Skip to content

Deploying Individual Services Using Helm

Note:

Typically attributes that do not specifically call out for user input will not need to be changed unless there is a specific conflict from the Kubernetes environment.

When deploying individual services, all of the values.yaml files must be configured individually.

Set deployment version 

export VERSION=v5.1.0
Following are the steps need to be run for deploying individual charts for SGX-Infrastructure usecase

helm pull isecl-helm/cleanup-secrets --version $VERSION && tar -xzf cleanup-secrets-$VERSION.tgz cleanup-secrets/values.yaml 
helm install cleanup-secrets isecl-helm/cleanup-secrets --version $VERSION -f cleanup-secrets/values.yaml -n isecl

helm pull isecl-helm/cms --version $VERSION && tar -xzf cms-$VERSION.tgz cms/values.yaml 
helm install cms isecl-helm/cms --version $VERSION -f cms/values.yaml -n isecl

helm pull isecl-helm/aasdb-cert-generator --version $VERSION && tar -xzf aasdb-cert-generator-$VERSION.tgz aasdb-cert-generator/values.yaml 
helm install aasdb-cert-generator isecl-helm/aasdb-cert-generator --version $VERSION -f aasdb-cert-generator/values.yaml -n isecl

helm pull isecl-helm/scsdb-cert-generator --version $VERSION && tar -xzf scsdb-cert-generator-$VERSION.tgz scsdb-cert-generator/values.yaml 
helm install scsdb-cert-generator isecl-helm/scsdb-cert-generator --version $VERSION -f scsdb-cert-generator/values.yaml -n isecl

helm pull isecl-helm/aas --version $VERSION && tar -xzf aas-$VERSION.tgz aas/values.yaml 
helm install aas isecl-helm/aas --version $VERSION -f aas/values.yaml -n isecl

helm pull isecl-helm/sagent-aas-manager --version $VERSION && tar -xzf sagent-aas-manager-$VERSION.tgz sagent-aas-manager/values.yaml 
helm install sagent-aas-manager isecl-helm/sagent-aas-manager --version $VERSION -f sagent-aas-manager/values.yaml -n isecl

helm pull isecl-helm/scs --version $VERSION && tar -xzf scs-$VERSION.tgz scs/values.yaml 
helm install scs isecl-helm/scs --version $VERSION -f scs/values.yaml -n isecl

helm pull isecl-helm/sqvs --version $VERSION && tar -xzf sqvs-$VERSION.tgz sqvs/values.yaml 
helm install sqvs isecl-helm/sqvs --version $VERSION -f sqvs/values.yaml -n isecl

helm pull isecl-helm/kbs --version $VERSION && tar -xzf kbs-$VERSION.tgz kbs/values.yaml 
helm install kbs isecl-helm/kbs --version $VERSION -f kbs/values.yaml -n isecl

helm pull isecl-helm/sagent --version $VERSION && tar -xzf sagent-$VERSION.tgz sagent/values.yaml 
helm install sagent isecl-helm/sagent --version $VERSION -f sagent/values.yaml -n isecl

Following are the steps need to be run for deploying individual charts for SGX-Orchestration usecase

helm pull isecl-helm/cleanup-secrets --version $VERSION && tar -xzf cleanup-secrets-$VERSION.tgz cleanup-secrets/values.yaml 
helm install cleanup-secrets isecl-helm/cleanup-secrets --version $VERSION -f cleanup-secrets/values.yaml -n isecl

helm pull isecl-helm/cms --version $VERSION && tar -xzf cms-$VERSION.tgz cms/values.yaml 
helm install cms isecl-helm/cms --version $VERSION -f cms/values.yaml -n isecl

helm pull isecl-helm/aasdb-cert-generator --version $VERSION && tar -xzf aasdb-cert-generator-$VERSION.tgz aasdb-cert-generator/values.yaml 
helm install aasdb-cert-generator isecl-helm/aasdb-cert-generator --version $VERSION -f aasdb-cert-generator/values.yaml -n isecl

helm pull isecl-helm/scsdb-cert-generator --version $VERSION && tar -xzf scsdb-cert-generator-$VERSION.tgz scsdb-cert-generator/values.yaml 
helm install scsdb-cert-generator isecl-helm/scsdb-cert-generator --version $VERSION -f scsdb-cert-generator/values.yaml -n isecl

helm pull isecl-helm/shvsdb-cert-generator --version $VERSION && tar -xzf shvsdb-cert-generator-$VERSION.tgz shvsdb-cert-generator/values.yaml 
helm install shvsdb-cert-generator isecl-helm/shvsdb-cert-generator --version $VERSION -f shvsdb-cert-generator/values.yaml -n isecl

helm pull isecl-helm/aas --version $VERSION && tar -xzf aas-$VERSION.tgz aas/values.yaml 
helm install aas isecl-helm/aas --version $VERSION -f aas/values.yaml -n isecl

helm pull isecl-helm/sagent-aas-manager --version $VERSION && tar -xzf sagent-aas-manager-$VERSION.tgz sagent-aas-manager/values.yaml 
helm install sagent-aas-manager isecl-helm/sagent-aas-manager --version $VERSION -f sagent-aas-manager/values.yaml -n isecl

helm pull isecl-helm/scs --version $VERSION && tar -xzf scs-$VERSION.tgz scs/values.yaml 
helm install scs isecl-helm/scs --version $VERSION -f scs/values.yaml -n isecl

helm pull isecl-helm/shvs --version $VERSION && tar -xzf shvs-$VERSION.tgz shvs/values.yaml 
helm install shvs isecl-helm/shvs --version $VERSION -f shvs/values.yaml -n isecl

helm pull isecl-helm/isecl-controller --version $VERSION && tar -xzf isecl-controller-$VERSION.tgz isecl-controller/values.yaml 
helm install isecl-controller isecl-helm/isecl-controller --version $VERSION -f isecl-controller/values.yaml -n isecl

helm pull isecl-helm/ihub --version $VERSION && tar -xzf ihub-$VERSION.tgz ihub/values.yaml 
helm install ihub isecl-helm/ihub --version $VERSION -f ihub/values.yaml -n isecl

helm pull isecl-helm/isecl-scheduler --version $VERSION && tar -xzf isecl-scheduler-$VERSION.tgz isecl-scheduler/values.yaml 
helm install isecl-scheduler isecl-helm/isecl-scheduler --version $VERSION -f isecl-scheduler/values.yaml -n isecl

helm pull isecl-helm/sagent --version $VERSION && tar -xzf sagent-$VERSION.tgz sagent/values.yaml 
helm install sagent isecl-helm/sagent --version $VERSION -f sagent/values.yaml -n isecl

Following are the steps need to be run for creating global admin user

helm pull isecl-helm/global-admin-generator --version $VERSION && tar -xzf global-admin-generator-$VERSION.tgz global-admin-generator/values.yaml 
helm install global-admin-generator isecl-helm/global-admin-generator --version $VERSION -f global-admin-generator/values.yaml -n isecl

The Intel SecL-DC services can individually be deployed using Helm, instead of automatically deploying a specific use case.

Below is a list of the Helm charts available on the Intel SecL Helm repository for deploying individual services (not entire use cases):

NAME CHART VERSION APP VERSION DESCRIPTION
isecl-helm/aas 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC Authentica...
isecl-helm/cms 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC Certificat...
isecl-helm/ihub 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC Integratio...
isecl-helm/isecl-controller 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC Custom Con...
isecl-helm/isecl-scheduler 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC Extended S...
isecl-helm/kbs 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC key broker service
isecl-helm/scs 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC SGX Caching Service
isecl-helm/shvs 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC SGX Host Verification Service
isecl-helm/sqvs 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC SGX Quote Verification Service
isecl-helm/sagent 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC SGX Agent

Below is a list of Helm charts used to run specific jobs needed during deployment:

NAME CHART VERSION APP VERSION DESCRIPTION
isecl-helm/aasdb-cert-generator 5.1.0 v5.1.0 A Helm chart for creating aasdb certificates
isecl-helm/cleanup-secrets 5.1.0 v5.1.0 A Helm chart for cleaning up secrets
isecl-helm/scsdb-cert-generator 5.1.0 v5.1.0 A Helm chart for creating scsdb certificates
isecl-helm/shvsdb-cert-generator 5.1.0 v5.1.0 A Helm chart for creating shvsdb certificates
isecl-helm/sagent-aas-mgr 5.1.0 v5.1.0 A Helm chart for creating sagent aas manager

Intel SecL-DC can optionally integrate with Kubernetes to control the placement of workloads based on the attestation status of worker nodes. SGX-Orchestration requires the following additional services:

NAME CHART VERSION APP VERSION DESCRIPTION
isecl-helm/isecl-controller 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC Custom Con...
isecl-helm/isecl-scheduler 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC Extended S...
isecl-helm/ihub 5.1.0 v5.1.0 A Helm chart for Installing ISecL-DC Integratio...