![]() By default, SELinux prevents HAProxy context (haproxy_t) to execute shell context (shell_exec_t) for security reasons. This prevents HAProxy to actually reload properly, since SELinux will deny its call to a shell to save its state to a file. In order to avoid opening a potential security hole in the load-balancer image, the best way is to generate the state file before the actual reload. There are more details about the SELinux denials in the associated Red Hat Bugzilla. Conflicts: octavia/amphorae/backends/utils/haproxy_query.py Fixed in this backport: - A compatibility issue with Python 2.7 (open() didn't have an encoding kwarg) - save_state() tried to use Exception().output, which in general causes an AttributeError Resolves: rhbz#2073491 Change-Id: I6b9a5e1e3bafe77ad9f9506b8c0995d8c2a00081 (cherry picked from commit |
||
---|---|---|
.. | ||
amphorae | ||
api | ||
db | ||
__init__.py |