public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-16 01:53:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Document change to K3s SELinux option

Browse Source
This commit is contained in:
Catherine Luse
2020-09-14 20:49:33 -07:00
parent 228bc5612d
commit f4d9f077b4
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/k3s/latest/en/advanced/_index.md
+13
View File
@@ -314,6 +314,19 @@ rpm -i https://rpm.rancher.io/k3s-selinux-0.1.1-rc1.el7.noarch.rpm
To force the install script to log a warning rather than fail, you can set the following environment variable: `INSTALL_K3S_SELINUX_WARN=true`.
The way that SELinux enforcement is enabled or disabled depends on the K3s version.
{{% tabs %}}
{{% tab "K3s v1.19.1+k3s1" %}}
To leverage experimental SELinux, specify the `--selinux` flag when starting K3s servers and agents.
{{%/tab%}}
{{% tab "K3s prior to v1.19.1+k3s1" %}}
You can turn off SELinux enforcement in the embedded containerd by launching K3s with the `--disable-selinux` flag.
{{%/tab%}}
{{% /tabs %}}
Note that support for SELinux in containerd is still under development. Progress can be tracked in [this pull request](https://github.com/containerd/cri/pull/1246).