Understanding User Management and Authentication in LitmusChaos

Saranya Jena - Aug 23 '21 - - Dev Community

In this post, I will be explaining how user management and authentication are done in LitmusChaos. LitmusChaos is a Cross-Cloud Chaos Orchestration framework for practicing chaos engineering in cloud-native environments.

LitmusChaos 2.0 is out now!🚀

LitmusChaos 2.0 provides a new way of chaos engineering performed by the users. LitmusChaos itself is composed of microservices. And we made sure that adding the features for 2.0 seamlessly integrates the additional microservices in conjunction with the existing one. It is completely backward compatible. No features are deprecated.

Highlights:

  • All features of Litmus 1.x
  • Addition of Chaos Workflow creation
  • User Management & Teaming
  • Introduction of ChaosCenter (The central chaos management center)
  • Monitoring and Observability
  • Resilience Score Calculation
  • Manage Workflows using GitOps, Custom Image Registry

User Roles and Accessibility

First of all let me explain the different user level roles and their privileges. LitmusChaos also has project-level roles which come under the teaming section.

  1. Admin: The admin user is created by default on the initial portal setup and can log into the portal using the credentials admin/litmus once the server pods are up and running. The admin can access every feature with exclusive access to the User-management feature for user creation and management. Admin users can also view the overall usage statistics of the portal.

  2. Non-Admins: The non-admin users, created by the admin, have access to all the features except User-management and Usage statistics.

Features

User-management

Admin can access the following features through the User management section:

  1. Create a User: Admin can create a user by assigning a unique username and password and other optional details like name email-id.
  2. View Users list: Once the user is created, it will be listed in the table along with other details such as current status(active or deactivated), name, username, email-id, date, and time of the user creation.
  3. Activate/Deactivate users: Admin can toggle the current status of the user. Once a particular user is deactivated he/she won't be able to access any APIs of the LitmusChaos but all the previous data will be stored, which can be accessed back once the user gets reactivated.
  4. Edit profile: Here, Admin can reset the password of other users.

Authentication and Getting Started

Once a user is created, the user will be able to login into the portal with non-admin privileges. In case a user forgets the credentials, he/she can contact the portal admin to reset the credentials.
On successful authentication, the user will be redirected to /getStarted route. For the initial login, users will be asked to change the password and use the updated password for subsequent logins. One can also skip the option to change the password. Users can update their password anytime through the My Account section. In either case, a default project will be created for you under which you can do your chaos testing!

Here's a short GIF explaining all the basic features of User-management:
ezgif.com-gif-maker (3)

Some noteworthy points

I have noticed, people are often confused between the types of roles. There are two layers of privilege levels:
UserPriviledges

  1. Portal Level: This is the first layer of privilege levels where user roles are assigned during user creation. As of now, one who installs the LitmusChaos and logs in with admin/litmus credentials is assigned the role admin, and all other users created by admin are assigned the role user.
  2. Project Level: This is the second layer of the privilege level, where roles are assigned to the project members while sending an invitation. If you want to know more about Projects and Teaming, you can find it here

Conclusion

That's all, folks. Thank you for reading it till the end. I hope you had a productive time learning about LitmusChaos, and we hope you are as excited as we are about the upcoming features/additions!

Are you an SRE or a Kubernetes enthusiast? Does Chaos Engineering excite you?

Join Our Community On Slack For Detailed Discussion, Feedback & Regular Updates On Chaos Engineering For Kubernetes: https://slack.litmuschaos.io (#litmus channel on the Kubernetes workspace)

Check out the Litmus Chaos GitHub repo and do share your feedback: https://github.com/litmuschaos/litmus/issues
Submit a pull request if you identify any necessary changes.
Show your ❤️ with a ⭐ on our Github. To learn more about Litmus, check out the Litmus documentation. Cheers✌🏼

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .