How To Run Containers Inside the HSM

This guide gives an overview of how to run containers on the VaultContainers platform inside a Primus HSM.

To run a container inside Primus HSM, you need to:

Load the container image onto the HSM (via a USB stick).
Load the application config file for the containerized application onto the HSM (via a USB stick).
Start the container.

These steps:

Require SO privileges.
Must be repeated for every HSM in a cluster.

tip

For detailed instructions and commands, please see Section 14 "VaultContainers Platform" of the Primus HSM User Guide.

Deploying Securosys Containers

Securosys provides several container images that you can load onto the HSM. Each of them has its own repository, from where you can download the .container image and configuration files. Currently, Securosys offers the following products as loadable container images:

VaultCode
TSB / REST API
A database (PostgreSQL, needed as a dependency of the above)

Deploying Custom Containers

Custom container images need to be provided as a signed bundle. This bundle is a ZIP file, but with the .container extension. The contents of the ZIP must be the following:

customer-app.container
├── customer-app.tar
└── customer-app.sig

info

Deploying customer container images requires Primus HSM CyberVault Server.

Get started withCloudHSM for free.

Need help?Contact Support.

Other questions?Ask Sales.

Deploying Securosys Containers​

Deploying Custom Containers​

Deploying Securosys Containers

Deploying Custom Containers