Confidential Azure Kubernetes Service (AKS)
A convenient way to run SCONE-based applications is to use Azure Kubernetes Services (AKS): SCONE is fully compatible with AKS and in particular, you can run your workloads in production mode on AKS. In this chapter, we introduce some examples on how to execute SCONE-based applications on AKS.
Standard Applications (SconeApps)
We support a variety of applications on AKS that can be deployed with
helm and will add more over time:
|mariadb||Deploy MariaDB SCONE, i.e., MariaDB running inside of SGX enclaves, to Kubernetes|
|maxscale||Deploy MaxScale SCONE, i.e., Maxscale running inside of SGX enclaves and optionally, an HAProxy as Ingress|
|openvino||OpenVINO (Open Visual Inference and Neural network Optimization) is a toolkit facilitating the optimization and deployment of Deep Learning models|
|pytorch||An open source machine learning library developed by Facebook's AI Research lab|
|spark||Apache Spark is an open-source distributed general-purpose cluster-computing framework.|
|tensorflow||Machine Learning framework by Google|
|tensorflowlite||Deploy machine learning models|
We show next how to sconify an existing container image such that
- the application can be executed securely inside of an SGX enclave, and
- all files are encrypted by SCONE.