Skip to main content
Version: Preview


Check your permission

Fault injection requires local code permission. Make sure your access key has been granted with local code permission.

Go to IAM and click Users -> User name -> Security credentials -> Create access key and select Local code.

Create access key


After a new access key is created, you need to set aws configure again.

Enable Chaos Mesh

Both Helm and kbcli are provided as options to deploy Chaos Mesh.

Here we use ChaosMesh v2.5.2 and the DNS server is enabled for DNS fault injection.

For installing ChaosMesh in Containerd, run the command below.

kbcli addon enable fault-chaos-mesh

For installing ChaosMesh in k3d/k3s, run the command below.

kbcli addon enable fault-chaos-mesh --set dnsServer.create=true --set chaosDaemon.runtime=containerd --set chaosDaemon.socketPath=/run/k3s/containerd/containerd.sock

If you set taints, you can set tolerations following the commands below.

# Chaos-mesh follows the tolerations of kubeblocks by default
# You can specify tolerations for four components of fault-chaos-mesh, controllerManager, chaosDaemon, dashboard, and dnsServer, according to your needs.
# Once a component is specified with tolerations, the default toleration of all components fails. It is recommended to spcify tolerations for four components or none.
kbcli addon enable fault-chaos-mesh \
--tolerations '[{"key":"kb-controller","operator":"Equal","effect":"NoSchedule","value":"true"}]' \
--tolerations 'chaosDaemon:[{"key":"kb-controller","operator":"Equal","effect":"NoSchedule","value":"true"},{"key":"kb-data","operator":"Equal","effect":"NoSchedule","value":"true"}]' \
--tolerations 'dashboard:[{"key":"kb-controller","operator":"Equal","effect":"NoSchedule","value":"true"}]' \
--tolerations 'dnsServer:[{"key":"kb-controller","operator":"Equal","effect":"NoSchedule","value":"true"}]'