Bug 1293267 - Ansible installation needs to handle SELinux booleans when installing containerized env
Ansible installation needs to handle SELinux booleans when installing contain...
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer (Show other bugs)
Unspecified Unspecified
medium Severity medium
: ---
: ---
Assigned To: Andrew Butcher
Ma xiaoqiang
Depends On:
  Show dependency treegraph
Reported: 2015-12-21 04:29 EST by Jianwei Hou
Modified: 2016-07-03 20:46 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-01-27 14:43:27 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jianwei Hou 2015-12-21 04:29:14 EST
Description of problem:
On AEP the necessary SELinux booleans are turned off by default, for example: virt_sandbox_use_fusefs, virt_use_nfs. The ansible installation did not handle the installation of storage modules because the packages are already present on AEP, therefore the SELinux booleans are also not dealt with.

Version-Release number of selected component (if applicable):
openshift v3.1.1.0
kubernetes v1.1.0-origin-1107-g4c8e6f4
etcd 2.1.2

How reproducible:

Steps to Reproduce:
1. Run ansible installation
2. Create pods with nfs volume, found that all pods end up in error state. Inspected the pods and found it was caused by "virt_use_nfs -> off"

Actual results:

Expected results:
If possible, ansible installation should handle that.

Additional info:
Comment 2 Jianwei Hou 2016-01-07 21:32:02 EST
The bug is fixed with the PR. Mark as verified.
Comment 4 errata-xmlrpc 2016-01-27 14:43:27 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.