I use these ansible scripts (see also) to bring up kubernetes clusters, on centos and fedora. The scripts are awesome, but they put selinux into permissive mode, because, "tokens and selinux don't work together."
That's unfortunate, because one of the main things I'm doing when I turn up a kubernetes cluster is bug-hunting, and selinux can be a source of bugs.
I commented out the bit that put selinux into permissive mode:
#- name: Set selinux permissive because tokens and selinux don't work together
# selinux: state=permissive policy={{ ansible_selinux.type }}
# when: ansible_selinux is defined and ansible_selinux.status == "enabled"