Good question! All of the network attacks have a whitelisting capability, to keep the host accessible. This isn't an issue with state attacks, as the client will come back online once the host reboots. And with resource attacks the client typically remains active, if your application is handling starved resources well.
Security is extremely important to us. Clients authenticate to our control plane either with a secret string or a certificate. Clients can be revoked at any point from our webapp and as well if the client loses communication to our control plane, any ongoing attack is halted.
Exactly! Chaos engineering is all about thoughtfully planned out experiments, to observe what the user experience will be when something fails. Doing this on your own terms allows you to improve the experience so that your customers aren't affected.
You can decide what happens when an in-flight request is dropped, whether you hold onto the state somehow and retry or the client could fail gracefully with a relevant error message.
So you begin by imitating Google's old logofont, and then you switch to something resembling Google's new logofont [1].
And for a company name, you decide to use the name of an established programming language and registered mark of a top-level Apache project [2], which has been in use since its inception over a decade ago, and incidentally it's a project and programming language that both your previous employers know well [3].
That's some inspired work, overflowing with creative originality. And to top if off, you have animated graphs floating in the background. Yeah, no possibility for confusion there. There's a name for that you know? Google it and see if you can find the word -- its definition has to do with siphoning goodwill. Who advised you on this and agreed these were wise choices and that this would be a good way to begin?
I like the look of this and love that you have released a free version. I am a little dismayed, though, that the two options are $0 and $1000/m (paid annually) with nothing in between. The free version seems great to get started, but I'd really like a lot more of the attacks that the paid version has, but $12,000 is much, much too high a price for a startup or personal project. That's quite a jump in cost.
I can’t speak for this vendor in particular, but one common reason for pricing like this is the vendor doesn’t want to deal with smaller customers as they often have the highest support requirements.
Pretty much. An enterprise customer won't bat an eye at $12K/year, and I imagine it'd pay for itself pretty quickly.
I can definitely relate with GP, though. It feels frustrating to learn about an interesting product only to find that it's priced way outside of your budget.
At least Gremlin has a public sticker price. Sometimes enterprise services just skip that completely and require you to setup a call with someone in their sales department, which usually means the service is outside of your budget.
Its possible. I know a guy who isn't put off buy "call us" pricing notices and he seems to get good deals, so its certainly possible. Many of us will never find out though, because "call us" means "close tab". Even if I really want their product and am willing to pay a lot for it, my time is too precious to me to waste on calls.
Thanks for putting this out! I caught a Gremlin talk at a recent conference and was very impressed with how knowledgeable the developers were.
How does the Gremlin platform interact with one of my hosts? Do I need to install an agent or something? Does it need root access to my host, hypervisor, cloud console?
Hey, I'm an engineer at Gremlin! When you install Gremlin onto your linux hosts for infrastructure experiments, you're using binaries that were completely written in Rust. I would be lying if I said there wasn't a bit of a learning curve (coming from mostly working with Java). Most of that can be attributed to the memory management concepts built into Rust. At first you fight the compiler a bit (asking things like, why am I not allowed to reference this variable?!), but you soon learn to love and rely on the compiler as it builds more confidence in the runtime behavior of the product.
One game changer for Rust is the treatment of Errors as first class citizens. It's literally built into the native types that Rust wants you to work with. That's huge for our product, given it runs in an inherently error-prone environment.
Thanks for the reply. I always anticipated Rust being a good fit for a daemon like tool. Not having to install a separate runtime and have things statically linked is a nice benefit. I know it's not the only language that is capable of this but being able to leverage the other bits of Rust helps with productivity as well.
Hi, we are startup using a lot of lambda, fargate, rds and dynamodb. Will gremlin work for this? I didn't see any mention of support of fargate or lambda on your website.
Thanks that will work nicely with our lambda functions which are in Java. How about python? We are running python django in fargate. so it is possible to bring up a new container or add gremlin in the existing container. Is this possible?
Hello from the App Engine team. Could you double check that your DNS records are accurate? Everything is looking good on our end. Thanks for the feedback!
We've found the glitch in the UI and the issue will be resolved shortly. Thanks for all the support and quick testing after announcing this beta release.
