anjuna-fs-proxy
A daemon that provides an Anjuna Nitro enclave access to basic
mount volumes on the parent
instance filesystem for persistent storage.
DESCRIPTION
anjuna-fs-proxy
must be run prior to starting an enclave with one or more basic
volumes
defined in its configuration.
The anjuna-fs-proxy
daemon mounts a directory on the parent instance filesystem to one or more
mount points inside the enclave.
The enclave can read and write to these mount points using normal filesystem operations.
For an enclave using basic
mounts to work properly,
it is important to run anjuna-fs-proxy
before starting the enclave.
In order to clean up resources when you terminate an enclave,
you should kill the anjuna-fs-proxy
after terminating an enclave.
When restarting an enclave,
it is important to stop and start anjuna-fs-proxy as described above.
|
The enclave may fail to detect the anjuna-fs-proxy if you run run-enclave immediately
after running anjuna-fs-proxy due to a known race condition. For now,
you can add a three-second delay between the two commands using sleep 3 .
This behavior will be fixed in a future release.
|
OPTIONS
Usage: anjuna-fs-proxy [Options] Options: --daemonize Run it as daemon (default: off) --verbose log debug message (default: off) --syslog log debug messages in syslog (default: off) --anjunafs-rootdir the root directory from where the anjunafs read the unencrypted files --enclave-name name of the enclave (default: “enclave”)
EXAMPLE
To use anjuna-fs-proxy
,
you also need to define the basic
-type mounts
in the enclave configuration file.
For example,
if you want to mount the files from /home/static
and /home/logs
into the enclave at
/shared/static
and /var/app/logs
,
you would add the following to your enclave configuration file:
mounts:
- name: static # the name within your anjunafs-rootdir
type: basic # anjuna-fs-proxy uses the `basic` type
mountPath: /shared/static # the path within your enclave
- name: logs
type: basic
mountPath: /var/app/logs
And you would start anjuna-fs-proxy
with the anjunafs-rootdir
like this:
$ anjuna-fs-proxy --daemonize --anjunafs-rootdir /home
When you have more than one enclave, you need to start one anjuna-fs-proxy
process
per enclave and use the --enclave-name
parameter. For example, if you have two enclaves
with the names of nginx
and postgres
and want them to share the same root directory,
use the following commands:
$ anjuna-fs-proxy --enclave-name nginx --daemonize --anjunafs-rootdir /home
$ anjuna-fs-proxy --enclave-name postgres --daemonize --anjunafs-rootdir /home