ayo/ipex-llm
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

[PPML] Add mermaid to deployment and installation doc (#6497)

Browse source 
* Fix deployment doc mermaid.
* Add PCCS network to installation doc.
This commit is contained in:
Qiyuan Gong 2022-11-09 08:57:17 +08:00 committed by GitHub
parent 4403c7727f
commit a46618844f
2 changed files with 33 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
docs/readthedocs/source/doc/PPML/Overview/install.md
View file

@ -45,15 +45,31 @@ sudo apt update
sudo apt-get install libsgx-urts libsgx-dcap-ql libsgx-dcap-default-qpl sudo apt-get install libsgx-urts libsgx-dcap-ql libsgx-dcap-default-qpl
``` ```
##### Install PCCS (for attestation) ##### Install PCCS (Provisioning Certificate Caching Service) (for attestation)
Please refer to [Intel® Software Guard Extensions Data Center Attestation Primitives (Intel® SGX DCAP): A Quick Install Guide](https://www.intel.com/content/www/us/en/developer/articles/guide/intel-software-guard-extensions-data-center-attestation-primitives-quick-install-guide.html) Please refer to [Intel® Software Guard Extensions Data Center Attestation Primitives (Intel® SGX DCAP): A Quick Install Guide](https://www.intel.com/content/www/us/en/developer/articles/guide/intel-software-guard-extensions-data-center-attestation-primitives-quick-install-guide.html)
Note that PCCS requires Internet connection for downloading certificates from Intel PCS. PCCS is fully [open sourced on Github](https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/master/QuoteGeneration/pccs), you can build your own PCCS based on these codes.
```eval_rst
.. mermaid::
graph BT
pcs(Intel PCS) --> PCCS
PCCS --> pcs
subgraph Internet
pcs
end
subgraph Data Center
PCCS --> sgx(SGX Server)
sgx --> PCCS
end
```
##### Install Kubernetes SGX Plugin (K8S only) ##### Install Kubernetes SGX Plugin (K8S only)
Please refer to [Deploy the Intel SGX Device Plugin for Kubernetes](https://bigdl.readthedocs.io/en/latest/doc/PPML/QuickStart/deploy_intel_sgx_device_plugin_for_kubernetes.html). Please refer to [Deploy the Intel SGX Device Plugin for Kubernetes](https://bigdl.readthedocs.io/en/latest/doc/PPML/QuickStart/deploy_intel_sgx_device_plugin_for_kubernetes.html).
### FAQs ### FAQs
1. Is SGX supported on CentOS 6/7? 1. Is SGX supported on CentOS 6/7?

28
docs/readthedocs/source/doc/PPML/QuickStart/deploy_ppml_in_production.md
View file

@ -20,19 +20,21 @@ Due to security and privacy considerations (e.g., `enclave-key` security), only
You can find more details in [Intel SGX Developer Guide](https://download.01.org/intel-sgx/linux-1.5/docs/Intel_SGX_Developer_Guide.pdf). You can find more details in [Intel SGX Developer Guide](https://download.01.org/intel-sgx/linux-1.5/docs/Intel_SGX_Developer_Guide.pdf).
```mermaid
graph LR ```eval_rst
subgraph SGX enclave .. mermaid::
MRENCLAVE(fa:fa-file-signature MRENCLAVE) graph LR
MRSIGNER(fa:fa-file-signature MRSIGNER) subgraph SGX enclave
end MRENCLAVE(fa:fa-file-signature MRENCLAVE)
subgraph enclave-key MRSIGNER(fa:fa-file-signature MRSIGNER)
private_key(fa:fa-key private key) end
public_key(fa:fa-key public key) subgraph enclave-key
end private_key(fa:fa-key private key)
private_key --> MRENCLAVE public_key(fa:fa-key public key)
ppml_application(PPML Applicaiton) --> MRENCLAVE end
public_key --> MRSIGNER private_key --> MRENCLAVE
ppml_application(PPML Applicaiton) --> MRENCLAVE
public_key --> MRSIGNER
``` ```
In this guide, we will demonstrate how to go through these 2 stages step by step. In this guide, we will demonstrate how to go through these 2 stages step by step.