marblerun

2022-03-29 · 3 min read

• #kubernetes
• #confidential-computing
• #sgx
• #service-mesh
• #marble-run

Github: https://github.com/edgelesssys/marblerun

Docs: https://docs.edgeless.systems/marblerun/#/

• MarbleRun is a #confidential-computing aware service mesh for kubernetes
• Coordinator
  • the control plane
  • communicates w/ data plane via gRPC
  • exposes REST interface to clients
  • clients are
    • owners/providers/admins who need to deploy applications and admin
    • users/customers who do remote attestation w/ Coordinator
• Marbles
  • the data plane
  • run your application code in secure enclaves

// coordinator-era.json
{
	"SecurityVersion": 1,
	"ProductID": 3,
	"SignerID": "43361affedeb75affee9baec7e054a5e14883213e5a121b67d74a0e12e9d2b7a",
	"Debug": true
}

EGo & Marblerun Talk #

Video: EGo & Marblerun - Moritz Eckert - OC3 2021

• EGo

  • Mostly transparently wraps existing Go code to run inside enclave
  • Built on openenclave (provides the low-level interface and compatibility layer)
  • Fairly lightweight? Contains only Application Code, Go Runtime, and small OpenEnclave layer.

• Challenges deploying Go enclaves on k8s

  • top-level DevOps user
    • don't really care whether we're running one big service or many microservices (?)
    • just want one big attestation of the whole cluster, rather than doing individual attestations with each service.
  • services
    • packaged as k8s pods
    • services want to communicate with each other / share data
    • service 2 service communication needs attestations so service enclaves can securely communicate w/ each other.
  • secrets distribution
    • ex: web frontend instances all need to share same cert
    • secret distribution must happen via secure channels between enclaves
  • sealing and persistence
    • pod migration (pod gets shutdown and migrated to other host) is difficult w/ enclaves
    • enclave's sealing key is unique to each enclave. data encryted with enclave's sealing key can only be decrypted by that enclave.
    • "virtual" sealing key, so this is somehow abstracted and data not bound to one node
  • secure connections
    • all connections b/w enclaves must be through secure mTLS connections terminated inside enclaves
  • code updates
    • how to ship new enclave code and have other outside enclaves recognize this

• Why do existing service meshes not work?

  • Threat model only considers network-bound adversaries
  • Threat model considers hosts & cloud provider to be trusted third parties.
  • TLS is only terminated at service mesh sidecar proxies
  • Secrets handled in unsecured memory on-node
  • Not SGX aware, no remote attestations

• Marblerun

  • extends enclave concept to entire cluster
  • E2E Confidentiality, Integrity, Verifiability
  • Updatable, Cloud-native
  • Integrates w/ k8s and existing service meshes like
    • { Consul, Linkerd, Istio (Envoy) }
  • Supports EGo, Gramine (experimental), and Occlum (experimental) runtimes.
  • cloud agnostic

• DevOps

  • Provides Manifest (JSON) which describes cluster?
  • doesn't need to worry too much about CC
  • can use existing tooling
  • don't need to change too much code

• User

  • Asks marblerun control plane for attestation w/ Quote, Cert, and Manifest
  • can verify everything in one step
    • everything runs in enclaves
    • everything always encrypted
    • cluster topology
    • cluster identities