Closed raindust closed 1 year ago
meerd
commented
1 year ago Hello @raindust,
Yes, the PTP device (/dev/ptp0) can be used to synchronize the enclave's clock. NTP daemons (such as chrony) may quickly help with this if /dev/ptp0 is configured as the PTP source clock.
maayank
commented
1 month ago I would just like to note that since the PTP device is only supported on some regions[1] we (at another company, not related to OP) ended up using the "IP" based Amazon time server (and not the ptp device) proxied over vsock. @meerd @raindust
[1] "Supported AWS Regions: US East (N. Virginia) and Asia Pacific (Tokyo)", https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html
I ran some EC2 instances with nitro and found one faster (about 3 seconds) than the others if I get the current time from the clock inside the nitro. All instances enabled AWS NTP(Network Time Protocol)time services in the parent instance client.
Can I update the clock inside the enclave to solve the problem above? Can I use PTP (Precision Time Protocol) time service inside the enclaves?