AIAA with SSL

To use SSL in AIAA, we can pass the key and certificate using the argument “ssl_keyfile”, “ssl_keyfile_password” and “ssl_certfile”.

Below is one way to generate self-signed certificates:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365

Then we copy the key and certificates inside the AIAA workspace and start AIAA as follows:

start_aiaa.sh -w /workspace \
              --ssl_keyfile /workspace/key.pem
              --ssl_certfile /workspace/cert.pem
              --ssl_keyfile_password [the password you set]

We can also use the following docker-compose.yml to use docker-compose to start AIAA with Triton backend: (Remember to change the ssl_keyfile_password to the password you set)

version: "3.8"
services:
  clara-train-sdk:
    image: ${CLARA_IMAGE}
    command: >
      sh -c "mkdir -p /workspace/logs /workspace/triton &&
        start_aiaa.sh \
          --workspace /workspace \
          --port ${AIAA_PORT} \
          --engine TRITON \
          --ssl_keyfile /workspace/key.pem \
          --ssl_certfile /workspace/cert.pem \
          --ssl_keyfile_password 1234 \
          --triton_ip tritonserver \
          --triton_port 8000 \
          --triton_proto http \
          --triton_model_path /workspace/triton \
          --triton_verbose 0 2>&1 | tee /workspace/logs/container.aiaa.log"
    ports:
      - "${AIAA_PORT}:5000"
    volumes:
      - ${AIAA_WORKSPACE}:/workspace
    networks:
      - aiaa
    shm_size: 1gb
    ulimits:
      memlock: -1
      stack: 67108864
    depends_on:
      - tritonserver
    logging:
      driver: json-file
  tritonserver:
    image: ${TRITION_IMAGE}
    command: >
      sh -c "mkdir -p /workspace/logs /workspace/triton &&
        tritonserver \
        --model-store=/workspace/triton \
        --model-control-mode=poll \
        --repository-poll-secs=5 \
        --log-verbose=0 2>&1 | tee /workspace/logs/container.triton.log"
    volumes:
      - ${AIAA_WORKSPACE}:/workspace
    networks:
      - aiaa
    shm_size: 1gb
    ulimits:
      memlock: -1
      stack: 67108864
    restart: unless-stopped
    logging:
      driver: json-file
    deploy:
      resources:
        reservations:
          devices:
            - driver: nvidia
              device_ids: [ '0' ]
              capabilities: [ gpu ]
networks:
  aiaa: