You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@teaclave.apache.org by Hitesh Patel <no...@github.com.INVALID> on 2022/03/24 11:12:10 UTC

[apache/incubator-teaclave] [SGx Mode] Bugs in Teaclave deployment on azure (Issue #640)

I built teaclave on azure Standard DC2s v2 VM instance, following the instruction from https://github.com/apache/incubator-teaclave/blob/master/docs/azure-confidential-computing.md


When I tried to launch Teaclave services, I encountered the following error.

```
$ (cd docker && ./run-teaclave-services.sh -d)
/var/run/aesmd/aesm.socket socket detected.
Error: No such volume: aesmd-socket
Cannot find a valid sgx device.
```

I checked properly that SGx  driver availability with below results on Azure VM instance.


```
$ ls /dev/sgx
enclave  provision
```




-- 
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/640
You are receiving this because you are subscribed to this thread.

Message ID: <ap...@github.com>

Re: [apache/incubator-teaclave] [SGx Mode] Bugs in Teaclave deployment on azure (Issue #640)

Posted by Mingshen Sun <no...@github.com.INVALID>.

@hiteshvpatel256, this could be an issue of detecting sgx devices on Azure in the `run-teaclave-services.sh` script. Let me setup a new one on Azure and go through the instruction to see the root cause again.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/640#issuecomment-1079319509
You are receiving this because you are subscribed to this thread.

Message ID: <ap...@github.com>

Re: [apache/incubator-teaclave] [SGx Mode] Bugs in Teaclave deployment on azure (Issue #640)

Posted by Qinkun Bao <no...@github.com.INVALID>.

> @mssun That is the same problem that I had and we commented previously on discord (https://discord.com/channels/891067964743376906/891068072503410738/944151562765361192)

Hi Torvel, thank you for bringing up the issue. We have an internal version of Teaclave, and it works perfectly on Azure Confidential Cloud. The open-source deployment scripts have some problems to be fixed. All the core developers of Teaclave are experiencing some qualifying life events. I will work on the issue once I have access to Azure Confidential VMs.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/640#issuecomment-1150601008
You are receiving this because you are subscribed to this thread.

Message ID: <ap...@github.com>

Re: [apache/incubator-teaclave] [SGx Mode] Bugs in Teaclave deployment on azure (Issue #640)

Posted by Jose Torres Velasco <no...@github.com.INVALID>.

@mssun   That is the same problem that I had and we commented previously on discord (https://discord.com/channels/891067964743376906/891068072503410738/944151562765361192)  

-- 
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/640#issuecomment-1150177525
You are receiving this because you are subscribed to this thread.

Message ID: <ap...@github.com>

Re: [apache/incubator-teaclave] [SGx Mode] Bugs in Teaclave deployment on azure (Issue #640)

Posted by Hitesh Patel <no...@github.com.INVALID>.

Resolved the issue by installing ISGX driver to azure VM.   
`wget https://download.01.org/intel-sgx/sgx-linux/2.11/distro/ubuntu18.04-server/sgx_linux_x64_driver_2.6.0_b0a445b.bin`


Azure VM by default setting up only SGX drivers. So ISGX will be needed to use intel auth services.
Also docker volume "aesmd-socket" needs to be created manually if not added as default at the time of installing SGX driver.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/640#issuecomment-1078900572
You are receiving this because you are subscribed to this thread.

Message ID: <ap...@github.com>