mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Klues <klue...@gmail.com>
Subject Review Request 50592: Updated NvidiaVolume to mount as 'tmpfs' if parent fs is 'noexec'.
Date Fri, 29 Jul 2016 03:25:16 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50592/
-----------------------------------------------------------

Review request for mesos, Benjamin Mahler and Jie Yu.


Bugs: MESOS-5923
    https://issues.apache.org/jira/browse/MESOS-5923


Repository: mesos


Description
-------

This patch is in response to an issue we ran into on Ubuntu 14.04,
where '/run' is being mounted as 'noexec' (MESOS-5923). Since our
NvidiaVolume is created below this mount point, we are unable to
execute any binaries we add to this volume. This causes problems, for
example, when trying to execute 'nvidia-smi' from within a container
that has this volume mounted in.

To work around this issue, we detect if any mount point above the path
where we create the volume is marked as 'noexec', and if so, we create
a new 'tmpfs' mount for the volume without 'noexec' set.


Diffs
-----

  src/slave/containerizer/mesos/isolators/gpu/volume.cpp 4b3651a8266b1ba193f6d207cd3be1ce55629703


Diff: https://reviews.apache.org/r/50592/diff/


Testing
-------

Remount /run as 'noexec'

`GTEST_FILTER="*NVIDIA*" make -j check`

Ran a master/agent/execute set running 'nvidia-smi' both inside and outside a docker container.
Both setups ran successfully.


Thanks,

Kevin Klues


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message