1kind: Namespacemetadata:name: demo---apiVersion: v1kind: ServiceAccountmetadata:name: chaos-sanamespace: demolabels:name: pod-delete-sa---apiVersion: rbac.authorization.k8s.io/v1kind: Rolemetadata:name: chaos-sanamespace: demolabels:name: chaos-sarules:- apiGroups: ["","litmuschaos.io","batch","apps"]resources: ["pods","deployments","pods/log","events","jobs","chaosengines","chaosexperiments","chaosresults"]verbs: ["create","list","get","patch","update","delete","deletecollection"]---apiVersion: rbac.authorization.k8s.io/v1kind: RoleBindingmetadata:name: chaos-sanamespace: demolabels:name: pod-delete-saroleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: chaos-sasubjects:- kind: ServiceAccountname: chaos-sanamespace: demo
Apply this to your cluster:
kubectl apply -f sa.yamlnamespace/demo createdserviceaccount/chaos-sa createdrole.rbac.authorization.k8s.io/chaos-sa createdrolebinding.rbac.authorization.k8s.io/chaos-sa created
You can see above has created a role, a rolebinding to modify the Litmus CRDs and Kubernetes deployments tied to the namespace demo.
Step 2 - Install experiments
Chaos experiments contain the actual details for chaos events to be triggered. There are experiments already listed on chaos hub that can be readily installed onto the cluster. For now we will install generic experiments and use pod-delete and pod-autoscaler which we will need to get onto our cluster:
kubectl apply -f https://hub.litmuschaos.io/api/chaos/1.9.0?file=charts/generic/experiments.yaml -n demo
Both the experiments mentioned above, and some others too, get created:
kubectl get chaosexperiments -n demoNAME AGEpod-delete 10mpod-network-duplication 19snode-drain 19snode-io-stress 18sdisk-fill 17snode-taint 17spod-autoscaler 16spod-cpu-hog 16spod-memory-hog 15spod-network-corruption 14spod-network-loss 13sdisk-loss 13spod-io-stress 12sk8-service-kill 11spod-network-latency 11snode-cpu-hog 10sdocker-service-kill 10skubelet-service-kill 9snode-memory-hog 8sk8-pod-delete 8scontainer-kill 7s
Step 3 - Create deployment and Chaos Engine for pod-delete
Let's start a simple 2-replica ngnix deployment in our demo namespace that we can run our experiments on.
$ kubectl create deployment nginx --image=nginx --replicas=2 --namespace=demodeployment.apps/nginx created
Then, let's create a pod_delete.yaml that we can apply as a ChaosEngine to our cluster:
apiVersion: litmuschaos.io/v1alpha1kind: ChaosEnginemetadata:name: nginx-chaosnamespace: demospec:appinfo:appns: 'demo'applabel: 'app=nginx'appkind: 'deployment'annotationCheck: 'false'engineState: 'active'auxiliaryAppInfo: ''chaosServiceAccount: chaos-samonitoring: falsejobCleanUpPolicy: 'delete'experiments:- name: pod-deletespec:components:env:- name: TOTAL_CHAOS_DURATIONvalue: '30'- name: CHAOS_INTERVALvalue: '10'- name: FORCEvalue: 'false'
Apply this to our cluster:
$ kubectl apply -f pod_delete.yamlchaosengine.litmuschaos.io/nginx-chaos created
In above if the annotationCheck is true, then you need to annotate your deployment with kubectl annotate deploy/nginx litmuschaos.io/chaos="true" -n demo to make it work.
After the ChaosEngine is created, it will create 2 new pods which will in turn start to terminate pods from our nginx deployment, which is the motive of this experiment.
$ kubectl get pods -n demoNAME READY STATUS RESTARTS AGEnginx-f89759699-kxrbc 1/1 Running 0 83snginx-chaos-runner 1/1 Running 0 25spod-delete-up8kop-zmgjx 1/1 Running 0 11snginx-f89759699-p7cwq 0/1 Terminating 0 83snginx-f89759699-j2swb 1/1 Running 0 5s
To check the status/result of the experiment, describe the chaosresult: kubectl describe chaosresult nginx-chaos-pod-delete -n demo
You should see something like this:
Step 4 - Create deployment and Chaos Engine for pod-autoscale
As we already have our nginx deployment created, we just need to create the ChaosEngine:
apiVersion: litmuschaos.io/v1alpha1kind: ChaosEnginemetadata:name: nginx-chaosnamespace: demospec:# It can be true/falseannotationCheck: 'false'# It can be active/stopengineState: 'active'#ex. values: ns1:name=percona,ns2:run=nginxauxiliaryAppInfo: ''appinfo:appns: 'demo'applabel: 'app=nginx'appkind: 'deployment'chaosServiceAccount: chaos-samonitoring: false# It can be delete/retainjobCleandUpPolicy: 'delete'experiments:- name: pod-autoscalerspec:components:env:# set chaos duration (in sec) as desired- name: TOTAL_CHAOS_DURATIONvalue: '60'# number of replicas to scale- name: REPLICA_COUNTvalue: '10'
Apply this yaml file to your cluster, and you should see it report back with chaosengine.litmuschaos.io/nginx-chaos configured.
We have made the replica count to 10, so the pods should automatically scale to 10 replicas. This is a very interesting experiment as it can be used to check node autoscaling behaviour. It also shows the people behind Litmus are very responsive to the community, as this experiment came about because of a suggestion by me!
Once we apply the file, we should see the pod replicas going to 10:
$ kubectl get pods -n demoNAME READY STATUS RESTARTS AGEnginx-f89759699-j2swb 1/1 Running 0 16mnginx-f89759699-klwn6 1/1 Running 0 16mnginx-autoscale-runner 1/1 Running 0 17spod-autoscaler-fa841p-mtqzn 1/1 Running 0 10snginx-f89759699-cz9n5 0/1 ContainerCreating 0 4snginx-f89759699-lp25g 1/1 Running 0 4snginx-f89759699-brtxn 1/1 Running 0 4snginx-f89759699-wwzjd 1/1 Running 0 4snginx-f89759699-8jqp9 1/1 Running 0 4snginx-f89759699-tp7wp 1/1 Running 0 4snginx-f89759699-wcqbc 1/1 Running 0 4snginx-f89759699-f2pph 1/1 Running 0 4s
As with the pod deletion experiment, we can use kubectl describe to get more detail about the results. The command will be kubectl describe chaosresult nginx-chaos-pod-autoscaler -n demo.
Wrapping up
Litmus is a really good tool with great community backing and a growing number of experiments. In very little time you can deploy it to the cluster and start creating chaos to make your Kubernetes applications ready for any kind of failure.
All experiments are listed here at https://hub.litmuschaos.io/, where you can raise issues for new experiments and contribute them as well.
Let us know on Twitter @Civocloud and @SaiyamPathak if you try Litmus on Civo!
Head of Developer Relations @ vCluster
Saiyam Pathak is Head of Developer Relations at vCluster and a prominent advocate in the cloud-native and Kubernetes community. He is also the founder of Kubesimplify, a platform dedicated to simplifying Kubernetes and cloud-native technologies through educational content.
Saiyam has previously worked at organizations including Civo, Walmart Labs, Oracle, and HP, gaining experience across machine learning platforms, multi-cloud infrastructure, and managed Kubernetes services. He actively contributes to the community through technical content, meetups, and open-source initiatives.
Share this article
Further Reading
24 November 2025
Event-driven autoscaling in Kubernetes with KEDA
8 November 2021