To use SSL in AIAA, we can pass the key and certificate using the argument “ssl_keyfile”, “ssl_keyfile_password” and “ssl_certfile”.
Below is one way to generate self-signed certificates:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365
Then we copy the key and certificates inside the AIAA workspace and start AIAA as follows:
start_aiaa.sh -w /workspace \
--ssl_keyfile /workspace/key.pem
--ssl_certfile /workspace/cert.pem
--ssl_keyfile_password [the password you set]
We can also use the following docker-compose.yml to use docker-compose to start AIAA with Triton backend: (Remember to change the ssl_keyfile_password to the password you set)
version: "3.8"
services:
clara-train-sdk:
image: ${CLARA_IMAGE}
command: >
sh -c "mkdir -p /workspace/logs /workspace/triton &&
start_aiaa.sh \
--workspace /workspace \
--port ${AIAA_PORT} \
--engine TRITON \
--ssl_keyfile /workspace/key.pem \
--ssl_certfile /workspace/cert.pem \
--ssl_keyfile_password 1234 \
--triton_ip tritonserver \
--triton_port 8000 \
--triton_proto http \
--triton_model_path /workspace/triton \
--triton_verbose 0 2>&1 | tee /workspace/logs/container.aiaa.log"
ports:
- "${AIAA_PORT}:5000"
volumes:
- ${AIAA_WORKSPACE}:/workspace
networks:
- aiaa
shm_size: 1gb
ulimits:
memlock: -1
stack: 67108864
depends_on:
- tritonserver
logging:
driver: json-file
tritonserver:
image: ${TRITION_IMAGE}
command: >
sh -c "mkdir -p /workspace/logs /workspace/triton &&
tritonserver \
--model-store=/workspace/triton \
--model-control-mode=poll \
--repository-poll-secs=5 \
--log-verbose=0 2>&1 | tee /workspace/logs/container.triton.log"
volumes:
- ${AIAA_WORKSPACE}:/workspace
networks:
- aiaa
shm_size: 1gb
ulimits:
memlock: -1
stack: 67108864
restart: unless-stopped
logging:
driver: json-file
deploy:
resources:
reservations:
devices:
- driver: nvidia
device_ids: [ '0' ]
capabilities: [ gpu ]
networks:
aiaa: