Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multiple run-enclave calls fail when called simultaneously #516

Open
jasperpatterson opened this issue Jul 25, 2023 · 0 comments
Open

Multiple run-enclave calls fail when called simultaneously #516

jasperpatterson opened this issue Jul 25, 2023 · 0 comments

Comments

@jasperpatterson
Copy link

When trying to make multiple nitro-cli run-enclave commands simultaneously, I've found only one will succeed.

To reproduce, run the following command, substituting your EIF path:

nitro-cli run-enclave --cpu-count 2 --memory 2048 --eif-path "/path/to/your/app.eif" & nitro-cli run-enclave --cpu-count 2 --memory 2048 --eif-path "/path/to/your/app.eif"

The result is only one of the enclaves running, while any additional ones fail with E36/E39 errors:

Start allocating memory...
Start allocating memory...
[ E36 ] Enclave boot failure. Such error appears when attempting to receive the `ready` signal from a freshly booted enclave. It arises in several contexts, for instance, when the enclave is booted from an invalid EIF file and the enclave process immediately exits, failing to submit the `ready` signal. In this case, the error backtrace provides detailed information on what specifically failed during the enclave boot process.

For more details, please visit https://docs.aws.amazon.com/enclaves/latest/user/cli-errors.html#E36

If you open a support ticket, please provide the error log found at "/var/log/nitro_enclaves/err2023-07-25T17:09:51.827350506+00:00.log"
Failed connections: 1
[ E39 ] Enclave process connection failure. Such error appears when the enclave manager fails to connect to at least one enclave process for retrieving the description information.

For more details, please visit https://docs.aws.amazon.com/enclaves/latest/user/cli-errors.html#E39

If you open a support ticket, please provide the error log found at "/var/log/nitro_enclaves/err2023-07-25T17:09:51.827768135+00:00.log"
Started enclave with enclave-cid: 109, memory: 2048 MiB, cpu-ids: [1, 9]
{
  "EnclaveName": "app",
  "EnclaveID": "i-04f29a3d3b079a4b8-enc1898e075143e130",
  "ProcessID": 499098,
  "EnclaveCID": 109,
  "NumberOfCPUs": 2,
  "CPUIDs": [
	1,
	9
  ],
  "MemoryMiB": 2048
}

Is this expected behaviour? I wasn't able to find any mention of this limitation in the documentation.

The real use-case where I'm running into simultaneous enclave runs is via a docker compose up command which results in multiple Docker containers trying to start an enclave.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jasperpatterson