Confidential Containers

Introduction

The TEE OS supports containerized CAs and TAs and high-level language applications. Figure 1 shows the overall architecture.

• Docker engine: Core software used to run and manage containers. It is automatically installed when installing Docker.
• Container: An operating environment built based on user-defined images, including CAs and TAs.
• REE patch: A component in the REE, which is deployed on the host (libteec.so is deployed in the container to provide APIs) to enable the TrustZone environment.
• tlogcat: deployed on a host or in a container to view logs printed in the TEE.
• agentd: deployed in a container to dynamically load TAs in the container and support secure storage in the container.
• tee_teleport: deployed on a host or in a container to deploy and run high-level language applications.

For details about how to use this feature, see Confidential Containers.

Restrictions

• CAs and TAs can be deployed in containers.
• Applications written in high-level languages can be deployed in containers. The Python interpreter and JDK must be deployed on the host.
• The TEE OS supports a maximum of 255 containers. However, considering the resource limitations in the TEE OS, the maximum number of containers that can run TAs concurrently is 63. If the maximum number is exceeded, TAs in new containers cannot be loaded.