The Fortanix Confidential Computing Manager (CCM) environment is designed with the goal of protecting any application. This article describes how to run an Nginx application on a compute node.
Running an Nginx Enclave OS Application
- A Nginx Application should be created.
Run an Enclave OS Application on Compute Node
- In the Fortanix CCM UI, click the + APPLICATION button.
Figure 1: Create new application
- Add an Nginx Application. See the article “User's Guide: Add and Edit an Application” for more information.
- Approve the domain for the Nginx Application. See the article “User's Guide: Tasks” for more information.
- In the detailed view of the application, click the + IMAGES button.
Figure 2: Create an image
- Create an image of the Nginx Application by providing a proper tag. See the article “User's Guide: Create an Image” for more information.
- Approve the image for the Nginx Application. See the article “User's Guide: Tasks” for more information.
- Run the application image using the following command:
sudo docker run -it --rm --privileged -v /run/nitro_enclaves:/run/nitro_enclaves -e RUST_LOG=debug -e NODE_AGENT_BASE_URL=http://172.31.14.110:9092/v1/ -p 80:80 -p 443:443 513076507034.dkr.ecr.us-west-1.amazonaws.com/development-images/em-test-framework-nginx-9913:nitro
9092is the default port on which Node Agent listens to.
172.31.14.110is the node agent Host IP.
em-test-framework-nginx-9913:nitrois the converted app that can be found in the Images tab under the Image Name column in the Images table
- To verify that the application is running, click the APPLICATION tab in the Fortanix CCM UI and verify that there is a running application image associated with it and displayed with the application in the detailed view of the application.