Skip to main content

Fault container permissions

This topic lists the various categories of Kubernetes faults and the container permissions required to execute them.

Supported Kubernetes faults and required container permissions

The following table shows the supported Kubernetes faults and the required fault container permissions to execute them.

Chaos categoryFaultsRequires root user on fault containerRequires privileged fault containers
StatePod Delete
StateContainer Kill
StateNode Drain
StateNode Taint
StateNode Restart
ResourcePod CPU Hog
ResourcePod Memory Hog
ResourcePod IO Stress
ResourcePod Disk Fill
ResourcePod CPU Exec
ResourcePod Memory Exec
ResourceNode CPU Hog
ResourceNode Memory Hog
ResourceNode IO Stress
NetworkPod Network Latency
NetworkPod Network Loss
NetworkPod Network Corruption
NetworkPod Network Duplication
NetworkPod Network Partition
NetworkNode Network Latency
NetworkNode Network Loss
HTTP/APIPod HTTP/API Latency
HTTP/APIPod HTTP/API Status Code Modify
HTTP/APIPod HTTP/API Header Modify
HTTP/APIPod HTTP/API Body Modify
HTTP/APIPod HTTP Reset Peer Connection
DNSPod DNS Errors
DNSPod DNS Spoofing
I/OPod IO Latency
I/OPod IO Errors
ScalePod Scale
ScaleKubelet Density/Stress
LoadService Load
TimePod Time Chaos
Process/ServiceKubelet Service Kill
Process/ServiceDocker/Containerd Service Kill