This is a high level task that encompasses the work required to support RHEL8. It expa

RKE2 version: v1.18.8-beta20+rke2 Conformance test passed. <div class="snippet

Related: <a class="issue-link js-issue-link" data-error-text="Failed to load title" da

This can be tested using the following heredoc: <div class="snippet-clipboard-cont

RHEL8 Support about rke2 HOT 8 CLOSED

davidnuzik commented on August 17, 2024

RHEL8 Support

from rke2.

Comments (8)

ShylajaDevadiga commented on August 17, 2024 1

RKE2 version: v1.18.8-beta20+rke2
Conformance test passed.

sonobuoy results $res
Plugin: e2e
Status: passed
Total: 4992
Passed: 277
Failed: 0
Skipped: 4715

Plugin: systemd-logs
Status: passed
Total: 2
Passed: 2
Failed: 0
Skipped: 0

Import to rancher was successful

Installed as local management cluster for Rancher

from rke2.

davidnuzik commented on August 17, 2024

Based on discussion 5/14/2020 in our RKE2/RFed weekly sync up, UBI8 is not a candidate for MVP release. This will need to be worked on post MVP release. Bumping this out. We'll use UBI7 for all images for MVP. We can pull in iptables/nftables/whatever in k3s-root (or similar soltuion) ourselves.

I created #240 regarding a move to UBI8 or from-scratch base images.

from rke2.

davidnuzik commented on August 17, 2024

Related: #15

from rke2.

davidnuzik commented on August 17, 2024

Related: #225

from rke2.

Oats87 commented on August 17, 2024

The kube-proxy image needs to be enhanced to be able to switch between iptables legacy and iptables nft. We have decided to utilize the k3s-root built xtables binaries for our ubi7 base images, as there is no available iptables nft package.

from rke2.

Oats87 commented on August 17, 2024

This can be tested using the following heredoc:

cat << EOF > /etc/yum.repos.d/rancher-rke2-el8-1-18-testing.repo
[rancher-rke2-el8-common-testing]
name=Rancher RKE2 EL8 Common Testing
baseurl=https://rpm-testing.rancher.io/rke2/testing/common/centos/8/noarch
enabled=1
gpgcheck=1
gpgkey=https://rpm-testing.rancher.io/public.key

[rancher-rke2-el8-1-18-testing]
name=Rancher RKE2 EL8 1.18 Testing
baseurl=https://rpm-testing.rancher.io/rke2/testing/1.18/centos/8/x86_64
enabled=1
gpgcheck=1
gpgkey=https://rpm-testing.rancher.io/public.key
EOF

on a CentOS 8 or RHEL 8 system. Firewalld must be off, and preferably selinux in permissive mode.

from rke2.

Oats87 commented on August 17, 2024

Ready to test with v1.18.4-beta10+rke2

from rke2.

ShylajaDevadiga commented on August 17, 2024

Using rke2 beta19 on RHEL 8 validated the following using default OS settings.
rke2 process and system service have correct labels

cat /etc/redhat-release 
Red Hat Enterprise Linux release 8.2 (Ootpa)

getenforce
Enforcing

sudo cat /var/lib/rancher/rke2/agent/etc/containerd/config.toml|grep selinux
  enable_selinux = true

kgn
NAME                                         STATUS   ROLES         AGE   VERSION
ip-172-31-7-173.us-east-2.compute.internal   Ready    etcd,master   63m   v1.18.8-beta19+rke2

kgp
NAMESPACE     NAME                                                                 READY   STATUS      RESTARTS   AGE
kube-system   etcd-ip-172-31-7-173.us-east-2.compute.internal                      1/1     Running     0          62m
kube-system   helm-install-rke2-canal-2gd95                                        0/1     Completed   0          62m
kube-system   helm-install-rke2-coredns-8hhz4                                      0/1     Completed   0          62m
kube-system   helm-install-rke2-ingress-nginx-hz4pw                                0/1     Completed   0          62m
kube-system   helm-install-rke2-kube-proxy-mpx2w                                   0/1     Completed   0          62m
kube-system   helm-install-rke2-metrics-server-kvqhs                               0/1     Completed   0          62m
kube-system   kube-apiserver-ip-172-31-7-173.us-east-2.compute.internal            1/1     Running     0          61m
kube-system   kube-controller-manager-ip-172-31-7-173.us-east-2.compute.internal   1/1     Running     0          63m
kube-system   kube-proxy-m7mww                                                     1/1     Running     0          62m
kube-system   kube-scheduler-ip-172-31-7-173.us-east-2.compute.internal            1/1     Running     0          63m
kube-system   rke2-canal-58xxm                                                     2/2     Running     0          62m
kube-system   rke2-coredns-rke2-coredns-7979fc655-f99gz                            1/1     Running     0          62m
kube-system   rke2-ingress-nginx-controller-d4989f458-qmqvc                        1/1     Running     0          61m
kube-system   rke2-ingress-nginx-default-backend-65f75d6664-n2q5b                  1/1     Running     0          61m
kube-system   rke2-metrics-server-59c7d566ff-hll5k                                 1/1     Running     0          61m

ps -eZ | grep -E 'rke2|containerd|shim'
system_u:system_r:container_runtime_t:s0 13138 ? 00:00:22 rke2
system_u:system_r:container_runtime_t:s0 13152 ? 00:00:50 containerd
system_u:system_r:container_runtime_t:s0 13226 ? 00:00:00 containerd-shim
system_u:system_r:rke2_service_t:s0:c746,c847 13474 ? 00:00:07 kube-scheduler
system_u:system_r:rke2_service_t:s0:c184,c436 13494 ? 00:00:40 kube-controller

ps -eZ|grep nginx
system_u:system_r:container_t:s0:c365,c708 17022 ? 00:00:05 nginx-ingress-c
system_u:system_r:container_t:s0:c365,c708 17078 ? 00:00:00 nginx

from rke2.

RHEL8 Support about rke2 HOT 8 CLOSED

Comments (8)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent