Fedora CoreOS - Producing an Ignition File

This guide provides easy, step-by-step instructions to produce a basic Ignition file.

Fedora CoreOS (FCOS) Ignition files specify the configuration of FCOS. The process begins with a YAML configuration file. The FCOS Configuration Transpiler (FCCT) converts the human-friendly YAML file into machine-friendly JSON.

Once FCOS boots and ingests the Ignition file, the configuration is meant to be immutable. Therefore, plan your Ignition file with the full configuration specifications that you will need.

A simple example

Create a basic Ignition file that modifies the default FCOS user core to allow this user login with an SSH key.

The overall steps are as follows:

  1. Write the Fedora CoreOS Configuration (FCC) file in the YAML format.

  2. Download and install the Fedora CoreOS Configuration Transpiler (fcct).

  3. Use fcct to convert the FCC file into an Ignition (JSON) file.

Prerequisite

This example uses a pair of SSH public and private keys. If you don’t already have it, you can generate an SSH key pair.

The SSH public key will be provisioned to the FCOS machine (via Ignition). The SSH private key needs to be available to your user on the local workstation, in order to remotely authenticate yourself over SSH.

Writing the FCC file

  1. Copy the following example into a text editor:

    variant: fcos
    version: 1.0.0
    passwd:
      users:
        - name: core
          ssh_authorized_keys:
            - ssh-rsa AAAA...
  2. Replace the above line starting with ssh-rsa with the contents of your SSH public key file.

  3. Save the file with the name example.fcc.

YAML files must have consistent indentation. Although fcct checks for syntax errors, ensure that the indentation matches the above example. Overall, the FCC files must conform to fcct's schema.

Using FCCT

fcct, the Fedora CoreOS Config Transpiler, is a tool that produces a JSON Ignition file from the YAML FCC file. Using the FCC file, an FCOS machine can be told to create users, create filesystems, set up the network, install systemd units, and more.

An easy way to use fcct is to run it in a container with podman:

  1. Pull the container for fcct:

    podman pull quay.io/coreos/fcct:release

  2. Run fcct on the FCC file:

    podman run -i --rm quay.io/coreos/fcct:release --pretty --strict < example.fcc > example.ign

  3. Use the example.ign file to boot FCOS.

FCC configuration details

Refer to Provisioning and Configuration for the full configuration specification.