adrien/ansible-role-kubernetes
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add selinux for k3s

Browse source
This commit is contained in:
Adrien Reslinger 2021-01-31 14:19:00 +01:00
parent d43e295f30
commit 6fa60172df
Signed by: adrien
GPG key ID: DA7B27055C66D6DE
2 changed files with 19 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
templates/etc/systemd/system/k3s.service.j2
View file

@ -8,12 +8,12 @@ Type=notify
EnvironmentFile=/etc/systemd/system/k3s.service.env
{% if kubernetes_master|bool %}
{% if vars['KubernetesMasterConfigured_' ~ kubernetes_cluster_name] is not defined %}
ExecStart=/usr/local/bin/k3s server --flannel-backend=wireguard --disable traefik --secrets-encryption --cluster-init
ExecStart=/usr/local/bin/k3s server --flannel-backend=wireguard --disable traefik --secrets-encryption --cluster-init --selinux
{% else %}
ExecStart=/usr/local/bin/k3s server --flannel-backend=wireguard --disable traefik --secrets-encryption --server https://{{ kubernetes_master }}:6443 --token ${NODE_TOKEN}
ExecStart=/usr/local/bin/k3s server --flannel-backend=wireguard --disable traefik --secrets-encryption --server https://{{ kubernetes_master }}:6443 --token ${NODE_TOKEN} --selinux
{% endif %}
{% else %}
ExecStart=/usr/local/bin/k3s agent --server https://{{ kubernetes_master }}:6443 --token ${NODE_TOKEN}
ExecStart=/usr/local/bin/k3s agent --server https://{{ kubernetes_master }}:6443 --token ${NODE_TOKEN} --selinux
{% endif %}
KillMode=process
Delegate=yes