我正在尝试在某些 Fedora CoreOS 37 虚拟机上安装 Ranche RKE。安装通过 SSH 堡垒主机进行,我正确设置了 SSH 密钥对。
我在安装过程中遇到以下错误:
Failed running cluster err:[[selinux] Host [192.168.2.111] does not recognize SELinux label [label=type:rke_container_t]. This is required for Kubernetes version [>=1.22.0-rancher0]. Please install rancher-selinux RPM package and try again]
我尝试从 Butane 配置文件安装
rancher-selinuxsystemd:
units:
# Installing rancher-selinux
- name: rpm-ostree-install-rancher-selinux.service
enabled: true
contents: |
[Unit]
Description=Layer rancher-selinux with rpm-ostree
Wants=network-online.target
After=network-online.target
# We run before `zincati.service` to avoid conflicting rpm-ostree transactions.
Before=zincati.service
ConditionPathExists=!/var/lib/%N.stamp
[Service]
Type=oneshot
RemainAfterExit=yes
# `--allow-inactive` ensures that rpm-ostree does not return an error
# if the package is already installed. This is useful if the package is
# added to the root image in a future Fedora CoreOS release as it will
# prevent the service from failing.
ExecStart=/usr/bin/rpm-ostree install --allow-inactive --reboot rancher-selinux
ExecStart=/bin/touch /var/lib/%N.stamp
[Install]
WantedBy=multi-user.target
但是什么也没有,即使我冷重启了虚拟机。
我也尝试禁用 Docker SELinux,即使我不想禁用该安全层,但它没有用:
systemd:
units:
- name: "docker.service"
enabled: true
dropins:
- name: "01-selinux.conf"
contents: |
[Service]
Environment=DOCKER_SELINUX=--selinux-enabled=false
我在 we 上搜索了一下,发现了 2 个未解决的问题:
有没有办法安装这个包或让 SELinux 以某种方式工作? 谢谢