search

apache / incubator-teaclave

Apache Teaclave (incubating) is an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple.
https://teaclave.apache.org
Apache License 2.0
765 stars 158 forks source link

Failed to start teaclave service #641

Closed andyzyb closed 2 years ago

andyzyb commented 2 years ago

I failed to start the teaclave services as below.

Looks only "teaclave-execution-service exited with code 1" means failure?

I haven't configured IAS, is that the reason?

/dev/isgx device detected. /var/run/aesmd/aesm.socket socket detected. Error: No such volume: aesmd-socket COMMAND: docker-compose -f docker-compose-ubuntu-1804.yml -f docker-compose-isgx-dev.override.yml -f docker-compose-aesm-socket.override.yml up Starting teaclave-storage-service ... done Starting teaclave-access-control-service ... done Starting teaclave-file-service ... done Starting teaclave-authentication-service ... done Starting teaclave-scheduler-service ... done Starting teaclave-execution-service ... done Starting teaclave-management-service ... done Starting teaclave-frontend-service ... done Attaching to teaclave-storage-service, teaclave-scheduler-service, teaclave-access-control-service, teaclave-execution-service, teaclave-management-service, teaclave-authentication-service, teaclave-file-service, teaclave-frontend-service teaclave-storage-service exited with code 0 teaclave-access-control-service exited with code 0 teaclave-scheduler-service exited with code 0 teaclave-execution-service exited with code 1 teaclave-authentication-service exited with code 0 teaclave-management-service exited with code 0 teaclave-frontend-service exited with code 0

qinkunbao commented 2 years ago

Hi Andy, thank you for using Apache Teaclave.

Yes, you cannot start the service without setting up attestation services unless you build Teaclave in the simulation mode (cmake -DSGX_SIM_MODE=ON -DTEST_MODE=ON ..).

You can run export TEACLAVE_LOG=info before starting the services. It will enable the logs and provide more info.

mssun commented 2 years ago

Looks only "teaclave-execution-service exited with code 1" means failure?

In this case, the exit code may not help.

Seems that you are building for SGX hardware mode. For this mode, the service need to communicate with an attestation service (IAS or DCAP service depends on your setup).

If you can provide more information like building process and server setups, that will be very helpful.

andyzyb commented 2 years ago

Thanks for the reply. I will try to set up the Attestation service.

andyzyb commented 2 years ago

@qinkunbao no lucky with IAS setup (is there any proxy setting to be considered), where can I find the log?

qinkunbao commented 2 years ago

@qinkunbao no lucky with IAS setup (is there any proxy setting to be considered), where can I find the log?

https://asciinema.org/a/9pStDa5jVGJegkAhXF1jZF74l

andyzyb commented 2 years ago

@qinkunbao thanks. Looks still a platform issue for attestation.