Sorry, you need to enable JavaScript to visit this website.

Description

The Linux* Stacks for Intel® Software Guard Extensions (Intel® SGX) for 3rd Generation Intel® Xeon® Scalable Processors (codename Ice Lake), provide fully automated deployment through Ansible* playbooks and roles. The project includes the Linux Container Stack and the Linux Virtualization Stack to support bare metal and cloud use cases. 

The Virtualization Stack is a KVM-based virtualization environment to run an Intel SGX enclave workload in a VM guest. The Libvirt/QEMU components act as the orchestrator.

The Containers Stack is a container-based Kubernetes* environment to run an Intel SGX enclave workload in a container. Kubernetes is the orchestrator for the Intel SGX device plugin.

 

Diagram of Linux Stacks for Intel SGX.

 

All software components are based on Open Source licensed software, installed from the public DNF repository.

 

Maintainers

Related Projects