Skip to main content

Step 1: Build an enclave image with ollama configured for llama2

Step 1.1: Set up repository

Clone the ollama_oyster_setup repository and navigate to it using

git clone https://github.com/marlinprotocol/ollama_oyster_setup && cd ollama_oyster_setup

Step 1.2: Set up build environment

Spin up a new Docker container based on our nitro-cli image and mount the current directory using

sudo docker run --rm --privileged --name nitro-cli -v `pwd`:/ollama_oyster_setup marlinorg/nitro-cli

Keep this terminal open till end of this page.

In a new terminal, run

sudo docker exec -it nitro-cli sh

You now have a shell with docker and nitro-cli available where you can bulid enclave images. Navigate to the directory with the setup repo using

cd /ollama_oyster_setup

Step 1.3: Build the enclave image

In the shell opened in step 1.2, first build a docker image using

docker image build -t enclave:latest .

Then build an enclave image using

nitro-cli build-enclave --docker-uri enclave:latest --output-file enclave.eif
info

The build-enclave command sometimes errors out the first time it is run. Simply repeating it again should make it work again.

info

The build command works only for docker images that are less than 1 GB in size due to a limitation in nitro-cli. To get around this limit, the repository installs ollama at image build time, but downloads the llama2 model only at runtime.

The command will create enclave.eif which is the enclave image file and will print measurements which should look something like

{
  "Measurements": {
    "HashAlgorithm": "Sha384 { ... }",
    "PCR0": "........",
    "PCR1": "........",
    "PCR2": "........"
  }
}

These measurements uniquely identify your enclave image and can be used to verify that the operator is running an exact copy of your image.