Re: fresh hyperconverged Gluster setup failed in ovirt 4.4.8
I have been having this issue as well with no solution working but I came across something interesting. In selinux-policy 3.14.3-77 they removed the glusterd selinux module. https://centos.pkgs.org/8-stream/centos-baseos-x86_64/selinux-policy-3.14.3-... so that policy doesn exist anymore for ansible to apply. I plan on testing installing an older version into an ovirt node box to test which defaults as of 4.4.8 to selinux-policy version 3.14.3-79.el8. A clean install of CentOS 8 using latest iso has version 3.14.3-67.el8_4.2 and I can verify that manually setting policy with command 'semanage fcontext -a -t glusterd_brick_t "/gluster_bricks(/.*)?"' is completed successfully.
I used this as a workaround on the CentOS 8 Stream system doing the install: cp /etc/ansible/roles/gluster.infra/roles/backend_setup/tasks/mount.yml /etc/ansible/roles/gluster.infra/roles/backend_setup/tasks/mount.yml.orig head -63 /etc/ansible/roles/gluster.infra/roles/backend_setup/tasks/mount.yml.orig > /etc/ansible/roles/gluster.infra/roles/backend_setup/tasks/mount.yml It removes the SE Linux lines from the mount.yml file: 63a64,75
- name: Set Gluster specific SeLinux context on the bricks sefcontext: target: "{{ (item.path | realpath | regex_escape()) + '(/.*)?' }}" setype: glusterd_brick_t state: present with_items: "{{ gluster_infra_mount_devices }}" when: gluster_set_selinux_labels| default(false)| bool == true
- name: restore file(s) default SELinux security contexts command: restorecon -Rv "{{ item.path }}" with_items: "{{ gluster_infra_mount_devices }}" when: gluster_set_selinux_labels| default(false)| bool == true
After that, it was successful.
participants (2)
-
Eddie Garcia -
ovirt2021@olmosconsulting.com