custom README.md
OBS-URL: https://build.opensuse.org/package/show/Cloud:Tools/aws-nitro-enclaves-cli?expand=0&rev=11
This commit is contained in:
parent
53e7970a8b
commit
dc7b5d4175
@ -65,6 +65,48 @@ System group %ne_system_group for Nitro Enclaves.
|
|||||||
%autosetup -p1 -a1
|
%autosetup -p1 -a1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
tee README.md <<'_EOR_'
|
||||||
|
Nitro Enclaves are "secondary VMs" running in an EC2 instance.
|
||||||
|
The "primary VM" releases some of its memory and cpu, which is then used by the enclaves.
|
||||||
|
This is done by nitro-enclaves-allocator.service, which uses
|
||||||
|
%_sysconfdir/nitro_enclaves/allocator.yaml as configuration file.
|
||||||
|
This systemd service has to be enabled manually, and started:
|
||||||
|
systemctl enable nitro-enclaves-allocator
|
||||||
|
systemctl start nitro-enclaves-allocator
|
||||||
|
|
||||||
|
This command has to be used to run an existing Enclave Image File:
|
||||||
|
nitro-cli run-enclave --eif-path /path/to/file.eif --cpu-count 2 --memory 512
|
||||||
|
|
||||||
|
How to build and run an example enclave:
|
||||||
|
zypper in -y docker
|
||||||
|
systemctl enable docker
|
||||||
|
systemctl start docker
|
||||||
|
docker pull opensuse/leap
|
||||||
|
tee Dockerfile <<_EOF_
|
||||||
|
FROM opensuse/leap
|
||||||
|
ENV HELLO="Hello from the enclave side!"
|
||||||
|
COPY hello.sh /bin/hello.sh
|
||||||
|
CMD ["/bin/hello.sh"]
|
||||||
|
_EOF_
|
||||||
|
tee hello.sh <<'_EOF_'
|
||||||
|
#!/bin/sh
|
||||||
|
# Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
count=123
|
||||||
|
while test $count -gt 0; do
|
||||||
|
printf "[%4d] $HELLO\n" $count
|
||||||
|
count=$((count-1))
|
||||||
|
sleep 5
|
||||||
|
done
|
||||||
|
_EOF_
|
||||||
|
chmod -v 555 *.sh
|
||||||
|
docker build -t hello-enclave:1.0 ./
|
||||||
|
nitro-cli build-enclave --docker-uri hello-enclave:1.0 --output-file hello.eif
|
||||||
|
nitro-cli run-enclave --eif-path hello.eif --cpu-count 2 --memory 512 --debug-mode
|
||||||
|
sleep 1
|
||||||
|
nitro-cli console --enclave-id $(nitro-cli describe-enclaves | jq -r ".[0].EnclaveID")
|
||||||
|
|
||||||
|
_EOR_
|
||||||
%install
|
%install
|
||||||
mkdir .cargo
|
mkdir .cargo
|
||||||
cp %{SOURCE2} .cargo/config
|
cp %{SOURCE2} .cargo/config
|
||||||
|
Loading…
Reference in New Issue
Block a user