Prerequisites

• 1: Hardware Requirements
• 1.1: CoCo without Hardware
• 1.2: Secure Execution Host Setup
• 1.3: SEV-SNP Host Setup
• 1.4: SGX Host Setup
• 1.5: TDX Host Setup
• 2: Cloud Hardware
• 3: Cluster Setup

1 - Hardware Requirements

Confidential Computing is a hardware technology. Confidential Containers supports multiple hardware platforms and can leverage cloud hardware. If you do not have bare metal hardware and will deploy Confidential Containers with a cloud integration, continue to the cloud section.

You can also run Confidential Containers without hardware support for testing or development.

The Confidential Containers operator, which is described in the following section, does not setup the host kernel, firmware, or system configuration. Before installing Confidential Containers on a bare metal system, make sure that your node can start confidential VMs.

This section will describe the configuration that is required on the host.

Regardless of your platform, it is recommended to have at least 8GB of RAM and 4 cores on your worker node.

1.1 - CoCo without Hardware

For testing or development, Confidential Containers can be deployed without any hardware support.

This is referred to as a coco-dev or non-tee. A coco-dev deployment functions the same way as Confidential Containers with an enclave, but a non-confidential VM is used instead of a confidential VM. This does not provide any security guarantees, but it can be used for testing.

No additional host configuration is required as long as the host supports virtualization.

1.2 - Secure Execution Host Setup

Platform Setup

This document outlines the steps to configure a host machine to support IBM Secure Execution on IBM Z & LinuxONE platforms. This capability enables enhanced security for workloads by taking advantage of protected virtualization. Ensure the host meets the necessary hardware and software requirements before proceeding.

Hardware Requirements

Supported hardware includes these systems:

• IBM z15 or newer models
• IBM LinuxONE III or newer models

Software Requirements

Additionally, the system must meet specific CPU and kernel configuration requirements. Follow the steps below to verify and enable the Secure Execution capability.

1. Verify Protected Virtualization Support in the Kernel

   Run the following command to ensure the kernel supports protected virtualization:

   cat /sys/firmware/uv/prot_virt_host
   

   A value of 1 indicates support.

2. Check Ultravisor Memory Reservation

   Confirm that the ultravisor has reserved memory during the current boot:

   sudo dmesg | grep -i ultravisor
   

   Example output:

   [    0.063630] prot_virt.f9efb6: Reserving 98MB as ultravisor base storage
   

3. Validate the Secure Execution Facility Bit

   Ensure the required facility bit (158) is present:

   cat /proc/cpuinfo | grep 158
   

   The facilities field should include 158.

If any required configuration is missing, contact your cloud provider to enable the Secure Execution capability for a machine. Alternatively, if you have administrative privileges and the facility bit (158) is set, you can enable it by modifying kernel parameters and rebooting the system:

1. Modify Kernel Parameters

   Update the kernel configuration to include the prot_virt=1 parameter:

   sudo sed -i 's/^\(parameters.*\)/\1 prot_virt=1/g' /etc/zipl.conf
   

2. Update the Bootloader and reboot the System

   Apply the changes to the bootloader and reboot the system:

   sudo zipl -V
   sudo systemctl reboot
   

3. Repeat the Verification Steps

   After rebooting, repeat the verification steps above to ensure Secure Execution is properly enabled.

Additional Notes

• The steps to enable Secure Execution might vary depending on the Linux distributions. Consult your distribution’s documentation if necessary.
• For more detailed information about IBM Secure Execution for Linux, see also the official documentation at IBM Secure Execution for Linux.

1.3 - SEV-SNP Host Setup

Platform Setup

In order to launch SNP memory encrypted guests, the host must be prepared with a compatible kernel, 6.8.0-rc5-next-20240221-snp-host-cc2568386. AMD custom changes and required components and repositories will eventually be taken upstream.

Sev-utils is an easy way to install the required host kernel, but it will unnecessarily build AMD compatible guest kernel, OVMF, and QEMU components. The additional components can be used with the script utility to test launch and attest a base QEMU SNP guest. However, for the CoCo use case, make sure to use the coco tagged version because they are already packaged and delivered with Kata.

Alternatively, refer to the AMDESE guide to manually build the host kernel and other components.

1.4 - SGX Host Setup

TODO

1.5 - TDX Host Setup

Platform Setup

• Host OS setup

Additional Notes

• For more detailed information about Intel TDX, see also official documentation.

2 - Cloud Hardware

Confidential Containers can be deployed via confidential computing cloud offerings. The main method of doing this is to use the cloud-api-adaptor also known as “peer pods.”

Some clouds also support starting confidential VMs inside of non-confidential VMs. With Confidential Containers these offerings can be used as if they were bare-metal.

3 - Cluster Setup

Confidential Containers requires Kubernetes. A cluster must be installed before running the operator. Many different clusters can be used but they should meet the following requirements.

• The minimum Kubernetes version is 1.24
• Cluster must use containerd or cri-o.
• At least one node has the label node-role.kubernetes.io/worker=.
• SELinux is not enabled.

If you use Minikube or Kind to setup your cluster, you will only be able to use runtime classes based on Cloud Hypervisor due to an issue with QEMU.