anjuna-azure-cli disk create

anjuna-azure-cli disk create --docker-uri <name[:tag]> [OPTIONS...]

Creates an Azure-compatible disk image.

Creating an Azure Confidential VM requires an Azure-compatible disk image. anjuna-azure-cli disk create creates disk images for Azure Confidential VMs from a Docker image.

The Docker image can be specified by:

  • a Docker URI to any Docker registry you have access to (Docker Hub, Azure Container Registry, Artifactory Docker Registry, etc.)

  • a local URI (for example hello-world:latest)

When using a Docker Registry, you must handle the authentication to that registry before invoking the anjuna-azure-cli disk create command.

The only required parameter for the anjuna-azure-cli disk create command is --docker-uri. The other parameters are optional and have default values.

After executing the command, a VHD disk image is created. By default, the name of the file is disk.vhd (if not specified by the --disk command-line option).

The disk creation command currently requires root permissions. This can be achieved by running the anjuna-azure-cli disk create command as root or by running the command with sudo. If the command is not run with root permissions, using sudo will be attempted, which may prompt for your user account password, and requires that your user account have sudo access.

Options

Usage

anjuna-azure-cli disk create --docker-uri <name[:tag]> [OPTIONS...]

--docker-uri

(Required) Name of the Docker image (format: name[:tag])

--disk

Path to the VHD disk image to create (default: disk.vhd)

--disk-size

Size of the data disk in bytes (default: 512 MiB)

--config

Path to the enclave configuration file

With the configuration file, you can control and templatize parts of the container environment, including configuring communication with the Anjuna Policy Manager. Read more information in the Configuration reference section.

--save-measurements

Path to output file for saving the generated measurements, in JSON format

--signing-key

Path to signing key used to sign image (a PEM encoded RSA private key)

Global options

The following options are available for all anjuna-azure-cli subcommands.

Global options

-h, --help

Prints the help information for the command

--debug

Prints debug messaging

-v, --version

Prints the anjuna-azure-cli version

Exit status

  • 0 on success

  • 1 on error

Examples

To create a disk image from the nginx:latest Docker image:

$ anjuna-azure-cli disk create --docker-uri=nginx:latest

To create a 5GiB disk image from the nginx:latest image using the docker.io registry:

$ anjuna-azure-cli disk create --disk-size=5GiB --docker-uri=docker.io/nginx:latest