Key Components

  • Published on Apr 10, 2026
  • 1 minute(s) read
Prev Next

1.0 Introduction

This article describes the key components of the Fortanix Confidential Computing Manager (CCM) when deployed in an on-premises environment.

2.0 Key Components

2.1 Helm

Helm (version 4.1 or later) is used to install and configure the Fortanix CCM deployment. It deploys the Fortanix Armor Kubernetes Operator and associated Kubernetes resources into the cluster.

2.2 Fortanix Armor Kubernetes Operator

The Fortanix Armor Kubernetes Operator is a controller that runs inside the Kubernetes cluster and manages the lifecycle of Fortanix CCM components.

It is responsible for:

  • Deploying Fortanix CCM platform components.

  • Managing upgrades.

  • Automating internal certificate management within the platform.

2.3 CCM Platform Components

The operator deploys and manages the following components:

  • UI Service – Provides the web interface for Fortanix CCM.

  • API/Backend Services – Handle platform logic and APIs.

  • Cassandra – Distributed database used by Fortanix CCM.

These components run as containers created from container images.

2.4 Container Images and Registry

All Fortanix CCM components are distributed as container images hosted in a Fortanix-managed container registry. During deployment:

  • The Kubernetes cluster pulls these images using registry credentials provided by Fortanix.

  • An image pull secret must be configured to enable access.

Customers may optionally mirror these images to an internal container registry, depending on their deployment and security requirements.

2.5 Kubernetes Cluster

The Kubernetes cluster provides the execution environment for Fortanix CCM and is responsible for running and managing all deployed components.

2.6 Supporting Components

The following components must be available in the cluster:

  1. Ingress Controller – Manages ingress resources used to expose Fortanix CCM UI static assets externally.

  2. cert-manager – Manages TLS (Transport Layer Security) certificates.

  3. SGX Device Plugin – Enables SGX (Software Guard Extensions) capabilities.

3.0 Where to go from here

The prerequisites for installing and deploying Fortanix Confidential Computing Manager (CCM) in a customer-managed Kubernetes environment (on-premises or cloud-hosted) are available here.

Related articles
  • Prerequisites
    Fortanix Confidential Computing Manager > Getting Started with Fortanix CCM > Setting Up Fortanix CCM - System Administration (on-prem only) > On-premises > On-premises Installation
  • Deployment Options
    Fortanix Confidential Computing Manager > Getting Started with Fortanix CCM
  • Installation Guide - On-premises
    Fortanix Confidential Computing Manager > Getting Started with Fortanix CCM > Setting Up Fortanix CCM - System Administration (on-prem only) > On-premises > On-premises Installation

Platform
Fortanix Armor
Armet AI Key Insight Data Security Manager Confidential Computing Manager
Open Source Platform
Enclave Development Platform®

Solutions
Use Cases
Legacy to Cloud Infrastructure Migration Regulatory Compliance Post-Quantum Readiness Secure, Data-Driven Innovation
Industry
Healthcare Banking & Financial Services Fintech Manufacturing Federal Government

Company
About Us Partners Careers Confidential Computing University Blog FAQ Contact Us Awards Events Webinars Press News Services Media Kit Newsletters

Customers

Resources

Support
Fortanix-logo

4.6

star-ratings

As of August 2025

Request a Demo