Shared non-redundant storage

The following steps assume that an instance of MITIGATOR has already been installed. Otherwise, perform the installation using one of the following methods.

Before setting up a cluster, you must set up a virtual network (VPN). It needs network connectivity between instances to work. Detailed information on setting up and the necessary access are described at the link.

Common databases for all MITIGATOR instances are physically stored on the server of one of them. The base instance must be allowed connections from other instances on the following TCP ports: 8888, 2003, 3080, 5432.

For correct system operation all packet processors must have the same amount of system resources available.

Shared non-redundant storage

If the cluster is assembled from MITIGATOR instances that previously worked independently, then conflicts may arise during the integration. Therefore, you must execute the following command on all instances except the future leader:

docker-compose down -v

Executing this command will delete countermeasure settings, event log, graphs, and other information stored in the databases of these instances. If the data needs to be saved, you must first do backup.

The installation of the base instance follows the steps described in the «Setup» section.

The rest of the MITIGATOR instances must access the database of the base instance, and therefore, they must first also udergo the standard installation. After installation, but before starting, you must:

  1. Download docker-compose.worker.yml:

    wget \
        -O docker-compose.worker.yml
  2. In the .env file, set the COMPOSE_FILE variable like this:


    If additional customizations are required, for example when using Mellanox cards , put them in  docker-compose.override.yml and add it to the list:

  3. In the .env file, set the variable MITIGATOR_STORAGE_HOST= Where is a base instance address.

  4. In the .env file, set the variable MITIGATOR_OWN_NAME=mitigator-1. Where mitigator-1 is an instance name. The name of each instance must be unique.

  5. In the .env file, set the variable MITIGATOR_HOST_ADDRESS= Where is the host address for this instance.