-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cilium CNi with k8s does not work with SELinux in permissive mode #891
Comments
Hello @alirezaghey, thanks for the report. Can you share some error logs and the Cilium version? Flatcar is currently tested with Cilium in |
Hello again @alirezaghey, I just got an illumination. We indeed faced this issue, and it's currently patched in this commit: flatcar/mantle@e8e9751
|
Hi @tormath1 Sorry for the incomplete issue.
Part of
Let me know, if I can provide you with other information. I'm a novice with K8s and Flatcar, so sorry if the information isn't as expected. I just saw the update you posted, but posting this for what it's worth :). |
In case you run into this problem. I was able to work around this with just replacing
|
Fixed in: flatcar/scripts#917 |
Thanks for fixing this! Just FYI, this issue is still linked to as a 'known issue' on https://www.flatcar.org/docs/latest/container-runtimes/getting-started-with-kubernetes/ |
@ryan0x44 thanks for the heads-up - the issue is still referenced because it's not yet landed on Stable (it should arrive with the next release). |
Description
Cilium CNi with k8s does not work with SELinux in permissive mode.
Impact
You need to disable SELinux for Cilium to work.
Environment and steps to reproduce
Expected behavior
Expected Cilium to run with SELinux in
permissive
mode.Additional information
Disabling SELinux does the trick. Probably, the necessary policies and labels are not in place. Related to #673
The text was updated successfully, but these errors were encountered: