Comments (12)
patope
commented on September 24, 2024
1
Problem seems to be in policy compilation
With 2.13.2 root's home folder contains only
- kube_hetzner_selinux.te
on 2.13.1 there are
- kube_hetzner_selinux.te
- kube_hetzner_selinux.mod
- kube_hetzner_selinux.pp
from terraform-hcloud-kube-hetzner.
mysticaltech
commented on September 24, 2024
1
@patope @lpellegr Should be fixed in v2.13.3. Lesson learned, when modifying SElinux policies, always test if it compiles correctly 😅 And thanks again for the tip!
from terraform-hcloud-kube-hetzner.
lpellegr
commented on September 24, 2024
1
Thanks for the fix!
from terraform-hcloud-kube-hetzner.
brain-dev-null
commented on September 24, 2024
1
Thank you! 😄
from terraform-hcloud-kube-hetzner.
lpellegr
commented on September 24, 2024
I just experienced the same problem, and it even caused a working cluster that updates by itself to stop working. Using version 2.13.1 helps, but you still need to recreate the cluster again from scratch.
from terraform-hcloud-kube-hetzner.
mateuszlewko
commented on September 24, 2024
it even caused a working cluster that updates by itself to stop working.
Sorry for off topic, but what do you mean by cluster updating itself? Do you mean automatic system updates, or do you have some automation that applies the newest version of this terraform module?
from terraform-hcloud-kube-hetzner.
lpellegr
commented on September 24, 2024
it even caused a working cluster that updates by itself to stop working.
Sorry for off topic, but what do you mean by cluster updating itself? Do you mean automatic system updates, or do you have some automation that applies the newest version of this terraform module?
I would say automatic system updates since I have no automation.
from terraform-hcloud-kube-hetzner.
mysticaltech
commented on September 24, 2024
@patope @lpellegr I will add the missing SELinux rules ASAP.
from terraform-hcloud-kube-hetzner.
patope
commented on September 24, 2024
@mysticaltech I already made PR #1272 to resolve this. Problem is unknown permissions on anon_inode
from terraform-hcloud-kube-hetzner.
mysticaltech
commented on September 24, 2024
@patope I don't understand, you are removing permissions in the PR, how can that help?
from terraform-hcloud-kube-hetzner.
patope
commented on September 24, 2024
@mysticaltech those permissions are not valid for anon_inode and policy compiler will fail on those.
from terraform-hcloud-kube-hetzner.
mysticaltech
commented on September 24, 2024
@patope Ok, I see. Thanks for the info.
from terraform-hcloud-kube-hetzner.
Related Issues (20)
- Load Balancer would be newly created HOT 1
- [Bug]: initial cloud init failing HOT 2
- [Feature Request]: Add taint toleration to cluster-autoscaler HOT 1
- [Bug]: exec ./cluster-autoscaler: argument list too long HOT 1
- [Bug]: On scaling my cluster I got an error with terraform HOT 3
- [Bug]: Outgoing TCP connections fail on newly created cluster HOT 2
- [Feature Request]: output hostname, ipv4, ipv6 for agent and control plane nodes HOT 1
- [Bug]: Nodes restarting in emergency mode HOT 3
- [Bug]: [error] 26#26: *1250 connect() failed (111: Connection refused) while connecting to upstream, client: 62.163.30.253, HOT 1
- [Bug]: Cluster autoscaler will break after 6/9 HOT 5
- [Bug]: Enabling rancher after previously disabling it does not work HOT 1
- [Bug]: hcloud-csi-node hcloud-csi-controller constantly restarting HOT 3
- Add floating IPs for wireguard hybrid cloud / multicluster
- [Bug]: Terraform failing if csi is disabled (disable_hetzner_csi) and `hetzner_csi_version` not set
- [Bug]: Primary IP limit exceeded HOT 5
- [Bug]: Cluster autoscaler not creating any nodes HOT 2
- [Bug]: Network routes are not cleaned up by HCCM HOT 1
- [Bug]: /usr/share/selinux/packages/k3s.pp (No such file or directory) HOT 1
- [Bug]: One control plane node stuck waiting for MicroOS HOT 3
- [Bug]: Changing value of `automatically_upgrade_os` has no effect on existing nodes HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-hcloud-kube-hetzner.