DNSChaos Experiment

This document describes how to create DNSChaos experiments in Chaos Mesh.

DNSChaos allows you to simulate fault DNS responses such as a DNS error or a random IP address after a request is sent.

Deploy DNS service for chaos

To create DNSChaos experiments in Chaos Mesh, you need to deploy a DNS service in Chaos Mesh by executing the command below:

When the deployment finishes, check the status of this DNS service:

kubectl get pods -n chaos-testing -l app.kubernetes.io/component=chaos-dns-server

Make sure the Pod's STATUS is Running.

Configuration file

Below is a sample DNSChaos configuration file:

apiVersion: chaos-mesh.org/v1alpha1
kind: DNSChaos
metadata:
  name: busybox-dns-chaos
spec:
  action: random
  scope: inner
  mode: all
  selector:
    namespaces:
      - busybox
  duration: '90s'
  scheduler:
    cron: '@every 100s'

For more sample files, see examples. You can edit them as needed.

Fields description

• action: Defines the chaos action for DNSChaos. Supported actions are:
  • error - Get an error when sending the DNS request
  • random - Get a random IP when sending the DNS request

• scope: Defines the scope of the DNSChaos. Supported scopes are:

  • outer - DNSChaos only works on outer hosts of the Kubernetes cluster
  • inner- DNSChaos only works on inner hosts of the Kubernetes cluster
  • all - DNSChaos works on all hosts.

• selector: Specifies the target pods for chaos injection. For more details, see Define the Scope of Chaos Experiment.

Notes

• Currently, DNSChaos only supports record types A and AAAA.

• The chaos DNS service runs CoreDNS with the k8s_dns_chaos plugin. If the CoreDNS service in your Kubernetes cluster contains some special configurations, you can edit configMap dns-server-config to make the configuration of the chaos DNS service consistent with that of the K8s CoreDNS service as shown below:

  kubectl edit configmap dns-server-config -n chaos-testing