Skip to main content

Architecture

Prism provides a computation management service for CoCos AI.

Components

ServiceDescription
AuthManages user policies in relation to backends, certs and computations.
UsersManages platform's users and auth concerns in regards to users and workspaces.
ComputationsManages computation lifecycle, from creation to running and monitoring.
BackendsManages connections Confidential Virtual Machine creation, and connection between agent and cvms service.
CertsManages certification lifecyle (issuing, revocation, renewal) used for mTLS between backends and manager.
BillingManages payments on the platform and controls resource access based on billing plans.
InvitationsManages user inivations to access workspaces.
User InterfaceProvides an web interface to provide platform access over a visual interface.

Architecture

Users

The users service provides users access to the plaform and the user identities are used to provide authorization for the platform. Prism uses magistrala users service to achieve this.

Computations

The computations service give users with the appropriate authorization, the ability to create, update, delete and run computations.

Backends

The backends service connects to the computations service and receives run requests from computations service which it forwards to the Confidential Virtual Machines. Backends are identified by their flavors, i.e., GCP, Azure, Manager, or User created, and any VMs created on the backends are identified by their ip addresses and have certificates assigned to them for mutual TLS connections with prism.

Certs

This a certificate authority service that offers the ability to issue, revoke, renew certificates. It also offers an online certificate status protocal OCSP endpoint which is used to verify certificates used in backends service.

User Interface

This provides users with a web interface to visually access the platform. It connects to the other services using the sdk.