NRE Labs Community

Adding core capabilities to antidote

There are a few key areas where I think adding capabilities to antidote would be useful:

  1. UI support. Webssh2 currently only supports ssh, but inclusion of an ‘rdp.js’ ability upstream would be quite useful. I opened an issue in webssh on this that I can push on if this is something that would be helpful. Other protocols could include spice, vnc, etc. but RDP would probably be the easiest thing to start with.

  2. Support for multiple backends. K8s serves the NRE purpose perfectly, but if we want to start expanding scope of potential content, I think a vm-based backend is going to be helpful. kubevirt would be a natural fit here, but I also have a specific need to support an OpenStack backend with all of the special add-on services (particularly for multiarch environments). I’m guessing that content writers would specify the backend that their content ‘required’ and antidote would just figure it out appropriately, assuming that it already had appropriate API access to kubevirt, OpenStack, whatever.

  3. Gamification support. Adding a built-in CTF (probably ctfd, but open to ideas) server to test students’ knowledge of the lessons they just took. Figuring out a way to dump pretty progress reports would also be helpful.

  4. Video lesson support. Lessons should have the ability to have short videos included in them via URL, either for the purpose of an instructor demonstrating a concept, or just some general additional material.

  5. Improve self-medicate. I have a specific need for this to all function where internet access is extremely limited or not available at all. The experience has to be 1:1 with an online copy of antidote (or at least as close as humanly possible). Self-medicate should have a ‘build’ function that can be executed on an internet connected machine which will pre-stage a fully functional antidote environment suitable for distribution on a flash drive, etc.

These are very high level concepts, but you get the idea.

@bitskrieg This is great, thank you! Some high level thoughts on each point:

  1. This sounds cool! Nothing much to share here, this was something we gave up on for the time being after moving away from guacamole, so cool that this might be looked into again.

  2. This would be a significant undertaking. K8s is woven pretty deeply into Antidote. Not saying it’s impossible, but I’m sure there are a large number of assumptions in Antidote that are based on the presence of K8s that we would need to uncover and compensate for. This is something that I would probably want to take a stab at producing a design doc for - thinking some kind of plugin architecture that satisfy an Antidote interface for provisioning should be sufficient, but again what I worry most about isn’t the work involved, it’s all the assumptions about capabilities. One thing I would encourage you to look at is the recent support for Kata containers, which now by default executes all endpoints in a lightweight virtual machine. We also execute some images like the vqfx in qemu, which just happens to be running in Docker. So the long and short of this is that as of today all endpoints actually run in VMs, despite the platform itself running on top of K8s. It still sounds, however, that you have needs that would go beyond this, so one thing that I think would be helpful is a deep dive from you specifically into this, like what services and architectures in OpenStack you need for what purposes, and that will help drive design decisions going forward

  3. One idea that was raised last year was integration with existing learning management systems, many of which include their own ways of gamifying the path. Based on my early explorations, this might be a good path to getting this quickly. I haven’t looked into ctfd, will explore that as well.

  4. This is supported today. Lessons can either have a single video for the whole lesson, or provided per-stage. Providing a URL there automatically provides a button on the web UI to pop this up in a dialog box. The only caveat is that only youtube is supported today, but adding support for others like vimeo should be pretty simple.

  5. Sounds great to me. Selfmedicate has had some efforts in the past (see convos here in this forum and on its repo) to simplify it, but given it’s no longer a required tool for content development, it has suffered a bit of neglect. I am willing to fully delegate it to whoever wants to invest time into it, tbh.

Thanks so much for taking the time to document these, and I look forward to diving into some of the specifics. When I have anything else to share on any of the above, I’ll respond here.

@bitskrieg Just checking in. I’ve been sidetracked with some personal stuff in the last month or so but I’m mostly back to normal now and wanted to ask if there’s anything I can do to help with your efforts here.

We just got the PO with Bitovi cut yesterday, and our kickoff is on the 29th. I’ve dug a little deeper on how I think this could work based on your feedback and will post soon!

Cool. If there’s anything I can do to help during the process, including attending planning meetings, etc, please don’t hesitate to let me know. The more aware I am of the planned work, the smoother the integration process will be.

Absolutely - I am working on some docs with some implementation ideas that I’ll bring to the contract kickoff. I want this to be 100% upstream so we never have to carry custom patches so keeping you in the loop is priority 1. I’ll share my ideas later this week.

1 Like