kubeadm: add logic to enforce SELinux for Cilium CNI in Flatcar >= 3745 #461
Commits on Oct 10, 2023
-
platform: change signature of RuntimeConf to get a pointer
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
-
platform: add RuntimeConf method to the Cluster interface
Adding this method allows to access the runtime configuration in a test to get/set values based on some conditions. Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
-
kubeadm: add logic to enforce SELinux for Cilium CNI in Flatcar >= 3745
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
-
kubeadm/cilium: patch Cilium daemon set
This is required even with Permissive mode. Can be dropped once `spc_t` is supported on Flatcar. Picked-From: e8e9751 Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
-
kubeadm: apply Cilium patch only when container_t is unavailable
container_t brings 'spc_t' too which is required by Cilium. We patch the daemon-set only when the old label ('svirt_lxc_file_t') is detected. Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.