README.vsock_proxy.md

OBS-URL: https://build.opensuse.org/package/show/Cloud:Tools/aws-nitro-enclaves-cli?expand=0&rev=12

aws-nitro-enclaves-cli.spec

@@ -65,9 +65,12 @@ System group %ne_system_group for Nitro Enclaves.
 %autosetup -p1 -a1
 
 %build
+ln vsock_proxy/README.md README.vsock_proxy.md
 tee README.md <<'_EOR_'
 Nitro Enclaves are "secondary VMs" running in an EC2 instance.
-The "primary VM" releases some of its memory and cpu, which is then used by the enclaves.
+Their only storage is the memory which is assigned to them.
+Their only way to communicate with the primary is the usage of AF_VSOCK.
+The "primary VM" releases some of its memory and cpus, which is then assigned to the enclaves.
 This is done by nitro-enclaves-allocator.service, which uses
 %_sysconfdir/nitro_enclaves/allocator.yaml as configuration file.
 This systemd service has to be enabled manually, and started:
@@ -82,7 +85,7 @@ How to build and run an example enclave:
   systemctl enable docker
   systemctl start docker
   docker pull opensuse/leap
-  tee Dockerfile <<_EOF_
+  tee Dockerfile <<'_EOF_'
 FROM opensuse/leap
 ENV HELLO="Hello from the enclave side!"
 COPY hello.sh /bin/hello.sh
@@ -105,7 +108,6 @@ _EOF_
   nitro-cli run-enclave --eif-path hello.eif --cpu-count 2 --memory 512 --debug-mode
   sleep 1
   nitro-cli console --enclave-id $(nitro-cli describe-enclaves | jq -r ".[0].EnclaveID")
-
 _EOR_
 %install
 mkdir .cargo
@@ -202,6 +204,7 @@ chown -v '0:%ne_system_group' "${ld}"
 
 %files
 %doc README.md
+%doc README.vsock_proxy.md
 %doc docs/image_signing.md
 %license LICENSE
 %license THIRD_PARTY_LICENSES