[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [atomic] Running kubernetes with SELinux Enabled
- From: Josh Berkus <jberkus redhat com>
- To: 周海兵 <zhouhaibing089 gmail com>, atomic projectatomic io, Mrunal Patel <mpatel redhat com>
- Subject: Re: [atomic] Running kubernetes with SELinux Enabled
- Date: Wed, 6 Jul 2016 09:25:30 -0700
On 06/14/2016 12:15 AM, 周海兵 wrote:
> Hi fellows,
>
> This is my first time to sent email to a mail list, so hopefully I will
> give a clear explanation on my question.
>
> We are using AtomicOS fedora to deploy kubernetes, We do not use the
> version that carried along with Atomic due to we are actively develop
> features for kubernetes.
>
> Now that I meet a problem which is already post
> on https://github.com/kubernetes/kubernetes/issues/27282, to be briefly,
> we want to enable SELinux to give more security, but what we found that
> containers could not access volumes mount from `/var` and many other
> directories as there is not a rule to state that `svirt_lxc_net_t` could
> access files with types `var_t`.
>
> It made me very confused on how would `configMap` and `secrets` and
> other volumes type to work properly?
Mrunal, any suggestions on this?
--
--
Josh Berkus
Project Atomic
Red Hat OSAS
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]