mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Klues <>
Subject Re: Review Request 50592: Updated NvidiaVolume to mount as 'tmpfs' if parent fs is 'noexec'.
Date Sun, 31 Jul 2016 18:55:52 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated July 31, 2016, 6:55 p.m.)

Review request for mesos, Benjamin Mahler and Jie Yu.


Updated to address Jie's comments

Bugs: MESOS-5923

Repository: mesos


This patch is in response to an issue we ran into on Ubuntu 14.04,
where '/run' is being mounted as 'noexec' (MESOS-5923). Since our
NvidiaVolume is created below this mount point, we are unable to
execute any binaries we add to this volume. This causes problems, for
example, when trying to execute 'nvidia-smi' from within a container
that has this volume mounted in.

To work around this issue, we detect if any mount point above the path
where we create the volume is marked as 'noexec', and if so, we create
a new 'tmpfs' mount for the volume without 'noexec' set.

Diffs (updated)

  src/slave/containerizer/mesos/isolators/gpu/volume.cpp 4b3651a8266b1ba193f6d207cd3be1ce55629703


Testing (updated)

Remount /run as 'noexec'

`GTEST_FILTER="*NVIDIA*" make -j check`

Also ran a master/agent/execute set running 'nvidia-smi' both inside and outside a docker
Both setups ran successfully.


Kevin Klues

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message