typhoon

History

Bo Huang aafa38476a Fix SELinux race condition on non-bootstrap controllers in multi-controller (#808 ) * Fix race condition for bootstrap-secrets SELinux context on non-bootstrap controllers in multi-controller FCOS clusters * On first boot from disk on non-bootstrap controllers, adding bootstrap-secrets races with kubelet.service starting, which can cause the secrets assets to have the wrong label until kubelet.service restarts (service, reboot, auto-update) * This can manifest as `kube-apiserver`, `kube-controller-manager`, and `kube-scheduler` pods crashlooping on spare controllers on first cluster creation	2020-08-19 21:18:10 -07:00
..
kubernetes	Fix SELinux race condition on non-bootstrap controllers in multi-controller (#808 )	2020-08-19 21:18:10 -07:00

Fix SELinux race condition on non-bootstrap controllers in multi-controller (#808 )

* Fix race condition for bootstrap-secrets SELinux context on non-bootstrap controllers in multi-controller FCOS clusters
* On first boot from disk on non-bootstrap controllers, adding bootstrap-secrets races with kubelet.service starting, which can cause the secrets assets to have the wrong label until kubelet.service restarts (service, reboot, auto-update)
* This can manifest as `kube-apiserver`, `kube-controller-manager`, and `kube-scheduler` pods crashlooping on spare controllers on first cluster creation

2020-08-19 21:18:10 -07:00

kubernetes

Fix SELinux race condition on non-bootstrap controllers in multi-controller (#808 )

2020-08-19 21:18:10 -07:00