[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

[atomic-devel] SELinux and romana add-on: need advice for romana devs on correct labels

From: Anthony Alba <ascanio alba7 gmail com>
To: atomic-devel projectatomic io
Subject: [atomic-devel] SELinux and romana add-on: need advice for romana devs on correct labels
Date: Mon, 10 Jul 2017 14:30:15 +0800

Hi list,

romana is an add-on to kubernetes to install a SDN.

https://github.com/romana/romana

Currently it does not work with SELinux: it installs a host mount from
/var/lib/romana without the  pod without a transition.

In the toy cluster created by kubeadm something similar is need as it
uses the host's /var/lib/etcd. However kubeadm use a spc_t hammer in
its manifest.

I have communicated to the romana devs via their slack channel and
they are asking what is the best practice or recommendation?

The current romana spec file is from:

https://github.com/romana/romana/blob/master/containerize/specs/romana-kubeadm.yml

A sample of the hosts mounts:
      volumes:
      - name: romana-data
        hostPath:
          path: "/var/lib/romana"
      - name: etcd-data
        hostPath:
          path: "/var/lib/romana/etcd-db"
      - name: mysql-data
        hostPath:
          path: "/var/lib/romana/mysql-db"
      - name: log-path
        hostPath:
          path: /var/log/romana


Anthony

Follow-Ups:
- Re: [atomic-devel] SELinux and romana add-on: need advice for romana devs on correct labels
  - From: ascanio . alba7

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]