Run a vTPM in Confidential GKE Nodes workloads

This page shows you how to use Virtual Trusted Platform Modules (vTPMs) with Google Kubernetes Engine (GKE) Standard workloads that run in Confidential GKE Nodes. vTPMs provide platform integrity along with other security features, such as remote attestation, secret sealing, and random number generation. On this page, you learn how to install a device plugin and make vTPMs visible to GKE applications.

This page is intended for Security engineers who want to remotely access the security features of vTPMs in GKE applications.

Before reading this page, ensure that you're familiar with the following features:

Before you begin

Before you start, make sure that you have performed the following tasks:

  • Enable the Google Kubernetes Engine API.
  • Enable Google Kubernetes Engine API
  • If you want to use the Google Cloud CLI for this task, install and then initialize the gcloud CLI. If you previously installed the gcloud CLI, get the latest version by running the gcloud components update command. Earlier gcloud CLI versions might not support running the commands in this document.

Limitations

You can make vTPMs visible to GKE applications only in Confidential GKE Nodes that use AMD SEV as the Confidential Computing technology. Intel TDX and AMD SEV-SNP aren't supported.

Availability

You can use Confidential GKE Nodes under the following conditions:

Create a Confidential GKE Nodes cluster

You can create a new cluster with Confidential GKE Nodes enabled by using the gcloud CLI or the Google Cloud console. If you enable Confidential GKE Nodes at cluster level, all the nodes in the cluster become Confidential VMs.

gcloud

Create a new cluster that uses AMD SEV as the Confidential Computing technology:

gcloud container clusters create CLUSTER_NAME \  --machine-type=MACHINE_TYPE \  --confidential-node-type=SEV 

Replace the following:

  • CLUSTER_NAME: the name of your new cluster.
  • MACHINE_TYPE: the machine type for your cluster's default node pool, which must be either the N2D or C2D machine type.

Console

  1. In the Google Cloud console, go to the Create a Kubernetes cluster page.

    Go to Create a Kubernetes cluster

  2. In the navigation menu, under Cluster, click Security.
  3. Select Enable Confidential GKE Nodes.
  4. In the confirmation dialog, click Make changes.
  5. In the Type menu, select AMD SEV.
  6. For configuring other sections of the cluster, follow the instructions in Creating a regional cluster.
  7. Click Create.

After creating a cluster with Confidential GKE Nodes, any node pools created in this cluster can only use confidential nodes. You can't create regular node pools in clusters with Confidential GKE Nodes enabled. You also can't disable Confidential GKE Nodes on individual node pools when you enable Confidential GKE Nodes at cluster level.

Run a vTPM in Confidential GKE Nodes workloads

To run vTPM in Confidential GKE Nodes workloads, Google provides a DaemonSet to apply to the Confidential GKE Nodes clusters. Run the following command to deploy the DaemonSet:

kubectl create -f https://raw.githubusercontent.com/google/cc-device-plugin/main/manifests/cc-device-plugin.yaml 

Configure Pods to see the vTPM

You use a resource limit to configure Pods to see vTPM. Specify the resource limit as 1 in a Pod specification using the following key-value pair

  • Key: google.com/cc
  • Value: 1

An example of a Pod specification that uses vTPM:

apiVersion: v1 kind: Pod metadata:  name: my-vtpm-pod spec:  containers:  - name: nginx  image: nginx  ports:  - containerPort: 8080  name: http  resources:  limits:  google.com/cc: 1 

What's next