From 5589b246d77113ca5373a0981f2a8920ce9fff0f Mon Sep 17 00:00:00 2001 From: Julio Montes Date: Fri, 18 Mar 2022 09:03:51 -0600 Subject: [PATCH] doc: update Intel SGX use cases document Installation section is not longer needed because of the latest default kata kernel supports Intel SGX. Include QEMU to the list of supported hypervisors. fixes #3911 Signed-off-by: Julio Montes (cherry picked from commit 24b29310b289fce67e434ab83e26d2d7c045b364) --- docs/use-cases/using-Intel-SGX-and-kata.md | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/docs/use-cases/using-Intel-SGX-and-kata.md b/docs/use-cases/using-Intel-SGX-and-kata.md index 5427331ed9..f45e3ed5bc 100644 --- a/docs/use-cases/using-Intel-SGX-and-kata.md +++ b/docs/use-cases/using-Intel-SGX-and-kata.md @@ -21,20 +21,7 @@ CONFIG_X86_SGX_KVM=y * [Intel SGX Kubernetes device plugin](https://github.com/intel/intel-device-plugins-for-kubernetes/tree/main/cmd/sgx_plugin#deploying-with-pre-built-images) > Note: Kata Containers supports creating VM sandboxes with IntelĀ® SGX enabled -> using [cloud-hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor/) VMM only. QEMU support is waiting to get the -> Intel SGX enabled QEMU upstream release. - -## Installation - -### Kata Containers Guest Kernel - -Follow the instructions to [setup](../../tools/packaging/kernel/README.md#setup-kernel-source-code) and [build](../../tools/packaging/kernel/README.md#build-the-kernel) the experimental guest kernel. Then, install as: - -```sh -$ sudo cp kata-linux-experimental-*/vmlinux /opt/kata/share/kata-containers/vmlinux.sgx -$ sudo sed -i 's|vmlinux.container|vmlinux.sgx|g' \ - /opt/kata/share/defaults/kata-containers/configuration-clh.toml -``` +> using [cloud-hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor/) and [QEMU](https://www.qemu.org/) VMMs only. ### Kata Containers Configuration @@ -48,6 +35,8 @@ to the `sandbox` are: `["io.katacontainers.*", "sgx.intel.com/epc"]`. With the following sample job deployed using `kubectl apply -f`: +> Note: Change the `runtimeClassName` option accordingly, only `kata-clh` and `kata-qemu` support IntelĀ® SGX. + ```yaml apiVersion: batch/v1 kind: Job