Components

IBM Hyper Protect Virtual Servers consists of the following components:

  • A hosting appliance that is based on the IBM Secure Service Container framework, which can host containerized workloads with focus on superior data security in the cloud and on-premise.
  • Base images of Hyper Protect Virtual Server container (hpvsop-base and hpvsop-base-ssh), which can be used to host your application code. The hpvsop-base-ssh base image provides additional SSH daemon for debugging and testing.
  • A base image of the Secure Build container (secure-docker-build), which can be provisioned on the Secure Service Container partition and bound to build your application code exclusively.
  • Base images of the monitoring infrastructure (collectd-host and monitoring-host), which can be used to collect metrics from Secure Service Container framework.
  • A base image of the Enterprise PKCS #11 (EP11) over gRPC (Grep11) container (grep11-container), which can communicate with Hardware Security Module (HSM) and generates asymmetric (public and private) key pairs.
  • A set of command line tools that are used to:
    • Create and manage the Hyper Protect Virtual Server instances
    • Securely build and publish your applications as containerized workloads
    • Deploy your containerized workloads to the Secure Service Container framework
    • Monitor IBM Hyper Protect appliance health such as the usage of CPU, memory, disk, and uptime.
    • Provide Enterprise PKCS #11 (EP11) interfaces for crypto operations such as key generation, encryption, decryption, data wrapping and unwrapping in EP11 over gRPC (grep11) client applications.

Table 1. IBM Hyper Protect Virtual Servers components

| Component | In 1.2.7.7 |1.2.7.6 |In 1.2.7.5 | In 1.2.7.4 | In 1.2.7.3 | In 1.2.7.2 | In 1.2.7.1 | In 1.2.7 | In 1.2.6.1 | |---|---|---|---|---|---|---|---|---| | Hosting appliance | 4.4.21 | 4.4.19 | 4.4.13 | 4.4.13 | 4.4.12 | 4.4.10 | 4.4.7 |4.4.4 | 4.3.13 | | hpvsop-base and hpvsop-base-ssh | 1.2.7.7 | 1.2.7.6 | 1.2.7.5 | 1.2.7.4 | 1.2.7.3 | 1.2.7.2 |1.2.7.1 |1.2.7| 1.2.6.1 | | secure-docker-build | 1.2.7.7 | 1.2.7.6 | 1.2.7.5 | 1.2.7.4 |1.2.7.3 | 1.2.7.2 |1.2.7.1| 1.2.7 | 1.2.6.1 | | collectd-host and monitoring-host | 1.2.7.5 | 1.2.7.5 | 1.2.7.4 | 1.2.7.3 | 1.2.7.2 |1.2.7.1| 1.2.7| 1.2.6.1 | | grep11-container | 1.2.7.7 | 1.2.7.6 | 1.2.7.5 | 1.2.7.4 | 1.2.7.3 | 1.2.7.2 |1.2.7.1| 1.2.7| 1.2.6.1 |

The signing keys for all the images listed in the table can be found at IBM Hyper Protect Virtual Servers signing key expiry dates.

See Downloading the installation package for the information about how to get these components.