opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-21 00:56:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix typo in generate kube docs for selinux labeling

Browse Source 
Signed-off-by: Federico Rizzo <fulminemizzega@users.noreply.github.com>
This commit is contained in:
Federico Rizzo
2022-04-15 21:51:30 +00:00
parent 08d08f995e
commit e716790af9
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/source/markdown/podman-generate-kube.1.md
View File

@ -22,7 +22,8 @@ Init containers created with type `always` will always be generated in the kube
*Note*: When using volumes and generating a Kubernetes YAML for an unprivileged and rootless podman container on an **SELinux enabled system**, one of the following options must be completed: *Note*: When using volumes and generating a Kubernetes YAML for an unprivileged and rootless podman container on an **SELinux enabled system**, one of the following options must be completed:
* Add the "privileged: true" option to the pod spec * Add the "privileged: true" option to the pod spec
* Add `type: spc_t` under the `securityContext` `seLinuxOptions` in the pod spec * Add `type: spc_t` under the `securityContext` `seLinuxOptions` in the pod spec
* Relabel the volume via the CLI command `chcon -t container_file_t context -R <directory>` * Relabel the volume via the CLI command `chcon -t container_file_t -R <directory>`
Once completed, the correct permissions will be in place to access the volume when the pod/container is created in a Kubernetes cluster. Once completed, the correct permissions will be in place to access the volume when the pod/container is created in a Kubernetes cluster.
Note that the generated Kubernetes YAML file can be used to re-run the deployment via podman-play-kube(1). Note that the generated Kubernetes YAML file can be used to re-run the deployment via podman-play-kube(1).