Blockchain is a decentralized multi-mode architecture. All nodes which are made by the entire Blockchain network jointly maintains a ledger. When this ledger has a request for a data change, each node will jointly verify the request. The ledger is composed of several blocks. When a new block is generated, it will contain the hash value of the previous block content. In this way, the block and the block are concatenated, so it has irreversible and tamper-proof nature, and has a considerable degree of security. However, in the definition of data security, in addition to the risk of preventing data from being tampered with, it is also important that the data cannot be stolen, which affects the privacy of the transaction content. Even if Blockchain completely prevents the data, which is not tampered with, the privacy of the transaction content cannot be achieved. Hence, it is possible to get the transaction content from some node because the transaction in the blocks are stored at each node. Consequently, the study will use Blockchain technology, Ethereum, to design private Blockchain services and use Kubernetes providing container cluster management to build containerized Blockchain environment to achieve a set of enterprise Blockchain as a service (BaaS) architecture. In addition, the proposed BaaS architecure links Ceph distributed software defined storage system (SDS) as backend storage environment by Container Storage Interface (CSI). And, through CSI, this study proposes to use the Ceph storage service to further design the way to encrypt the storage system, which provides a concept of TrustZone. In order to achieve better privacy, the proposed design provides a mechanism which is determined by the Blockchain node whether the data will be stored to TrustZone.