mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Klues <klue...@gmail.com>
Subject Re: Review Request 50592: Updated NvidiaVolume to mount as 'tmpfs' if parent fs is 'noexec'.
Date Sun, 31 Jul 2016 18:55:52 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/50592/
-----------------------------------------------------------

(Updated July 31, 2016, 6:55 p.m.)


Review request for mesos, Benjamin Mahler and Jie Yu.


Changes
-------

Updated to address Jie's comments


Bugs: MESOS-5923
    https://issues.apache.org/jira/browse/MESOS-5923


Repository: mesos


Description
-------

This patch is in response to an issue we ran into on Ubuntu 14.04,
where '/run' is being mounted as 'noexec' (MESOS-5923). Since our
NvidiaVolume is created below this mount point, we are unable to
execute any binaries we add to this volume. This causes problems, for
example, when trying to execute 'nvidia-smi' from within a container
that has this volume mounted in.

To work around this issue, we detect if any mount point above the path
where we create the volume is marked as 'noexec', and if so, we create
a new 'tmpfs' mount for the volume without 'noexec' set.


Diffs (updated)
-----

  src/slave/containerizer/mesos/isolators/gpu/volume.cpp 4b3651a8266b1ba193f6d207cd3be1ce55629703


Diff: https://reviews.apache.org/r/50592/diff/


Testing (updated)
-------

Remount /run as 'noexec'

`GTEST_FILTER="*NVIDIA*" make -j check`

Also ran a master/agent/execute set running 'nvidia-smi' both inside and outside a docker
container.
Both setups ran successfully.


Thanks,

Kevin Klues


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message