Netflix · sargun · May 8, 2018 · May 8, 2018
@@ -73,7 +73,6 @@ func TestStandalone(t *testing.T) {
 	testFunctions := []func(*testing.T, string){
 		testSimpleJob,
 		testSimpleJobWithBadEnvironment,
-		testTmpfsAtRun,
 		testNoCapPtraceByDefault,
 		testCanAddCapabilities,
 		testDefaultCapabilities,
@@ -156,18 +155,6 @@ func testSimpleJobWithBadEnvironment(t *testing.T, jobID string) {
 	}
 }
 
-func testTmpfsAtRun(t *testing.T, jobID string) {
-	ji := &mock.JobInput{
-		ImageName:  alpine.name,
-		Version:    alpine.tag,
-		Entrypoint: "/bin/sh -c '/bin/df -m -T /run | grep tmpfs | grep 200'",
-		JobID:      jobID,
-	}
-	if !mock.RunJobExpectingSuccess(ji, false) {
-		t.Fail()
-	}
-}
-
 func testNoCapPtraceByDefault(t *testing.T, jobID string) {
 	ji := &mock.JobInput{
 		ImageName:  ubuntu.name,

@@ -31,7 +31,6 @@ import (
 	"github.com/aws/aws-sdk-go/aws/arn"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
-	"github.com/docker/docker/api/types/mount"
 	docker "github.com/docker/docker/client"
 	"github.com/docker/go-units"
 	"github.com/ftrvxmtrx/fd"
@@ -422,20 +421,6 @@ func (r *DockerRuntime) dockerConfig(c *runtimeTypes.Container, binds []string,
 			"net.ipv6.conf.default.disable_ipv6": "0",
 			"net.ipv6.conf.lo.disable_ipv6":      "0",
 		},
-		Mounts: []mount.Mount{
-			{
-				Type:     mount.TypeTmpfs,
-				Target:   "/run",
-				ReadOnly: false,
-				TmpfsOptions: &mount.TmpfsOptions{
-					// we set a size mostly so processes get ENOSPACE instead of being shot by the cgroup OOM killer
-					// 50% of the container memory limit by default to leave some room for other things, tmpfs mounts
-					// by default on most distros have a size that is half of the host memory
-					SizeBytes: (c.Resources.Mem / 2) * MiB,
-					Mode:      01777,
-				},
-			},
-		},
 		Init: &useInit,
 	}
 	hostCfg.CgroupParent = r.pidCgroupPath