flashbox is an opinionated Confidential VM (CVM) base image built for podman pod payloads. With a focus on security balanced against TCB size, designed to give developers the simplest path to TDX VMs.
One command, ./zap
- and you've got yourself a TDX box.
-
Download the latest VM image from the releases page
-
Deploy the flashbox VM:
# Local deployment (non-TDX)
./zap --mode normal
# Local deployment (TDX)
./zap --mode tdx
# Azure deployment
./zap azure myvm eastus
# GCP deployment
./zap gcp myvm us-east4
- Azure deployments may encounter an issue with the
--security-type
parameter. See Azure CLI Issue #29207 for the workaround.
--ssh-source-ip
option to restrict SSH access in cloud deployments.
- Provision and start your containers:
# Upload pod configuration and environment variables
curl -X POST -F "pod.yaml=@pod.yaml" -F "env=@env" http://flashbox:24070/upload
# Start the containers
curl -X POST http://flashbox:24070/start
If you're coming from Docker Compose, you can convert your existing configurations:
podman-compose generate-k8s docker-compose.yml > pod.yaml
See the official documentation on differences between Docker Compose and Podman for migration details.
Here's a basic example of a pod configuration:
apiVersion: v1
kind: Pod
metadata:
name: my-app
labels:
app: my-app
spec:
containers:
- name: web-container
image: nginx:latest
env:
- name: DATABASE_URL
value: "${DATABASE_URL}"
ports:
- containerPort: 80
hostPort: 8080
flashbox allows you to provision secrets and configuration variables that should remain outside the attestation flow. This is done through a separate env
file that is processed independently of the pod configuration.
- Create an
env
file with your variables:
DATABASE_URL=postgresql://localhost:5432/mydb
API_KEY=your-secret-key
- Reference these variables in your pod configuration using the
${VARIABLE}
syntax:
env:
- name: DATABASE_URL
value: "${DATABASE_URL}"
- name: API_KEY
value: "${API_KEY}"
Variables in the env file will be substituted into the pod configuration at runtime, keeping them separate from the attestation process. This is useful for both secrets and configuration that may vary between deployments.