In old AL2 we have systemd 219 on the host with selinux disabled, which allows to use cgroupv1 for systemd to run in docker.
In new AL2023 we have systemd 252 on the host with selinux enabled by default, with cgroupv2 that cause these errors to show:
Failed to connect to bus: No such file or directory
...
$ docker run --rm -it --entrypoint=/usr/sbin/init -u root --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro opensearchstaging/ci-runner:ci-runner-rockylinux8-systemd-base-integtest-v3
SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.33: No such file or directory
[!!!!!!] Failed to allocate manager object, freezing.
Additionally on AL2023, simply alter the /etc/selinux/config or setenforce will not change the behavior despite selinux showing sestatus as disabled on AL2023.
Use this, which needs to be set on the lib/compute/agent-nodes.ts in opensearch-ci repo.
In old AL2 we have systemd 219 on the host with selinux disabled, which allows to use cgroupv1 for systemd to run in docker.
In new AL2023 we have systemd 252 on the host with selinux enabled by default, with cgroupv2 that cause these errors to show:
There are two ways to resolve this:
Additionally on AL2023, simply alter the /etc/selinux/config or setenforce will not change the behavior despite selinux showing sestatus as disabled on AL2023.
Use this, which needs to be set on the lib/compute/agent-nodes.ts in opensearch-ci repo.
Then use this:
Thanks.