60 lines
1.7 KiB
Rust
60 lines
1.7 KiB
Rust
use anyhow::{anyhow, Result};
|
|
use detee_shared::sgx::types::brain::Resource;
|
|
use log::info;
|
|
use std::process::Command;
|
|
|
|
pub fn deploy_enclave(
|
|
enclave_path: &str,
|
|
container_name_uuid: String,
|
|
port_map: Vec<(u16, u16)>,
|
|
hratls_pubkey: String,
|
|
app_resource: Resource,
|
|
) -> Result<i32> {
|
|
let port_maping_string = port_map
|
|
.iter()
|
|
.map(|(host, container)| format!("-p {host}:{container}"))
|
|
.collect::<Vec<_>>()
|
|
.join(" ");
|
|
|
|
info!(
|
|
"Deploying enclave: {:?} with hratls: {:?}",
|
|
enclave_path, hratls_pubkey
|
|
);
|
|
|
|
let memory_mb = app_resource.memory_mb;
|
|
let vcpu = app_resource.vcpu;
|
|
// TODO: docker limit disk space
|
|
// let disk_mb = app_resource.disk_mb;
|
|
// --storage-opt size={disk_mb}m
|
|
|
|
let docker_deploy_str = format!(
|
|
"docker run -d --restart unless-stopped --name {container_name_uuid} --memory={memory_mb}m --cpus={vcpu} \
|
|
-v {enclave_path}:/enclave_package --device /dev/sgx/enclave --device /dev/sgx/provision \
|
|
{port_maping_string} noormohammedb/occlum-enclave:v1 {hratls_pubkey}"
|
|
);
|
|
|
|
let mut child = Command::new("sh")
|
|
.arg("-c")
|
|
.arg(docker_deploy_str)
|
|
.spawn()?;
|
|
|
|
let exit = child.wait()?;
|
|
let exit_code = exit
|
|
.code()
|
|
.ok_or(anyhow!("No exit code, process terminated by a signal"))?;
|
|
|
|
Ok(exit_code)
|
|
}
|
|
|
|
pub fn delete_enclave(app_name_uuid: String) -> Result<()> {
|
|
info!("Deleting enclave: {:?}", &app_name_uuid);
|
|
let docker_rm_str = format!(r#"docker container rm -f {app_name_uuid}"#);
|
|
let _ = Command::new("sh")
|
|
.arg("-c")
|
|
.arg(docker_rm_str)
|
|
.spawn()?
|
|
.wait()?;
|
|
|
|
Ok(())
|
|
}
|