### Start Cocoon Client (Optional) Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Launches the Cocoon client component, which can be used to interact with the system during testing within TDX VMs with fake TON. ```bash # Terminal 3: Start client (optional) ./scripts/cocoon-launch --test --fake-ton scripts/client.conf ``` -------------------------------- ### Run All Cocoon Components Locally Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Starts all Cocoon components locally, including auto-building if necessary. This is useful for fast iteration and debugging without a VM or TON. ```bash # Start all components (auto-builds on first run) ./scripts/cocoon-launch --local-all # In another terminal: run benchmarks cd benchmark ./run-benchmark.sh -c 1 -n 10 ./run-benchmark.sh -c 2 -n 10 ``` -------------------------------- ### Start Cocoon Proxy in TDX VM Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Launches the Cocoon proxy component within a TDX VM using fake TON blockchain simulation. This is part of the testing setup for secure component execution. ```bash # Terminal 1: Start proxy (in TDX VM) ./scripts/cocoon-launch --test --fake-ton scripts/proxy.conf ``` -------------------------------- ### Testing with Real TON Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Instructions for running Cocoon tests using actual TON, requiring a TON config file and optional smart contract setup. ```APIDOC ## Use Case 3: Test Images with Real TON Without `--fake-ton`, real TON will be used. A TON config file (e.g., `spec/mainnet-full-ton-config.json`) is required and should be passed via `--ton-config `. For testing purposes, you may create your own root smart contract. Using `--test` options disables TDX hash checks, making proxy addresses (e.g., `127.0.0.1:11001 127.0.0.1:11002`) the most crucial part for worker and client connections. The creation of proxy, worker, and client smart contracts is handled automatically. **Note:** Testnet is not currently supported. Ensure you deposit TON into worker, client, and proxy accounts for testing. ``` -------------------------------- ### Start Seal-Server for Production Deployment (Bash) Source: https://github.com/telegrammessenger/cocoon/blob/main/scripts/dist-worker/README.md Starts the seal-server, which is essential for production deployments. It provides secure key derivation for TDX guests using an SGX enclave. This server must be running before workers are initialized and requires the exact enclave.so file from the distribution. ```bash # Start seal-server (keep it running) ./seal-server --enclave-path enclave.so ``` -------------------------------- ### Configure and Launch COCOON Worker (Production) Source: https://github.com/telegrammessenger/cocoon/blob/main/scripts/dist-worker/README.md Demonstrates the steps to configure and launch the COCOON worker in production mode. It involves copying an example configuration file, editing it, and then running the launch script. Requires the seal-server to be running. ```bash cp worker.conf.example worker.conf vim worker.conf # Edit with your settings (see inline comments for details) # Production mode (requires seal-server running) ./scripts/cocoon-launch worker.conf ``` -------------------------------- ### Health Client Tool Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Guide to using the `health-client` tool for detailed health monitoring of guest VM services via vsock. ```APIDOC ### Health Client The `health-client` tool queries guest VM service status and logs using vsock, offering deeper insights than HTTP stats. **Basic Usage:** ```bash # Using instance names (recommended) ./health-client --instance worker [args] ./health-client -i worker:3 [args] # Instance 3 # Using CID directly ./health-client --cid 6 [args] ``` **Instance Types and CID Patterns:** - `worker` (`w`): CIDs 6, 16, 26, ... - `proxy` (`p`): CIDs 7, 17, 27, ... - `client` (`c`): CIDs 4, 14, 24, ... **Available Commands:** - `status [service]`: Overall health and service status. - `sys`: System metrics (CPU, memory, disk, network). - `svc `: Detailed service info with recent logs. - `logs [lines]`: Service logs (default 100 lines). - `tdx`: TDX attestation status (image hash + RTMRs). - `gpu`: GPU metrics (utilization, memory, temp, power). - `all`: All metrics combined. **Monitored Services:** - `cocoon-worker-runner` - `cocoon-proxy-runner` - `cocoon-vllm` - `nvidia-tdx` **Common Examples:** ```bash # Check overall worker health ./health-client --instance worker status # View GPU metrics for worker instance 0 ./health-client -i worker gpu # View logs for cocoon-vllm service on worker instance 1 (last 200 lines) ./health-client -i worker:1 logs cocoon-vllm 200 ``` ``` -------------------------------- ### Build Cocoon Binaries with cocoon-launch Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Uses the `cocoon-launch` script to automatically initialize CMake and build the project's binaries. This is a convenient way to build for quick iteration. ```bash ./scripts/cocoon-launch --build-dir --just-build ``` -------------------------------- ### Start Cocoon Worker in TDX VM with GPU Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Launches the Cocoon worker component within a TDX VM, enabling GPU usage for AI inference. Requires setting the Hugging Face token for model downloads. ```bash # Terminal 2: Start worker (in TDX VM, with GPU) export HF_TOKEN=hf_... # For model download ./scripts/cocoon-launch --test --fake-ton --gpu 0000:01:00.0 scripts/worker.conf ``` -------------------------------- ### Production Deployment Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Steps for deploying Cocoon in a production environment, including running the `seal-server` and understanding differences from test deployments. ```APIDOC ## Use Case 4: Production Deployment Execute `./cocoon-launch` for production deployment. It is recommended to run this from a downloaded archive to avoid rebuilding components. Additionally, you must run the `seal-server`: ```bash ./seal-server --enclave-path enclave.so ``` The `enclave.so` file must be identical to the one from the archive. This is essential for sealing the key within the TDX guest, allowing it to communicate with `seal-server` for machine-specific key generation. Without `seal-server`, `cocoon-init` will fail. Key differences from test deployment include the inability to access the guest via SSH and the verification of hashes by parties. ``` -------------------------------- ### Clone Cocoon Repository and Initialize Build Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Clones the Cocoon Git repository with submodules and prepares the build environment using CMake. The `cocoon-launch` script handles CMake initialization and building. ```bash git clone --recursive https://github.com/cocoon/cocoon cd cocoon ``` -------------------------------- ### Start COCOON Seal Server Source: https://github.com/telegrammessenger/cocoon/blob/main/scripts/dist-worker/README.md Starts the COCOON seal-server, which is essential for production environments. It requires the signed enclave binary. This command should be run in a separate terminal as it needs to remain active. ```bash # In a separate terminal, run seal-server ./bin/seal-server --enclave-path ./bin/enclave.signed.so ``` -------------------------------- ### Example COCOON Worker Configuration Source: https://context7.com/telegrammessenger/cocoon/llms.txt Provides an example of the `worker.conf` file for a COCOON worker node. It includes essential configurations such as the owner address, the worker's private key, TON configuration file path, and the root contract address. ```bash # Example worker.conf with wallet configuration cat > worker.conf < benchmark/test_inference.py <:: ``` -------------------------------- ### Prepare COCOON Worker Distribution Package Source: https://context7.com/telegrammessenger/cocoon/llms.txt Generates a distribution package for COCOON workers, including pre-built binaries, TDX images, configuration templates, and setup scripts. ```bash # Generate worker distribution package ./scripts/prepare-worker-dist ../cocoon-worker-dist # Creates distribution with: # - Pre-built binaries (runners, seal-server, router) # - TDX images # - Configuration templates # - Setup scripts # Outputs to ../cocoon-worker-dist/ ``` -------------------------------- ### Manual CMake Build Configuration for Cocoon Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Manually configures the build process for Cocoon using CMake with specific build type and feature flags. This provides fine-grained control over the build. ```bash mkdir build && cd buildcmake -GNinja \ -DCMAKE_BUILD_TYPE=RelWithDebInfo \ -DBUILD_SHARED_LIBS=OFF \ -DTON_USE_JEMALLOC=ON \ -DTON_USE_ABSEIL=OFF \ -DTON_ONLY_TONLIB=ON \ -DTON_USE_ROCKSDB=ON \ .. cmake --build . -j$(nproc) ``` -------------------------------- ### CMake Option for Installation Source: https://github.com/telegrammessenger/cocoon/blob/main/tdport/CMakeLists.txt Defines a build option to control whether the library should be installed. Defaults to ON, meaning installation is enabled unless explicitly turned off during the CMake configuration step. ```cmake option(TDNET_ENABLE_INSTALL "Enable installation of the library." ON) ``` -------------------------------- ### Install Static Library Source: https://github.com/telegrammessenger/cocoon/blob/main/tdport/CMakeLists.txt Configures the installation of the 'tdnet_ported' static library if the 'TDNET_ENABLE_INSTALL' option is enabled. It specifies the destination directories for the library and archive files based on CMAKE_INSTALL_LIBDIR. ```cmake if (TDNET_ENABLE_INSTALL) install(TARGETS tdnet_ported EXPORT TdStaticTargets LIBRARY DESTINATION "${CMAKE_INSTALL_LIBDIR}" ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}" ) endif() ``` -------------------------------- ### Query System Information with CID using health-client Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md This command queries the system information for a specific worker instance identified by its CID. It utilizes the health-client tool and requires the CID as an argument. ```bash ./health-client --cid 16 sys ``` -------------------------------- ### CMake Version Check and Installation Option Source: https://github.com/telegrammessenger/cocoon/blob/main/tee/CMakeLists.txt Ensures the minimum required CMake version (3.10) is used and sets an option to enable or disable library installation. The FATAL_ERROR message halts the build if the CMake version is insufficient. The option defaults to ON, meaning installation is enabled by default. ```cmake if ((CMAKE_MAJOR_VERSION LESS 3) OR (CMAKE_VERSION VERSION_LESS "3.10")) message(FATAL_ERROR "CMake >= 3.10 is required") endif() option(TDCOCOON_ENABLE_INSTALL "Enable installation of the library." ON) if (NOT DEFINED CMAKE_INSTALL_LIBDIR) set(CMAKE_INSTALL_LIBDIR "lib") endif() ``` -------------------------------- ### Basic CMake Project Setup Source: https://github.com/telegrammessenger/cocoon/blob/main/CMakeLists.txt Initializes the CMake project, setting the minimum required version and project name with version. It also configures position-independent code, which is essential for shared libraries. ```cmake cmake_minimum_required(VERSION 3.16 FATAL_ERROR) project(COCOON VERSION 0.5 LANGUAGES C CXX) set(CMAKE_POSITION_INDEPENDENT_CODE ON) ``` -------------------------------- ### Launch COCOON Worker with Overridden Options Source: https://github.com/telegrammessenger/cocoon/blob/main/scripts/dist-worker/README.md Shows how to launch the COCOON worker while overriding configuration options directly via command-line arguments. This allows for dynamic adjustments to instance, worker coefficient, and model. ```bash ./scripts/cocoon-launch --instance 1 --worker-coefficient 2000 --model Qwen/Qwen3-0.6B worker.conf ``` -------------------------------- ### Download and Extract COCOON Worker Source: https://github.com/telegrammessenger/cocoon/blob/main/scripts/dist-worker/README.md This snippet shows how to download the latest COCOON worker distribution using wget and extract it using tar. It then navigates into the extracted directory. ```bash wget https://ci.cocoon.org/cocoon-worker-release-latest.tar.xz tar xzf cocoon-worker-release-latest.tar.xz cd cocoon-worker-release-latest ``` -------------------------------- ### Query GPU Information with CID using health-client Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md This command queries the GPU information for a specific worker instance identified by its CID. It utilizes the health-client tool and requires the CID as an argument. ```bash ./health-client --cid 16 gpu ``` -------------------------------- ### HTTP Stats Endpoints Source: https://github.com/telegrammessenger/cocoon/blob/main/docs/deployment.md Details on accessing and interpreting HTTP statistics provided by Cocoon instances for monitoring. ```APIDOC ### HTTP Stats HTTP statistics are available on specific ports for client, proxy, and worker instances. For additional instances, multiply the instance number by 10 and add it to the base port. - **Client:** Port 10000 - **Proxy:** Port 11000 - **Worker:** Port 12000 **Available Endpoints:** - `/stats`: Provides human-readable statistics. - `/jsonstats`: Provides statistics in JSON format. - `/perf`: Shows current performance statistics. **Example Usage:** ```bash # Worker instance 0 curl http://localhost:12000/stats # Worker instance 1 curl http://localhost:12010/jsonstats ``` ``` -------------------------------- ### Generate RA-TLS Router Configuration (Bash) Source: https://context7.com/telegrammessenger/cocoon/llms.txt Generates an example JSON configuration file for the RA-TLS router. This file can be customized and then used to configure the router's behavior, including policies and proxy settings. ```bash # Generate example config ./router --generate-config > router.json ``` -------------------------------- ### Launch Multiple COCOON Workers Source: https://github.com/telegrammessenger/cocoon/blob/main/scripts/dist-worker/README.md Illustrates how to run multiple COCOON workers concurrently on the same machine, typically one per GPU. Each worker is assigned a unique instance number and specified GPU. ```bash # Worker 1 on GPU 0 ./scripts/cocoon-launch --instance 0 --gpu 0000:01:00.0 worker.conf & # Worker 2 on GPU 1 ./scripts/cocoon-launch --instance 1 --gpu 0000:41:00.0 worker.conf & ``` -------------------------------- ### Use JSON Configuration File for RA-TLS Router (Bash) Source: https://context7.com/telegrammessenger/cocoon/llms.txt Loads and applies router configurations from a JSON file. This method allows for declarative management of proxy settings, policies, and certificates, simplifying complex setups. ```bash cat > router.json <) target_include_directories(cocoon PUBLIC $/..) target_include_directories(cocoon PUBLIC $) target_include_directories(cocoon PUBLIC $) ``` -------------------------------- ### GPU PCI Address Identification Source: https://github.com/telegrammessenger/cocoon/blob/main/scripts/dist-worker/README.md This command is used to identify the PCI address of NVIDIA GPUs installed on the system, which is required for the `gpu` configuration option in `worker.conf`. ```bash lspci | grep -i nvidia ``` -------------------------------- ### Set Default Installation Directory Source: https://github.com/telegrammessenger/cocoon/blob/main/tdport/CMakeLists.txt Sets the default installation directory for libraries if it's not already defined. This ensures a consistent installation path across different build configurations. ```cmake if (NOT DEFINED CMAKE_INSTALL_LIBDIR) set(CMAKE_INSTALL_LIBDIR "lib") endif() ``` -------------------------------- ### Build Production TDX Image (Bash) Source: https://context7.com/telegrammessenger/cocoon/llms.txt Builds a production-ready TDX VM image. This process involves compiling necessary components and outputs a set of files including firmware, kernel, initrd, command line, and a hash of the image components. The build can take a significant amount of time. ```bash # Build production image (takes 10-30 minutes, ~2GB output) ./scripts/build-image prod ``` -------------------------------- ### Worker Deployment and Configuration Source: https://context7.com/telegrammessenger/cocoon/llms.txt Instructions and configuration details for deploying and launching a COCOON worker to serve AI models. ```APIDOC ## Worker Deployment and Configuration Configure and deploy a COCOON worker to serve AI models and earn TON cryptocurrency. ### Download and Extract Worker ```bash # Download and extract worker distribution wget https://ci.cocoon.org/cocoon-worker-release-latest.tar.xz tar xzf cocoon-worker-release-latest.tar.xz cd cocoon-worker-release-latest ``` ### Start Seal Server ```bash # Start seal-server (required for production, provides secure key derivation) ./bin/seal-server --enclave-path ./bin/enclave.signed.so & ``` ### Worker Configuration File (`worker.conf`) Create a configuration file for the worker. ```bash cat > worker.conf < /dev/null # Generate a list of files to include, excluding .git, runtime/, and potential spec metadata files # git ls-files --cached --exclude-standard can be used, but git archive is more direct for tarring. # Create a temporary tarball of the source directory, respecting .gitignore temp_tar="$(mktemp)" git archive --format=tar --output="$temp_tar" HEAD # Extract the tarball to a staging directory within the SPEC_OUT directory # We'll then filter out unwanted files and process the rest. staging_dir="${SPEC_OUT}/staging_area" mkdir -p "$staging_dir" tar -xf "$temp_tar" -C "$staging_dir" # --- Process extracted files --- # Define files/dirs to exclude from hashing and copying to the final spec structure EXCLUDE_PATTERNS=( ".git" "runtime/" "spec.tree" "spec.meta" "*.spec.tree" "*.spec.meta" ) # Use find to process files, normalize permissions, and copy them find "$staging_dir" -type f -print0 | while IFS= read -r -d $'\0' file; do relative_path="${file#$staging_dir/}" skip=0 # Check against exclude patterns for pattern in "${EXCLUDE_PATTERNS[@]}"; do if [[ "$relative_path" == $pattern ]]; then skip=1 break fi done if [ "$skip" -eq 0 ]; then # Normalize permissions (644 for files) chmod 644 "$file" # Copy to the final destination cp "$file" "$SPEC_OUT/" fi done # Process directories: normalize permissions for directories (755) find "$staging_dir" -type d -print0 | while IFS= read -r -d $'\0' dir; do relative_path="${dir#$staging_dir/}" skip=0 # Check against exclude patterns for directories for pattern in "${EXCLUDE_PATTERNS[@]}"; do if [[ "$relative_path" == $pattern ]]; then skip=1 break fi done if [ "$skip" -eq 0 ]; then # Normalize permissions (755 for directories) chmod 755 "$dir" # Ensure directory exists in the output, if it was not created by copying files into it mkdir -p "$SPEC_OUT/$relative_path" fi done # --- Copy runtime/ directory as-is --- if [ -d "$SRC_DIR/runtime" ]; then cp -R "$SRC_DIR/runtime" "$SPEC_OUT/" # Ensure runtime directory itself has correct permissions if it wasn't handled by find above chmod 755 "$SPEC_OUT/runtime" fi # Clean up staging area and temp tarball rm -rf "$staging_dir" rm "$temp_tar" popd > /dev/null # --- Calculate SHA-256 hash of the copied content --- # We need to ensure the order of files is deterministic. Sorting helps. # We will tar the content of SPEC_OUT (excluding runtime/ and metadata files) and hash the tarball. content_tar="$(mktemp)" find "$SPEC_OUT" -maxdepth 1 -type f -not -name 'spec.tree' -not -name 'spec.meta' -print0 | sort -z | xargs -0 tar -cf "$content_tar" # Calculate SHA-256 hash spec_hash=$(sha256sum "$content_tar" | awk '{print $1}') # Create spec.tree file echo "$spec_hash" > "$SPEC_OUT/spec.tree" # --- Create spec.meta file --- cat << EOF > "$SPEC_OUT/spec.meta" { "timestamp": "$(date -u +%Y-%m-%dT%H:%M:%SZ)", "source_dir": "$(realpath "$SRC_DIR")", "hash_algorithm": "sha256", "content_hash": "$spec_hash" } EOF # Clean up temporary tarball rm "$content_tar" echo "Spec prepared successfully in '$SPEC_OUT' with hash: $spec_hash" exit 0 ``` -------------------------------- ### Prepare Cross-Compiling Target Source: https://github.com/telegrammessenger/cocoon/blob/main/CMakeLists.txt Creates a custom target 'prepare_cross_compiling_cocoon' that depends on other targets required for cross-compilation setup. This target is only added if cross-compiling is not detected. ```cmake if (NOT CMAKE_CROSSCOMPILING) if (TDUTILS_MIME_TYPE) set(TDMIME_AUTO tdmime_auto) endif() add_custom_target(prepare_cross_compiling_cocoon DEPENDS tl_generate_common cocoon_tl_generate_common ${TDMIME_AUTO}) endif() ``` -------------------------------- ### Deploy and Configure COCOON Worker (Bash) Source: https://context7.com/telegrammessenger/cocoon/llms.txt Steps to download, extract, and configure a COCOON worker for AI inference. This includes setting up the seal-server, defining worker configurations in `worker.conf`, and launching the worker in production or test modes. It covers overriding configurations and running multiple workers. ```bash # Download and extract worker distribution wget https://ci.cocoon.org/cocoon-worker-release-latest.tar.xz tar xzf cocoon-worker-release-latest.tar.xz cd cocoon-worker-release-latest # Start seal-server (required for production, provides secure key derivation) ./bin/seal-server --enclave-path ./bin/enclave.signed.so & # Create worker configuration cat > worker.conf < -out enclave.signed.so DEPENDS enclave Enclave_private.pem Enclave.config.xml COMMENT "Signing enclave" ) add_custom_target(enclave-sign ALL DEPENDS enclave.signed.so) ``` -------------------------------- ### Build COCOON Images Source: https://context7.com/telegrammessenger/cocoon/llms.txt Scripts to build test and model images for the COCOON project. The test image includes SSH access and debug tools. The model image is built with dm-verity verification and downloads models from Hugging Face, outputting tar archives and hash files. ```bash # Build test image (includes SSH access and debug tools) ./scripts/build-image test # Outputs to images/test/ ``` ```bash # Build model image with dm-verity verification ./scripts/build-model Qwen/Qwen3-0.6B # Downloads model from Hugging Face # Creates tar archive with dm-verity hashing # Outputs: # - images/Qwen_Qwen3_0_6B.tar # - images/Qwen_Qwen3_0_6B.verity (dm-verity hash tree) # - images/Qwen_Qwen3_0_6B.hash (root hash) # Prints: Qwen/Qwen3-0.6B:abc123def456 /path/to/tar # (model_name:commit:verity_hash path) ``` -------------------------------- ### Library Creation and Dependencies Source: https://github.com/telegrammessenger/cocoon/blob/main/CMakeLists.txt Creates a static library named 'git' from the post-configure file and sets public include directories. It also establishes a build dependency on a target named 'check_git'. ```cmake # Create a library out of the compiled post-configure file. add_library(git STATIC ${POST_CONFIGURE_FILE}) target_include_directories(git PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}) add_dependencies(git check_git) ``` -------------------------------- ### CMake Module Path Setup Source: https://github.com/telegrammessenger/cocoon/blob/main/CMakeLists.txt Adds the 'CMake' subdirectory of the current source directory to the CMake module path. This allows CMake to find custom modules located within the project's 'CMake' folder. ```cmake message("Add cocoon") set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/CMake" ${CMAKE_MODULE_PATH}) ``` -------------------------------- ### Retrieve Available Models (Python) Source: https://context7.com/telegrammessenger/cocoon/llms.txt Fetches a list of available models from the API endpoint using a GET request. The response is a JSON object containing a list of model details. ```python models_response = requests.get(f"{endpoint}/v1/models") models = models_response.json() ``` -------------------------------- ### Create Sync Time Utility Executable Source: https://github.com/telegrammessenger/cocoon/blob/main/CMakeLists.txt Defines the 'sync-time' executable, which is a utility for synchronizing time. It lists its source file and links it with the 'cocoon_common' library. ```cmake # Sync time utility add_executable(sync-time runners/utils/sync_time.cpp ) target_link_libraries(sync-time PRIVATE cocoon_common ) ``` -------------------------------- ### Build SGX Enclave Library (CMake) Source: https://github.com/telegrammessenger/cocoon/blob/main/tee/sgx-enclave/CMakeLists.txt This CMake configuration defines how to build the SGX enclave as a shared library. It specifies compilation options such as architecture (-m64), optimization level (-O2), and visibility control. It also sets up include directories and links against necessary SGX libraries and runtime components for trusted execution. ```cmake add_library(enclave SHARED Enclave.cpp Enclave_t.c) target_compile_options(enclave PRIVATE -m64 -O2 -DNDEBUG -DEDEBUG -nostdinc -nostdinc++ -fvisibility=hidden -fpie -fstack-protector-strong) target_include_directories(enclave PRIVATE ${CMAKE_CURRENT_BINARY_DIR} ${SGX_PATH}/include ${SGX_PATH}/include/tlibc ${SGX_PATH}/include/libcxx) target_link_libraries(enclave "-m64 -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L${SGX_LIB} -Wl,--whole-archive -lsgx_trts -Wl,--no-whole-archive -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -lsgx_tkey_exchange -lsgx_tcrypto -lsgx_tservice -Wl,--end-group -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined -Wl,-pie,-eenclave_entry -Wl,--export-dynamic -Wl,--version-script=${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds -Wl,--defsym,__ImageBase=0") set_target_properties(enclave PROPERTIES LINK_DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/Enclave.lds ENABLE_EXPORTS OFF LINK_WHAT_YOU_USE OFF) ``` -------------------------------- ### Access Worker Statistics via HTTP (Bash) Source: https://github.com/telegrammessenger/cocoon/blob/main/scripts/dist-worker/README.md Retrieves worker statistics using cURL. Supports both human-readable ('/stats') and JSON-formatted ('/jsonstats') outputs, as well as performance metrics ('/perf'). Different ports are used for different worker instances. ```bash # Worker instance 0 curl http://localhost:12000/stats curl http://localhost:12000/jsonstats # JSON format # Worker instance 1 curl http://localhost:12010/stats ```