The Georgia Cyber Range, hosted and maintained at the Georgia Cyber Innovation and Training Center (GCITC), is leading the way in development, deployment and management of Cyber Range environments to support the increasing needs of cybersecurity. They began their journey in 2018 when they launched their first Private Cloud deployments of OpenStack and Ceph, based on successful pilots and proof of concepts performed at the US Army Cyber School as seen in their history. Ever since then, they’ve been able to provide scalable, repeatable and reliable Cyber Range environments to enable training, development and research leveraging native cloud technologies.
How has OpenStack transformed your organization?
It has allowed us to provide a versatile cloud environment to enhance training and research. We take the same industry concepts for the development, deployment, and management of cloud applications and services (leveraging principles such as Infrastructure as Code and Courseware as Code) which allow us to easily provision our cloud environments as we do our infrastructure, all while allowing for the max customization of environments. One of the greatest aspects has been the ability to customize our environment to work exactly as we need to include applications, systems, services, hardware and protocols to match any environment whether IT or OT. We’ve been able to develop and grow our own framework that allows for rapid re-deployment to bare-metal servers for our build of OpenStack using, https://gitlab.com/gacybercenter/gacyberrange/projects/kinetic/kinetic enabling us to add any available OpenStack services as the need arises.
What workloads are you running on OpenStack?
One of our main workloads is non-persistent Cyber Range environments. These cloud environments consist of anything and everything from native cloud applications to fully instantiated enterprise networks. This allows for seamless integrations of both software and hardware within cloud environments to fit any use case. Leveraging this type of workload allows for full support of security research and development related to cloud technologies, medical devices and Critical Infrastructure initiatives. To assist with integrations of hardware-specific technologies that can not be replicated, we utilize foundational hardware in loop concepts. This has also led to advancements with native cloud support for various emulated CPU architectures (including AARCH64, PPC64 and s390x) allowing for general availability within OpenStack for use in orchestration and deployments across the community, as can be seen here: https://review.opendev.org/q/topic:bp/pick-guest-arch-based-on-host-arch-in-libvirt-driver.
What is the scale of your OpenStack environment?
Current stats are: 15 compute nodes (1920 vCPU, 15 TiB RAM), 15 storage nodes (2 PiB), two container nodes and four controller nodes.
This allows for a compute-heavy environment as we have a lot of turn in the amount of nova instances that are built and destroyed within a single day, this also allows us to deploy multiple OpenStack deployments should the need present itself, with continuing plans to expand these resource capacities.
What other open source technologies are integrated with your OpenStack environment?
Apache’s Guacamole project provides the ability for a simplistic and modern user access portal to specific systems, where we have also released a supporting project to allow for seamless API interactions, https://pypi.org/project/guacamole-api-wrapper. To help facilitate local streamlined updates and software downloads for both Linux and Windows systems, Debian’s Apt-Cache-ng and UKLans Lancache projects are used. While utilizing current data-center methodologies we are able to maintain a 100 GiB LAN speed through the use of Netgate products to facilitate various boundary management and security capabilities.
Share your use case by filling out the OpenStack User Survey!
- Meet OpenInfra Europe Advisory Board Member: Kurt Garloff - December 21, 2023
- NVIDIA’s Journey with Kata Containers and Confidential Computing | OpenInfra Live Recap - December 18, 2023
- Large Scale Ops Deep Dive: Samsung SDS | OpenInfra Live Recap - December 14, 2023