Ideally you have Qemu, Docker, and Yocto set up. canonical/tdx can be used to easily set up the development environment for Qemu (even if you don’t have access to TDX). flashbots/yocto-manifests can be used as a guide to set up Yocto.
If you want to experiment with virtualization you might want to make sure you have access to a machine (or a VM) with KVM module enabled (see this KVM installation guide for example), although that’s not strictly necessary.
What do we gain that we don’t gain by simply running another TD? (cc @Quintus since you asked a similar question elsewhere).
Can we get the virtualization inside the TDX VM to be secure enough to be realistically useful?
I think right now we are simply exploring, and hopefully we find some unique properties enabled by nesting containers in TDX VMs
As I understand it, the two approaches are not mutually exclusive. We could run a few containers in one TD (or just a single one) and separate those even more thoroughly from containers in another TD.
My naive guess would be that we face a security vs. performance tradeoff in which cross-TD communication is expensive but lower level isolation is stronger
I think that’s absolutely correct. Using “single-container” TD for isolation between containers should get us really good guarantees on both what and how runs in the container, as well as good protection against other guests.