Deploy Docker workloads to Confidential VMs from the command line.
Cloud · Docs · Trust Center · Templates
Phala Cloud lets you run existing containers inside hardware-backed Trusted
Execution Environments. Bring a docker-compose.yml, deploy it as a
Confidential VM, seal secrets to the measured build, and fetch attestation proof
for what is running.
- Deploy Docker Compose services as Confidential VMs with the
phalaCLI - Seal environment variables to the measured build instead of shipping raw secrets
- Stream logs, SSH, copy files, and manage linked CVMs from the terminal
- Fetch attestation proof for deployed workloads
- Start from templates for agents, MCP servers, GPU inference, and apps
The main developer surface in this repository is the phala CLI.
npm install -g phalaOr run it without installing:
npx phala <command>
bunx phala <command>Authenticate with Phala Cloud:
phala loginHeadless environment:
phala login --no-open
phala login phak_xxxFrom a project that has a docker-compose.yml:
phala deploy -n my-app -c docker-compose.yml -e .env --waitThe CLI creates or updates a CVM, seals environment variables when you pass
-e, schedules the workload on TDX infrastructure, and waits until the CVM is
ready when --wait is set.
After the first deploy, link the directory to the CVM:
phala link
git add phala.tomlphala.toml contains no secrets. Once it exists, day-to-day commands can target
the linked CVM automatically:
phala deploy # update the linked CVM
phala ps # list containers
phala logs -f # stream app logs
phala ssh # open a shell
phala cp ./file :~/ # copy to the linked CVMFetch the CVM attestation:
phala cvms attestation
phala cvms attestation --json > attestation.jsonThe attestation binds the running CVM to its measured runtime and compose hash, so users and auditors can verify that the deployed workload is the workload that was registered.
For confidential agents, mount the dstack socket inside the container to use KMS, Sign-RPC, and attestation from the workload:
services:
agent:
image: ghcr.io/your-org/agent:latest
environment:
- OPENAI_API_KEY=${OPENAI_API_KEY}
volumes:
- /var/run/dstack.sock:/var/run/dstack.sock
ports:
- "8080:8080"Deploy with sealed credentials:
phala deploy -n my-agent -c docker-compose.yml -e .env --wait| Command | Purpose |
|---|---|
phala deploy |
Deploy a new CVM or update the linked CVM |
phala link |
Bind the current directory to a CVM with phala.toml |
phala apps |
List deployed applications |
phala cvms |
Manage CVMs: get, start, stop, restart, resize, delete, attest |
phala logs |
Read container, serial, or CVM stderr logs |
phala ps |
List containers in a CVM |
phala ssh |
SSH into a CVM |
phala cp |
Copy files to or from a CVM |
phala instance-types |
List available CPU/GPU TEE instance types |
phala nodes |
List available TEE worker nodes |
phala profiles |
Manage multiple Phala Cloud workspaces |
Full command docs live in cli/docs.
| Path | Purpose |
|---|---|
cli |
Official Phala Cloud CLI, published as phala on npm |
js |
TypeScript SDK, published as @phala/cloud |
python |
Python SDK, published as phala-cloud |
go |
Go SDK for Phala Cloud API automation |
templates |
Curated prebuilt templates for MCP servers, agents, model serving, apps, and infrastructure |
skills |
Agent-readable workflows for Claude Code, Codex, Cursor, and other coding agents |
terraform |
Terraform provider submodule |
Use the CLI for deployment workflows. Use the SDKs when you need to integrate Phala Cloud into another product, service, or automation system.
TypeScript:
npm install @phala/cloudimport { createClient } from '@phala/cloud'
const client = createClient({
apiKey: process.env.PHALA_CLOUD_API_KEY,
})
const me = await client.getCurrentUser()Python:
pip install phala-cloudfrom phala_cloud import create_client
client = create_client(api_key="<api-key>")
me = client.get_current_user()Go:
go get github.com/Phala-Network/phala-cloud/sdks/goclient, err := phala.NewClient(phala.WithAPIKey("<api-key>"))The templates directory contains prebuilt Phala Cloud
deployments for:
- MCP servers and AI agent tools
- LLM inference and model-serving demos
- Web apps and developer utilities
- Blockchain, oracle, and data workloads
- Confidential computing starter kits
Each prebuilt template includes a docker-compose.yml and README. The template
catalog is generated from templates/config.json.
Validate template metadata before opening a PR:
python3 templates/validate.pyThe skills directory turns Phala Cloud workflows into concise
instructions that AI coding agents can follow.
Examples:
skills/phala-cli/SKILL.md— deploy, update, debug, SSH, CI/CD, and attestation with the CLIskills/usecase/agent-deploy.md— deploy a confidential AI agent with sealed credentials and signed action logsskills/usecase/gpu-vllm-deploy.md— self-host an OpenAI-compatible LLM on GPU TEEskills/usecase/verify-attestation.md— verify a Phala Cloud TEE attestation end to end
These files are designed to be fetched by coding agents and executed as step-by-step runbooks.
This repository vendors the Terraform provider as a submodule in
terraform.
Clone with submodules:
git clone --recurse-submodules git@github.com:Phala-Network/phala-cloud.gitIf you already cloned without submodules:
git submodule update --init --recursiveTerraform Registry:
terraform {
required_providers {
phala = {
source = "phala-network/phala"
version = "0.2.0-beta.1"
}
}
}Provider page: https://registry.terraform.io/providers/phala-network/phala/latest
Install dependencies:
bun installCLI development:
cd cli
bun run src/index.ts --help
bun run checkSDK checks:
cd js && bun run check
cd python && make check
cd go && go test ./...- Phala Cloud: https://cloud.phala.com
- Phala Cloud docs: https://docs.phala.com
- Trust Center: https://trust.phala.com
- API reference: https://cloud-api.phala.network/docs
- dstack: https://github.com/Dstack-TEE/dstack
- Phala Network: https://phala.network
Issues and pull requests are welcome. For templates, include validation output and a short smoke-test note. For CLI and SDK changes, include focused tests or a clear manual verification path.
See CONTRIBUTING.md.
This repository is licensed under the MIT License. Some packages and submodules may carry their own license files.