Confidential Azure Kubernetes Service (AKS)
A convenient way to operate SCONE-based applications is to use Azure Kubernetes Services (AKS). SCONE is fully compatible with AKS. Very soon, we will release new features to more easily use some of the advanced AKS features:
- enable Microsoft Azure Attestation (MAA) - as an alternative to using native Intel DCAP - via the SCONE CAS policy, and
- enable retrieval of secrets from Azure Key Vault (AKV) via SCONE CAS policies.
This will simplify the development and operation of confidential applications. For example, one can develop an application in a local Kubernetes cluster and operate the same application in AKS. In the local cluster, one uses Intel DCAP-based attestation - which ships with the SCONE platform - and secrets generated by SCONE CAS. On AKV, one can use MAA (or, native Intel DCAP) for attestation and retrieve secrets from AKV - via a simple SCONE CAS policy change. This means that there is no need to modify the application. For example, one can inject the secrets retrieved from AKV into configuration files as usually.
In the next sections, we introduce examples on how to execute SCONE-based applications on AKS. This includes
- a simple Confidential Flask Demo, and
- an end-to-end, always-encrypted and attested Confidential Document Management service.
Standard Languages
SCONE supports the following Programming languages:
Standard Applications (SconeApps)
We support a variety of applications on AKS that can be deployed with helm and will add more over time:
| Application | Description |
|---|---|
| database | Umbrella chart to deploy a scalable, confidential database consisting of MariaDB SCONE and MaxScale SCONE and HAProxy |
| mariadb | Deploy MariaDB SCONE, i.e., MariaDB running inside of SGX enclaves, to Kubernetes |
| maxscale | Deploy MaxScale SCONE, i.e., Maxscale running inside of SGX enclaves and optionally, an HAProxy as Ingress |
| memcached | Deploy memcached inside of SGX enclaves, generate and inject TLS certificates to secure communication. |
| openvino | OpenVINO (Open Visual Inference and Neural network Optimization) is a toolkit facilitating the optimization and deployment of Deep Learning models |
| pytorch | Deploy pytorch inside of SGX enclaves. |
| spark | Apache Spark is an open-source distributed general-purpose cluster-computing framework. |
| tensorflow | Machine Learning framework by Google |
| tensorflowlite | Deploy machine learning models |
| Visual Studio Code | Deploy VisualStudio Code and the SCONE CrossCompiler to be able to edit and run your confidential applications inside of a Kubernetes cluster. |
| Zookeeper | Deploy Zookeeper cluster inside of SGX enclaves. |
Individual Applications
We show next how to sconify an existing container image such that
- the application can be executed securely inside of an SGX enclave, and
- all files are encrypted by SCONE.
The community edition requires the existence of an already sconified binary of another image while the standard edition can covert an existing binary to run inside of SGX enclaves.
Setup Steps
-
First, you need to get access to confidential AKS.
-
Second, you need to set up helm, SGX Plugin, and LAS. Note that you can use the AKS SGX Plugin instead of the SCONE SGX Plugin.
To run LAS on Azure Icelake machines (standalone VMs or AKS nodepools) and perform the local attestation of SCONE applications, some Azure-specific libraries are required. For that matter, we provide a special image crafted for Azure, that must be used if running on Azure:
registry.scontain.com/sconecuratedimages/kubernetes:las.microsoft-azure. -
Third, you deploy your application or a SconeApps like MariaDB.