Feature Overview (aka. Goal Summary)  

Extend Confidential Clusters capability by supporting confidential computing to the GPUs of each Node in the cluster. 

Goals (aka. expected user outcomes)

Enable confidential computing at the GPU level to secure AI workloads in the Cluster

Requirements (aka. Acceptance Criteria):

Each Node in the cluster provided with GPU devices will use confidential computing capabilities at the GPU level available in the NCCads_H100_v5 machine series

Use Cases (Optional):

Enable AI workloads running in OpenShift to be protected by confidential computing capabilities

Questions to Answer (Optional):

The NVIDIA GPU Operator on Red Hat OpenShift might need to be enabled to automatically inject the required drivers and configuration needed to enable confidential computing at the GPU level

Background

Securing AI workloads is becoming critical for customers to adopt Zero Trust in their organizations. While securing data in use for workloads that don't require GPU compute capabilities is already covered via AMD SEV-SNP or Intel TDX confidential computing there is still a requirement to protect as well all the workloads consuming GPUs.

Documentation Considerations

Standard documentation will be provided to instruct the user on how to consume this feature in OpenShift