Deploying Pods as Anjuna Confidential Pods in AKS

The previous sections were about setting up an Azure Kubernetes Services (AKS) cluster with the Anjuna Kubernetes Toolset installed to the cluster. You should now be able to deploy containerized applications as Anjuna Confidential Pods without changing the applications' container images.

In this section, you will learn how to deploy applications as Anjuna Confidential Pods in AKS.

Overview

The following are the steps to deploy any application to an AKS cluster as an Anjuna Confidential Pod:

  1. Build the Anjuna Confidential Pod image using the Anjuna Kubernetes Toolset.

    1. This process will measure your container image to create a unique identity that cannot be tampered with. This identity, which is a set of measurements, can be cryptographically verified to ensure that the application has not been modified by untrusted parties. This mechanism can also be leveraged to securely distribute secrets to your application.

  2. Update your Pod specification in two ways:

    1. Add an annotation to reference the Anjuna Confidential Pod image you built in the previous step.

    2. Add the label io.anjuna/run-confidential: "yes" so that the Anjuna Kubernetes Toolset can run your Pod.

  3. Run kubectl apply to deploy the Pod, like any other Kubernetes application.

Quickstart guides

The following guides describe how to deploy applications as Anjuna Confidential Pods:

Make sure that all the Prerequisites in the next section are met before continuing with the quickstart guides.