Best practices and guidelines for production deployments on Phala Cloud.
cloud-tee-starter-template
Secret Name | Description | How to Get |
---|---|---|
DOCKER_REGISTRY_USERNAME | Your container registry username | From your Docker Hub/Registry account |
DOCKER_REGISTRY_PASSWORD | Registry password/access token | Generate access token |
PHALA_CLOUD_API_KEY | Phala Cloud authentication key | From Phala Cloud Dashboard → “Create Token” |
APP_NAME | Deployment name (e.g., my-tee-app ) | Choose name without special characters except - |
DOCKER_IMAGE | Full image path (e.g., docker.io/username/image-name ) | Follow registry naming conventions |
api-server/Dockerfile
in this example.phala
CLI with the name you set in APP_NAME
with the updated docker compose file../api-server/docker-compose.yml
file.
PHALA_CLOUD_API_KEY
and the APP_NAME
will be used when configuring your CVM for deployment.
Parameter Name | Description | Value |
---|---|---|
phala-api-key | The API key for your Phala Cloud account. Obtain this from the Phala Cloud Dashboard: log in and use the “Create Token” function to generate an API key. Follow the guide on how to generate a Phala Cloud API Key. | string (i.e phat_kekwhfh) |
cvm-name | The name of the app/CVM to the value of our APP_NAME (if set) secret (e.g. “my-tee-app”). This name is what you’ll see in the Phala Cloud dashboard. | string (i.e my-app) |
compose-file | The docker compose file that will be our docker application deployed to the CVM. | file path (i.e. ./api-server/docker-compose.yml ) |
vcpu | Number of vCPUs for the CVM | string|number (i.e. “2”) |
memory | Amount of memory for the CVM | string|number in MB (i.e. “2048”) |
disk-size | Amount of disk storage for the CVM | string|number in GB (i.e. “20”) |
envs | Encrypted environment variables for the CVM | KEY: VALUE |
app-id | (For upgrades) The app ID of the CVM. This is used for upgrades | app-id |
node-id | The TEE node (teepod) ID of the TEE server. (Can leave empty) | string|number (i.e. “3”) |
base-image | Dstack base image used to deploy the CVM | string (i.e. dstack-0.3.5 or dev-dstack-0.3.5 ) |
api-server/Dockerfile
syntaxact
command. The act
can be installed from https://github.com/nektos/act. The secerts you need to set are the same as the ones in the repository secrets to local .env
file in the root of the repository.