containers
/
automation-tests
mirror of https://github.com/containers/automation-tests.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix typo in generate kube docs for selinux labeling 

Signed-off-by: Federico Rizzo <fulminemizzega@users.noreply.github.com>
This commit is contained in:
Federico Rizzo 2022-04-15 21:51:30 +00:00
parent 08d08f995e
commit e716790af9
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/source/markdown/podman-generate-kube.1.md
View File

@ -22,7 +22,8 @@ Init containers created with type `always` will always be generated in the kube
*Note*: When using volumes and generating a Kubernetes YAML for an unprivileged and rootless podman container on an **SELinux enabled system**, one of the following options must be completed: *Note*: When using volumes and generating a Kubernetes YAML for an unprivileged and rootless podman container on an **SELinux enabled system**, one of the following options must be completed:
* Add the "privileged: true" option to the pod spec * Add the "privileged: true" option to the pod spec
* Add `type: spc_t` under the `securityContext` `seLinuxOptions` in the pod spec * Add `type: spc_t` under the `securityContext` `seLinuxOptions` in the pod spec
* Relabel the volume via the CLI command `chcon -t container_file_t context -R <directory>` * Relabel the volume via the CLI command `chcon -t container_file_t -R <directory>`
Once completed, the correct permissions will be in place to access the volume when the pod/container is created in a Kubernetes cluster. Once completed, the correct permissions will be in place to access the volume when the pod/container is created in a Kubernetes cluster.
Note that the generated Kubernetes YAML file can be used to re-run the deployment via podman-play-kube(1). Note that the generated Kubernetes YAML file can be used to re-run the deployment via podman-play-kube(1).