docker limit resources

Cargo.lock

@@ -410,7 +410,6 @@ dependencies = [
 [[package]]
 name = "detee-shared"
 version = "0.1.0"
-source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#9ba3bc318617b08d8c761767a23abd77519b7e6d"
 dependencies = [
  "base64",
  "prost",

src/container.rs

@@ -1,4 +1,5 @@
 use anyhow::{anyhow, Result};
+use detee_shared::sgx::types::brain::Resource;
 use log::info;
 use std::process::Command;
 
@@ -7,6 +8,7 @@ pub fn deploy_enclave(
     container_name_uuid: String,
     port_map: Vec<(u16, u16)>,
     hratls_pubkey: String,
+    app_resource: Resource,
 ) -> Result<i32> {
     let port_maping_string = port_map
         .iter()
@@ -18,10 +20,16 @@ pub fn deploy_enclave(
         "Deploying enclave: {:?} with hratls: {:?}",
         enclave_path, hratls_pubkey
     );
-    // TODO: docker limit resources
+
+    let memory_mb = app_resource.memory_mb;
+    let vcpu = app_resource.vcpu;
+    // TODO: docker limit disk space
+    // let disk_mb = app_resource.disk_mb;
+    // --storage-opt size={disk_mb}m
+
     let docker_deploy_str = format!(
-        r#"docker run -d --name {container_name_uuid} -v {enclave_path}:/enclave_package \
+        r#"docker run -d --name {container_name_uuid} --memory={memory_mb}m --cpus={vcpu} \
-        --device /dev/sgx/enclave --device /dev/sgx/provision \
+        -v {enclave_path}:/enclave_package --device /dev/sgx/enclave --device /dev/sgx/provision \
         {port_maping_string} noormohammedb/occlum-enclave:v1 {hratls_pubkey}"#
     );
 

src/data.rs

@@ -127,6 +127,7 @@ impl App {
             app_name.clone(),
             mapped_ports.clone(),
             new_app_req.hratls_pubkey,
+            new_app_req.resource.clone(),
         )?;
 
         if exit_code != 0 {