search

awslabs / mountpoint-s3-csi-driver

Built on Mountpoint for Amazon S3, the Mountpoint CSI driver presents an Amazon S3 bucket as a storage volume accessible by containers in your Kubernetes cluster.
Apache License 2.0
193 stars 23 forks source link

Add SELinux options for Bottlerocket #155

Closed jjkr closed 7 months ago

jjkr commented 7 months ago

Issue #, if available: #86

Description of changes: Add support for Bottlerocket OS. New versions of Bottlerocket are adding SELinux policies and directories to support installing the CSI driver and this PR adds SELinux labels to the containers to work with these changes. The install and node driver containers must run with the super_t SELinux user. The Bottlerocket policies are configured such that the installed files will automatically get the correct labels applied, so it turns out there is no relabeling required.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

dlakhaws commented 7 months ago

Is there any specific example we can provide to customers in our examples directory?

jjkr commented 7 months ago

Is there any specific example we can provide to customers in our examples directory?

As implemented, this will just work on newer Bottlerocket with no modifications. Once Bottlerocket cuts their release I will have to add them to the supported os matrix.