Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gcp: add Launch a confidential VM part #669

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

HuijingHei
Copy link
Member

No description provided.

@HuijingHei HuijingHei force-pushed the gcp-confidential-vm branch 2 times, most recently from caf10d4 to 59845bb Compare October 17, 2024 14:31
@HuijingHei
Copy link
Member Author

Thanks @dustymabe for the kindly review and suggestions!

Copy link
Member

@dustymabe dustymabe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Maybe we can get someone to run through the steps before we merge, though.

@travier
Copy link
Member

travier commented Oct 18, 2024

For this PR and #671, we should add a note that while the resulting VM is launched in Confidential Mode, it does not really is a "Confidential VM". The disk still needs to be encrypted, the security offered by Secure Boot right now is almost non-existent, etc.

At this stage, this is more a developer facing documentation as there would be very little benefits for users.

@dustymabe
Copy link
Member

The disk still needs to be encrypted

does that mean you'd need to upload your own disk image (already encrypted)?

are there steps for the more "Confidential" option?

@travier
Copy link
Member

travier commented Oct 18, 2024

It varies per cloud and setups. Azure has support to encrypt a disk image for you (just the rootfs), bind it to a TPM and then pass it to a new Confidential VM. I don't think we support that in FCOS right now (at least I've not tested).

In the more general case, you would encrypt the disk on first boot. This requires in turn that you can verify the content that you are pulling from the rootfs so this essentially requires composefs with fs-verity. You also have to verify that you booted the right thing with the expected ignition config, so this calls for Secure Boot signed UKI and remote attestation.

So overall, the complete setup for Confidential Computing is not ready right now thus I would prefer that we don't present it in the docs as a "turn this switch on" section. It's good to have this documented (thanks @HuijingHei) but let's make it clear that it needs more work to actually get a confidential VM.

@HuijingHei
Copy link
Member Author

It's good to have this documented but let's make it clear that it needs more work to actually get a confidential VM.

Maybe can hold this until we support FCOS as a real confidential VM, in case resulting confusion for users.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants