The Linux* Stacks for Intel® Software Guard Extensions (Intel® SGX) for 3rd Generation Intel® Xeon® Scalable Processors (codename Ice Lake), provide fully automated deployment through Ansible* playbooks and roles. The project includes the Linux Container Stack and the Linux Virtualization Stack to support bare metal and cloud use cases.
The Virtualization Stack is a KVM-based virtualization environment to run an Intel SGX enclave workload in a VM guest. The Libvirt/QEMU components act as the orchestrator.
The Containers Stack is a container-based Kubernetes* environment to run an Intel SGX enclave workload in a container. Kubernetes is the orchestrator for the Intel SGX device plugin.
All software components are based on Open Source licensed software, installed from the public DNF repository.