@mssun Alternatively, we can ask user to create a bind volume using the following command if they don't use containerized aesmd service. ``` docker volume create --driver local \ --opt type=none \ --opt device= /var/run/aesmd\ --opt o=bind aesmd-socket ```
In addition, It is already provided as containerized way to use aesmd service (https://github.com/intel/linux-sgx/blob/6b8d2d14d0daf8ed421165eb3347e7ee15bbf9d0/docker/build/Dockerfile#L65), the end user could just directly run the script `linux-sgx/docker/build/build_and_run_aesm_docker.sh` (https://github.com/intel/linux-sgx/blob/master/docker/build/build_and_run_aesm_docker.sh#L41) to start aesmd service, so we can rely on it to serve the SGX related requests from Teaclave, just need to mount `aesmd-socket` volume in such way to avoid possible conflict with host aesmd service. thanks. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave/issues/553#issuecomment-920101869
