Hi All, I'm running a 1.5.1 cluster on centos bare metal with selinux set to permissive mode.
When kubernetes mounts a non read-only rbd volume, it seems to be doing it with the :Z mount flag. Which causes the docker daemon to relabel every file in the volume. In my case the volume contains over 100 million files, and it takes about 2 hours to run lstat and lsetxattr syscalls on every file. The docker daemon api hangs while this is happening. Does anyone have any idea on how to avoid this? Seems like I should file this as an issue in kubernetes github project. Wouldn't mounting the rbd volume with "-o context=" provide the same isolation without needing to relabel? Thanks, Pavel -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
