Guide de démarrage avec Fedora CoreOS

Introduction

Streams

There are three Fedora CoreOS (FCOS) update streams available: stable, testing, and next. In general, you will want to use stable, but it is recommended to run some machines on testing and next as well and provide feedback.

Each stream has a canonical URL representing its current state in JSON format, known as "stream metadata". For example, the stream metadata URL for stable is: https://builds.coreos.fedoraproject.org/streams/stable.json

For automating Fedora CoreOS installations, it is expected that you will interact with stream metadata. While Fedora CoreOS does automatic in-place updates, it is generally a good practice to start provisioning new machines from the latest images.

For more information on using stream metadata, see Stream Metadata. For more about the available streams, see Update Streams.

Philosophie concernant le provisionnement

Fedora CoreOS ne dispose pas d’un media d’installation distinct. A la place, chaque instance démarre à partir d’une image disque générique qui est personnalisée lors du premier démarrage via Ignition.

Chaque platforme a sa propre logique pour récupérer et appliquer la configuration pour le premier démarrage. Pour les déploiements dans le cloud, Ignition récupère la configuration en utilisant le mécanisme d'`user-data`. Pour les installations sur machine physique, Ignition peut récupérer la configuration depuis le disque ou depuis une source distante.

Pour plus d’informations sur la configuration, reportez-vous à la documentation pour Créer un fichier pour Ignition.

Démarrage rapide

Démarrer une machine virtuelle dans le cloud (exemple avec AWS)

New AWS instances can be directly created from the public FCOS images. You can find the latest AMI for each region from the download page.

If you are only interested in exploring FCOS without further customization, you can use a registered SSH key-pair for the default core user.

To test out FCOS this way you’ll need to run the aws ec2 run-instances command and provide some information to get the instance up and running. The following is an example command you can use:

Launching a new instance
NAME='instance1'
SSHKEY='my-key'     # the name of your SSH key: `aws ec2 describe-key-pairs`
IMAGE='ami-xxx'     # the AMI ID found on the download page
DISK='20'           # the size of the hard disk
REGION='us-east-1'  # the target region
TYPE='m5.large'     # the instance type
SUBNET='subnet-xxx' # the subnet: `aws ec2 describe-subnets`
SECURITY_GROUPS='sg-xx' # the security group `aws ec2 describe-security-groups`
aws ec2 run-instances                     \
    --region $REGION                      \
    --image-id $IMAGE                     \
    --instance-type $TYPE                 \
    --key-name $SSHKEY                    \
    --subnet-id $SUBNET                   \
    --security-group-ids $SECURITY_GROUPS \
    --tag-specifications "ResourceType=instance,Tags=[{Key=Name,Value=${NAME}}]" \
    --block-device-mappings "VirtualName=/dev/xvda,DeviceName=/dev/xvda,Ebs={VolumeSize=${DISK}}"
You can find out the instance’s assigned IP by running aws ec2 describe-instances

You now should be able to SSH into the instance using the associated IP address.

In order to launch a customized FCOS instance, a valid Ignition configuration must be passed as its user data at creation time. You can use the same command from above but add --user-data file://path/to/config.ign argument:

Launching and customizing a new instance
NAME='instance1'
SSHKEY='my-key'     # the name of your SSH key: `aws ec2 describe-key-pairs`
IMAGE='ami-xxx'     # the AMI ID found on the download page
DISK='20'           # the size of the hard disk
REGION='us-east-1'  # the target region
TYPE='m5.large'     # the instance type
SUBNET='subnet-xxx' # the subnet: `aws ec2 describe-subnets`
SECURITY_GROUPS='sg-xx' # the security group `aws ec2 describe-security-groups`
USERDATA='/path/to/config.ign' # path to your Ignition config
aws ec2 run-instances                     \
    --region $REGION                      \
    --image-id $IMAGE                     \
    --instance-type $TYPE                 \
    --key-name $SSHKEY                    \
    --subnet-id $SUBNET                   \
    --security-group-ids $SECURITY_GROUPS \
    --user-data "file://${USERDATA}"      \
    --tag-specifications "ResourceType=instance,Tags=[{Key=Name,Value=${NAME}}]" \
    --block-device-mappings "VirtualName=/dev/xvda,DeviceName=/dev/xvda,Ebs={VolumeSize=${DISK}}"
By design, cloud-init configuration and startup scripts are not supported on FCOS. Instead, it is recommended to encode any startup logic as systemd service units in the Ignition configuration.

Démarrer une machine virtuelle avec un hyperviseur local (exemple avec libvirt)

  1. Fetch the latest image suitable for the qemu platform using coreos-installer (or download and verify it from the web). You can use coreos-installer as a container, or on Fedora install it from the repos.

    STREAM="stable"
    # as an installed binary:
    coreos-installer download -s "${STREAM}" -p qemu -f qcow2.xz --decompress -C ~/.local/share/libvirt/images/
    # or as a container:
    podman run --pull=always --rm -v $HOME/.local/share/libvirt/images/:/data -w /data \
        quay.io/coreos/coreos-installer:release download -s "${STREAM}" -p qemu -f qcow2.xz --decompress
  2. Launch a new machine via virt-install, using the Ignition file with your customizations.

    IGNITION_CONFIG="/path/to/example.ign"
    IMAGE="/path/to/image.qcow2"
    VM_NAME="fcos-test-01"
    VCPUS="2"
    RAM_MB="2048"
    DISK_GB="10"
    
    virt-install --connect="qemu:///system" --name="${VM_NAME}" --vcpus="${VCPUS}" --memory="${RAM_MB}" \
            --os-variant="fedora-coreos-$STREAM" --import --graphics=none \
            --disk="size=${DISK_GB},backing_store=${IMAGE}" \
            --qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=${IGNITION_CONFIG}"
virt-install requires both the OS image and Ignition file to be specified as absolute paths.
Depending on your version of virt-install, you may not be able to use --os-variant=fedora-coreos-* and will get an error. In this case, you should pick an older Fedora variant (--os-variant=fedora31 for example). You can find the variants that are supported by you current version of virt-install with osinfo-query os | grep '^\s*fedora'.
Make sure that your user has access to /dev/kvm. The default is to allow access for everyone, but on some distributions you may need to add yourself to the kvm group.

Exploration du système

Une fois que la machine virtuelle a finie de démarrer, son adresse IP apparaîtra sur la console série. Par conception, il n’y a pas de mot de passe ou compte pré-défini.

Si vous avez défini une clé SSH pour le compte utilisateur nommé par défaut core, vous pouvez vous connecter via SSH à la machine virtuelle et explorer le système :

ssh core@<adresse ip>

Contacter l’équipe

We recommend that all users subscribe to the low-volume coreos-status mailing list for operational notices related to Fedora CoreOS.

Les bugs peuvent être rapportés sur le tableau de suivi de Fedora CoreOS.

For live questions, feel free to reach out on the #fedora-coreos IRC channel on Libera.Chat.

Si vous avez des doutes ou souhaitez avoir une discussion plus poussé autour de Fedora CoreOS, un espace de discussion et une list de diffusion sont disponibles.