Backend.AI is a streamlined, container-based computing cluster platform that hosts popular computing/ML frameworks and diverse programming languages, with pluggable heterogeneous accelerator support including CUDA GPU, ROCm GPU, TPU, IPU and other NPUs.
Manager, Storage-Proxy, etc. supports HTTPS mode by loading SSL certificate chain. However, they cannot load the certificates encrypted with a pass phrase (password file). For more security, we are better to support the loading of SSL certificate chain with a pass phrase.
The load_cert_chain actually supports the password parameter, so we can just append a password file if exists. manager.toml should also support the ssl-password field under the [manager] section.
Target services: Manager, Storage-Proxy, Webserver, etc.
Manager, Storage-Proxy, etc. supports HTTPS mode by loading SSL certificate chain. However, they cannot load the certificates encrypted with a pass phrase (password file). For more security, we are better to support the loading of SSL certificate chain with a pass phrase.
For example in Manager, the cert chain is loaded in the following lines: https://github.com/lablup/backend.ai-manager/blob/d180e9b441b0ea95b9d4ae980191988621928019/src/ai/backend/manager/server.py#L589-L592
The
load_cert_chain
actually supports thepassword
parameter, so we can just append a password file if exists.manager.toml
should also support thessl-password
field under the[manager]
section.Target services: Manager, Storage-Proxy, Webserver, etc.