SCONE-based confidential applications can be deploy with
helm, i.e., the Kubernetes Package Manager on AKS. To do so, you need to
helmhas access to our helm charts: helm installation
- ensure that the SCONE SGX Plugin is installed: plugin installation
- ensure that our SCONE LAS (local attestation service) is installed: LAS installation
In the near future, we will also support the native AKS SGX Plugin, i.e., if the SCONE SGX Plugin is not installed, we will use the AKS SGX Plugin instead. Also, if the LAS service is not installed, we will in future be able to use the service offered by AKS. In this way, getting started will become even easier. For now, please install the SCONE SGX Plugin and SCONE LAS.
AKS is compatible with
helm, i.e., one can deploy applications with
helm as soon as your confidential AKS cluster is running.
To set up an AKS cluster, use the AKS command line interface. A quick walk-through on how to deploy a Kubernetes cluster and how to deploy applications on AKS, please follow this description.
Note that our SCONE services will stay compatible with any Kubernetes cluster, i.e., you could deploy some confidential services on your own Kubernetes cluster while others run on AKS. Deploying with
helm makes it very easy to redeploy workloads on a different Kubernetes cluster, like, moving service from your private cluster to AKS, or vice versa.