Persistent Storage

This section describes how to setup the persistent storage for a Nitro Enclave running in the Anjuna Nitro Runtime.

Bind mounts

Bind mounts allow binding a file or a directory and its contents from the parent host into an enclave. This page describes the steps required to setup a bind mount.

Setup the bind mount on the parent host. Note that rootdir must be changed to the directory you want to bind into the enclave.

anjuna-fs-proxy --daemonize --anjunafs-rootdir [rootdir]

Create an enclave configuration file with that bind mount:

version: 1.3

# define volume mounts for this enclave
mounts:

# name of the bind mapping
# host must include a file or directory with the same name inside rootdir
- name: app-data

  # 'basic' is the bind mount type
  type: basic

  # path to mount to inside the enclave
  mountPath: /shared/app-data

Using this example, the host can mount the directory /home/example/data/ as the rootdir, and within the root directory it should have a file or a directory named app-data. app-data would be bind mounted to the path /shared/app-data inside the enclave.