From 8fe25772dc709a82078e2ef951e9b089590fa3aa Mon Sep 17 00:00:00 2001
From: Adrian Stadelmann <spaced.wombat@gmail.com>
Date: Sat, 10 Jul 2021 19:32:00 +0200
Subject: [PATCH] set selinux type t_etc if selinux state is enforcing

---
 roles/kubernetes/node/tasks/kubelet.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/kubernetes/node/tasks/kubelet.yml b/roles/kubernetes/node/tasks/kubelet.yml
index 8bff4077c1e..3055d9e581e 100644
--- a/roles/kubernetes/node/tasks/kubelet.yml
+++ b/roles/kubernetes/node/tasks/kubelet.yml
@@ -17,6 +17,7 @@
   template:
     src: "kubelet.env.{{ kubeletConfig_api_version }}.j2"
     dest: "{{ kube_config_dir }}/kubelet.env"
+    setype: "{{ (preinstall_selinux_state == 'enforcing') | ternary('t_etc', omit) }}"
     backup: yes
   notify: Node | restart kubelet
   tags: