MultiJuicer addresses the challenge of deploying and managing numerous OWASP Juice Shop instances for security training and Capture The Flag (CTF) events. It provides organizers with an automated, scalable solution to provision individual Juice Shop environments for each participant on a central Kubernetes cluster, eliminating the need for manual setup and streamlining event logistics. This enables efficient, large-scale security education and competition environments.

How It Works

MultiJuicer leverages Kubernetes to dynamically create and manage separate Juice Shop instances as needed. A custom-built LoadBalancer routes participant traffic to their dedicated instances, ensuring isolation and manageability. The architecture employs distinct Kubernetes deployments for each team or user, simplifying debugging, scaling, and instance lifecycle management. This approach allows for granular control and efficient resource utilization within a centralized event infrastructure.

Quick Start & Requirements

• Primary Install: helm install multi-juicer oci://ghcr.io/juice-shop/multi-juicer/helm/multi-juicer
• Prerequisites: A Kubernetes cluster and Helm package manager.
• Guides: Installation guides are available for Digital Ocean, AWS, OpenShift, Plain Kubernetes, and Azure. Customization options for the stack and Juice Shop instances are detailed in separate guides.
• Links: Architecture Documentation, Visual Walkthrough

Highlighted Details

• Automated provisioning of individual Juice Shop instances per participant.
• Centralized domain with a custom LoadBalancer for traffic distribution and access control.
• Integrated leaderboard to track participant progress.
• Admin interface for managing Juice Shop instances.
• Automatic cleanup of outdated or unused instances.
• Features for backup and auto-applying challenge progress upon container restarts.

Maintenance & Community

Originally developed at iteratec, the project was open-sourced in 2019 and donated to the OWASP Juice Shop project in 2023. Community interaction and feedback are encouraged via the #project-juiceshop channel on the OWASP Slack Workspace.

Licensing & Compatibility

The provided text does not explicitly state the software license. As a project associated with OWASP, it is expected to be under a permissive open-source license, but confirmation is required. It is designed to run on Kubernetes environments.

Limitations & Caveats

Features such as the LLM Gateway and CTF view mentioned in the README are currently unreleased and slated for the upcoming v10 MultiJuicer release. The system requires a Kubernetes cluster and Helm for deployment, and resource planning is necessary, estimating 1GB CPU/memory overhead per participant instance plus cluster components.