The current behavior of the nitro-enclaves-allocator script is to allocate the largest possible page first, then move on to smaller pages as necessary. While this generally makes sense, it can result in over-allocation of memory when you want to run multiple enclaves on a single node.
For example, if I want to allocate 2GB of memory for huge pages, the allocator will allocate 2 1GB pages. However, now if I'm using Kubernetes and want to schedule one pod that uses 1.5GB of memory and another of 500MB, I am unable to unless I request more memory than needed.
It would be wonderful if the max page size could be controlled via the allocator.yaml config. Even better would be fine-grained control over how many of each page size to allocate.
The current behavior of the
nitro-enclaves-allocatorscript is to allocate the largest possible page first, then move on to smaller pages as necessary. While this generally makes sense, it can result in over-allocation of memory when you want to run multiple enclaves on a single node.For example, if I want to allocate 2GB of memory for huge pages, the allocator will allocate 2 1GB pages. However, now if I'm using Kubernetes and want to schedule one pod that uses 1.5GB of memory and another of 500MB, I am unable to unless I request more memory than needed.
It would be wonderful if the max page size could be controlled via the
allocator.yamlconfig. Even better would be fine-grained control over how many of each page size to allocate.