“Honey, I shrunk the cluster” or building a small, portable distributed testbed of awesomeness

This entry is part 1 of 1 in the series Monochromacy Cluster (RPi3)

Yet another Raspberry Pi Cluster build… or is it?!

This series is mainly to see if I can create an immutable IaaS environment which is portable, small-scale-but-easily-expandable-to-full-size, built on the new DevOps way of working (meaning infrastructure-in-code), secure, adaptable and self-defending but most of all a fun distraction.

I was inspired by the DARPA Cyber Grand Challenge 2016 in which 5 autonomous machines were playing CTF and can both attack as well as defend (e.g. analyze the attack and write patches) their own vulnerable services. Specifically as one of the machines names Shellphish open-sourced their code for everyone to play with.

What if I could downscale that code on a smaller platform to see and understand how the distributed technology works…

… it seems a longshot so let’s get started on the ‘basics’

Functional requirements

  • The cluster needs to be self-contained, low-power and portable
  • The cluster must scale easily either in its current form by adding Raspberry Pi’s or by redeploying the Infrastructure-in-Code to cloud IaaS providers
  • The control node is the only accessible cluster node from untrusted
  • The cluster is managed through Ansible from within the cluster
  • The control node provides central NFS storage to the drone nodes
  • Mikrotik (RB493G) provides the core router/switch/vlan/firewall/connectivity functionality and acts as the security layer between the trusted-dmz-untrusted zones
  • The drone nodes will be immutable
  • Bare-metal possibility of adding drone nodes
  • The purpose of the cluster must be easily changed (e.g. distributed webserver cluster to Hadoop cluster to Docker Swarm cluster to whatever-I-need-at-that-moment-in-time)
  • Provide a solid base to explore and demo PaaS and IoT

I’ll probably come up with more use-cases as I go along 🙂

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.