Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-1.19] fix when running rancher with selinux enforcing #759

Merged
merged 1 commit into from
Mar 13, 2021
Merged

[release-1.19] fix when running rancher with selinux enforcing #759

merged 1 commit into from
Mar 13, 2021

Conversation

dweomer
Copy link
Contributor

@dweomer dweomer commented Mar 9, 2021
edited

Originally reported at #690 against a v1.19.7 beta
pre-release, there is an issue with containerd versions 1.4+ that
prevented the correct selinux labels from being applied for image
volumes (volumes declared in the docker image that containerd/cri will
set up for you by default ... but they aren't visible to k8s).

Patches to fix this have been submitted upstream, see:

Addresses #690

Signed-off-by: Jacob Blain Christen jacob@rancher.com

@dweomer dweomer requested a review from a team as a code owner March 9, 2021 22:11
@dweomer dweomer force-pushed the fix/690/rancher-with-selinux branch from dc8af42 to dfc8cb2 Compare March 9, 2021 22:14
@dweomer
[release-1.19] fix when running rancher with selinux enforcing
fd22ae4 
Originally reported at rancher#690 against a v1.19.7 beta
pre-release, there is an issue with containerd versions 1.4+ that
prevented the correct selinux labels from being applied for image
volumes (volumes declared in the docker image that containerd/cri will
set up for you by default ... but they aren't visible to k8s).

Patches to fix this have been submitted upstream, see:
- containerd/containerd#5090
- containerd/containerd#5104
- containerd/continuity#178

Addresses rancher#690

Signed-off-by: Jacob Blain Christen <jacob@rancher.com>
@dweomer dweomer force-pushed the fix/690/rancher-with-selinux branch from dfc8cb2 to fd22ae4 Compare March 13, 2021 00:28
@dweomer dweomer merged commit 07d7a9b into rancher:release-1.19 Mar 13, 2021
@dweomer dweomer deleted the fix/690/rancher-with-selinux branch March 13, 2021 00:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brandond brandond brandond approved these changes

@Oats87 Oats87 Oats87 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dweomer @brandond @Oats87