Skip to main content
Back to News

Hardened Kubernetes and Edge Computing for Field-Deployable Applications

Case Study: Real-World DevSecOps Brought to Life for Everyone

Hardened Kubernetes and Edge Computing for Field-Deployable Applications

In the realm of software development, particularly when we’re talking about DevSecOps—which blends development, security, and operations—theoretical concepts can often seem abstract and intangible.

This is where our prototype field-deployable compute cluster comes into play. It serves as a physical manifestation of BrainGu’s Structsure™ DevSecOps platform, effectively demonstrating DevSecOps and Internal Developer Platform capabilities in a real-world setting. This prototype was developed to be fully compliant with the DoD DevSecOps Reference Design, and not only adheres to the highest standards of security and efficiency but also brings the sophistication of the Structsure platform. It is accessible, understandable, and demonstrates how integrating robust security practices from the outset can lead to powerful, efficient, and secure software solutions.

The Core: Demonstrating Structsure's Principles through the Prototype

This field-deployable cluster prototype is a living embodiment of the principles that drive Structsure. Each element of the prototype illustrates what we refer to as the “(rs)^2 principles” (Resiliency, Scalability, Reliability, and Security), which are central to DevSecOps and align with the stringent standards of the DoD.

Resiliency
The cluster’s design allows hot swapping of compute nodes, which ensures that operations continue running smoothly, even in the event of hardware malfunctions. This capability reflects our deep understanding that resilience is essential in dynamic computing environments.
Scalability
The modular nature of this prototype exemplifies Structsure's adaptability and how systems can evolve in response to changing demands, easily scaling up or down, not only based on workload requirements, but also based on physical constraints, such as size, weight, power consumption (SWaP), and portability considerations, a hallmark of agile and responsive technology.
Reliability
From earlier versions to the current iteration, the prototype reflects Structsure's commitment to reliability, evolving through real-world testing and enhancements to ensure performance and reliability in a variety of conditions.
Security
Compliant with the DoD DevSecOps Reference Design, the prototype is a testament to Structsure's emphasis on security. Its architecture showcases how Structsure protects data and operations, crucial in both defense and commercial applications.

Evolution: From Concept to Perfection

V1: The Foundation Phase

Our journey commenced in November 2022 with the first iteration of the field-deployable compute cluster, a pioneering step in portable edge computing. This initial prototype, featuring three Lattepanda 864s boards as worker nodes and a Dell Optiplex 7050 Micro workstation as the control plane, laid the groundwork for our revolutionary approach in demonstrating DevSecOps. Encased in a Pelican Storm IM2300, complemented by 3D printed and laser-cut acrylic components, this prototype was our first foray into blending functionality with feasibility, setting the stage for the innovations that Structsure would embody.

A crude mockup
A crude mockup.
A more robust mockup and test fit with some of the core components installed
Core components installed.
Acrylic top panel cut out and engraved
Acrylic top panel cut out and engraved.
Top panel mocked up and test fit out of cardboard
Top panel mocked up and test fitted.
Final components mounted and tested.
Final components mounted and tested.
Test fire!
Test fire!
On display at AFCEA West 2023
On display at AFCEA West 2023.

We quickly recognized that we needed to improve the design before the next show, KubeCon + CloudNativeCon EU 2023.

V2: Refinement and Evolution

Leveraging insights from our initial model, the second-generation prototype marked a significant design evolution. We maintained the robust Pelican Storm IM2300 housing but introduced critical changes: replacing the Dell workstation with three additional Lattepanda 864s boards, bringing the total to six. This not only allowed for the creation of a highly available control plane but also optimized resource distribution, reflecting Structsure's principle of a balanced and efficient system architecture. The physical design underwent a comprehensive overhaul, enhancing precision and durability—a testament to our commitment to continuous improvement in our DevSecOps journey.

6 node dock next to the v1 4 node dock
Added a 6-node compute dock.
Surface tablet added for observability of the cluster
Added a Surface tablet for observability of the cluster.
In the new horizontal configuration, we quickly noticed that thermals had became an issue 😬
Discovered thermal issues in the new configuration.
We tried switching to an aluminum enclosure that was custom milled to fit in the existing dock, however the results were unsatisfactory.
Switched to an aluminum enclosure.
Ultimately we ended up adding fans to exhaust the heat
Added fans to exhaust the heat.
This got temps down to a more manageable level. It was still not ideal, but it was time to pack everything up to go to the next show (Kubecon EU) so we decided to roll with it as-is.
Got temps down to a manageable level.

Showcased at KubeCon + CloudNativeCon Europe 2023 in Amsterdam: The v2 prototype featuring two Valve Steam Decks integrated as additional worker nodes.

On the cluster, we were running the chaos engineering game, Kubedoom, where in-game actions would dynamically impact Kubernetes pods and resources, displaying Structsure's resilience and reliability through seamless recovery.

On the way back to America! It survived the trip just fine! #reliability
On the way back to America—it survived the trip just fine! #reliability.
During 2023 we tried a few things to fix the thermal warping of the individual cases. It turns out that I suck at SLA (resin) printing… 😑
Attempted to fix the thermal warping of the individual cases. 😑
v2 on display again at DSEI 2023 in London
v2 on display again at DSEI 2023 in London.
Spence image
Spence 11:11

We’re going to need something better for KubeCon North America.

Tim image
Tim 11:22

I’ve got just the thing!

V3: A Technological Marvel

The third-generation prototype brings us to the zenith of our innovation. This version showcases a paradigm shift not only in design but materials, as well.

The cluster is now composed of six identical Lattepanda SIGMA 32GB compute nodes and features a skeleton composed of aluminum extrusion—an aerospace-grade material known for its strength and lightness. The structural components, laser-cut from 1/4" thick acrylic, provide a perfect balance of stability and weight. Introducing polycarbonate 3D printed parts adds a touch of resilience, ensuring durability in demanding scenarios. The entire ensemble is now elegantly enclosed within a sleek and durable Pelican Air 1535 case.

Lattepanda SIGMA has entered the chat.
Lattepanda SIGMA has entered the chat.
A few careful measurements later and a working prototype dock has emerged.
A working prototype dock has emerged.
The older form factor was tiresome to carry through an airport. We needed something with a little more space, and WHEELS! The Pelican AIR 1535 fit the bill perfectly. It’s larger but still fits perfectly in the overhead compartment on an airplane. And it is designed to be wheeled like luggage.
We needed something with a little more space, and WHEELS!
SIGMA worker node populated with coral.ai accelerator, and 1.5t of NVMe storage.
SIGMA worker node populated with coral.ai accelerator, and 1.5t of NVMe storage.
v2 of the box cannibalized for some parts reuse. 😢 I sure hope v3 works!
v2 of the box cannibalized for some parts reuse. 😢 Hopefully, v3 works!
Test fitting the Sigma nodes in the AIR case with the aluminum skeleton. Looking promising!
Test fitting the Sigma nodes in the AIR case with the aluminum skeleton. Looking promising!
Freshly printed polycarbonate docks for assembly.
Freshly printed polycarbonate docks for assembly.
All six nodes in the dock test fit in the case.
All six nodes in the dock test fit in the case.
Skeleton complete - Power supply and network mounted and wired in. All hardware is powered up and initial function tests are good!
Skeleton complete - Power supply and network mounted and wired in.
Final fitment into the case - Display and Raspberry Pi mounted into the lid for observability of the cluster. Time to go to the next show! (KubeCon + CloudNativeCon NA)
Display and Raspberry Pi mounted into the lid for observability of the cluster.
v3.0 on display at KubeCon + CloudNativeCon NA 2023.
v3.0 on display at KubeCon + CloudNativeCon NA 2023.
Troubleshooting some intermittent power issues with the v3.0.
Discovered a design flaw that wasn’t apparent until we put the box under some real-world stress.
New, more reliable power supply arrangement required a complete refactor of the layout of the skeleton and a ton of new acrylic and polycarbonate pieces.
The new power supply arrangement required a complete refactor.
During this redesign, the corner of my office became a warzone!
During this redesign, the corner of my office became a warzone!
New AC inlet configuration.
New AC inlet configuration.
Everything successfully refactored, rearranged, re-cabled, and put back together. New MS Surface tablet mounted in a custom cut acrylic frame for better observability and performance.
New MS Surface tablet mounted in a custom cut acrylic frame.

A Symphony of Innovation: Merging Hardware with Structsure's Software

The evolution from our initial prototype to the current state is not just a tale of technological advancements, it's a narrative of pushing boundaries in design and materials, intertwined with the sophisticated orchestration of Structsure's software capabilities.

The synergy between the hardware's robust composition and Structsure’s resilient architecture creates a harmonious blend. Each aspect of the hardware—from its aluminum framework to its computational power—is meticulously aligned with Structsure's core principles of resilience, scalability, reliability, and security.

  • Resilience in Integration: The hardware’s durable design complements Structsure’s resilient architecture, ensuring uninterrupted service delivery and maintaining system integrity in the face of hardware challenges.
  • Scalability through Synergy: The system’s modularity and computational resources, paired with Structsure's dynamic scaling capabilities, offer an adaptable environment that can scale up, or down, to efficiently handle virtually any workload.
  • Reliability by Partnership: The combination of the cluster’s reliable hardware and Structsure’s consistent runtime environment results in an established infrastructure for seamless operation of critical applications.
  • Security from the Foundation: Both hardware and software share a commitment to security. The cluster’s compliance with the DoD DevSecOps Reference Design, coupled with Structsure’s Zero Trust Architecture and continuous security protocols, forms a comprehensive defense strategy, vital in both commercial and defense applications.

The Intersection of Innovation and Practical Deployment with Structsure

The fusion of the field-deployable edge computing cluster and Structsure’s DevSecOps platform symbolizes the union of innovative technology with practical deployment considerations.

Structsure's focus on creating a developer-friendly, scalable, and secure environment ensures that our prototype functions not only with computational efficiency, but also with the intelligent and strategic application that modern DevSecOps necessitates. As we continue to evolve and redefine the landscape of edge computing, our prototype stands as a testament to the successful integration of cutting-edge technology and thoughtful design, embodying the core values and capabilities of Structsure.

Stay connected to keep up on our latest innovations and experience Structsure's dynamic capabilities firsthand. If you’re lucky, you can grab a hands-on demo of this edge-deployable prototype, and who knows, you might even catch us throwing it out of an airplane!

Follow BrainGu on LinkedIn or explore Our Events to find out where we'll be in 2024. Join us on this exciting journey into the future of DevSecOps!

Related Posts

View From The Edge View From The Edge

View From The Edge

This article explores when stepping to the edge, what should be the primary considerations. Edge deployments provide increased freedom to develop for latency-sensitive applications, reduce cloud costs by offloading processing, and help reduce operational overhead.

The BrainG-UX Philosophy The BrainG-UX Philosophy

The BrainG-UX Philosophy

An authentic user experience goes far beyond giving customers what they say they want. So we go deeper and research the underlying wants and needs of the end-user. To provide a high-quality user experience, we have to be seamless in our disciplines, which we discuss in detail.