use confidential containers based on Inclavare Containers in a Docker container - Alibaba Cloud Linux

Inclavare Containers is the first open source container runtime intended for confidential computing in the industry. Inclavare Containers allows you to launch protected containers within a hardware-based trusted execution environment (TEE) to prevent untrusted entities, such as untrusted cloud service providers (CSPs), from accessing sensitive data. You can deploy confidential containers based on Inclavare Containers within a Software Guard Extensions (SGX) encrypted computing environment. This topic describes how to deploy and use confidential containers based on Inclavare Containers in a Docker container.

Prerequisites

A security-enhanced Elastic Compute Service (ECS) instance that uses an Alibaba Cloud Linux image is created.
When you create a security-enhanced instance, you must select a specific image to use the security features. For more information, see Create a trusted instance. For example, you can select the ecs.g7t instance type and the Alibaba Cloud Linux 3.2104 64-bit (UEFI) public image to create a security-enhanced ECS instance.
An SGX encrypted computing environment is created on the security-enhanced instance. For more information, see Build an SGX confidential computing environment.

Background information

You can use conventional methods to deploy and use confidential containers in a Docker container. However, this practice requires you to have expertise in confidential computing and using Intel SGX SDKs to develop and create images. Inclavare Containers helps eliminate the preceding requirements and provides easy access to confidential computing. Inclavare Containers is compatible with different types of enclave runtimes and provides consistent user experience across standard and confidential containers. For more information, visit inclavare-containers.

Procedure

Step 1: Build a runtime environment to run a confidential container

Log on to the security-enhanced ECS instance.
For more information, see Connection method overview.
Install rune.
rune is a command-line tool that conforms to the Open Container Initiative (OCI) runtime specification and is used to create and run enclaves. For more information, visit rune and runtime-container.
Run one of the following commands based on your Alibaba Cloud Linux operating system to install rune:
- If you use the Alibaba Cloud Linux 2.1903 LTS 64-bit (UEFI) operating system, run the following command to install rune:
```
sudo yum-config-manager --add-repo https://mirrors.openanolis.cn/inclavare-containers/alinux2-repo && \
  sudo rpm --import https://mirrors.openanolis.cn/inclavare-containers/alinux2-repo/RPM-GPG-KEY-rpm-sign && \
  sudo yum install -y rune
```
- If you use the Alibaba Cloud Linux 3.2104 64-bit (UEFI) operating system, run the following command to install rune:
```
sudo yum-config-manager --add-repo https://mirrors.openanolis.cn/inclavare-containers/alinux3-repo && \
  sudo rpm --import https://mirrors.openanolis.cn/inclavare-containers/alinux3-repo/RPM-GPG-KEY-rpm-sign && \
  sudo yum install -y rune
```
Run the following command to check whether rune is installed:
```
which rune
```
The following sample command output indicates that rune is installed:
```
/usr/local/bin/rune
```
Run the following command to install the Occlum software stack.
Occlum is an enclave runtime supported by Inclavare Containers. You must combine Inclavare Containers with an enclave runtime to run confidential containers. For more information, visit occlum.
```
sudo yum install -y occlum-pal
```
Run the following command to check whether Occlum is installed:
```
ls /opt/occlum/build/lib
```
The following sample command output indicates that Occlum is installed:
```
libocclum-pal.so.0.21.0
```

Step 2: Configure the OCI-compliant runtime rune for a Docker container

Install Docker.
For more information, see the Install Docker section in the "Install and use Docker on a Linux instance" topic.
Configure the OCI-compliant runtime rune for the Docker container.
1. Run the following command to add the rune configurations to the Docker configuration file.
  Sample Docker configuration file: /etc/docker/daemon.json.
```
sudo mkdir -p /etc/docker && \
sudo tee /etc/docker/daemon.json > /dev/null <<EOF
{
 "runtimes": {
  "rune": {
   "path": "/usr/local/bin/rune",
   "runtimeArgs": []
   }
  }
}
EOF
```
2. Run the following command to restart the Docker daemon:
  Warning
  When the Docker daemon terminates, it automatically shuts down running containers. Before you restart the Docker daemon, we recommend that you enable the live restore feature. The live restore feature enables containers to remain alive when the Docker daemon terminates. For more information, see Live restore.
```
sudo systemctl restart docker
```
3. Run the following command to check whether the rune container runtime is configured:
```
sudo docker info | grep rune
```
  - For the Alibaba Cloud Linux 2.1903 LTS 64-bit (UEFI) operating system, the following sample command output indicates that the rune container runtime is installed:
```
 Runtimes: rune io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
```
  - For the Alibaba Cloud Linux 3.2104 64-bit (UEFI) operating system, the following sample command output indicates that the rune container runtime is installed:
```
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc rune
```

Step 3: Create an image for the confidential container

Run the following command to start the Occlum Docker image.
This operation can ensure that the subsequent steps to create an image for the confidential container are performed on the Occlum Docker image. For information about the Occlum Docker image, see occlum 0.21.0.
```
sudo mkdir "$HOME/rune_workdir" && \
sudo docker run -it --privileged \
    -v /dev/sgx_enclave:/dev/sgx/enclave \
    -v /dev/sgx_provision:/dev/sgx/provision \
    -v "$HOME/rune_workdir":/root/rune_workdir \
    occlum/occlum:0.21.0-ubuntu18.04
```

Run the following command to write the Hello World code for testing:

cd /root/rune_workdir && \
cat << EOF > hello_world.c
#include <stdio.h>
#include <unistd.h>

void main(void)
{
    while (1) {
        printf("Hello World!\n");
        fflush(stdout);
        sleep(5);
    }
}
EOF

Create and package the Hello World trusted application.
1. Run the following command to compile the program by using the Occlum toolchain:
```
occlum-gcc -o hello_world hello_world.c
```
2. Run the following command to initialize an Occlum instance:
```
occlum new occlum_instance
```
3. Run the following commands to generate an Occlum FS image and an Occlum SGX enclave:
```
cd occlum_instance && \
    cp ../hello_world image/bin/ && \
    openssl genrsa -aes128 -out occlum_key.pem -3 3072 && \
    occlum build --sign-key occlum_key.pem
```
  After you run the preceding commands, configure a password based on the following message. The password is used to encrypt and protect the signature private key.
```
Enter pass phrase for occlum_key.pem:
Verifying - Enter pass phrase for occlum_key.pem:
```
4. Run the following command to configure Production Enclave.
  By default, Occlum generates Debug Enclave. You must run the following command to set the enclave type to Production Enclave in the production environment. For information about the differences between Debug Enclave and Production Enclave, see debugging-intel-sgx-enclaves-in-windows-737361.pdf.
```
sed -i 's/"debuggable": true/"debuggable": false/g' Occlum.json
```
  After you run the preceding command to modify the Occlum.json configuration file, run the following command to generate Production Enclave:
```
occlum build --sign-key occlum_key.pem
```
5. Run the following command to package the Hello World trusted application and copy the trusted application to the rune_workdir directory:
```
occlum package occlum_instance.tar.gz && \
    cp occlum_instance.tar.gz /root/rune_workdir
```
Create a confidential container image.
1. Run the following command to exit the Occlum Docker image:
```
exit
```
2. Run the following command to write Dockerfile:
```
cd $HOME/rune_workdir && \
sudo tee Dockerfile > /dev/null <<EOF
FROM scratch
ADD occlum_instance.tar.gz /
ENTRYPOINT ["/bin/hello_world"]
EOF
```
3. Run the following command to create a confidential container image:
```
sudo docker build . -t occlum-app
```

Step 4: Use the confidential container

Run the following command to run the confidential container and check the operation logs of the confidential container:

sudo docker run -it --rm --runtime=rune \
  -e ENCLAVE_TYPE=intelSgx \
  -e ENCLAVE_RUNTIME_PATH=/opt/occlum/build/lib/libocclum-pal.so.0.21.0 \
  -e ENCLAVE_RUNTIME_ARGS=occlum_instance \
  -e ENCLAVE_RUNTIME_LOGLEVEL="off" \
  -e OCCLUM_RELEASE_ENCLAVE=1 \
  occlum-app

Parameters in the preceding command:

ENCLAVE_TYPE: specifies the hardware type of the enclave. In this example, this parameter is set to intelSgx.
ENCLAVE_RUNTIME_PATH: specifies the path from which the enclave runtime Platform Abstraction Layer (PAL) starts.
ENCLAVE_RUNTIME_ARGS: specifies specific parameters of the enclave runtime PAL. Separate multiple parameters with commas (,).
ENCLAVE_RUNTIME_LOGLEVEL: specifies the log level of the enclave runtime.
OCCLUM_RELEASE_ENCLAVE: specifies the enclave type. If you set this parameter to 0, the enclaves of the Debug Enclave type are queried. If you set this parameter to 1, the enclaves of the Production Enclave type are queried.

The following command output is returned. If the Inclavare Containers environment is installed and the confidential container runs as expected, Hello World! is displayed in the container log every 5 seconds.

Hello World!
Hello World!
Hello World!