CF app JVM memory stress
CF app JVM memory stress is a Cloud Foundry chaos fault that drives sustained memory pressure inside the JVM of one or more instances of a Java-based app. You choose whether the pressure targets the heap or non-heap (metaspace, code cache) via the memoryType tunable. The fault runs for duration seconds and then releases the pressure.
Use this fault to validate the application's behavior near the memory limit: garbage-collection pause times, OutOfMemoryError handling, autoscaling decisions, and downstream consumer experience while the JVM is constrained.
If you have not configured the chaos infrastructure yet, go to Quickstart to install the Linux chaos infrastructure and run an experiment end to end.
Use cases
- Heap saturation: Test the app's reaction to a near-full heap (latency spikes, GC pressure, OOM events).
- Non-heap saturation: Surface class-loading bugs or runaway metaspace consumption.
- Autoscaler validation: Confirm memory-based scaling rules trigger correctly.
- GC tuning: Identify GC settings that cause excessive pause times under pressure.
Before you begin
- Chaos infrastructure: A Linux chaos infrastructure (LCI) installed in one of the supported deployment models.
- CF and BOSH credentials: The LCI host has
CF_*,UAA_SERVER_ENDPOINT, andBOSH_*credentials configured. - Target identifiers: You know the
organization,space,app, and theboshDeploymentthat manages the cluster. - Java app: The target app is a Java workload exposing a JVM debug agent on
port(default9091). javaHome: EitherJAVA_HOMEis set on the container, or you providejavaHomeexplicitly.
Supported environments
| Platform | Support status |
|---|---|
| Java apps deployed to Cloud Foundry | Supported |
| Non-Java workloads | Not supported |
Permissions required
| Action | Requirement |
|---|---|
| List apps the CF user can access | SpaceDeveloper, SpaceAuditor, OrgManager, or OrgAuditor; scopes cloud_controller.read or cloud_controller.admin |
| List BOSH deployments | BOSH user with bosh.read scope |
| SSH to a Diego cell via BOSH | BOSH UAA token with bosh.ssh or bosh.admin scope |
| Attach the JVM agent to the target container | Operator with sudo or root on the cell host |
Authentication
| Layer | Where to provide | Tunables |
|---|---|---|
| Cloud Foundry API + BOSH director | /etc/linux-chaos-infrastructure/cf.env on the LCI host | CF_API_ENDPOINT, CF_USERNAME, CF_PASSWORD, UAA_SERVER_ENDPOINT, BOSH_CLIENT, BOSH_CLIENT_SECRET, BOSH_CA_CERT, BOSH_ENVIRONMENT |
vSphere (only when faultInjectorLocation: vSphere) | /etc/linux-chaos-infrastructure/vsphere.env | GOVC_URL, GOVC_USERNAME, GOVC_PASSWORD, GOVC_INSECURE, VM_NAME, VM_USERNAME, VM_PASSWORD |
Fault tunables
Required parameters
| Tunable | Description | Default |
|---|---|---|
deploymentModel | LCI placement model. One of model-1 or model-2. | (required) |
organization | CF organization that owns the app. | (required) |
space | CF space within the organization. | (required) |
app | Java app to stress. | (required) |
Chaos parameters
| Tunable | Description | Default |
|---|---|---|
memoryType | Memory region to fill. One of heap or non-heap. | heap |
port | JVM agent port inside the container. | 9091 |
javaHome | Value of JAVA_HOME. Not required if the Java binary is on the container's PATH. | "" |
instanceAffectedPercentage | Percentage of instances to target. 0 targets exactly one. | 0 |
boshDeployment | BOSH deployment name. Required for deploymentModel: model-2. | "" |
faultInjectorLocation | local or vSphere. Required for deploymentModel: model-2. | local |
faultInjectorPort | Local port used by the fault-injector. | 50320 |
duration | Total chaos duration. | 30s |
skipSSLValidation | Skip SSL validation when calling CF APIs. | false |
rampTime | Wait period in seconds before and after the fault. | 0 |
Tunables that apply to every fault are documented in common tunables for all faults.
Fault execution in brief
Authenticates to Cloud Foundry and BOSH, locates the target app instance(s), attaches an agent to the JVM via the debug port, and allocates memory in the region selected by memoryType until the configured pressure is reached. The pressure is held for duration seconds and released on completion.
Expected behavior during fault execution
- JVM heap (or non-heap) utilization climbs toward its limit.
- Garbage collection runs more frequently and pause times typically rise.
- The app may experience
OutOfMemoryErrorif the configured workload exceeds the limit; the platform may restart the instance. - After the fault ends, memory utilization returns to baseline.
Signals to watch
- GC behavior: Inspect JVM GC metrics (pause time, frequency).
- Latency: Use an HTTP probe and assert P95 latency stays within SLO.
- Instance health: Watch
cf app <name>forCRASHEDinstances during heavy heap pressure.
Recovery and cleanup
- The JVM agent is detached when
durationelapses, releasing memory. - If the JVM crashed with
OutOfMemoryError, Cloud Foundry restarts the instance automatically.
Limitations
- Targets the JVM process inside the container, not the host.
- Requires the JVM debug port (
port) to be reachable inside the container. non-heappressure may not always trigger expected behavior if your JVM has high non-heap limits.
Troubleshooting
CF app JVM memory stress fails with 'JAVA_HOME not found' in Harness Chaos Engineering
Set the javaHome tunable to the absolute path of the JDK on the container (for example, /usr/lib/jvm/openjdk). Confirm with cf ssh <app> -c 'echo $JAVA_HOME'.
App keeps crashing during heap stress
If the app crashes repeatedly with OutOfMemoryError, the configured pressure exceeds the heap limit. Reduce duration, decrease the targeted region's size, or increase the app's memory quota with cf scale -m.
Memory does not return to baseline after the experiment
Trigger a full GC with the CF app JVM trigger GC fault, or restage the app: cf restage <app>.
Common configurations
Pressure on non-heap
apiVersion: litmuchaos.io/v1alpha1
kind: LinuxFault
metadata:
name: cf-app-jvm-memory-stress
labels:
name: app-jvm-memory-stress
spec:
cfAppJVMChaos/inputs:
duration: 60s
deploymentModel: model-2
faultInjectorLocation: vSphere
app: cf-app
organization: dev-org
space: dev-space
boshDeployment: cf
memoryType: non-heap
Stress multiple instances
apiVersion: litmuchaos.io/v1alpha1
kind: LinuxFault
metadata:
name: cf-app-jvm-memory-stress
labels:
name: app-jvm-memory-stress
spec:
cfAppJVMChaos/inputs:
duration: 30s
deploymentModel: model-2
faultInjectorLocation: vSphere
app: cf-app
organization: dev-org
space: dev-space
boshDeployment: cf
memoryType: heap
instanceAffectedPercentage: 50
CF secrets
The following Cloud Foundry secrets reside on the same machine where the chaos infrastructure is executed. These secrets are provided in the /etc/linux-chaos-infrastructure/cf.env file in the following format:
CF_API_ENDPOINT=XXXXXXXXXXXXXXXXXXX
CF_USERNAME=XXXXXXXXXXXXXXXXXXXXXXX
CF_PASSWORD=XXXXXXXXXXXXXXXXXXXXXXX
UAA_SERVER_ENDPOINT=XXXXXXXXXXXXXXX
BOSH_CLIENT=XXXXXXXXXXXXXXXXXXXXXXX
BOSH_CLIENT_SECRET=XXXXXXXXXXXXXXXX
BOSH_CA_CERT=XXXXXXXXXXXXXXXXXXXXXX
BOSH_ENVIRONMENT=XXXXXXXXXXXXXXXXXX
If the secrets file is not provided, the secrets are attempted to be derived from environment variables and the config file by the fault-injector.
| ENV name | Description | Example |
|---|---|---|
| CF_API_ENDPOINT | API endpoint for the CF setup | https://api.system.cf-setup.com |
| CF_USERNAME | Username for the CF user | username |
| CF_PASSWORD | Password for the CF user | password |
| UAA_SERVER_ENDPOINT | API endpoint for the UAA server for the CF setup | https://uaa.system.cf-setup.com |
| BOSH_CLIENT | Used by the bosh CLI, the BOSH client | admin |
| BOSH_CLIENT_SECRET | Used by the bosh CLI, the BOSH client secret | UBu9Fu3oW35sO6fw12auPH76gsRTy7 |
| BOSH_CA_CERT | Used by the bosh CLI, the file path for BOSH CA certificate | /root/root_ca_certificate |
| BOSH_ENVIRONMENT | Used by the bosh CLI, the BOSH environment | bosh.corp.local |
Fault injector ENVs and config file
If /etc/linux-chaos-infrastructure/cf.env file is not provided, fault-injector attempts to derive the secrets from environment variables or a configuration file. Any secret that is re-declared will be overridden in the following order of decreasing precedence:
/etc/linux-chaos-infrastructure/cf.envfile- Environment variables
- Configuration file
The configuration file should be provided at /etc/linux-chaos-infrastructure/cf-fault-injector.yaml:
cf-api-endpoint: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
username: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
password: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
uaa-server-endpoint: XXXXXXXXXXXXXXXXXXXXXXXXXX
bosh-client: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
bosh-client-secret: XXXXXXXXXXXXXXXXXXXXXXXXXXX
bosh-ca-cert: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
bosh-environment: XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
A mapping between all the three formats for providing the secrets is as follows:
| cf.env | ENV | cf-fault-injector.yaml |
|---|---|---|
| CF_API_ENDPOINT | CF_API_ENDPOINT | cf-api-endpoint |
| CF_USERNAME | USERNAME | username |
| CF_PASSWORD | PASSWORD | password |
| UAA_SERVER_ENDPOINT | UAA_SERVER_ENDPOINT | uaa-server-endpoint |
| BOSH_CLIENT | BOSH_CLIENT | bosh-client |
| BOSH_CLIENT_SECRET | BOSH_CLIENT_SECRET | bosh-client-secret |
| BOSH_CA_CERT | BOSH_CA_CERT | bosh-ca-cert |
| BOSH_ENVIRONMENT | BOSH_ENVIRONMENT | bosh-environment |
vSphere secrets
These secrets are provided only if vSphere is used as the deployment platform for CF.
The following vSphere secrets reside on the same machine where the chaos infrastructure is executed. These secrets are provided in the /etc/linux-chaos-infrastructure/vsphere.env file in the following format:
GOVC_URL=XXXXXXXXXXXXXXXXXXXXXX
GOVC_USERNAME=XXXXXXXXXXXXXXXXX
GOVC_PASSWORD=XXXXXXXXXXXXXXXXX
GOVC_INSECURE=XXXXXXXXXXXXXXXXX
VM_NAME=XXXXXXXXXXXXXXXXXXXXXXX
VM_USERNAME=XXXXXXXXXXXXXXXXXXX
VM_PASSWORD=XXXXXXXXXXXXXXXXXXX
| ENV Name | Description | Notes |
|---|---|---|
| GOVC_URL | Endpoint for vSphere | For example, 192.168.214.244 |
| GOVC_USERNAME | Username for the vSphere user | For example, username |
| GOVC_PASSWORD | Password for the vSphere user | For example, password |
| GOVC_INSECURE | Skip SSL validation for govc commands | For example, true |
| VM_NAME | Name of the vSphere VM where the fault-injector utility is installed | For example, cf-vm |
| VM_USERNAME | Username for the VM guest user | For example, root |
| VM_PASSWORD | Password for the VM guest user | For example, password |
Related faults
- CF app JVM CPU stress: Apply CPU pressure instead of memory pressure.
- CF app JVM trigger GC: Force a GC cycle to test pause-time behavior.