Provisioning Fedora CoreOS on Alibaba Cloud (Aliyun)

This guide shows how to provision new Fedora CoreOS (FCOS) nodes on Alibaba Cloud. Fedora currently does not publish Fedora CoreOS images within Alibaba Cloud, so you must download an Alibaba Cloud image from Fedora and upload it to one of your Object Storage Service (OSS) buckets.

Prerequisites

Before provisioning an FCOS machine, you must have an Ignition configuration file containing your customizations. If you do not have one, see Producing an Ignition File.

You also need to have access to an Alibaba Cloud account and activated Object Storage Service (OSS). The examples below use the Alibaba Cloud CLI and jq as a command-line JSON processor.

Downloading an Alibaba Cloud image

Fedora CoreOS is designed to be updated automatically, with different schedules per stream. Once you have picked the relevant stream, download, verify, and decompress the latest Alibaba Cloud image:

STREAM="stable"
coreos-installer download --decompress -s "${STREAM}" -p aliyun -f qcow2.xz

Alternatively, you can manually download an Alibaba Cloud image from the download page. Verify the download, following the instructions on that page, and decompress it.

Uploading the image to Alibaba Cloud

  1. Create any bucket that doesn’t already exist in your Alibaba Cloud account with a globally unique name or reuse an existing bucket:

    Example creating Alibaba Cloud OSS (Object Storage Service) bucket
    REGION="ap-southeast-1"
    BUCKET_NAME="my-bucket"
    BUCKET_URL="oss://${BUCKET_NAME}"
    aliyun oss mb "${BUCKET_URL}" --region="${REGION}" --acl=private
  2. Upload an FCOS image:

    Example uploading FCOS to an Alibaba Cloud OSS bucket
    DOWNLOADED_IMAGE="./image.qcow2"
    IMAGE_NAME="my-fcos-image"
    IMAGE_BLOB="${IMAGE_NAME}.qcow2"
    aliyun oss cp "${DOWNLOADED_IMAGE}" "${BUCKET_URL}/${IMAGE_BLOB}" \
        --region="${REGION}" --acl=private
  3. Import uploaded FCOS image:

    Example importing FCOS to Alibaba Cloud ECS
    TASK_ID=$(aliyun ecs ImportImage \
        --region="${REGION}" \
        --DiskDeviceMapping.1.OSSBucket="${BUCKET_NAME}" \
        --DiskDeviceMapping.1.OSSObject="${IMAGE_BLOB}" \
        --ImageName="${IMAGE_NAME}" \
        | jq --raw-output .TaskId)
  4. Wait until the image was successfully imported

    Example waiting with a timeout equal to one hour
    aliyun ecs DescribeTasks --region="${REGION}" --TaskIds="${TASK_ID}" \
        --waiter expr='TaskSet.Task[0].TaskStatus' to=Finished timeout=3600
  5. Determine id of imported FCOS image:

    Example determining id of the imported FCOS image
    IMAGE_ID=$(aliyun ecs DescribeImages --region="${REGION}" --ImageName="${IMAGE_NAME}" \
        | jq --raw-output .Images.Image[0].ImageId)
  6. Delete uploaded blob

    Example deleting uploaded blob
    aliyun oss rm "${BUCKET_URL}/${IMAGE_BLOB}" --region "${REGION}"

Creating a VSwitch

There exists no default VPCs or VSwitches in Alibaba Cloud. Hence, for creating any instances a VSwitch must exist. Pick some existing or create one with the following steps.

  1. Create a new VPC:

    Example creating a new VPC
    VPC_CIDR="172.16.0.0/12"
    VPC_NAME="fcos-test"
    VPC_ID=$(aliyun vpc CreateVpc --region="${REGION}" \
        --CidrBlock="${VPC_CIDR}" --VpcName="${VPC_NAME}" \
        | jq --raw-output .VpcId)
  2. Pick some availability zone for creating a VSwitch:

    Example pick some availability zone
    ZONE_ID=$(aliyun ecs DescribeZones --region="${REGION}" \
        | jq --raw-output .Zones.Zone[0].ZoneId)
  3. Create a new VSwitch:

    Example creating a new VSwitch
    VSWITCH_CIDR="172.16.0.0/16"
    VSWITCH_NAME="${VPC_NAME}"
    VSWITCH_ID=$(aliyun vpc CreateVSwitch \
        --region="${REGION}" \
        --CidrBlock="${VSWITCH_CIDR}" \
        --VpcId="${VPC_ID}" \
        --VSwitchName="${VSWITCH_NAME}" \
        --ZoneId="${ZONE_ID}" \
        | jq --raw-output .VSwitchId)

Launching an ECS instance

  1. Upload an SSH public key to Alibaba Cloud ECS

    Example uploading an SSH public key
    KEY_PAIR_NAME="fcos-key"
    PUBLIC_KEY_PATH="<Please fill the path to your public key>"
    PUBLIC_KEY_BODY=$(cat ${PUBLIC_KEY_PATH})
    aliyun ecs ImportKeyPair --region="${REGION}" \
        --KeyPairName="${KEY_PAIR_NAME}" --PublicKeyBody="${PUBLIC_KEY_BODY}"
  2. Creating an ECS instance

    Example creating ECS instance
    INSTANCE_NAME="my-fcos-vm"
    INSTANCE_TYPE="ecs.t6-c1m1.large"
    INSTANCE_ID=$(aliyun ecs CreateInstance \
        --region="${REGION}" \
        --KeyPairName="${KEY_PAIR_NAME}" \
        --ImageId="${IMAGE_ID}" \
        --InstanceName="${INSTANCE_NAME}" \
        --InstanceType="${INSTANCE_TYPE}" \
        --InternetChargeType=PayByTraffic \
        --InternetMaxBandwidthIn=5 \
        --InternetMaxBandwidthOut=5 \
        --VSwitchId="${VSWITCH_ID}" \
        | jq --raw-output .InstanceId)
  3. Allocate a public IPv4 address for the previously created instance

    Example allocating a public IP address
    PUBLIC_IP=$(aliyun ecs AllocatePublicIpAddress \
        --region="${REGION}" --InstanceId="${INSTANCE_ID}" \
        | jq --raw-output .IpAddress)
  4. Start the instance

    Example starting an instance
    aliyun ecs StartInstance --region="${REGION}" --InstanceId="${INSTANCE_ID}"
  5. Wait until the instance is running

    Example waiting and determining the public IP address
    aliyun ecs DescribeInstanceStatus --InstanceId.1="$INSTANCE_ID" --region="${REGION}" \
        --waiter expr='InstanceStatuses.InstanceStatus[0].Status' to=Running timeout=600
  6. Connect to the new instance via SSH

    Example connecting
    ssh core@"${PUBLIC_IP}"

You can start a customized instance with your Ignition file by adding the parameter --UserData=$(cat <Path to your ignition file> | base64) to the above command that creates a new instance.