k3s icon indicating copy to clipboard operation
k3s copied to clipboard
verified publisher icon k3s-io

[Documentation] Context label needs to be set on the dir used by local-path-provisioner

Open ShylajaDevadiga opened this issue 5 years ago • 1 comments

Issue: ProvisioningFailed without context label on dir. PVC, Pod will be in pending state

By default local-path-provisioner is not deployed with rke2. The dir used by local-path-provisioner needs to have the context label set. Command used to set the label on the default dir.

chcon -t container_file_t -R /opt/local-path-provisioner

ShylajaDevadiga avatar Sep 25 '20 05:09 ShylajaDevadiga

Seeing as how rke2 does not bundle in local-path-provisioner by default, but K3s does and too has (experimental) selinux support. We're going to move this issue to rancher/k3s.

davidnuzik avatar Oct 06 '20 21:10 davidnuzik

This was fixed at some point in selinux, and pvc come up just fine. No documentation change is necessary.

[root@smoke vagrant]# k3s kubectl get pods
NAME          READY   STATUS    RESTARTS   AGE
volume-test   1/1     Running   0          82s

system_u:system_r:container_t:s0:c744,c913 root 8642 0.0  1.9 733716 35700 ?     Ssl  21:31   0:01 local-path-provisioner start --config /etc/config/config.json

dereknola avatar Feb 22 '23 22:02 dereknola