Host configuration

Provision the host

A host that supports Intel® SGX must be provisioned to run application using the Anjuna Runtime. One option is to use Packet, a bare-metal provider offering servers that support Intel® SGX.

Login to Packet

An account on Packet is required to provision an instance on this provider. A list of the bare-metal server options available to Packet is described here: https://www.packet.com/bare-metal/servers/

Select the Add New option

Assuming that an account was set up with Packet, a new host can be provisioned from the Packet dashboard.

_images/packet-net-add-new-server.png

Provide the server information

_images/packet-net-create-server.png
  • Hostname (any name, this is an internal name used only to identify your Packet instance).

  • Location: any location (preferably one that is geographically close to you) that offers the c1.small (Type1) host type (see below).

  • Type: You MUST select c1.small (Type1) as it uses an Intel® CPU that supports SGX (see https://www.packet.com/bare-metal/servers/ for available hardware)

  • OS: Ubuntu 16.04 LTS or Ubuntu 18.04 LTS

  • Provide some extra data to provision the newly created host. Select the SSH & USER DATA option and add the following user data (this will automatically provision an administrative users when the host is provisioned):

    #cloud-config
    users:
      - name: "anjuna-sgx"
        sudo: ALL=(ALL) NOPASSWD:ALL
        groups:
          - "sudo"
    
  • Select the “Deploy Server” option

Manual Setup of SGX on the host

If the host was setup with the proper cloud-config user-data as described above, the steps described in this section (which describe how to setup a host manually) can be skipped.

Basic host setup

  • Install Ubuntu 16.04/18.04 LTS: Desktop or Server are supported

  • Run apt update to get the latest version of the OS packages:

    $ sudo apt update
    

Create user

  • Create an administrative user that will be used to install the Intel® SGX Software Stack and the Anjuna Runtime. It needs administrator privileges to install various tools (compilers, libraries, etc…) and configure the host for SGX support. The Anjuna Runtime itself can run under any user on a system, but the installation procedure for the Anjuna Runtime requires administrator privileges.

    The following commands can be used to create such a user (replace the string <username> with the desired user name):

    $ sudo useradd -m <username>
    $ sudo passwd <username>
    $ sudo usermod -aG sudo <username>
    

    For example, if anjuna-sgx is the desired user name, the commands would be:

    $ sudo useradd -m anjuna-sgx
    $ sudo passwd anjuna-sgx
    $ sudo usermod -aG sudo anjuna-sgx