Rancher-nfs and MariaDB: SElinux relabeling

Hi all,

I’m using rancher-nfs to host data on an NFS server using volumes.
I’ve already a running config with Mongo, but for MariaDB I’m banging my head against wall… maybe someone of you can help me.

So, I’ve set up my rancher-nfs stack with an NFS server on CentOS 7 and options:

xx.xx.xx.xx(rw,no_root_squash)

I’ve created a volume named mariadb-data in the storage page of Rancher UI.

And I’ve my docker-compose.yml file:

version: '2’
volumes:
mariadb-data:
external: true
driver: rancher-nfs
services:
db:
image: mariadb:latest
environment:
MYSQL_DATABASE: mydb
MYSQL_USER: myuser
MYSQL_PASSWORD: mypassword
MYSQL_RANDOM_ROOT_PASSWORD: 'yes’
stdin_open: true
volumes:
- mariadb-data:/var/lib/mysql:z
tty: true
labels:
io.rancher.container.pull_image: always

But the container never start and fail with the error:

(Expected state running but got error: Error response from daemon: SELinux relabeling of /var/lib/rancher/volumes/rancher-nfs/mariadb-data is not allowed: “operation not supported”)

As you can see, I’ve added :z option at the end of the docker volume, but that don’t change anything.

I don’t understand which part don’t support relabelling operation: rancher-nfs ? mariadb container ? NFS server ?

Any of you as already have fun with that kind of stack ?

Regards

Hmm

guess the volume got not created or?

I had problem where the volume got not created when I used docker-compose.yml I had to create the volume first
or I rewrite the compose file to:

version: '2’
services:
db:
image: mariadb:latest
environment:
MYSQL_DATABASE: mydb
MYSQL_USER: myuser
MYSQL_PASSWORD: mypassword
MYSQL_RANDOM_ROOT_PASSWORD: 'yes’
stdin_open: true
driver: rancher-nfs
volumes:

  • mariadb-data:/var/lib/mysql:z
    tty: true
    labels:
    io.rancher.container.pull_image: always