Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing selinux files on CentOS causes failure of kubeone apply #1446

Closed
michalvanco opened this issue Aug 16, 2021 · 2 comments · Fixed by #1532
Closed

Missing selinux files on CentOS causes failure of kubeone apply #1446

michalvanco opened this issue Aug 16, 2021 · 2 comments · Fixed by #1532
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@michalvanco
Copy link

What happened:
When using CentOS (7.7) to provision kubeone cluster, apply steps fails on missing two files on the system (/etc/sysconfig/selinux, /etc/selinux/config):

...
[136.144.48.169] + sudo setenforce 0
[136.144.48.169] setenforce: SELinux is disabled
[136.144.48.169] + true
[136.144.48.169] + sudo sed -i s/SELINUX=enforcing/SELINUX=permissive/g /etc/sysconfig/selinux
[136.144.48.169] sed: can't read /etc/sysconfig/selinux: No such file or directory
ERRO[08:44:19 UTC] failed to install kubeadm: Process exited with status 2  node=136.144.48.169
WARN[08:44:19 UTC] Task failed, error was: at least one of the tasks has encountered an error
...

[136.144.48.169] + sudo sed -i s/SELINUX=enforcing/SELINUX=permissive/g /etc/sysconfig/selinux
[136.144.48.169] + sudo sed -i s/SELINUX=enforcing/SELINUX=permissive/g /etc/selinux/config
[136.144.48.169] sed: can't read /etc/selinux/config: No such file or directory
ERRO[08:49:49 UTC] failed to install kubeadm: Process exited with status 2  node=136.144.48.169
WARN[08:49:49 UTC] Task failed, error was: at least one of the tasks has encountered an error

What is the expected behavior:
kubeone apply works smoothly without touching the instances at all, if files does not exist, it may safely continue in this case because selinux is disabled

How to reproduce the issue:
Get the instances with CentOS 7.7, use the static controlPlane setup and run kubeone apply -m kubeone.yaml

apiVersion: kubeone.io/v1beta1
kind: KubeOneCluster
name: kkp-cluster
versions:
  kubernetes: '1.21.4'
cloudProvider:
  none: {}
machineController:
  deploy: false
apiEndpoint:
  host: '136.144.48.169'
  port: 6443
controlPlane:
  hosts:
    - publicAddress: '136.144.48.169'
      privateAddress: '136.144.48.169'
      sshUsername: root
      sshAgentSocket: 'env:SSH_AUTH_SOCK'

Anything else we need to know?
Can be workaround by creating empty files on the system:

touch /etc/sysconfig/selinux
touch /etc/selinux/config

Information about the environment:
KubeOne version (kubeone version): 1.3.0-alpha.0
Operating system: CentOS

lsb_release -a
LSB Version:	:core-4.1-amd64:core-4.1-noarch
Distributor ID:	CentOS
Description:	CentOS Linux release 7.7.1908 (Core)
Release:	7.7.1908
Codename:	Core

Provider you're deploying cluster on: Equinix bare-metal
Operating system you're deploying on: CentOS
@michalvanco michalvanco added the kind/bug Categorizes issue or PR as related to a bug. label Aug 16, 2021
@kron4eg
Copy link
Member

kron4eg commented Aug 16, 2021

Is this some special type of CentOS?

@michalvanco
Copy link
Author

Not sure @kron4eg, it's bare metal instance with CentOS 7. We can probably try it out with regular instance on other provider.

@kron4eg kron4eg mentioned this issue Sep 17, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Edit selinux config file only if file exists kron4eg/kubeone
2 participants
@kron4eg @michalvanco