From 40912fd30de4e7d7cfca58faa241a20a4c3e18e2 Mon Sep 17 00:00:00 2001
From: Damian Czaja <trojan295@protonmail.com>
Date: Tue, 24 Sep 2024 13:14:54 +0200
Subject: [PATCH] cleanup

---
 hack/terraform2/.terraform.lock.hcl |  141 --
 hack/terraform2/castai.tf           |   67 -
 hack/terraform2/cloud-proxy.tf      |   42 -
 hack/terraform2/gke.tf              |   34 -
 hack/terraform2/ok.sh               | 3054 ---------------------------
 hack/terraform2/policy.yaml         |   12 -
 hack/terraform2/terraform.tf        |   17 -
 hack/terraform2/vars.tf             |   39 -
 hack/terraform2/vpc.tf              |   33 -
 9 files changed, 3439 deletions(-)
 delete mode 100644 hack/terraform2/.terraform.lock.hcl
 delete mode 100644 hack/terraform2/castai.tf
 delete mode 100644 hack/terraform2/cloud-proxy.tf
 delete mode 100644 hack/terraform2/gke.tf
 delete mode 100755 hack/terraform2/ok.sh
 delete mode 100644 hack/terraform2/policy.yaml
 delete mode 100644 hack/terraform2/terraform.tf
 delete mode 100644 hack/terraform2/vars.tf
 delete mode 100644 hack/terraform2/vpc.tf

diff --git a/hack/terraform2/.terraform.lock.hcl b/hack/terraform2/.terraform.lock.hcl
deleted file mode 100644
index 6fe7fda..0000000
--- a/hack/terraform2/.terraform.lock.hcl
+++ /dev/null
@@ -1,141 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/castai/castai" {
-  version     = "7.13.2"
-  constraints = ">= 5.1.0, ~> 7.11"
-  hashes = [
-    "h1:HZJN4r+j4HgDrhYFn0Sp9PYhsOBag8kS/B9bsYP7SVo=",
-    "zh:09fcf4cafa6e1ab30607c76f8959dffb1586bc7a7c2513863c9dfce42f0e6675",
-    "zh:1920643c1cfb1decb53d8370f33580e93382a0cc599809a11df9137fb392648d",
-    "zh:1f9ebba7bd6204ecdc5383cad8fd7711cc48a6dd632cce2bbf05db783940b518",
-    "zh:34b1d3a0e78b0e1661bcfef681f880204157c4d54c60e57a5081b1b9607fd9f1",
-    "zh:3ab0c47e65ad49cfe16fc787abf250362b4069fd49594c66f96fd1cccb06d7a9",
-    "zh:421214c2d9cf6a65e4c036b88c0a2570fa86eb10d73f26a2d2e7d6165a5c5ffb",
-    "zh:51bb557b9fcce75a829be1351892fd6469456eaec5686c31aafab77042249e18",
-    "zh:8c0fdd2282cf789cfb52c8e2ebc90189de58d971a563764074bd976f815a33c1",
-    "zh:9b9f66592b7605ac888cf3176baf12b90ef0344367a139fe85a562cb6d4d8432",
-    "zh:aa5f3563a5ab2953e15c5ca459f228195dfc2c83e99d8a9746c4eade2c14561b",
-    "zh:cfa1bf6e3cfcef5103cb578b24ba104026fb84ea9a01e8b0bab337f346a2f1fc",
-    "zh:d18b6a73ac7c00c76c8f5d139fe6742d6386291ef979066cacec927321c1c4f2",
-    "zh:d22f0cab874893293afc6d5154e7beca7c1299071c7e77c5a2fbb02d34bc783f",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/google" {
-  version     = "4.85.0"
-  constraints = ">= 2.15.0, >= 2.49.0, >= 3.33.0, >= 3.45.0, >= 3.83.0, >= 4.36.0, < 5.0.0"
-  hashes = [
-    "h1:ZVDZuhYSIWhCkSuDkwFeSIJjn0/DcCxak2W/cHW4OQQ=",
-    "zh:17d60a6a6c1741cf1e09ac6731433a30950285eac88236e623ab4cbf23832ca3",
-    "zh:1c70254c016439dbb75cab646b4beace6ceeff117c75d81f2cc27d41c312f752",
-    "zh:35e2aa2cc7ac84ce55e05bb4de7b461b169d3582e56d3262e249ff09d64fe008",
-    "zh:417afb08d7b2744429f6b76806f4134d62b0354acf98e8a6c00de3c24f2bb6ad",
-    "zh:622165d09d21d9a922c86f1fc7177a400507f2a8c4a4513114407ae04da2dd29",
-    "zh:7cdb8e39a8ea0939558d87d2cb6caceded9e21f21003d9e9f9ce648d5db0bc3a",
-    "zh:851e737dc551d6004a860a8907fda65118fc2c7ede9fa828f7be704a2a39e68f",
-    "zh:a331ad289a02a2c4473572a573dc389be0a604cdd9e03dd8dbc10297fb14f14d",
-    "zh:b67fd531251380decd8dd1f849460d60f329f89df3d15f5815849a1dd001f430",
-    "zh:be8785957acca4f97aa3e800b313b57d1fca07788761c8867c9bc701fbe0bdb5",
-    "zh:cb6579a259fe020e1f88217d8f6937b2d5ace15b6406370977a1966eb31b1ca5",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/google-beta" {
-  version     = "4.85.0"
-  constraints = ">= 3.45.0, < 5.0.0"
-  hashes = [
-    "h1:CSE8cBR85sVefrE2Kg6KT5vOb7855t158oMo+iDfL0M=",
-    "zh:40e9c7ec46955b4d79065a14185043a4ad6af8d0246715853fc5c99208b66980",
-    "zh:5950a9ba2f96420ea5335b543e315b1a47a705f9a9abfc53c6fec52d084eddcb",
-    "zh:5dfa98d32246a5d97e018f2b91b0e921cc6f061bc8591884f3b144f0d62f1c20",
-    "zh:628d0ca35c6d4c35077859bb0a5534c1de44f23a91e190f9c3f06f2358172e75",
-    "zh:6e78d54fd4de4151968149b4c3521f563a8b5c55aad423dba5968a9114b65ae4",
-    "zh:91c3bc443188638353285bd35b06d3a3b39b42b3b4cc0637599a430438fba2f7",
-    "zh:9e91b03363ebf39eea5ec0fbe7675f6979883aa9ad9a36664357d8513a007cf3",
-    "zh:db9a8d6bfe075fb38c260986ab557d40e8d18e5698c62956a6da8120fae01d59",
-    "zh:e41169c49f3bb53217905509e2ba8bb4680c373e1f54db7fac1b7f72943a1004",
-    "zh:f32f55a8af605afbc940814e17493ac83d9d66cd6da9bbc247e0a833a0aa37ec",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-    "zh:f6561a6badc3af842f9ad5bb926104954047f07cb90fadcca1357441cc67d91d",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/helm" {
-  version     = "2.15.0"
-  constraints = ">= 2.0.0"
-  hashes = [
-    "h1:VymvscRkDy0+zN2uKpKYY6njXPY8JROARuaL3VPsEos=",
-    "zh:18b94c7c83c30ad166722a61a412e3de6a67935772960e79aaa24c15f8ea0d0f",
-    "zh:4f07c929a71e8169f7471b7600bfcca36dfb295787e975e82ac0455a3ab68b47",
-    "zh:776b804a14c3c4ae6075b12176f81c1f1987214ee1cae4a542599389591cde11",
-    "zh:7c11e3adbe9bd26e88484dcdbd28c473ce3a5c58950a3e3c4f0a2caee225b845",
-    "zh:821e1a53415df0ae4ed523f098360d367a95d6ce3872ba841f22adfdd2f97664",
-    "zh:94c06e483f75a11c3f139c41b3f64b51a96d1d1485e7d1fd3c0f795e2e750945",
-    "zh:aa2040de0b8150ef40222a965445ec40e3df2997ffde1fb062ab4c226689115e",
-    "zh:ad73eebeffe20228656567963477d034b9ed3d1bd2075c1c81150def4927d810",
-    "zh:b77450a36807f3ad1d3ae736d1d165a94fa26f476504a280e9fb2ccb89f648d0",
-    "zh:d2ebd3c34c50c92106ce2df25d5598f47127dc7c60172b9e2fe56ac73dc863a8",
-    "zh:e565995e2614df5ddde75a743a674129288fb91669596a7b0b2580fa7ed49979",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/kubernetes" {
-  version     = "2.32.0"
-  constraints = "~> 2.10"
-  hashes = [
-    "h1:3j4XBR5UWQA7xXaiEnzZp0bHbcwOhWetHYKTWIrUTI0=",
-    "zh:0e715d7fb13a8ad569a5fdc937b488590633f6942e986196fdb17cd7b8f7720e",
-    "zh:495fc23acfe508ed981e60af9a3758218b0967993065e10a297fdbc210874974",
-    "zh:4b930a8619910ef528bc90dae739cb4236b9b76ce41367281e3bc3cf586101c7",
-    "zh:5344405fde7b1febf0734052052268ee24e7220818155702907d9ece1c0697c7",
-    "zh:92ee11e8c23bbac3536df7b124456407f35c6c2468bc0dbab15c3fc9f414bd0e",
-    "zh:a45488fe8d5bb59c49380f398da5d109a4ac02ebc10824567dabb87f6102fda8",
-    "zh:a4a0b57cf719a4c91f642436882b7bea24d659c08a5b6f4214ce4fe6a0204caa",
-    "zh:b7a27a6d11ba956a2d7b0f7389a46ec857ebe46ae3aeee537250e66cac15bf03",
-    "zh:bf94ce389028b686bfa70a90f536e81bb776c5c20ab70138bbe5c3d0a04c4253",
-    "zh:d965b2608da0212e26a65a0b3f33c5baae46cbe839196be15d93f70061516908",
-    "zh:f441fc793d03057a17af8bdca8b26d54916645bc5c148f54e22a54ed39089e83",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/null" {
-  version = "3.2.3"
-  hashes = [
-    "h1:I0Um8UkrMUb81Fxq/dxbr3HLP2cecTH2WMJiwKSrwQY=",
-    "zh:22d062e5278d872fe7aed834f5577ba0a5afe34a3bdac2b81f828d8d3e6706d2",
-    "zh:23dead00493ad863729495dc212fd6c29b8293e707b055ce5ba21ee453ce552d",
-    "zh:28299accf21763ca1ca144d8f660688d7c2ad0b105b7202554ca60b02a3856d3",
-    "zh:55c9e8a9ac25a7652df8c51a8a9a422bd67d784061b1de2dc9fe6c3cb4e77f2f",
-    "zh:756586535d11698a216291c06b9ed8a5cc6a4ec43eee1ee09ecd5c6a9e297ac1",
-    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
-    "zh:9d5eea62fdb587eeb96a8c4d782459f4e6b73baeece4d04b4a40e44faaee9301",
-    "zh:a6355f596a3fb8fc85c2fb054ab14e722991533f87f928e7169a486462c74670",
-    "zh:b5a65a789cff4ada58a5baffc76cb9767dc26ec6b45c00d2ec8b1b027f6db4ed",
-    "zh:db5ab669cf11d0e9f81dc380a6fdfcac437aea3d69109c7aef1a5426639d2d65",
-    "zh:de655d251c470197bcbb5ac45d289595295acb8f829f6c781d4a75c8c8b7c7dd",
-    "zh:f5c68199f2e6076bce92a12230434782bf768103a427e9bb9abee99b116af7b5",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/random" {
-  version = "3.6.3"
-  hashes = [
-    "h1:zG9uFP8l9u+yGZZvi5Te7PV62j50azpgwPunq2vTm1E=",
-    "zh:04ceb65210251339f07cd4611885d242cd4d0c7306e86dda9785396807c00451",
-    "zh:448f56199f3e99ff75d5c0afacae867ee795e4dfda6cb5f8e3b2a72ec3583dd8",
-    "zh:4b4c11ccfba7319e901df2dac836b1ae8f12185e37249e8d870ee10bb87a13fe",
-    "zh:4fa45c44c0de582c2edb8a2e054f55124520c16a39b2dfc0355929063b6395b1",
-    "zh:588508280501a06259e023b0695f6a18149a3816d259655c424d068982cbdd36",
-    "zh:737c4d99a87d2a4d1ac0a54a73d2cb62974ccb2edbd234f333abd079a32ebc9e",
-    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
-    "zh:a357ab512e5ebc6d1fda1382503109766e21bbfdfaa9ccda43d313c122069b30",
-    "zh:c51bfb15e7d52cc1a2eaec2a903ac2aff15d162c172b1b4c17675190e8147615",
-    "zh:e0951ee6fa9df90433728b96381fb867e3db98f66f735e0c3e24f8f16903f0ad",
-    "zh:e3cdcb4e73740621dabd82ee6a37d6cfce7fee2a03d8074df65086760f5cf556",
-    "zh:eff58323099f1bd9a0bec7cb04f717e7f1b2774c7d612bf7581797e1622613a0",
-  ]
-}
diff --git a/hack/terraform2/castai.tf b/hack/terraform2/castai.tf
deleted file mode 100644
index 0f25da4..0000000
--- a/hack/terraform2/castai.tf
+++ /dev/null
@@ -1,67 +0,0 @@
-data "google_client_config" "default" {}
-
-provider "castai" {
-  api_url   = var.castai_api_url
-  api_token = var.castai_api_token
-}
-
-provider "helm" {
-  kubernetes {
-    host                   = "https://${module.gke.endpoint}"
-    token                  = data.google_client_config.default.access_token
-    cluster_ca_certificate = base64decode(module.gke.ca_certificate)
-  }
-}
-
-# Configure GKE cluster connection using CAST AI gke-cluster module.
-module "castai-gke-iam" {
-  source = "castai/gke-iam/castai"
-
-  project_id       = var.project_id
-  gke_cluster_name = var.cluster_name
-}
-
-module "castai-gke-cluster" {
-  source = "castai/gke-cluster/castai"
-
-  api_url                = var.castai_api_url
-  castai_api_token       = var.castai_api_token
-  grpc_url               = var.castai_grpc_url
-  wait_for_cluster_ready = true
-
-  project_id           = var.project_id
-  gke_cluster_name     = var.cluster_name
-  gke_cluster_location = module.gke.location
-
-  gke_credentials                 = module.castai-gke-iam.private_key
-  default_node_configuration_name = "default"
-
-  node_configurations = {
-    default = {
-      disk_cpu_ratio = 25
-      subnets        = [module.vpc.subnets_ids[0]]
-    }
-  }
-
-  node_templates = {
-    default_by_castai = {
-      name               = "default-by-castai"
-      configuration_name = "default"
-      is_default         = true
-      is_enabled         = true
-      should_taint       = false
-
-      constraints = {
-        on_demand          = true
-        spot               = true
-        use_spot_fallbacks = true
-
-        enable_spot_diversity                       = false
-        spot_diversity_price_increase_limit_percent = 20
-      }
-    }
-  }
-
-  depends_on = [module.gke, module.castai-gke-iam]
-}
-
diff --git a/hack/terraform2/cloud-proxy.tf b/hack/terraform2/cloud-proxy.tf
deleted file mode 100644
index 12ade1a..0000000
--- a/hack/terraform2/cloud-proxy.tf
+++ /dev/null
@@ -1,42 +0,0 @@
-#resource "google_project_iam_binding" "cloud_proxy_workload_identity_castai" {
-#  project = var.project_id
-#  role    = "projects/engineering-test-353509/roles/castai.gkeAccess"
-#  members = [
-#    "serviceAccount:${var.project_id}.svc.id.goog[castai-agent/castai-cloud-proxy]"
-#  ]
-#}
-#
-#resource "google_project_iam_binding" "cloud_proxy_workload_identity_service_account" {
-#  project = var.project_id
-#  role    = "roles/iam.serviceAccountUser"
-#  members = [
-#    "serviceAccount:${var.project_id}.svc.id.goog[castai-agent/castai-cloud-proxy]"
-#  ]
-#}
-
-resource "helm_release" "castai_cloud_proxy" {
-  name             = "castai-cloud-proxy"
-  repository       = "https://castai.github.io/helm-charts"
-  chart            = "castai-cloud-proxy"
-  namespace        = "castai-agent"
-  create_namespace = true
-  cleanup_on_fail  = true
-  wait             = true
-
-  set {
-    name  = "castai.clusterID"
-    value = module.castai-gke-cluster.cluster_id
-  }
-
-  set_sensitive {
-    name  = "castai.apiKey"
-    value = var.castai_api_token
-  }
-
-  set {
-    name  = "castai.grpcURL"
-    value = var.castai_grpc_url
-  }
-
-  depends_on = [module.castai-gke-cluster]
-}
diff --git a/hack/terraform2/gke.tf b/hack/terraform2/gke.tf
deleted file mode 100644
index 7e665c0..0000000
--- a/hack/terraform2/gke.tf
+++ /dev/null
@@ -1,34 +0,0 @@
-module "gke" {
-  source     = "terraform-google-modules/kubernetes-engine/google"
-  version    = "24.1.0"
-  project_id = var.project_id
-  name       = var.cluster_name
-  region     = var.cluster_region
-  //zones                      = var.cluster_zones
-  network                    = module.vpc.network_name
-  subnetwork                 = module.vpc.subnets_names[0]
-  ip_range_pods              = local.ip_range_pods
-  ip_range_services          = local.ip_range_services
-  http_load_balancing        = false
-  network_policy             = false
-  horizontal_pod_autoscaling = true
-  filestore_csi_driver       = false
-
-  node_pools = [
-    {
-      name               = "default-node-pool"
-      machine_type       = "e2-standard-2"
-      min_count          = 1
-      max_count          = 1
-      local_ssd_count    = 0
-      disk_size_gb       = 100
-      disk_type          = "pd-standard"
-      image_type         = "COS_CONTAINERD"
-      auto_repair        = true
-      auto_upgrade       = true
-      preemptible        = false
-      initial_node_count = 1 # has to be >=2 to successfully deploy CAST AI controller
-    }
-  ]
-}
-
diff --git a/hack/terraform2/ok.sh b/hack/terraform2/ok.sh
deleted file mode 100755
index b9c827c..0000000
--- a/hack/terraform2/ok.sh
+++ /dev/null
@@ -1,3054 +0,0 @@
-#!/usr/bin/env bash
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# This is a script to quickly install chaos-mesh.
-# This script will check if docker and kubernetes are installed. If local mode is set and kubernetes is not installed,
-# it will use kind or minikube to install the kubernetes cluster according to the configuration.
-# Finally, when all dependencies are installed, chaos-mesh will be installed.
-
-VERSION=v2.7.0
-
-usage() {
-    cat << EOF
-This script is used to install chaos-mesh.
-Before running this script, please ensure that:
-* have installed docker if you run chaos-mesh in local.
-* have installed Kubernetes if you run chaos-mesh in normal Kubernetes cluster
-USAGE:
-    install.sh [FLAGS] [OPTIONS]
-FLAGS:
-    -h, --help               Prints help information
-    -d, --dependency-only    Install dependencies only, including kind, kubectl, local-kube.
-        --force              Force reinstall all components if they are already installed, include: kind, local-kube, chaos-mesh
-        --force-chaos-mesh   Force reinstall chaos-mesh if it is already installed
-        --force-local-kube   Force reinstall local Kubernetes cluster if it is already installed
-        --force-kubectl      Force reinstall kubectl client if it is already installed
-        --force-kind         Force reinstall Kind if it is already installed
-        --volume-provisioner Deploy volume provisioner in local Kubernetes cluster
-        --local-registry     Deploy local docker registry in local Kubernetes cluster
-        --template           Locally render templates
-        --k3s                Install chaos-mesh in k3s environment
-        --microk8s           Install chaos-mesh in microk8s environment
-        --host-network       Install chaos-mesh using hostNetwork
-OPTIONS:
-    -v, --version            Version of chaos-mesh, default value: ${VERSION}
-    -l, --local [kind]       Choose a way to run a local kubernetes cluster, supported value: kind,
-                             If this value is not set and the Kubernetes is not installed, this script will exit with 1.
-    -n, --name               Name of Kubernetes cluster, default value: kind
-    -c  --crd                The path of the crd files. Get the crd file from "https://mirrors.chaos-mesh.org" if the crd path is empty.
-    -r  --runtime            Runtime specifies which container runtime to use. Currently we only supports docker and containerd. default value: docker
-        --kind-version       Version of the Kind tool, default value: v0.11.1
-        --node-num           The count of the cluster nodes,default value: 3
-        --k8s-version        Version of the Kubernetes cluster,default value: v1.17.2
-        --volume-num         The volumes number of each kubernetes node,default value: 5
-        --release-name       Release name of chaos-mesh, default value: chaos-mesh
-        --namespace          Namespace of chaos-mesh, default value: chaos-mesh
-        --timezone           Specifies timezone to be used by chaos-dashboard, chaos-daemon and controller.
-EOF
-}
-
-main() {
-    local local_kube=""
-    local cm_version="${VERSION}"
-    local kind_name="kind"
-    local kind_version="v0.11.1"
-    local node_num=3
-    local k8s_version="v1.17.2"
-    local volume_num=5
-    local release_name="chaos-mesh"
-    local namespace="chaos-mesh"
-    local timezone="UTC"
-    local force_chaos_mesh=false
-    local force_local_kube=false
-    local force_kubectl=false
-    local force_kind=false
-    local volume_provisioner=false
-    local local_registry=false
-    local crd=""
-    local runtime="docker"
-    local template=false
-    local install_dependency_only=false
-    local k3s=false
-    local microk8s=false
-    local host_network=false
-    local docker_registry="ghcr.io"
-
-    while [[ $# -gt 0 ]]
-    do
-        key="$1"
-        case "$key" in
-            -h|--help)
-                usage
-                exit 0
-                ;;
-            -l|--local)
-                local_kube="$2"
-                shift
-                shift
-                ;;
-            -v|--version)
-                cm_version="$2"
-                shift
-                shift
-                ;;
-            -n|--name)
-                kind_name="$2"
-                shift
-                shift
-                ;;
-            -c|--crd)
-                crd="$2"
-                shift
-                shift
-                ;;
-            -r|--runtime)
-                runtime="$2"
-                shift
-                shift
-                ;;
-            -d|--dependency-only)
-                install_dependency_only=true
-                shift
-                ;;
-            --force)
-                force_chaos_mesh=true
-                force_local_kube=true
-                force_kubectl=true
-                force_kind=true
-                shift
-                ;;
-            --force-local-kube)
-                force_local_kube=true
-                shift
-                ;;
-            --force-kubectl)
-                force_kubectl=true
-                shift
-                ;;
-            --force-kind)
-                force_kind=true
-                shift
-                ;;
-            --force-chaos-mesh)
-                force_chaos_mesh=true
-                shift
-                ;;
-            --template)
-                template=true
-                shift
-                ;;
-            --volume-provisioner)
-                volume_provisioner=true
-                shift
-                ;;
-            --local-registry)
-                local_registry=true
-                shift
-                ;;
-            --kind-version)
-                kind_version="$2"
-                shift
-                shift
-                ;;
-            --node-num)
-                node_num="$2"
-                shift
-                shift
-                ;;
-            --k8s-version)
-                k8s_version="$2"
-                shift
-                shift
-                ;;
-            --volume-num)
-                volume_num="$2"
-                shift
-                shift
-                ;;
-            --release-name)
-                release_name="$2"
-                shift
-                shift
-                ;;
-            --namespace)
-                namespace="$2"
-                shift
-                shift
-                ;;
-            --k3s)
-                k3s=true
-                shift
-                ;;
-            --microk8s)
-                microk8s=true
-                shift
-                ;;
-            --host-network)
-                host_network=true
-                shift
-                ;;
-            --timezone)
-                timezone="$2"
-                shift
-                shift
-                ;;
-            --docker-registry)
-                docker_registry="$2"
-                shift
-                shift
-                ;;
-            *)
-                echo "unknown flag or option $key"
-                usage
-                exit 1
-                ;;
-        esac
-    done
-
-    if [ "${runtime}" != "docker" ] && [ "${runtime}" != "containerd" ]; then
-        printf "container runtime %s is not supported\n" "${runtime}"
-        exit 1
-    fi
-
-    if [ "${local_kube}" != "" ] && [ "${local_kube}" != "kind" ]; then
-        printf "local Kubernetes by %s is not supported\n" "${local_kube}"
-        exit 1
-    fi
-
-    if [ "${local_kube}" == "kind" ]; then
-        runtime="containerd"
-    fi
-
-    if [ "${k3s}" == "true" ]; then
-        runtime="containerd"
-    fi
-
-    if [ "${microk8s}" == "true" ]; then
-        runtime="containerd"
-    fi
-
-    if [ "${crd}" == "" ]; then
-        crd="https://mirrors.chaos-mesh.org/${cm_version}/crd.yaml"
-    fi
-    if $template; then
-        ensure gen_crd_manifests "${crd}"
-        ensure gen_chaos_mesh_manifests "${runtime}" "${k3s}" "${cm_version}" "${timezone}" "${host_network}" "${docker_registry}" "${microk8s}"
-        exit 0
-    fi
-
-    need_cmd "sed"
-    need_cmd "tr"
-
-    if [ "${local_kube}" == "kind" ]; then
-        prepare_env
-        install_kubectl "${k8s_version}" ${force_kubectl}
-
-        check_docker
-        install_kind "${kind_version}" ${force_kind}
-        install_kubernetes_by_kind "${kind_name}" "${k8s_version}" "${node_num}" "${volume_num}" ${force_local_kube} ${volume_provisioner} ${local_registry}
-    fi
-
-    if [ "${install_dependency_only}" = true ]; then
-        exit 0
-    fi
-
-    check_kubernetes
-    install_chaos_mesh "${release_name}" "${namespace}" "${local_kube}" ${force_chaos_mesh} "${crd}" "${runtime}" "${k3s}" "${cm_version}" "${timezone}" "${docker_registry}" "${microk8s}"
-    ensure_pods_ready "${namespace}" "app.kubernetes.io/component=controller-manager" 100
-    ensure_pods_ready "${namespace}" "app.kubernetes.io/component=chaos-daemon" 100
-    ensure_pods_ready "${namespace}" "app.kubernetes.io/component=chaos-dashboard" 100
-    printf "Chaos Mesh %s is installed successfully\n" "${release_name}"
-}
-
-prepare_env() {
-    mkdir -p "$HOME/local/bin"
-    local set_path="export PATH=$HOME/local/bin:\$PATH"
-    local env_file="$HOME/.bash_profile"
-    if [[ ! -e "${env_file}" ]]; then
-        ensure touch "${env_file}"
-    fi
-    grep -qF -- "${set_path}" "${env_file}" || echo "${set_path}" >> "${env_file}"
-    ensure source "${env_file}"
-}
-
-check_kubernetes() {
-    need_cmd "kubectl"
-    kubectl_err_msg=$(kubectl version --output=yaml 2>&1 1>/dev/null)
-    if [ "$kubectl_err_msg" != "" ]; then
-        printf "check Kubernetes failed, error: %s\n" "${kubectl_err_msg}"
-        exit 1
-    fi
-
-    check_kubernetes_version
-}
-
-check_kubernetes_version() {
-    version_info=$(kubectl version --output=yaml | grep gitVersion | sed 's/.*gitVersion: v\([0-9.]*\).*/\1/g')
-
-    for v in $version_info
-    do
-        if version_lt "$v" "1.12.0"; then
-            printf "Chaos Mesh requires Kubernetes cluster running 1.12 or later\n"
-            exit 1
-        fi
-    done
-}
-
-install_kubectl() {
-    local kubectl_version=$1
-    local force_install=$2
-
-    printf "Install kubectl client\n"
-
-    err_msg=$(kubectl version --client=true --output=yaml 2>&1 1>/dev/null)
-    if [ "$err_msg" == "" ]; then
-        v=$(kubectl version --client=true --output=yaml | grep gitVersion | sed 's/.*gitVersion: v\([0-9.]*\).*/\1/g')
-        target_version=$(echo "${kubectl_version}" | sed s/v//g)
-        if version_lt "$v" "${target_version}"; then
-            printf "Chaos Mesg requires kubectl version %s or later\n"  "${target_version}"
-        else
-            printf "kubectl Version %s has been installed\n" "$v"
-            if [ "$force_install" != "true" ]; then
-                return
-            fi
-        fi
-    fi
-
-    need_cmd "curl"
-    local KUBECTL_BIN="${HOME}/local/bin/kubectl"
-    local target_os=$(lowercase $(uname))
-
-    ensure curl -Lo /tmp/kubectl https://storage.googleapis.com/kubernetes-release/release/${kubectl_version}/bin/${target_os}/amd64/kubectl
-    ensure chmod +x /tmp/kubectl
-    ensure mv /tmp/kubectl "${KUBECTL_BIN}"
-}
-
-
-install_kubernetes_by_kind() {
-    local cluster_name=$1
-    local cluster_version=$2
-    local node_num=$3
-    local volume_num=$4
-    local force_install=$5
-    local volume_provisioner=$6
-    local local_registry=$7
-
-    printf "Install local Kubernetes %s\n" "${cluster_name}"
-
-    need_cmd "kind"
-
-    work_dir=${HOME}/kind/${cluster_name}
-    kubeconfig_path=${work_dir}/config
-    data_dir=${work_dir}/data
-    clusters=$(kind get clusters)
-    cluster_exist=false
-    for c in $clusters
-    do
-        if [ "$c" == "$cluster_name" ]; then
-            printf "Kind cluster %s has been installed\n" "${cluster_name}"
-            cluster_exist=true
-            break
-        fi
-    done
-
-    if [ "$cluster_exist" == "true" ]; then
-        if [ "$force_install" == "true" ]; then
-            printf "Delete Kind Kubernetes cluster %s\n" "${cluster_name}"
-            kind delete cluster --name="${cluster_name}"
-            status=$?
-            if [ $status -ne 0 ]; then
-                printf "Delete Kind Kubernetes cluster %s failed\n" "${cluster_name}"
-                exit 1
-            fi
-        else
-            ensure kind get kubeconfig --name="${cluster_name}" > "${kubeconfig_path}"
-            return
-        fi
-    fi
-
-    ensure mkdir -p "${work_dir}"
-
-    printf "Clean data dir: %s\n" "${data_dir}"
-    if [ -d "${data_dir}" ]; then
-        ensure rm -rf "${data_dir}"
-    fi
-
-    config_file=${work_dir}/kind-config.yaml
-    cat <<EOF > "${config_file}"
-kind: Cluster
-apiVersion: kind.x-k8s.io/v1alpha4
-kubeadmConfigPatches:
-- |
-  kind: ClusterConfiguration
-  metadata:
-    name: config
-  apiServerExtraArgs:
-    enable-admission-plugins: NodeRestriction,MutatingAdmissionWebhook,ValidatingAdmissionWebhook
-nodes:
-- role: control-plane
-  extraPortMappings:
-  - containerPort: 5000
-    hostPort: 5000
-    listenAddress: 127.0.0.1
-    protocol: TCP
-EOF
-
-    for ((i=0;i<"${node_num}";i++))
-    do
-        ensure mkdir -p "${data_dir}/worker${i}"
-        cat <<EOF >>  "${config_file}"
-- role: worker
-  extraMounts:
-EOF
-        for ((k=1;k<="${volume_num}";k++))
-        do
-            ensure mkdir -p "${data_dir}/worker${i}/vol${k}"
-            cat <<EOF  >>  "${config_file}"
-  - containerPath: /mnt/disks/vol${k}
-    hostPath: ${data_dir}/worker${i}/vol${k}
-EOF
-        done
-    done
-
-    local kind_image="kindest/node:${cluster_version}"
-
-    printf "start to create kubernetes cluster %s" "${cluster_name}"
-    ensure kind create cluster --config "${config_file}" --image="${kind_image}" --name="${cluster_name}" --retain -v 1
-    ensure kind get kubeconfig --name="${cluster_name}" > "${kubeconfig_path}"
-    ensure export KUBECONFIG="${kubeconfig_path}"
-
-    if [ "$volume_provisioner" == "true" ]; then
-        deploy_volume_provisioner "${work_dir}"
-    fi
-}
-
-deploy_volume_provisioner() {
-    local data_dir=$1
-    local config_file=${data_dir}/local-volume-provisionser.yaml
-
-    volume_provisioner_image="quay.io/external_storage/local-volume-provisioner:v2.3.2"
-
-    cat <<EOF >"${config_file}"
-apiVersion: storage.k8s.io/v1
-kind: StorageClass
-metadata:
-  name: "local-storage"
-provisioner: "kubernetes.io/no-provisioner"
-volumeBindingMode: "WaitForFirstConsumer"
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: local-provisioner-config
-  namespace: kube-system
-data:
-  nodeLabelsForPV: |
-    - kubernetes.io/hostname
-  storageClassMap: |
-    local-storage:
-      hostDir: /mnt/disks
-      mountDir: /mnt/disks
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: local-volume-provisioner
-  namespace: kube-system
-  labels:
-    app: local-volume-provisioner
-spec:
-  selector:
-    matchLabels:
-      app: local-volume-provisioner
-  template:
-    metadata:
-      labels:
-        app: local-volume-provisioner
-    spec:
-      serviceAccountName: local-storage-admin
-      containers:
-        - image: ${volume_provisioner_image}
-          name: provisioner
-          securityContext:
-            privileged: true
-          env:
-          - name: MY_NODE_NAME
-            valueFrom:
-              fieldRef:
-                fieldPath: spec.nodeName
-          - name: MY_NAMESPACE
-            valueFrom:
-              fieldRef:
-                fieldPath: metadata.namespace
-          - name: JOB_CONTAINER_IMAGE
-            value: "quay.io/external_storage/local-volume-provisioner:v2.3.2"
-          resources:
-            requests:
-              cpu: 100m
-              memory: 100Mi
-            limits:
-              cpu: 100m
-              memory: 100Mi
-          volumeMounts:
-            - mountPath: /etc/provisioner/config
-              name: provisioner-config
-              readOnly: true
-            # mounting /dev in DinD environment would fail
-            # - mountPath: /dev
-            #   name: provisioner-dev
-            - mountPath: /mnt/disks
-              name: local-disks
-              mountPropagation: "HostToContainer"
-      volumes:
-        - name: provisioner-config
-          configMap:
-            name: local-provisioner-config
-        # - name: provisioner-dev
-        #   hostPath:
-        #     path: /dev
-        - name: local-disks
-          hostPath:
-            path: /mnt/disks
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: local-storage-admin
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: local-storage-provisioner-pv-binding
-  namespace: kube-system
-subjects:
-- kind: ServiceAccount
-  name: local-storage-admin
-  namespace: kube-system
-roleRef:
-  kind: ClusterRole
-  name: system:persistent-volume-provisioner
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: local-storage-provisioner-node-clusterrole
-  namespace: kube-system
-rules:
-- apiGroups: [""]
-  resources: ["nodes"]
-  verbs: ["get"]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: local-storage-provisioner-node-binding
-  namespace: kube-system
-subjects:
-- kind: ServiceAccount
-  name: local-storage-admin
-  namespace: kube-system
-roleRef:
-  kind: ClusterRole
-  name: local-storage-provisioner-node-clusterrole
-  apiGroup: rbac.authorization.k8s.io
-EOF
-    ensure kubectl apply -f "${config_file}"
-}
-
-install_kind() {
-    local kind_version=$1
-    local force_install=$2
-
-    printf "Install Kind tool\n"
-
-    err_msg=$(kind version 2>&1 1>/dev/null)
-    if [ "$err_msg" == "" ]; then
-        v=$(kind version | awk '{print $2}' | sed s/v//g)
-        target_version=${kind_version//v}
-        if version_lt "$v" "${target_version}"; then
-            printf "Chaos Mesh requires Kind version %s or later\n" "${target_version}"
-        else
-            printf "Kind Version %s has been installed\n" "$v"
-            if [ "$force_install" != "true" ]; then
-                return
-            fi
-        fi
-    fi
-
-    local KIND_BIN="${HOME}/local/bin/kind"
-    local target_os=$(lowercase $(uname))
-    ensure curl -Lo /tmp/kind https://github.com/kubernetes-sigs/kind/releases/download/"$1"/kind-"${target_os}"-amd64
-    ensure chmod +x /tmp/kind
-    ensure mv /tmp/kind "$KIND_BIN"
-}
-
-install_chaos_mesh() {
-    local release_name=$1
-    local namespace=$2
-    local local_kube=$3
-    local force_install=$4
-    local crd=$5
-    local runtime=$6
-    local k3s=$7
-    local version=$8
-    local timezone=$9
-    local docker_registry=${10}
-    local microk8s=${11}
-
-    printf "Install Chaos Mesh %s\n" "${release_name}"
-
-    gen_crd_manifests "${crd}" | kubectl create --validate=false -f - || exit 1
-    gen_chaos_mesh_manifests "${runtime}" "${k3s}" "${version}" "${timezone}" "${host_network}" "${docker_registry}" "${microk8s}" | kubectl apply -f - || exit 1
-}
-
-version_lt() {
-    vercomp $1 $2
-    if [ $? == 2 ];  then
-        return 0
-    fi
-
-    return 1
-}
-
-vercomp () {
-    if [[ $1 == $2 ]]
-    then
-        return 0
-    fi
-    local IFS=.
-    local i ver1 ver2
-    read -ra ver1 <<< "$1"
-    read -ra ver2 <<< "$2"
-    # fill empty fields in ver1 with zeros
-    for ((i=${#ver1[@]}; i<${#ver2[@]}; i++))
-    do
-        ver1[i]=0
-    done
-    for ((i=0; i<${#ver1[@]}; i++))
-    do
-        if [[ -z ${ver2[i]} ]]
-        then
-            # fill empty fields in ver2 with zeros
-            ver2[i]=0
-        fi
-        if ((10#${ver1[i]} > 10#${ver2[i]}))
-        then
-            return 1
-        fi
-        if ((10#${ver1[i]} < 10#${ver2[i]}))
-        then
-            return 2
-        fi
-    done
-    return 0
-}
-
-check_docker() {
-    need_cmd "docker"
-    docker_err_msg=$(docker version 2>&1 1>/dev/null)
-    if [ "$docker_err_msg" != "" ]; then
-        printf "check docker failed:\n"
-        echo "$docker_err_msg"
-        exit 1
-    fi
-}
-
-say() {
-    printf 'install chaos-mesh: %s\n' "$1"
-}
-
-err() {
-    say "$1" >&2
-    exit 1
-}
-
-need_cmd() {
-    if ! check_cmd "$1"; then
-        err "need '$1' (command not found)"
-    fi
-}
-
-check_cmd() {
-    command -v "$1" > /dev/null 2>&1
-}
-
-lowercase() {
-    echo "$@" | tr "[A-Z]" "[a-z]"
-}
-
-# Run a command that should never fail. If the command fails execution
-# will immediately terminate with an error showing the failing
-# command.
-ensure() {
-    if ! "$@"; then err "command failed: $*"; fi
-}
-
-ensure_pods_ready() {
-    local namespace=$1
-    local labels=""
-    local limit=$3
-
-    if [ "$2" != "" ]; then
-        labels="-l $2"
-    fi
-
-    count=0
-    while [ -n "$(kubectl get pods -n "${namespace}" ${labels} --no-headers | grep -v Running)" ];
-    do
-        echo "Waiting for pod running" && sleep 10;
-
-        kubectl get pods -n "${namespace}" ${labels} --no-headers | >&2 grep -v Running || true
-
-        ((count=count+1))
-        if [ $count -gt $limit ]; then
-            printf "Waiting for pod status running timeout\n"
-            exit 1
-        fi
-    done
-}
-
-gen_crd_manifests() {
-    local crd=$1
-
-    if check_url "$crd"; then
-        need_cmd curl
-        ensure curl -sSL "$crd"
-        return
-    fi
-
-    ensure cat "$crd"
-}
-
-check_url() {
-    local url=$1
-    local regex='^(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]\.[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]$'
-    if [[ $url =~ $regex ]];then
-        return 0
-    else
-        return 1
-    fi
-}
-
-gen_chaos_mesh_manifests() {
-    local runtime=$1
-    local k3s=$2
-    local version=$3
-    local timezone=$4
-    local host_network=$5
-    local docker_registry=$6
-    local microk8s=$7
-    local socketDir="/var/run"
-    local socketName="docker.sock"
-    if [ "${runtime}" == "containerd" ]; then
-        socketDir="/run/containerd"
-        socketName="containerd.sock"
-    fi
-
-    if [ "${k3s}" == "true" ]; then
-        socketDir="/run/k3s/containerd"
-        socketName="containerd.sock"
-    fi
-
-    if [ "${microk8s}" == "true" ]; then
-        socketDir="/var/snap/microk8s/common/run"
-        socketName="containerd.sock"
-    fi
-
-    need_cmd mktemp
-    need_cmd openssl
-    need_cmd curl
-
-    K8S_SERVICE="chaos-mesh-controller-manager"
-    K8S_NAMESPACE="chaos-mesh"
-    VERSION_TAG="${version}"
-
-    IMAGE_REGISTRY_PREFIX="${docker_registry}"
-    tmpdir=$(mktemp -d)
-
-    ensure openssl genrsa -out ${tmpdir}/ca.key 2048 > /dev/null 2>&1
-    ensure openssl req -x509 -new -nodes -key ${tmpdir}/ca.key -subj "/CN=${K8S_SERVICE}.${K8S_NAMESPACE}.svc" -days 1875 -out ${tmpdir}/ca.crt > /dev/null 2>&1
-    ensure openssl genrsa -out ${tmpdir}/server.key 2048 > /dev/null 2>&1
-
-    cat <<EOF > ${tmpdir}/csr.conf
-[req]
-prompt = no
-req_extensions = v3_req
-distinguished_name = dn
-[dn]
-CN = ${K8S_SERVICE}.${K8S_NAMESPACE}.svc
-[v3_req]
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-extendedKeyUsage = serverAuth
-subjectAltName = @alt_names
-[alt_names]
-DNS.1 = ${K8S_SERVICE}
-DNS.2 = ${K8S_SERVICE}.${K8S_NAMESPACE}
-DNS.3 = ${K8S_SERVICE}.${K8S_NAMESPACE}.svc
-EOF
-
-    ensure openssl req -new -key ${tmpdir}/server.key -out ${tmpdir}/server.csr -config ${tmpdir}/csr.conf > /dev/null 2>&1
-    ensure openssl x509 -req -in ${tmpdir}/server.csr -CA ${tmpdir}/ca.crt -CAkey ${tmpdir}/ca.key -CAcreateserial -out ${tmpdir}/server.crt -days 1875 -extensions v3_req -extfile ${tmpdir}/csr.conf > /dev/null 2>&1
-
-    TLS_KEY=$(openssl base64 -A -in ${tmpdir}/server.key)
-    TLS_CRT=$(openssl base64 -A -in ${tmpdir}/server.crt)
-    CA_BUNDLE=$(openssl base64 -A -in ${tmpdir}/ca.crt)
-
-    # chaos-mesh.yaml start
-    cat <<EOF
----
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: chaos-mesh
----
-# Source: chaos-mesh/templates/chaos-daemon-rbac.yaml
-kind: ServiceAccount
-apiVersion: v1
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-daemon
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-daemon
----
-# Source: chaos-mesh/templates/chaos-dashboard-rbac.yaml
-# Copyright 2022 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# ServiceAccount for component chaos-dashboard
-kind: ServiceAccount
-apiVersion: v1
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-dashboard
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-dashboard
----
-# Source: chaos-mesh/templates/controller-manager-rbac.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-kind: ServiceAccount
-apiVersion: v1
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-controller-manager
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
----
-# Source: chaos-mesh/templates/dns-rbac.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-kind: ServiceAccount
-apiVersion: v1
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-dns-server
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: dns-server
----
-# Source: chaos-mesh/templates/secrets-configuration.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-kind: Secret
-apiVersion: v1
-metadata:
-  name: chaos-mesh-webhook-certs
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: webhook-secret
-type: Opaque
-data:
-  ca.crt: "${CA_BUNDLE}"
-  tls.crt: "${TLS_CRT}"
-  tls.key: "${TLS_KEY}"
----
-# Source: chaos-mesh/templates/dns-configmap.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: dns-server-config
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-dns-server
-data:
-  Corefile: |
-    .:5353 {
-        errors
-        health {
-            lameduck 5s
-        }
-        ready
-        k8s_dns_chaos cluster.local in-addr.arpa ip6.arpa {
-            pods insecure
-            fallthrough in-addr.arpa ip6.arpa
-            ttl 30
-            grpcport 9288
-        }
-        prometheus :9153
-        forward . /etc/resolv.conf {
-            max_concurrent 1000
-        }
-        cache 30
-        loop
-        reload
-        loadbalance
-    }
----
-# Source: chaos-mesh/templates/chaos-dashboard-rbac.yaml
-# ClusterRole for chaos-dashboard at cluster scope
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dashboard-cluster-level
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-dashboard
-rules:
-  # chaos-dashboard could list namespace for selector hints
-  - apiGroups: [ "" ]
-    resources:
-      - namespaces
-    verbs:
-      - get
-      - list
-      - watch
-  # chaos-dashboard use subjectaccessreviews to authorize the requests
-  - apiGroups: [ "authorization.k8s.io" ]
-    resources:
-      - subjectaccessreviews
-    verbs:
-      - create
----
-# Source: chaos-mesh/templates/chaos-dashboard-rbac.yaml
-# ClusterRole for chaos-dashboard in target namespace
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dashboard-target-namespace
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-dashboard
-rules:
-  # chaos dashboard could list pods for selector hints
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-    verbs:
-      - get
-      - list
-      - watch
-  # chaos dashboard could record evnets from chaos experiments
-  - apiGroups:
-      - ""
-    resources:
-      - events
-    verbs:
-      - get
-      - list
-      - watch
-  # chaos dashboard could record and manipulate all the Chaos Mesh resources in target namespace
-  - apiGroups: [ "chaos-mesh.org" ]
-    resources:
-      - "*"
-    verbs: [ "*" ]
----
-# Source: chaos-mesh/templates/controller-manager-rbac.yaml
-# roles
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-controller-manager-target-namespace
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
-rules:
-  - apiGroups: [ "" ]
-    resources: [ "pods", "configmaps", "secrets"]
-    verbs: [ "get", "list", "watch", "delete", "update", "patch" ]
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-    verbs:
-      - "create"
-  - apiGroups:
-      - ""
-    resources:
-      - "pods/log"
-    verbs:
-      - "get"
-  - apiGroups:
-      - ""
-    resources:
-      - events
-    verbs:
-      - patch
-      - create
-      - watch
-      - list
-      - get
-  - apiGroups: [ "chaos-mesh.org" ]
-    resources:
-      - "*"
-    verbs: [ "*" ]
----
-# Source: chaos-mesh/templates/controller-manager-rbac.yaml
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-controller-manager-cluster-level
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
-rules:
-  - apiGroups: [ "" ]
-    resources:
-      - nodes
-      - persistentvolumes
-      - persistentvolumeclaims
-      - namespaces
-      - services
-    verbs: [ "get", "list", "watch" ]
-  - apiGroups: [ "authorization.k8s.io" ]
-    resources:
-      - subjectaccessreviews
-    verbs: [ "create" ]
----
-# Source: chaos-mesh/templates/dns-rbac.yaml
-# roles
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dns-server-target-namespace
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: dns-server
-rules:
-  - apiGroups: [ "" ]
-    resources: [ "pods" ]
-    verbs: [ "get", "list", "watch" ]
-  - apiGroups: [ "" ]
-    resources: [ "configmaps" ]
-    verbs: [ "*" ]
-  - apiGroups: [ "chaos-mesh.org" ]
-    resources:
-      - "*"
-    verbs: [ "*" ]
----
-# Source: chaos-mesh/templates/dns-rbac.yaml
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dns-server-cluster-level
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: dns-server
-rules:
-  - apiGroups: [ "" ]
-    resources:
-      - namespaces
-      - services
-      - endpoints
-      - pods
-    verbs: [ "get", "list", "watch" ]
----
-# Source: chaos-mesh/templates/chaos-dashboard-rbac.yaml
-# ClusterRoleBinding for chaos-dashboard at cluster scope
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dashboard-cluster-level
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-dashboard
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: chaos-mesh-chaos-dashboard-cluster-level
-subjects:
-  - kind: ServiceAccount
-    name: chaos-dashboard
-    namespace: "chaos-mesh"
----
-# Source: chaos-mesh/templates/chaos-dashboard-rbac.yaml
-# binding ClusterRole to ServiceAccount for componnet chaos dashboard
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dashboard-target-namespace
-  # TODO: notice that the targetNamespace is still defined as .Values.controllerManager.targetNamespace, .Values.targetNamespace would be better.
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-dashboard
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: chaos-mesh-chaos-dashboard-target-namespace
-subjects:
-  - kind: ServiceAccount
-    name: chaos-dashboard
-    namespace: "chaos-mesh"
----
-# Source: chaos-mesh/templates/controller-manager-rbac.yaml
-# bindings cluster level
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-controller-manager-cluster-level
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: chaos-mesh-chaos-controller-manager-cluster-level
-subjects:
-  - kind: ServiceAccount
-    name: chaos-controller-manager
-    namespace: "chaos-mesh"
----
-# Source: chaos-mesh/templates/controller-manager-rbac.yaml
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-controller-manager-target-namespace
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: chaos-mesh-chaos-controller-manager-target-namespace
-subjects:
-  - kind: ServiceAccount
-    name: chaos-controller-manager
-    namespace: "chaos-mesh"
----
-# Source: chaos-mesh/templates/dns-rbac.yaml
-# bindings cluster level
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dns-server-cluster-level
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: dns-server
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: chaos-mesh-chaos-dns-server-cluster-level
-subjects:
-  - kind: ServiceAccount
-    name: chaos-dns-server
-    namespace: "chaos-mesh"
----
-# Source: chaos-mesh/templates/dns-rbac.yaml
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dns-server-target-namespace
-  namespace: 
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: dns-server
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: chaos-mesh-chaos-dns-server-target-namespace
-subjects:
-  - kind: ServiceAccount
-    name: chaos-dns-server
-    namespace: "chaos-mesh"
----
-# Source: chaos-mesh/templates/controller-manager-rbac.yaml
-kind: Role
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-controller-manager-control-plane
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
-rules:
-  - apiGroups: [ "" ]
-    resources: [ "services", "secrets" ]
-    verbs: [ "get", "list", "watch" ]
-  - apiGroups: ["discovery.k8s.io"]
-    resources: ["endpointslices"]
-    verbs: ["get", "list", "watch"]
-  - apiGroups: [ "authorization.k8s.io" ]
-    resources:
-      - subjectaccessreviews
-    verbs: [ "create" ]
-  - apiGroups: [ "" ]
-    resources: [ "pods/exec" ]
-    verbs: [ "create" ]
-  - apiGroups: [ "coordination.k8s.io" ]
-    resources: [ "leases" ]
-    verbs: [ "*" ]
-  - apiGroups: [ "" ]
-    resources: [ "configmaps" ]
-    verbs: [ "*" ]
----
-# Source: chaos-mesh/templates/dns-rbac.yaml
-kind: Role
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dns-server-control-plane
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: dns-server
-rules:
-  - apiGroups: [ "" ]
-    resources: [ "configmaps" ]
-    verbs: [ "get", "list" ]
----
-# Source: chaos-mesh/templates/controller-manager-rbac.yaml
-# binding for control plane namespace
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-controller-manager-control-plane
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: chaos-mesh-chaos-controller-manager-control-plane
-subjects:
-  - kind: ServiceAccount
-    name: chaos-controller-manager
-    namespace: "chaos-mesh"
----
-# Source: chaos-mesh/templates/dns-rbac.yaml
-# binding for control plane namespace
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: chaos-mesh-chaos-dns-server-control-plane
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: dns-server
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: chaos-mesh-chaos-dns-server-control-plane
-subjects:
-  - kind: ServiceAccount
-    name: chaos-dns-server
-    namespace: "chaos-mesh"
----
-# Source: chaos-mesh/templates/chaos-daemon-service.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-apiVersion: v1
-kind: Service
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-daemon
-  annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/port: "31766"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-daemon
-spec:
-  clusterIP: None
-  ports:
-    - name: grpc
-      port: 31767
-      targetPort: grpc
-      protocol: TCP
-    - name: http
-      port: 31766
-      targetPort: http
-      protocol: TCP
-  selector:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/component: chaos-daemon
----
-# Source: chaos-mesh/templates/chaos-dashboard-deployment.yaml
-apiVersion: v1
-kind: Service
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-dashboard
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/component: chaos-dashboard
-  annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/port: "2334"
-spec:
-  selector:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/component: chaos-dashboard
-  type: NodePort
-  ports:
-    - protocol: TCP
-      port: 2333
-      targetPort: 2333
-      name: http
-    - protocol: TCP
-      port: 2334
-      targetPort: 2334
-      name: metric
----
-# Source: chaos-mesh/templates/controller-manager-service.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-apiVersion: v1
-kind: Service
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-mesh-controller-manager
-  annotations:
-    prometheus.io/scrape: "true"
-    prometheus.io/port: "10080"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
-spec:
-  type: ClusterIP
-  ports:
-    - port: 443
-      targetPort: webhook
-      protocol: TCP
-      name: webhook
-    - port: 10081
-      targetPort: pprof
-      protocol: TCP
-      name: pprof
-    - port: 10082
-      targetPort: ctrl
-      protocol: TCP
-      name: ctrl
-    - port: 10080
-      targetPort: http
-      protocol: TCP
-      name: http
-  selector:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/component: controller-manager
----
-# Source: chaos-mesh/templates/dns-service.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-apiVersion: v1
-kind: Service
-metadata:
-  name: chaos-mesh-dns-server
-  namespace: "chaos-mesh"
-  annotations:
-    prometheus.io/port: "9153"
-    prometheus.io/scrape: "true"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: dns-server
-spec:
-  selector:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/component: chaos-dns-server
-  ports:
-  - name: dns
-    port: 53
-    targetPort: 5353
-    protocol: UDP
-  - name: dns-tcp
-    port: 53
-    targetPort: 5353
-    protocol: TCP
-  - name: metrics
-    port: 9153
-    protocol: TCP
-  - name: grpc
-    port: 9288
-    protocol: TCP
----
-# Source: chaos-mesh/templates/chaos-daemon-daemonset.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-daemon
-  labels:
-    app.kubernetes.io/component: chaos-daemon
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-spec:
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: chaos-mesh
-      app.kubernetes.io/instance: chaos-mesh
-      app.kubernetes.io/component: chaos-daemon
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: chaos-mesh
-        app.kubernetes.io/instance: chaos-mesh
-        app.kubernetes.io/part-of: chaos-mesh
-        app.kubernetes.io/version: ${VERSION_TAG##v}
-        app.kubernetes.io/component: chaos-daemon
-      annotations:
-    spec:
-      hostNetwork: ${host_network}
-      serviceAccountName: chaos-daemon
-      hostPID: true
-      containers:
-        - name: chaos-daemon
-          image: ${IMAGE_REGISTRY_PREFIX}/chaos-mesh/chaos-daemon:${VERSION_TAG}
-          imagePullPolicy: IfNotPresent
-          command:
-            - /usr/local/bin/chaos-daemon
-            - --runtime
-            - ${runtime}
-            - --http-port
-            - !!str 31766
-            - --grpc-port
-            - !!str 31767
-            - --pprof
-            - --runtime-socket-path
-            - /host-run/${socketName}
-          env:
-            - name: TZ
-              value: ${timezone}
-          securityContext:
-            privileged: true
-            capabilities:
-              add:
-                - SYS_PTRACE
-          volumeMounts:
-            - name: socket-path
-              mountPath: /host-run
-            - name: sys-path
-              mountPath: /host-sys
-            - name: lib-modules
-              mountPath: /lib/modules
-          ports:
-            - name: grpc
-              containerPort: 31767
-            - name: http
-              containerPort: 31766
-      volumes:
-        - name: socket-path
-          hostPath:
-            path: ${socketDir}
-        - name: sys-path
-          hostPath:
-            path: /sys
-        - name: lib-modules
-          hostPath:
-            path: /lib/modules
----
-# Source: chaos-mesh/templates/chaos-dashboard-deployment.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-dashboard
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-dashboard
-spec:
-  replicas: 1
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxSurge: 1
-      maxUnavailable: 0
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: chaos-mesh
-      app.kubernetes.io/instance: chaos-mesh
-      app.kubernetes.io/component: chaos-dashboard
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: chaos-mesh
-        app.kubernetes.io/instance: chaos-mesh
-        app.kubernetes.io/part-of: chaos-mesh
-        app.kubernetes.io/version: ${VERSION_TAG##v}
-        app.kubernetes.io/component: chaos-dashboard
-      annotations:
-    spec:
-      securityContext:
-            {}
-      serviceAccountName: chaos-dashboard
-      containers:
-        - name: chaos-dashboard
-          image: ${IMAGE_REGISTRY_PREFIX}/chaos-mesh/chaos-dashboard:${VERSION_TAG}
-          imagePullPolicy: IfNotPresent
-          resources:
-            limits: {}
-            requests:
-              cpu: 25m
-              memory: 256Mi
-          command:
-            - /usr/local/bin/chaos-dashboard
-          env:
-            - name: CLEAN_SYNC_PERIOD
-              value: "12h"
-            - name: DATABASE_DATASOURCE
-              value: "/data/core.sqlite"
-            - name: DATABASE_DRIVER
-              value: "sqlite3"
-            - name: LISTEN_HOST
-              value: "0.0.0.0"
-            - name: LISTEN_PORT
-              value: "2333"
-            - name: METRIC_HOST
-              value: "0.0.0.0"
-            - name: METRIC_PORT
-              value: "2334"
-            - name: TTL_EVENT
-              value: "168h"
-            - name: TTL_EXPERIMENT
-              value: "336h"
-            - name: TTL_SCHEDULE
-              value: "336h"
-            - name: TTL_WORKFLOW
-              value: "336h"
-            - name: TZ
-              value: ${timezone}
-            - name: CLUSTER_SCOPED
-              value: "true"
-            - name: TARGET_NAMESPACE
-              value: "chaos-mesh"
-            - name: ENABLE_FILTER_NAMESPACE
-              value: "false"
-            - name: SECURITY_MODE
-              value: "false"
-            - name: GCP_SECURITY_MODE
-              value: "false"
-            - name: GCP_CLIENT_ID
-              value: ""
-            - name: GCP_CLIENT_SECRET
-              value: ""
-            - name: DNS_SERVER_CREATE
-              value: "true"
-            - name: ROOT_URL
-              value: "http://localhost:2333"
-            - name: ENABLE_PROFILING
-              value: "true"
-          volumeMounts:
-            - name: storage-volume
-              mountPath: /data
-              subPath: ""
-          ports:
-            - name: http
-              containerPort: 2333
-            - name: metric
-              containerPort: 2334
-      volumes:
-      - name: storage-volume
-        emptyDir: {}
----
-# Source: chaos-mesh/templates/controller-manager-deployment.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  namespace: "chaos-mesh"
-  name: chaos-controller-manager
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: controller-manager
-spec:
-  replicas: 3
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: chaos-mesh
-      app.kubernetes.io/instance: chaos-mesh
-      app.kubernetes.io/component: controller-manager
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: chaos-mesh
-        app.kubernetes.io/instance: chaos-mesh
-        app.kubernetes.io/part-of: chaos-mesh
-        app.kubernetes.io/version: ${VERSION_TAG##v}
-        app.kubernetes.io/component: controller-manager
-      annotations:
-        rollme: "install.sh"
-    spec:
-      securityContext:
-            {}
-      hostNetwork: ${host_network}
-      serviceAccountName: chaos-controller-manager
-      containers:
-      - name: chaos-mesh
-        image: ${IMAGE_REGISTRY_PREFIX}/chaos-mesh/chaos-mesh:${VERSION_TAG}
-        imagePullPolicy: IfNotPresent
-        resources:
-            limits: {}
-            requests:
-              cpu: 25m
-              memory: 256Mi
-        command:
-          - /usr/local/bin/chaos-controller-manager
-        env:
-          - name: METRICS_PORT
-            value: "10080"
-          - name: WEBHOOK_PORT
-            value: "10250"
-          - name: NAMESPACE
-            valueFrom:
-              fieldRef:
-                fieldPath: metadata.namespace
-          - name: TEMPLATE_NAMESPACE
-            valueFrom:
-              fieldRef:
-                fieldPath: metadata.namespace
-          - name: ALLOW_HOST_NETWORK_TESTING
-            value: "false"
-          - name: TARGET_NAMESPACE
-            value: "chaos-mesh"
-          - name: CLUSTER_SCOPED
-            value: "true"
-          - name: TZ
-            value: ${timezone}
-          - name: CHAOS_DAEMON_SERVICE_PORT
-            value: !!str 31767
-          - name: BPFKI_PORT
-            value: !!str 50051
-          - name: ENABLED_CONTROLLERS
-            value: "*"
-          - name: ENABLED_WEBHOOKS
-            value: "*"
-          - name: TEMPLATE_LABELS
-            value: "app.kubernetes.io/component:template"
-          - name: CONFIGMAP_LABELS
-            value: "app.kubernetes.io/component:webhook"
-          - name: ENABLE_FILTER_NAMESPACE
-            value: "false"
-          - name: PPROF_ADDR
-            value: ":10081"
-          - name: CTRL_ADDR
-            value: ":10082"
-          - name: CHAOS_DNS_SERVICE_NAME
-            value: chaos-mesh-dns-server
-          - name: CHAOS_DNS_SERVICE_PORT
-            value: !!str 9288
-          - name: SECURITY_MODE
-            value: "false"
-          - name: CHAOSD_SECURITY_MODE
-            value: "false"
-          - name: POD_FAILURE_PAUSE_IMAGE
-            value: gcr.io/google-containers/pause:latest
-          - name: ENABLE_LEADER_ELECTION
-            value: "true"
-          - name: LEADER_ELECT_LEASE_DURATION
-            value: "15s"
-          - name: LEADER_ELECT_RENEW_DEADLINE
-            value: "10s"
-          - name: LEADER_ELECT_RETRY_PERIOD
-            value: "2s"
-        volumeMounts:
-          - name: webhook-certs
-            mountPath: /etc/webhook/certs
-            readOnly: true
-        ports:
-          - name: webhook
-            containerPort: 10250
-          - name: http
-            containerPort: 10080
-          - name: pprof
-            containerPort: 10081
-          - name: ctrl
-            containerPort: 10082
-      volumes:
-        - name: webhook-certs
-          secret:
-            secretName: chaos-mesh-webhook-certs
----
-# Source: chaos-mesh/templates/dns-deployment.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: chaos-dns-server
-  namespace: "chaos-mesh"
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: chaos-dns-server
-spec:
-  replicas: 1
-  strategy:
-    type: RollingUpdate
-    rollingUpdate:
-      maxUnavailable: 1
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: chaos-mesh
-      app.kubernetes.io/instance: chaos-mesh
-      app.kubernetes.io/component: chaos-dns-server
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: chaos-mesh
-        app.kubernetes.io/instance: chaos-mesh
-        app.kubernetes.io/part-of: chaos-mesh
-        app.kubernetes.io/version: ${VERSION_TAG##v}
-        app.kubernetes.io/component: chaos-dns-server
-    spec:
-      serviceAccountName: chaos-dns-server
-      affinity:
-        podAntiAffinity:
-          preferredDuringSchedulingIgnoredDuringExecution:
-          - podAffinityTerm:
-              labelSelector:
-                matchExpressions:
-                - key: app.kubernetes.io/component
-                  operator: In
-                  values:
-                  - chaos-dns-server
-              topologyKey: kubernetes.io/hostname
-            weight: 100
-      priorityClassName: 
-      containers:
-      - name: chaos-dns-server
-        image: ghcr.io/chaos-mesh/chaos-coredns:v0.2.6
-        imagePullPolicy: IfNotPresent
-        resources:
-          limits: {}
-          requests:
-            cpu: 100m
-            memory: 70Mi
-        args: [ "-conf", "/etc/chaos-dns/Corefile" ]
-        volumeMounts:
-        - name: config-volume
-          mountPath: /etc/chaos-dns
-          readOnly: true
-        ports:
-        - containerPort: 5353
-          name: dns
-          protocol: UDP
-        - containerPort: 5353
-          name: dns-tcp
-          protocol: TCP
-        - containerPort: 9153
-          name: metrics
-          protocol: TCP
-        - containerPort: 9288
-          name: grpc
-          protocol: TCP
-        livenessProbe:
-          httpGet:
-            path: /health
-            port: 8080
-            scheme: HTTP
-          initialDelaySeconds: 60
-          timeoutSeconds: 5
-          successThreshold: 1
-          failureThreshold: 5
-        readinessProbe:
-          httpGet:
-            path: /ready
-            port: 8181
-            scheme: HTTP
-        securityContext:
-          allowPrivilegeEscalation: false
-          capabilities:
-            add:
-            - NET_BIND_SERVICE
-            drop:
-            - all
-          readOnlyRootFilesystem: true
-      dnsPolicy: Default
-      volumes:
-        - name: config-volume
-          configMap:
-            name: dns-server-config
-            items:
-            - key: Corefile
-              path: Corefile
----
-# Source: chaos-mesh/templates/cert-manager-certs.yaml
-# Copyright 2022 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
----
-# Source: chaos-mesh/templates/chaos-daemon-rbac.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
----
-# Source: chaos-mesh/templates/chaos-dashboard-pvc.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
----
-# Source: chaos-mesh/templates/ingress.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
----
-# Source: chaos-mesh/templates/prometheus-configmap.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
----
-# Source: chaos-mesh/templates/prometheus-deployment.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
----
-# Source: chaos-mesh/templates/prometheus-rbac.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
----
-# Source: chaos-mesh/templates/prometheus-service.yaml
-# Copyright 2021 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
----
-# Source: chaos-mesh/templates/mutating-admission-webhooks.yaml
-# Copyright 2022 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
-  name: chaos-mesh-mutation
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: admission-webhook
-webhooks:
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-podchaos
-    failurePolicy: Fail
-    name: mpodchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - podchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-iochaos
-    failurePolicy: Fail
-    name: miochaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - iochaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-timechaos
-    failurePolicy: Fail
-    name: mtimechaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - timechaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-networkchaos
-    failurePolicy: Fail
-    name: mnetworkchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - networkchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-kernelchaos
-    failurePolicy: Fail
-    name: mkernelchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - kernelchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-stresschaos
-    failurePolicy: Fail
-    name: mstresschaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - stresschaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-awschaos
-    failurePolicy: Fail
-    name: mawschaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - awschaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-azurechaos
-    failurePolicy: Fail
-    name: mazurechaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - azurechaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-gcpchaos
-    failurePolicy: Fail
-    name: mgcpchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - gcpchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-dnschaos
-    failurePolicy: Fail
-    name: mdnschaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - dnschaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-jvmchaos
-    failurePolicy: Fail
-    name: mjvmchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - jvmchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-schedule
-    failurePolicy: Fail
-    name: mschedule.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - schedules
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-workflow
-    failurePolicy: Fail
-    name: mworkflow.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - workflows
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-httpchaos
-    failurePolicy: Fail
-    name: mhttpchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - httpchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-blockchaos
-    failurePolicy: Fail
-    name: mblockchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - blockchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-physicalmachinechaos
-    failurePolicy: Fail
-    name: mphysicalmachinechaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - physicalmachinechaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-physicalmachine
-    failurePolicy: Fail
-    name: mphysicalmachine.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - physicalmachines
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-statuscheck
-    failurePolicy: Fail
-    name: mstatuscheck.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - statuschecks
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /mutate-chaos-mesh-org-v1alpha1-remotecluster
-    failurePolicy: Fail
-    name: mremotecluster.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - remotecluster
----
-# Source: chaos-mesh/templates/validating-admission-webhooks.yaml
-# Copyright 2022 Chaos Mesh Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
-  name: chaos-mesh-validation
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: admission-webhook
-webhooks:
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-podchaos
-    failurePolicy: Fail
-    name: vpodchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - podchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-iochaos
-    failurePolicy: Fail
-    name: viochaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - iochaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-timechaos
-    failurePolicy: Fail
-    name: vtimechaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - timechaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-networkchaos
-    failurePolicy: Fail
-    name: vnetworkchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - networkchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-kernelchaos
-    failurePolicy: Fail
-    name: vkernelchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - kernelchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-stresschaos
-    failurePolicy: Fail
-    name: vstresschaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - stresschaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-awschaos
-    failurePolicy: Fail
-    name: vawschaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - awschaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-azurechaos
-    failurePolicy: Fail
-    name: vazurechaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - azurechaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-gcpchaos
-    failurePolicy: Fail
-    name: vgcpchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - gcpchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-dnschaos
-    failurePolicy: Fail
-    name: vdnschaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - dnschaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-jvmchaos
-    failurePolicy: Fail
-    name: vjvmchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - jvmchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-schedule
-    failurePolicy: Fail
-    name: vschedule.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - schedules
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-workflow
-    failurePolicy: Fail
-    name: vworkflow.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - workflows
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-httpchaos
-    failurePolicy: Fail
-    name: vhttpchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - httpchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-blockchaos
-    failurePolicy: Fail
-    name: vblockchaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - blockchaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-physicalmachinechaos
-    failurePolicy: Fail
-    name: vphysicalmachinechaos.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - physicalmachinechaos
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-physicalmachine
-    failurePolicy: Fail
-    name: vphysicalmachine.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - physicalmachines
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-statuscheck
-    failurePolicy: Fail
-    name: vstatuscheck.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - statuschecks
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-chaos-mesh-org-v1alpha1-remotecluster
-    failurePolicy: Fail
-    name: vremotecluster.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources:
-          - remotecluster
----
-# Source: chaos-mesh/templates/validating-admission-webhooks.yaml
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
-  name: chaos-mesh-validation-auth
-  labels:
-    app.kubernetes.io/name: chaos-mesh
-    app.kubernetes.io/instance: chaos-mesh
-    app.kubernetes.io/part-of: chaos-mesh
-    app.kubernetes.io/version: ${VERSION_TAG##v}
-    app.kubernetes.io/component: admission-webhook
-webhooks:
-  - clientConfig:
-      caBundle: "${CA_BUNDLE}"
-      service:
-        name: chaos-mesh-controller-manager
-        namespace: "chaos-mesh"
-        path: /validate-auth
-    failurePolicy: Fail
-    name: vauth.kb.io
-    timeoutSeconds: 5
-    sideEffects: None
-    admissionReviewVersions: ["v1", "v1beta1"]
-    rules:
-      - apiGroups:
-          - chaos-mesh.org
-        apiVersions:
-          - v1alpha1
-        operations:
-          - CREATE
-          - UPDATE
-        resources: [ "*" ]
-EOF
-    # chaos-mesh.yaml end
-}
-
-main "$@" || exit 1
diff --git a/hack/terraform2/policy.yaml b/hack/terraform2/policy.yaml
deleted file mode 100644
index 9fe4b70..0000000
--- a/hack/terraform2/policy.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: deny-egress
-  namespace: castai-agent
-spec:
-  podSelector:
-    matchLabels:
-      app.kubernetes.io/name: castai-cloud-proxy
-  policyTypes:
-  - Egress
-  egress: []
diff --git a/hack/terraform2/terraform.tf b/hack/terraform2/terraform.tf
deleted file mode 100644
index 502f0c5..0000000
--- a/hack/terraform2/terraform.tf
+++ /dev/null
@@ -1,17 +0,0 @@
-terraform {
-  required_providers {
-    castai = {
-      source = "castai/castai"
-    }
-    kubernetes = {
-      source = "hashicorp/kubernetes"
-    }
-    google = {
-      source = "hashicorp/google"
-    }
-    google-beta = {
-      source = "hashicorp/google-beta"
-    }
-  }
-  required_version = ">= 0.13"
-}
diff --git a/hack/terraform2/vars.tf b/hack/terraform2/vars.tf
deleted file mode 100644
index c706224..0000000
--- a/hack/terraform2/vars.tf
+++ /dev/null
@@ -1,39 +0,0 @@
-# GKE module variables.
-variable "cluster_name" {
-  type        = string
-  description = "GKE cluster name in GCP project."
-}
-
-variable "cluster_region" {
-  type        = string
-  default     = "europe-central2"
-  description = "The region to create the cluster."
-}
-
-variable "project_id" {
-  type        = string
-  default     = "engineering-test-353509"
-  description = "GCP project ID in which GKE cluster would be created."
-}
-
-variable "castai_api_url" {
-  type        = string
-  description = "URL of alternative CAST AI API to be used during development or testing"
-}
-
-# Variables required for connecting EKS cluster to CAST AI
-variable "castai_api_token" {
-  type        = string
-  description = "CAST AI API token created in console.cast.ai API Access keys section."
-}
-
-variable "castai_grpc_url" {
-  type        = string
-  description = "CAST AI gRPC URL"
-}
-
-variable "tags" {
-  type        = map(any)
-  description = "Optional tags for new cluster nodes. This parameter applies only to new nodes - tags for old nodes are not reconciled."
-  default     = {}
-}
diff --git a/hack/terraform2/vpc.tf b/hack/terraform2/vpc.tf
deleted file mode 100644
index 5fa6a7f..0000000
--- a/hack/terraform2/vpc.tf
+++ /dev/null
@@ -1,33 +0,0 @@
-locals {
-  ip_range_pods     = "${var.cluster_name}-ip-range-pods"
-  ip_range_services = "${var.cluster_name}-ip-range-services"
-  ip_range_nodes    = "${var.cluster_name}-ip-range-nodes"
-}
-
-module "vpc" {
-  source       = "terraform-google-modules/network/google"
-  version      = "6.0.0"
-  project_id   = var.project_id
-  network_name = var.cluster_name
-  subnets = [
-    {
-      subnet_name           = local.ip_range_nodes
-      subnet_ip             = "10.0.0.0/16"
-      subnet_region         = var.cluster_region
-      subnet_private_access = "true"
-    },
-  ]
-
-  secondary_ranges = {
-    (local.ip_range_nodes) = [
-      {
-        range_name    = local.ip_range_pods
-        ip_cidr_range = "10.20.0.0/16"
-      },
-      {
-        range_name    = local.ip_range_services
-        ip_cidr_range = "10.30.0.0/24"
-      }
-    ]
-  }
-}