The NVIDIA Confidential Computing Manager for Kubernetes is a component of the NVIDIA GPU Operator that manages Confidential Computing (CC) modes on NVIDIA GPUs within a Kubernetes cluster. It supports various CC modes, including enabling all supported GPU security features, lifting blocks for DevTools profiling/debugging, and operating in default mode without supplementary confidential computing features.

Features

• Confidential Computing Modes: Supports multiple CC modes:
  • On: All supported GPU security features are enabled (e.g., bus encryption, performance counters off).
  • DevTools: All supported GPU security features are enabled, but blocks preventing DevTools profiling/debugging are lifted.
  • Off: The GPU operates in its default mode without supplementary confidential computing features.
• Kubernetes Integration: Seamlessly integrates with Kubernetes for managing GPU security features.
• Multi-Arch Support: Compatible with Linux/amd64 and Linux/arm64 architectures.
• Security: Includes signed images and comprehensive security scanning.

Benefits

• Enhanced Security: Provides robust security features for GPUs in Kubernetes clusters.
• Flexibility: Offers multiple modes to suit different security and development needs.
• Ease of Management: Simplifies the management of GPU security features within Kubernetes environments.
• Compatibility: Supports multiple architectures, ensuring broad usability.