CUBE-53 - Add deploying cube AI on cvms blog#41
Conversation
WashingtonKK
changed the title
SammyOina
left a comment
SammyOina
left a comment
There was a problem hiding this comment.
how do we authenticate to azure or gcp, this information is missing. In general blog needs more details
.blogcache
Outdated
| "content/blogs/cocos-prism-release.md": "8a45148d84030b5b5bcd47f5088cfd41", | ||
| "content/blogs/confidential-computing-meets-ai.md": "6997a319608301ea40d5ee467d954910", | ||
| "content/blogs/deploying-cube-ai-on-cvms.md": "dc9f4af55e5c019b6d8ba98b3edfbacc" | ||
| } No newline at end of file |
| ```bash | ||
| cd gcp/kms | ||
| tofu init | ||
| tofu plan -var-file="../../terraform.tfvars" |
There was a problem hiding this comment.
what is contained in tfvars, this is not explained
| - Lower memory requirements due to quantization | ||
| - Ideal for CPU or small GPU deployments | ||
|
|
||
| No configuration changes needed. Default installs Ollama and pulls `tinyllama:1.1b`. |
There was a problem hiding this comment.
change to current cube defaults
|
|
||
| For production deployments, uncomment and add certificates in the cloud-init file: | ||
|
|
||
| ```yaml |
There was a problem hiding this comment.
where is the cube cloud init file this is not explained
There was a problem hiding this comment.
Pull request overview
Adds a new Ultraviolet blog post about deploying Cube AI on confidential VMs (GCP/Azure) and wires it into the site (index + sitemap), while also improving excerpts/meta descriptions for existing posts.
Changes:
- Add new blog content: “Deploying Cube AI on Confidential Virtual Machines…”
- Update blog listing cards/excerpts and add “Next Read” cross-links to the new post
- Update sitemap and blog cache entries to include the new post and refreshed pages
Reviewed changes
Copilot reviewed 7 out of 8 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
sitemap.xml |
Updates lastmod values and adds the new blog URL entry. |
content/blogs/deploying-cube-ai-on-cvms.md |
Adds the new Markdown source for the blog post. |
blog/index.html |
Updates listing layout and adds the new post card + excerpts. |
blog/deploying-cube-ai-on-cvms/index.html |
Adds the generated HTML page for the new post. |
blog/confidential-computing-meets-ai/index.html |
Fills in meta description and adds cross-link to the new post. |
blog/cocos-prism-release/index.html |
Fills in meta description, adds cross-link to the new post, and updates excerpt text. |
.blogcache |
Updates cached hashes for blog sources and adds the new post. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| <meta property="og:image" content="https://www.ultraviolet.rs{https://www.ultraviolet.rs/img/header.avif}" /> | ||
|
|
||
|
|
||
| <meta name="twitter:card" content="summary_large_image" /> | ||
| <meta name="twitter:title" content="Deploying Cube AI on Confidential Virtual Machines: A Complete Guide to Secure LLM Inference on GCP and Azure" /> | ||
| <meta name="twitter:description" content="Walk through deploying Cube AI on AMD SEV-SNP confidential VMs on Google Cloud Platform and Microsoft Azure, covering KMS setup, cloud-init configuration, backend selection (Ollama vs vLLM), TLS certificates, GPU support, and verification steps." /> | ||
| <meta name="twitter:image" content="https://www.ultraviolet.rs{https://www.ultraviolet.rs/img/header.avif}" /> |
There was a problem hiding this comment.
og:image and twitter:image meta tags contain a malformed URL (https://www.ultraviolet.rs{https://www.ultraviolet.rs/...}), which will break link previews/SEO. Replace with a valid absolute image URL (ideally the post cover image) without the extra {...} portion.
| <meta property="og:image" content="https://www.ultraviolet.rs{https://www.ultraviolet.rs/img/header.avif}" /> | |
| <meta name="twitter:card" content="summary_large_image" /> | |
| <meta name="twitter:title" content="Deploying Cube AI on Confidential Virtual Machines: A Complete Guide to Secure LLM Inference on GCP and Azure" /> | |
| <meta name="twitter:description" content="Walk through deploying Cube AI on AMD SEV-SNP confidential VMs on Google Cloud Platform and Microsoft Azure, covering KMS setup, cloud-init configuration, backend selection (Ollama vs vLLM), TLS certificates, GPU support, and verification steps." /> | |
| <meta name="twitter:image" content="https://www.ultraviolet.rs{https://www.ultraviolet.rs/img/header.avif}" /> | |
| <meta property="og:image" content="https://www.ultraviolet.rs/img/header.avif" /> | |
| <meta name="twitter:card" content="summary_large_image" /> | |
| <meta name="twitter:title" content="Deploying Cube AI on Confidential Virtual Machines: A Complete Guide to Secure LLM Inference on GCP and Azure" /> | |
| <meta name="twitter:description" content="Walk through deploying Cube AI on AMD SEV-SNP confidential VMs on Google Cloud Platform and Microsoft Azure, covering KMS setup, cloud-init configuration, backend selection (Ollama vs vLLM), TLS certificates, GPU support, and verification steps." /> | |
| <meta name="twitter:image" content="https://www.ultraviolet.rs/img/header.avif" /> |
| "headline": "Deploying Cube AI on Confidential Virtual Machines: A Complete Guide to Secure LLM Inference on GCP and Azure", | ||
| "image": "https:\/\/www.ultraviolet.rs", | ||
| "datePublished": "2026-02-11", | ||
| "author": { | ||
| "@type": "Person", | ||
| "name": "Washington Kamadi" | ||
| }, | ||
| "description": "Walk through deploying Cube AI on AMD SEV-SNP confidential VMs on Google Cloud Platform and Microsoft Azure, covering KMS setup, cloud-init configuration, backend selection (Ollama vs vLLM), TLS certificates, GPU support, and verification steps." |
There was a problem hiding this comment.
The JSON-LD BlogPosting.image field is set to the site root URL (https://www.ultraviolet.rs) rather than an image URL. For valid structured data, set this to the actual cover image URL (or an array of image URLs).
| } | ||
| } | ||
|
|
||
| hljs.highlightAll(); |
There was a problem hiding this comment.
hljs.highlightAll() is called unconditionally, but this page doesn't include Highlight.js anywhere (no script tag), so hljs will be undefined and this will throw at runtime (preventing the rest of the DOMContentLoaded handler from running). Either include Highlight.js or guard the call with a typeof hljs !== 'undefined' check.
| hljs.highlightAll(); | |
| if (typeof hljs !== 'undefined') { | |
| hljs.highlightAll(); | |
| } |
| Start by authenticating with Azure and setting up key management: | ||
|
|
||
| ```bash | ||
| cd cocos-infra/azure/kms |
There was a problem hiding this comment.
The Azure section uses cd cocos-infra/azure/kms, but earlier steps already cd cocos-infra. If the reader is already in the repo directory, this path becomes cocos-infra/cocos-infra/azure/kms. Use a path relative to the current working directory (e.g., cd azure/kms) or clarify the expected starting directory.
| cd cocos-infra/azure/kms | |
| cd azure/kms |
| Navigate back to the GCP directory and deploy: | ||
|
|
||
| ```bash | ||
| cd ../ # Back to gcp directory |
There was a problem hiding this comment.
cd ../ # Back to gcp directory assumes the reader is currently in gcp/kms. Since Step 3/4 instruct edits in the repo root and a different file, the working directory at this point is ambiguous. Consider using an explicit path (e.g., cd <repo-root>/gcp or cd gcp from repo root) or clarify “from gcp/kms run …”.
| Navigate back to the GCP directory and deploy: | |
| ```bash | |
| cd ../ # Back to gcp directory | |
| From the repository root, navigate to the GCP directory and deploy: | |
| ```bash | |
| cd gcp # From the repo root, go to the GCP Terraform directory |
Signed-off-by: WashingtonKK <washingtonkigan@gmail.com>
Signed-off-by: WashingtonKK <washingtonkigan@gmail.com>
Signed-off-by: WashingtonKK <washingtonkigan@gmail.com>
WashingtonKK
force-pushed
the
deploying-cube-ai-on-cvms
branch
from
76e1820 to
935fc76
Compare
What type of PR is this?
What does this do?
Which issue(s) does this PR fix/relate to?
Have you included tests for your changes?
Did you document any new/modified features?
Notes