Add default cluster roles for running chaos mesh on GKE

Author: tplavcic

chaos-mesh/chaos-mesh-gke-permissions.yml

@@ -0,0 +1,26 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: role-cluster-manager-pdmas
+rules:
+  - apiGroups: ['']
+    resources: ['pods', 'namespaces']
+    verbs: ['get', 'watch', 'list']
+  - apiGroups:
+      - chaos-mesh.org
+    resources: ['*']
+    verbs: ['get', 'list', 'watch', 'create', 'delete', 'patch', 'update']
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cluster-manager-binding
+  namespace: chaos-mesh
+subjects:
+  # Google Cloud user account
+  - kind: User
+    name: USER_ACCOUNT
+roleRef:
+  kind: ClusterRole
+  name: role-cluster-manager-pdmas
+  apiGroup: rbac.authorization.k8s.io

chaos-mesh/schedule.yml

@@ -0,0 +1,15 @@
+apiVersion: chaos-mesh.org/v1alpha1
+kind: Schedule
+metadata:
+  name: schedule-pod-kill-example
+spec:
+  schedule: "@every 1h"
+  type: "PodChaos"
+  historyLimit: 5
+  concurrencyPolicy: Forbid
+  podChaos:
+    action: "pod-kill"
+    mode: one
+    selector:
+      labelSelectors:
+        "app.kubernetes.io/component": "tikv"