Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.md
libvirtd
virtlet
vms

README.md

AppArmor profiles

In order to get the Virtlet DaemonSet work in an AppArmor enabled environment follow the next steps:

  • install the profiles located in this directory into the corresponding directory (/etc/apparmor.d/ if you use Debian or its derivatives)

      sudo install -m 0644 libvirtd virtlet vms -t /etc/apparmor.d/
    
  • apply them by

    • restarting the apparmor service

      sudo systemctl restart apparmor
      
    • or by hand, using the following commands

      sudo apparmor_parser -r /etc/apparmor.d/libvirtd
      sudo apparmor_parser -r /etc/apparmor.d/virtlet
      sudo apparmor_parser -r /etc/apparmor.d/vms
      
  • set the corresponding profiles in the Virtlet DaemonSet:

      spec:
        template:
          metadata:
            annotations:
              container.apparmor.security.beta.kubernetes.io/libvirt: localhost/libvirtd
              container.apparmor.security.beta.kubernetes.io/vms: localhost/vms
              container.apparmor.security.beta.kubernetes.io/virtlet: localhost/virtlet
    
  • [re]create the Virtlet DamonSet using standard Kubernetes approach