Software Guard Extension (SGX) enabled Kubernetes and OpenShift cluster
Details:
Follow these steps to provision a Kubernetes and OpenShift cluster with SGX option enabled.1. Login to IBM Cloud account
2. Click on the Classic Infrastructure
Click on Devices
Select Services and then click on Containers. Click on Kubernetes Service (Process below applies to OpenShift as well with different machine type selection)
3. Select Kubernetes Stable version
4. Click on Change Flavor.
5. Filter options as given below. Select Metal as "Bare Metal" and Operating System as "Ubuntu 16".
6. Here we see two Machine type with SGX enabled. As per IBM Cloud Data Shield documentation, below are the machine types where SGX is enabled for kubernetes and openshift cluster.
Same case applies to OpenShift Cluster as well. Rather Kubernetes select RedHat OpenShift Cloud option. Below image for reference.
Note the difference between images that are available for Kubernetes and OpenShift cluster,
Kubernetes Service --> mb2c.4x32 and ms2c.4x32.1.9tb.ssd
OpenShift --> mb3c.4x32 and ms3c.4x32.1.9tb.ssd
Once the cluster is ready, please use this link to get started on using IBM Cloud Data Shield, https://cloud.ibm.com/docs/data-shield?topic=data-shield-getting-started
References:
About SGX: https://software.intel.com/content/www/us/en/develop/topics/software-guard-extensions.html
About IBM Cloud Data Shield: https://cloud.ibm.com/docs/data-shield?topic=data-shield-getting-started
Back to Home