meerd
commented
1 year ago This is handled by the launch template created by the enclave setup command. The user data section of the launch template should contain the necessary commands. For instance, this is what I see in the EC2 Management Console:
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="==MYBOUNDARY=="
--==MYBOUNDARY==
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash -e
readonly NE_ALLOCATOR_SPEC_PATH="/etc/nitro_enclaves/allocator.yaml"
# Node resources that will be allocated for Nitro Enclaves
readonly CPU_COUNT=2
readonly MEMORY_MIB=768
# This step below is needed to install nitro-enclaves-allocator service.
amazon-linux-extras install aws-nitro-enclaves-cli -y
# Update enclave's allocator specification: allocator.yaml
sed -i "s/cpu_count:.*/cpu_count: $CPU_COUNT/g" $NE_ALLOCATOR_SPEC_PATH
sed -i "s/memory_mib:.*/memory_mib: $MEMORY_MIB/g" $NE_ALLOCATOR_SPEC_PATH
# Restart the nitro-enclaves-allocator service to take changes effect.
systemctl restart nitro-enclaves-allocator.service
echo "NE user data script has finished successfully."
--==MYBOUNDARY==To obtain the launch template id:
cat cluster_config.yamlThen, please go to
Instance > Launch Tempaltes > <your launch template id> > Advanced Details > User Data
Do you see similar user data created as per your configuration?
dpdornseifer
I need to manually login into the worker node and run these script to enable hupe page. Otherwise it will show errors.
sudo cat /proc/sys/vm/nr_hugepages sudo sysctl -w vm.nr_hugepages=2048 sudo echo "vm.nr_hugepages=2048" >> /etc/sysctl.conf reboot sudo cat /proc/sys/vm/nr_hugepages sudo grep Huge /proc/meminfo
Can you add this into the cloudformation as well?