Network Gremlins

Blackhole

Parameter Description
Length The length of the attack (seconds)
Ipaddresses Only impact traffic to these IP addresses (also accepts CIDR values, like: 10.0.0.0/24)
Device Impact traffic over this network interface
Hostnames Only impact traffic to these hostnames
Egress Ports Only impact egress traffic to these destination ports (also accepts ranges, like 8080-8085)
Ingress Ports Only impact ingress traffic to these destination ports
Protocol Impact traffic over this network interface

Latency

Parameter Description
Length The length of the attack (seconds)
Ipaddresses Only impact traffic to these IP addresses (also accepts CIDR values, like: 10.0.0.0/24)
Device Impact traffic over this network interface
Hostnames Only impact traffic to these hostnames
Egress Ports Only impact egress traffic to these destination ports (also accepts ranges, like 8080-8085)
Source Ports Only impact egress traffic from these source ports
MS How long to delay egress packets (millis)
Protocol Impact traffic over this network interface

DNS

Parameter Description
Length The length of the attack (seconds)
Ipaddresses Prevent lookups from these DNS servers (also accepts CIDR values, like: 10.0.0.0/24)
Device Impact traffic over this network interface
Protocol Impact traffic over this network interface

Packet Loss

Parameter Description
Length The length of the attack (seconds)
Ipaddresses Only impact traffic to these IP addresses (also accepts CIDR values, like: 10.0.0.0/24)
Device Impact traffic over this network interface
Hostnames Only impact traffic to these hostnames
Egress Ports Only impact egress traffic to these destination ports (also accepts ranges, like 8080-8085)
Source Ports Only impact egress traffic from these source ports
Percent Percentage of packets to drop (10 is 10%)
Protocol Impact traffic over this network interface
corrupt Corrupt the packets instead of just dropping them.

Resource Gremlins

CPU

Parameter Description
Length The length of the attack (seconds)
Cores The number of cores to try to utilize

IO

Parameter Description
Length The length of the attack (seconds)
Dir The root directory for the IO attack
Workers The number of IO workers to run concurrently
Mode Do only reads, only writes, or both
Block Size Number of Kilobytes (KB) that are read/written at a time
Block Count The number of blocks read/written by workers

Disk

Parameter Description
Length The length of the attack (seconds)
Dir The root directory for the IO attack
Workers The number of diskwrite workers to run concurrently
Block Size Number of Kilobytes (KB) that are read/written at a time
Volume Percentage Percent of Volume to fill (0100)

Memory

Parameter Description
Length The length of the attack (seconds)
MB The number of megabytes to allocate
GB The number of gigabytes to allocate

Using Network Parameters

Passing Multiple Values

Port and address options can be used multiple times in a single command

# Attack both DynamoDB and database.mydomain.org
gremlin attack latency -h dynamodb.us-west-1.amazonaws.com -h database.mydomain.org

Alternatively, a , can also be used to specify multiple values.

gremlin attack latency -p 8080,443

Whitelisting Values

A ^ can be used before a port or addres to whitelist that parameter. If only a whitelist is supplied, all other traffic is impacted.

# Slow down all ports except DNS port
gremlin attack latency -p ^53

This can be particularly useful for whitelisting a specific IP from a range.

# Blackhole all hosts in 10.0.0.0/24 except for 10.0.0.11
gremlin attack blackhole -i 10.0.0.0/24 -i ^10.0.0.11

State Gremlins

Time Travel

Parameter Description
Length The length of the attack (seconds)
NTP Disable NTP from correcting systemtime
Offset The offset to the current time (seconds)

Process Killer

Parameter Description
Length The length of the attack (seconds)
Interval The number of seconds to delay before kills
Process The process name to match (allows regex) or the process ID
Group The group name or ID to match against (name matches only)
User The user name or ID to match against (name matches only)
Newest If set the newest matching process will be killed (name matches only, cannot be used with o)
Oldest If set the oldest matching process will be killed (name matches only, cannot be used with n)
Exact If set the match must be exact and not just a substring match (name matches only)
Kill Children If set the processes children will also be killed
full match If set the processes name match will occur against the full command line string that the process was launched with

Shutdown

Parameter Description
Delay The number of minutes to delay before shutting down
Reboot Indicates the host should reboot after shutting down