Can not start sudo systemctl start nitro-enclaves-allocator.service

Question

Can not start sudo systemctl start nitro-enclaves-allocator.service

nkartem opened this issue 2 years ago · 3 comments

nitro-cli --version
Nitro CLI 1.2.0

uname -a
Linux amazonlinux.onprem 4.14.285-215.501.amzn2.x86_64 #1 SMP Mon Jun 27 23:38:14 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

systemctl status nitro-enclaves-allocator.service
● nitro-enclaves-allocator.service - Nitro Enclaves Resource Allocator
Loaded: loaded (/usr/lib/systemd/system/nitro-enclaves-allocator.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2022-07-19 09:29:26 UTC; 1h 11min ago
Process: 12792 ExecStart=/usr/bin/nitro-enclaves-allocator (code=exited, status=1/FAILURE)
Main PID: 12792 (code=exited, status=1/FAILURE)

sudo systemctl status nitro-enclaves-allocator.service
● nitro-enclaves-allocator.service - Nitro Enclaves Resource Allocator
Loaded: loaded (/usr/lib/systemd/system/nitro-enclaves-allocator.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2022-07-19 09:29:26 UTC; 1h 11min ago
Process: 12792 ExecStart=/usr/bin/nitro-enclaves-allocator (code=exited, status=1/FAILURE)
Main PID: 12792 (code=exited, status=1/FAILURE)

Jul 19 09:29:26 amazonlinux.onprem systemd[1]: Starting Nitro Enclaves Resource Allocator...
Jul 19 09:29:26 amazonlinux.onprem nitro-enclaves-allocator[12792]: /usr/bin/nitro-enclaves-allocator: line 130: /sys/module/nitro_enclaves/parameters/ne_cpus: No such file or directory
Jul 19 09:29:26 amazonlinux.onprem nitro-enclaves-allocator[12792]: cat: .tmp_file: No such file or directory
Jul 19 09:29:26 amazonlinux.onprem nitro-enclaves-allocator[12792]: rm: cannot remove ‘.tmp_file’: No such file or directory
Jul 19 09:29:26 amazonlinux.onprem nitro-enclaves-allocator[12792]: Error: The CPU pool file is missing. Please make sure the Nitro Enclaves driver is inserted.
Jul 19 09:29:26 amazonlinux.onprem systemd[1]: nitro-enclaves-allocator.service: main process exited, code=exited, status=1/FAILURE
Jul 19 09:29:26 amazonlinux.onprem systemd[1]: Failed to start Nitro Enclaves Resource Allocator.
Jul 19 09:29:26 amazonlinux.onprem systemd[1]: Unit nitro-enclaves-allocator.service entered failed state.
Jul 19 09:29:26 amazonlinux.onprem systemd[1]: nitro-enclaves-allocator.service failed.

Answer 1 · 2022-07-19T10:59:11.000Z

Jul 19 09:29:26 amazonlinux.onprem nitro-enclaves-allocator[12792]: /usr/bin/nitro-enclaves-allocator: line 130: /sys/module/nitro_enclaves/parameters/ne_cpus: No such file or directory

Seems the nitro-enclave device driver is not up. Do you have an enclave-enabled EC2 instance as per the docs?

Answer 2 · 2022-07-19T11:06:39.000Z

not I tried to start on localhost

Answer 3 · 2022-07-19T11:11:44.000Z

It works only on instances which have the nitro-enclaves driver enabled.