Zero Trust Deployment
The Zero Trust deployment scenario represents DPF for zero trust environments, where the DPU is treated as a host accelerator card and is managed by DPF via BMC and Redfish. In this deployment model, host machines remain outside the DPF management cluster, while the DPU serves as an integrated acceleration resource that enhances the host's capabilities.
This architecture provides secure isolation between the management plane and host systems. DPU services are managed through Kubernetes APIs within the DPF cluster, while host workloads operate independently on their respective machines.
Redfish is used to manage the DPU hardware, including firmware updates and configuration changes.
The Zero Trust model supports various use cases, each optimized for specific networking and acceleration requirements.
Each use case may require tailored configurations on the DPU for optimal performance. Below are the validated user guides with corresponding deployment guides.
HBN
DPU Services | Comments |
DOCA Host-Based Networking (HBN) | Accelerates underlay BGP routing with ECMP and EVPN-based overlays |
VPC
DPU Services | Comments |
VPC OVN-Controller | OVN-Controller for VPC management and networking |
VPC OVN-Node | OVN-Node for VPC networking and connectivity |
Passthrough
No DPUServices are necessary for this use case.
Before deploying DPF in zero trust mode, ensure you have the necessary hardware and software prerequisites in place. This includes compatible DPU hardware, host operating system configurations, and network settings. For detailed requirements, refer to the prerequisites guide.
To deploy DPF in zero trust mode:
Setup Prerequisites: Ensure all hardware, software, and network requirements are met
Choose Use Case: Select the appropriate deployment scenario based on your requirements
Follow Guide: Use the specific use case documentation for step-by-step deployment
Verify Deployment: Validate the installation and perform basic functionality tests
For assistance with zero trust deployments:
Review the specific use case documentation
Check the DPF troubleshooting guide
Consult the release notes for known issues
Engage with the NVIDIA support team for further assistance
Once you've familiarized yourself with the zero trust concept, proceed to:
Review the prerequisites
Select an appropriate use case
Begin your DPF zero trust deployment