-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RFC: Trustee CLI #529
Comments
I fully support this proposal. And I have an idea: we can create a new repository (for example, named cli) to store and test the clients of all components in guest-components and trustee , as well as the integrated client, ensuring that all clients work properly. The advantages of this approach are as follows:
WDYT? @fitzthum @Xynnn007 @jialez0 @jiazhang0 @BbolroC @huoqifeng and anyone else who is interested. |
We have two slightly conflicting interests here.
I'm not totally sure how to reconcile these two things. It seems like we might need more than one tool. I think we could potentially get by with 3.
There is an open question here. I am not sure if we should continue to support getting resources in the |
I'd like to add peer to peer attestation to the use cases. That's for example when a developer uses the cloud to run AI. The developer wants to attest the cloud environment from their own laptop to safeguard their intellectual property. Two possible directions:
|
I am hoping that the Trustee-cli will be able to do very simple attestation of confidential workloads directly. A simple way to do this would be to just spin up Trustee locally but we could look at more sophisticated approaches where the CLI tool imports stuff from the KBS/AS and handles the attestation directly. |
Reading the previous comments, I also don't know for sure how to reconcile but my feeling is that we will end up with a suite of tools rather than an one-rules-them-all beast.
As trustee is meant to be independent of CoCo, it makes sense that arrangement.
IMHO, any user-facing tool not meant exclusively for development/testing should be available in the confidential-confidential/confidential-containers repository as we don't want users jumping around repositories and documents. Ideally we should make the binaries available on the releases page (https://github.com/confidential-containers/confidential-containers/releases) in a coco-tools-.tgz file. I tend to think that we should have one tool for image encrypting, another for sealed secrets...etc which are tools focused on assets for workloads. However, there is still room for a coco-ctl that should be focused on sysadmins: install/delete the CoCo stack, configure worker nodes for CoCo when needed, monitoring...etc
Getting resources in the |
We should consider introducing a new tool, maybe called Trustee CLI, that supports a wide range of functions.
Here are some things it could do.
POST
requests, but we could also implement a front-end plugin interface that would allow different plugins to define their own logic for generating admin requests from commands. This probably isn't necessary in the short term.Obviously this is a huge amount of work. We could implement these things incrementally. Hopefully we can reuse a lot of code and rely on the crates that we already surface.
I think we should at least start thinking about unifying the admin experience and creating flows that are easy enough for real people to use. What I am describing here could also serve as a kubectl plugin, which is something we have discussed for a long time.
The text was updated successfully, but these errors were encountered: