Running an Example Application Using SGX Platform

The Fortanix Confidential Computing Manager (CCM) environment is designed with the goal of protecting any application. This article describes how to run a Flask Server application on a compute node.

1.0 Running a Flask Server Enclave OS Application

1.2 Prerequisites:

A Python Web Application should be created.
A group must be created. See the article "User's Guide: Create a Group" for more information.

1.2 Run an Enclave OS Application on Compute Node

Navigate to the Application menu item in the CCM UI left navigation panel, and click the + ADD APPLICATION button.
Figure 1: Create New Application
Add a Python Web Application. See the article “User's Guide: Add and Edit an Application” for more information.
Approve the domain for the Python Web Application. See the article “User's Guide: Tasks” for more information.
In the detailed view of the application, click the + IMAGE button.
Figure 2: Create an Image
Create an image of the Python Web Application by providing a proper tag. See the article “User's Guide: Create an Image” for more information.
Approve the image for the Python Web Application. See the article “User's Guide: Tasks” for more information.
For the node agent attestation type DCAP/EPID, run the application image using the following command:
```
docker run --volume /dev:/dev -v /var/run/aesmd/aesm.socket:/var/run/aesmd/aesm.socket -e NODE_AGENT_BASE_URL=http://52.152.206.164:9092/v1/ fortanix-private/python-flask-sgx
```
Where,
- 9092 is the port on which Node Agent listens up.
- 52.152.206.164 is the Node Agent Host IP.
- fortanix-private/python-flask-sgx is the converted app that can be found in the Images under the Image Name column in the Images table.
  Figure 3: Run the Application
  NOTE
  Use your own inputs for Node IP, Port, and Converted Image in the above format. The information in the example above is just a sample.
  Add the following flag along with the command to get more details:
  -e ENCLAVEOS_LOG_LEVEL=debug - to get debug log
  -p 7622:80 -p 8038:443 - to map the application custom port to 80 or 443
To verify that the application is running, click the APPLICATION from the list in the Fortanix CCM UI and verify that there is a running application image associated with it and displayed with the application in the detailed view of the application.
Figure 4: Deployed Application

Running an Example Application Using SGX Platform

1.0 Running a Flask Server Enclave OS Application

1.2 Prerequisites:

1.2 Run an Enclave OS Application on Compute Node

PLATFORM

Key Insight

Data Security Manager™

Confidential Computing Manager

Enclave Development Platform®

Request A demo

Contact Us

Free Trial

SOLUTIONS

AWS KMS External Key Store (XKS)

Google External Key Manager

Bring Your Own Key (BYOK)

HSM Modernization

Multicloud Key Management

Post Quantum Cryptography

Code Signing

Secrets Management

Tokenization Transparent

Database Encryption

Filesystem Encryption

Confidential Data Search

Confidential AI

Healthcare

Banking & Financial Services

Fintech

Manufacturing

Web 3.0

Federal Government

RESOURCES

Blog

Whitepapers

Datasheets

Solution Briefs

Ebooks

Reports

Case Studies

Webinars

University

Media Kit

Newsletters

COMPANY

About

Careerswe’re hiring

Customers

Partners

Awards

Events

Press

News

Services

Support

FAQ

4.6