The Fortanix Confidential Computing Manager (CCM) environment is designed with the goal of protecting any application. This article describes how to run an Nginx application on a compute node.
1.0 Running an Nginx Enclave OS Application
Prerequisites: An Nginx application should be created.
- Add a group as described in Create a Group.
- Navigate to the Applications menu item in the Fortanix CCM UI left navigation bar, and click the + ADD APPLICATION button.
Figure 1: Add Application
- Add an Nginx Application. See the article “User's Guide: Add and Edit an Application” for more information.
- Approve the domain for the Nginx Application. See the article “User's Guide: Tasks” for more information.
- In the detailed view of the application, click the + IMAGE button.
Figure 2: Add Image
- Create an image of the Nginx Application by providing a proper tag. See the article “User's Guide: Create an Image” for more information.
- Approve the image for the Nginx Application. See the article “User's Guide: Tasks” for more information.
- Run the application image using the following command:
sudo docker run -it --rm --privileged -v /run/nitro_enclaves:/run/nitro_enclaves -e RUST_LOG=debug -e NODE_AGENT=http://172.31.14.110:9092/v1/ -p 80:80 -p 443:443 513076507034.dkr.ecr.us-west-1.amazonaws.com/development-images/em-test-framework-nginx-9913:nitro
9092is the port on which Node Agent listens up.
172.31.14.110is the Node Agent Host IP.
em-test-framework-nginx-9913:nitrois the converted app that can be found in the Images under Image Name column in the Images table
- To verify that the application is running, click the APPLICATION menu item in the Fortanix CCM UI left navigation bar and verify that there is a running application image associated with it and displayed with the application in the detailed view of the application.