Add govet-fieldalignment to .golangci.yml
Fix errors that come from adding govet-fieldalignment
- by reordering the fields of structs
- by putting nolint:govet annotations
Signed-off-by: Hyeongju Johannes Lee <hyeongju.lee@intel.com>
Decouple the default enclaveLimit/provisionLimit from core count. With
this change, the default limit is constant and it can be made relative
to core count by setting PODS_PER_CORE multiplier via env variable.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
The SGX device nodes have changed from /dev/sgx/[enclave|provision]
to /dev/sgx_[enclave|provision] in v4x RFC patches according to the
LKML feedback.
This changes moves to use the new device nodes. Backwards compatibility
is provided by adding /dev/sgx directory mount to containers. This
assumes the cluster admin has installed the udev rules provided in the
README to make the old device nodes as symlinks to the new device nodes.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
The SGX plugin exposes two device files as separate resources:
* /dev/sgx/enclave as sgx.intel.com/enclave
* /dev/sgx/provision as sgx.intel.com/provision
The number of resources is configurable, but it's intended to be equal
to the pod count by default, so that any pod requiring access would have
it. The access control (who can do SGX remote attestation) is done
outside this plugin.
Signed-off-by: Ismo Puustinen <ismo.puustinen@intel.com>
