Docs

Docs

From renting GPUs to managing datacenters, the Brokkr platform has a wide variety of useful features and integrations. Get an overview of how to use them and how to get started.

Brokkr FAQ

Getting Started with Confidential AI on Hydra (Intel TDX)

This guide walks you from selecting a TEE-capable server to running confidential AI workloads, using Hydra's fully automated Intel TDX support.

Hydra handles the hard parts (BIOS, host OS, validation). You focus on your workload.

1. Find TEE-capable servers

In the Hydra console:

  • Find servers marked "TEE Capable"
  • These servers support hardware-enforced confidential computing using Intel Trust Domain Extensions (TDX)

If a server is not marked TEE-capable, Intel TDX cannot be enabled later.

What Hydra already did for you

  • Validated CPU, platform firmware, and memory configuration
  • Ensured the platform supports Intel TDX at the silicon level

2. Provision with a TEE operating system

When provisioning the server, select one of the TEE OS images:

  • Ubuntu Noble 24.04 LTS (TEE)
    Stable, long-term support, recommended for production
  • Ubuntu Plucky 25.04 (TEE)
    Newer kernel and TDX features, ideal for cutting-edge AI workloads

Provisioning can take up to 60 minutes. This is expected.

During this time, Hydra:

  • Applies a validated TDX BIOS configuration
  • Performs required multi-stage reboots
  • Installs a Canonical-based TDX host stack
  • Verifies the TDX module is fully initialized

The server is only marked ready after all checks pass.

3. Verify that TDX is active

Once the server is ready, SSH in and confirm that Intel TDX is enabled:

sudo dmesg | grep -i tdx

You should see output indicating:

  • BIOS support is enabled
  • The TDX module is loaded
  • The module is initialized

You can also check:

cat /sys/module/kvm_intel/parameters/tdx

Expected value:

Y

If these checks fail, do not proceed. Contact Hydra support.

4. Create and configure your Trust Domain (TD)

At this point, Hydra's responsibility ends and guest-level configuration begins.

Follow Canonical's official Intel TDX documentation starting at:

"5. Create TD Image"

https://github.com/canonical/tdx?tab=readme-ov-file#5-create-td-image

This includes:

  • Creating a TD guest image
  • Launching a Trust Domain VM
  • Optional: configuring remote attestation and key release

We intentionally link to Canonical's documentation to ensure you always have the latest, authoritative TDX instructions.

5. Run your confidential AI workloads

Inside the Trust Domain VM, you can now:

  • Run standard Linux workloads (no app changes required)
  • Attach and use NVIDIA GPUs via passthrough
  • Deploy PyTorch, TensorFlow, vLLM, Kubernetes, etc.
  • Gate secrets or keys on successful TDX attestation

At this stage:

  • VM memory and CPU state are hardware-encrypted
  • The host OS, hypervisor, and provider operators cannot inspect your workload
  • You can cryptographically prove where your code is running

Critical notes (do not skip)

What TDX protects

  • VM memory contents
  • CPU state
  • Isolation from host OS and hypervisor

What TDX does not automatically protect

  • Your application logic
  • Network-level exposure
  • Data you explicitly send outside the Trust Domain
  • Secrets you load without attestation checks

Confidential computing strengthens your trust boundary — it does not replace good security design.

Where to go next

Canonical's Intel TDX reference docs:

https://github.com/canonical/tdx