Sign up to save your podcasts
Or
Share Google: Confidential Computing with Accelerated AI Workloads on GCE
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Google: Confidential Computing with Accelerated AI Workloads on GCE
The provided sources are a collection of Google Cloud documentation and blog excerpts detailing the features and implementation of Confidential Computing services, particularly focusing on Confidential Virtual Machines (VMs) and Confidential Google Kubernetes Engine (GKE) Nodes, especially for AI and ML workloads. The documentation explains that these confidential instances utilize hardware-based memory encryption—known as a Trusted Execution Environment (TEE)—to protect data and applications in use from unauthorized access, even from the hypervisor. Specific technologies enabling this include AMD SEV, AMD SEV-SNP, and Intel TDX, with newer developments extending these protections to accelerated computing using NVIDIA H100 Tensor Core GPUs. The sources also offer practical guidance on how to create a Confidential VM instance with GPU, including managing required GPU quota and configuring different provisioning models like Spot and Flex-start, and detail how to enable Confidential GKE Nodes for secured GPU workloads.Sources:https://cloud.google.com/confidential-computing/confidential-vm/docs/confidential-vm-overviewhttps://cloud.google.com/confidential-computing/confidential-vm/docs/create-a-confidential-vm-instance-with-gpuhttps://cloud.google.com/kubernetes-engine/docs/how-to/gpus-confidential-nodeshttps://cloud.google.com/blog/products/identity-security/how-confidential-computing-lays-the-foundation-for-trusted-aihttps://cloud.google.com/blog/products/identity-security/expanding-confidential-computing-for-ai-workloads-next24
View all episodes
By mcgrofThe provided sources are a collection of Google Cloud documentation and blog excerpts detailing the features and implementation of Confidential Computing services, particularly focusing on Confidential Virtual Machines (VMs) and Confidential Google Kubernetes Engine (GKE) Nodes, especially for AI and ML workloads. The documentation explains that these confidential instances utilize hardware-based memory encryption—known as a Trusted Execution Environment (TEE)—to protect data and applications in use from unauthorized access, even from the hypervisor. Specific technologies enabling this include AMD SEV, AMD SEV-SNP, and Intel TDX, with newer developments extending these protections to accelerated computing using NVIDIA H100 Tensor Core GPUs. The sources also offer practical guidance on how to create a Confidential VM instance with GPU, including managing required GPU quota and configuring different provisioning models like Spot and Flex-start, and detail how to enable Confidential GKE Nodes for secured GPU workloads.Sources:https://cloud.google.com/confidential-computing/confidential-vm/docs/confidential-vm-overviewhttps://cloud.google.com/confidential-computing/confidential-vm/docs/create-a-confidential-vm-instance-with-gpuhttps://cloud.google.com/kubernetes-engine/docs/how-to/gpus-confidential-nodeshttps://cloud.google.com/blog/products/identity-security/how-confidential-computing-lays-the-foundation-for-trusted-aihttps://cloud.google.com/blog/products/identity-security/expanding-confidential-computing-for-ai-workloads-next24