Applying weave-net is resulting in weave-net container with "RunContainerError: "GenerateRunContainerOptions: expected 4 fields in selinux; got 1"

[dineshputchala]

What you expected to happen?

Container which is started as a part of pod n/w installation should be applied properly and the container should be in running status.

What happened?

Container which is started as a part of pod n/w installation is staying at ContainerCreating status

How to reproduce it?

On Oracle linux 7 OS,

1. Installed docker-engine
2. "/sbin/service docker start"
3. yum install kubelet kubeadm kubectl kubernetes-cni
   4.systemctl enable kubelet && systemctl start kubelet
   5.systemctl start kubelet.service
   6.kubeadm init
4. kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

Anything else we need to know?

This setup is tried on Oracle Linux 7

After applying the pod n/w , I see that container related to pod n/w is staying at ContainerCreating status for ever.

bash-4.2$ docker -v
Docker version 1.12.6, build ac13b2b

bash-4.2$ kubectl version
Client Version: version.Info{Major:"1", Minor:"4", GitVersion:"v1.4.1", GitCommit:"33cf7b9acbb2cb7c9c72a10d6636321fb180b159", GitTreeState:"clean", BuildDate:"2016-10-10T18:19:49Z", GoVersion:"go1.6.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"4", GitVersion:"v1.4.1", GitCommit:"33cf7b9acbb2cb7c9c72a10d6636321fb180b159", GitTreeState:"clean", BuildDate:"2016-10-10T18:13:36Z", GoVersion:"go1.6.3", Compiler:"gc", Platform:"linux/amd64"}

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

bash-4.2$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system dummy-2088944543-w5qn0 1/1 Running 0 8m
kube-system etcd-adc01jka 1/1 Running 0 8m
kube-system kube-apiserver-adc01jka 1/1 Running 1 7m
kube-system kube-controller-manager-adc01jka 1/1 Running 0 8m
kube-system kube-discovery-982812725-bmepe 1/1 Running 0 8m
kube-system kube-dns-2247936740-4sbmd 3/3 Running 0 8m
kube-system kube-proxy-amd64-9r1dn 1/1 Running 0 8m
kube-system kube-scheduler-adc01jka 1/1 Running 0 8m
kube-system weave-net-dv94e 0/2 ContainerCreating 0 7m

bash-4.2$ kubectl -n kube-system describe pod -l name=weave-net
Name: weave-net-dv94e
Namespace: kube-system
Node: adc01jka/10.229.118.127
Start Time: Mon, 28 Aug 2017 02:58:22 -0700
Labels: name=weave-net
Status: Pending
IP: 10.229.118.127
Controllers: DaemonSet/weave-net
Containers:
weave:
Container ID:
Image: weaveworks/weave-kube:2.0.4
Image ID:
Port:
Command:
/home/weave/launch.sh
Requests:
cpu: 10m
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Liveness: http-get http://127.0.0.1:6784/status delay=30s timeout=1s period=10s #success=1 #failure=3
Volume Mounts:
/host/etc from cni-conf (rw)
/host/home from cni-bin2 (rw)
/host/opt from cni-bin (rw)
/host/var/lib/dbus from dbus (rw)
/lib/modules from lib-modules (rw)
/var/run/secrets/kubernetes.io/serviceaccount from weave-net-token-cvfi0 (ro)
/weavedb from weavedb (rw)
Environment Variables:
HOSTNAME: (v1:spec.nodeName)
weave-npc:
Container ID:
Image: weaveworks/weave-npc:2.0.4
Image ID:
Port:
Requests:
cpu: 10m
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Volume Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from weave-net-token-cvfi0 (ro)
Environment Variables:
HOSTNAME: (v1:spec.nodeName)
Conditions:
Type Status
Initialized True
Ready False
PodScheduled True
Volumes:
weavedb:
Type: HostPath (bare host directory volume)
Path: /var/lib/weave
cni-bin:
Type: HostPath (bare host directory volume)
Path: /opt
cni-bin2:
Type: HostPath (bare host directory volume)
Path: /home
cni-conf:
Type: HostPath (bare host directory volume)
Path: /etc
dbus:
Type: HostPath (bare host directory volume)
Path: /var/lib/dbus
lib-modules:
Type: HostPath (bare host directory volume)
Path: /lib/modules
weave-net-token-cvfi0:
Type: Secret (a volume populated by a Secret)
SecretName: weave-net-token-cvfi0
QoS Class: Burstable
Tolerations: dedicated=master:Equal:NoSchedule
Events:
FirstSeen LastSeen Count From SubobjectPath Type ReasonMessage

8m 7s 38 {kubelet adc01jka} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with RunContainerError: "GenerateRunContainerOptions: expected 4 fields in selinux; got 1 (context: )"

Versions:

$ weave version - 1.4
$ docker version - 1.12.6
$ uname -a - Linux slc05ncl 4.1.12-61.1.16.el6uek.x86_64 #2 SMP Fri Oct 21 14:23:10 PDT 2016 x86_64 x86_64 x86_64 GNU/Linux
$ kubectl version 1.4.1

## Logs:
$ kubectl logs -n kube-system <weave-net-pod> weave
Pasted above.

[bboreham]

We generate the following by default:

          securityContext:
            seLinuxOptions: {}

So why it's complaining about 1 field I'm not sure. I guess it could be because your kubectl version is quite old.

Could you do kubectl get daemonset -n kube-system weave-net -o json and paste the result here?

[dineshputchala]

I tried using new version few hours before your suggestion and with it , above issue is not occurring.
Closing the bug. Thanks for your support !