Phil Gebhardt
Phil Gebhardt
**Background** The Gremlin Agent Daemonset exposes various capabilities needed to: 1. carry out attacks within the Daemonset pods 2. carry out container initialization operations like entering the net/pid namespaces of...
**Install command** ``` helm install --name gremlin gremlin/gremlin \ --set gremlin.teamID=${GREMLIN_TEAM_ID} \ --set gremlin.client.tags="foo=bar,baz=quux" ``` **Exported environment (from kubectl describe pod)** Notice the missing tag `baz=quux` ``` Environment: GREMLIN_TEAM_ID: GREMLIN_TEAM_CERTIFICATE_OR_FILE:...
## Background * Gremlin currently allows a host shutdown in two different ways: using a `/proc/sysrq-trigger`, and issuing a shutdown from the host's `PID` namespace. Only the latter [is documented](https://www.gremlin.com/docs/fault-injection-experiments-shutdown),...
This fixes https://github.com/jordansissel/pleaserun/issues/149
The current behavior of `templates/sysv/default/init.sh` creates a `chown` operation on `/var/log` under default parameters. There is existing commentary on this behavior: https://github.com/jordansissel/pleaserun/pull/110#discussion_r66651817
## Background * The following drivers are replacements for these runc drivers: `containerd-linux`, `crio-linux`, `docker-linux` * These drivers have been released and default for about four months now, and we...
This capability was required for Gremlin versions older than 2.18.2, because our `runc` drivers would run sidecars with a "capabilities-add" request that was unaccompanied by a "drop-all" request and `CAP_NET_RAW`...