Running an Example Application

The Fortanix Confidential Computing Manager (CCM) environment is designed with the goal of protecting any application. This article describes how to run a Flask Server application on a compute node.

Running a Flask Server Enclave OS Application

Prerequisites:

  • A Python Web Application should be created.

Run an Enclave OS Application on Compute Node

  1. In the Fortanix CCM UI, click the + APPLICATION button. Quickstart1.png
    Figure 1: Create new application
  2. Add a Python Web Application. See the article “User's Guide: Add and Edit an Application” for more information.
  3. Approve the domain for the Python Web Application. See the article “User's Guide: Tasks” for more information.
  4. In the detailed view of the application, click the + IMAGES button. EOS3.png
    Figure 2: Create an image
  5. Create an image of the Python Web Application by providing a proper tag. See the article “User's Guide: Create an Image” for more information.
  6. Approve the image for the Python Web Application. See the article “User's Guide: Tasks” for more information.
  7. Depending on the node agent attestation type, run the application image using one of the following commands:

    If the node attestation type is Enhanced Privacy ID (EPID), use the command:
    docker run --device /dev/isgx:/dev/isgx --device /dev/gsgx:/dev/gsgx -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket -e NODE_AGENT_BASE_URL=http://52.152.206.164:9092/v1/ fortanix-private/python-flask-sgx
    If the node attestation type is Data Center Attestation Primitives (DCAP), use the command:
    docker run --device /dev/sgx/enclave:/dev/sgx/enclave -e NODE_AGENT_BASE_URL=http://52.152.206.164:9092/v1/ fortanix-private/python-flask-sgx
    Where,
    • 9092 is the port on which Node Agent listens up.
    • 52.152.206.164 is the Node Agent Host IP.
    • fortanix-private/python-flask-sgx is the converted app that can be found in the Images tab under Image Name column in the Images table. mceclip5.png
      Figure 3: Run the application
      NOTE
      Please use your own inputs for Node IP, Port, and Converted Image in the above format. The information in the example above is just a sample.
  8. To verify that the application is running, click the APPLICATION tab in the Fortanix CCM UI and verify that there is a running application image associated with it and displayed with the application in the detailed view of the application. CCMUserguide69.png
    Figure 4: Deployed application
Was this article helpful?
0 out of 0 found this helpful