A Mythical Cyber Range with Kubernetes and Ludus
$ w elrey
- Experience: IT/security for 30... I mean 8 years... :)
- Work: SpecterOps
- Adversary Simulation Consultant (Pentester+)
- Community
ludus:
- vm_name: "{{ range_id }}-k8s-microk8s-01"
hostname: "{{ range_id }}-k8s-microk8s-01"
template: ubuntu-24.04-x64-server-template
vlan: 20
ip_last_octet: 11
ram_gb: 4
cpus: 4
linux: true
testing:
snapshot: true
block_internet: true
roles:
- install_k8s
- telemetry
role_vars:
k8s_flavor: microk8s
microk8s_addons:
- dns
- storage
- helm3
- registry
ui: grafana
- vm_name: "{{ range_id }}-mythic"
hostname: "{{ range_id }}-mythic"
template: ubuntu-24.04-x64-server-template
vlan: 30
ip_last_octet: 20
ram_gb: 8
cpus: 4
linux: true
testing:
snapshot: false
block_internet: false
roles:
- install_k8s
role_vars:
mythic_server: true
mythic_server_ip: 10.9.30.20
mythic_server_hostname: "{{ range_id }}-mythic"
mythic_http_profile_port: 80
network:
inter_vlan_default: REJECT
rules:
- name: Only allow Kubernetes to Mythic on 80
vlan_src: 20
vlan_dst: 30
protocol: tcp
ports: 80
action: ACCEPT
- name: Allow Mythic to reach Kubernetes on all ports
vlan_src: 30
vlan_dst: 20
protocol: tcp
ports: all
action: ACCEPT
Resources
A Mythical Cyber Range with Kubernetes and Ludus
By elrey741 (Alex)
