Kubernetes DNS redundancy

Description

Test your Kubernetes service's availability when its primary DNS server is unreachable. Verify that DNS failover routes traffic correctly through secondary providers.

What this Scenario does

This Scenario blocks DNS traffic within your Kubernetes pods, simulating a primary DNS provider failure. This tests whether your Kubernetes DNS configuration—including CoreDNS and any external DNS providers—correctly handles failover.

Why run this Scenario?

DNS can fail in many ways, including:

  • Failures in nameservers and/or recursive resolvers, causing DNS queries to time out or return errors.
  • Network saturation (or a DDoS attack) slowing down DNS queries or causing them to drop.
  • Misconfigured Quality of Service (QoS) rules, causing the network to de-prioritize DNS traffic.

Running this Scenario can help:

  • Verify that Kubernetes CoreDNS or kube-dns handles upstream DNS failures gracefully.
  • Validate that Kubernetes service discovery continues working when external DNS providers fail.
  • Test DNS policy and dnsConfig settings across your pods for resilience.
  • Ensure that DNS failures don't cascade into pod-to-pod or pod-to-service communication outages.

Expected outcome

If the primary DNS provider fails, Kubernetes services continue resolving DNS queries through secondary providers with no interruption.

Target
Kubernetes
Experiments
DNS
DNS
Preview
Runtime:  
5 minutes