RKE2 Fails To Start If fapolicyd Is Enabled

Note

This is not official documentation for AutomationSuite

Issue Description

RKE2 fails to start if fapolicyd is enabled and running as a process, and this causes an infra installation of Automation Suite (AS) to fail.

Root Cause

RKE2 is using containerd as its container engine and it uses runc as its container runtime.

fapolicyd -- seemingly one of the security tools required by organizations practicing STIGS-- blocks an execution of runc which causes RKE2 to fail. Also, podman, which is used for validating prereqs and managing container images in offline setup, uses runc as well, so fapolicyd also causes podman to fail.

Resolution

Disable fapolicyd and then resume infra installation

sudo systemctl stop fapolicyd && sudo systemctl disable fapolicyd

RKE2 Fails To Start If fapolicyd Is Enabled

Issue Description​

Root Cause​

Resolution​

Issue Description

Root Cause

Resolution