Provisioning Fedora CoreOS on Microsoft Hyper-V

This guide shows how to provision new Fedora CoreOS (FCOS) nodes on Microsoft Hyper-V.

Prérequis

You must have an Ignition configuration file containing your customizations. If you do not have one, see Producing an Ignition File.

You will also need a small utility from libhvee called kvpctl. It attaches your Ignition config to your virtual machine. Precompiled binaries can be found on the project’s releases page.

Downloading the disk image

Hyper-V disk images can be manually downloaded from the download page. Be sure to decompress the image after downloading.

Booting a new VM on Microsoft Hyper-V

Creating a virtual switch

You must first create a virtual switch so your virtual machine has a network to connect to. To do this, launch Hyper-V Manager and select your server from the list:

Hyper-V server list

Then click Virtual Switch Manager…​ in the Actions panel:

Hyper-V Manager Actions panel

Follow the prompts under New virtual network switch to create the virtual switch of the type you want:

New Virtual Network Switch tab

Creating a virtual machine

In the Actions panel of Hyper-V Manager, click New, then Virtual Machine…​:

Hyper-V Manager

This will launch the New Virtual Machine Wizard. When completing the wizard, note the following settings:

  1. If you select a Generation 2 virtual machine, see Configuring Secure Boot.

  2. When prompted to configure networking, select the virtual switch you created earlier.

  3. When prompted to connect a virtual hard disk, select Use an existing virtual disk and specify the disk image you downloaded earlier:

Hyper-V Virtual Machine Disk Wizard

Setting the Ignition config

Before starting your virtual machine for the first time, you must attach your Ignition config containing the customizations you want to apply to Fedora CoreOS.

On Hyper-V, the Ignition config is presented to the hypervisor in parts. Ignition reads the parts and reassembles them into a single config. You can use the kvpctl add-ign subcommand to create these parts and attach them to the virtual machine. The syntax for the command is as follows:

.\kvpctl.exe <name_of_vm> add-ign <path_to_ign_file>

For example:

> .\kvpctl.exe myvm add-ign C:\Users\joe\myvm.ign
added key:  ignition.config.0
added key:  ignition.config.1
added key:  ignition.config.2
added key:  ignition.config.3
added key:  ignition.config.4
added key:  ignition.config.5
added key:  ignition.config.6

Starting the VM

Once you’ve attached the Ignition config to the virtual machine, right-click the virtual machine in Hyper-V Manager and select Start.

Viewing the key-value pairs assigned to your virtual machine

You can view the key-value pairs assigned to your machine with the kvpctl get subcommand. You can only get key-value pairs when the virtual machine is running.

.\kvpctl.exe <name_of_vm> get

For example:

> .\kvpctl.exe myvm get
ignition.config.3 = th":"/etc/containers/registries.conf..."
ignition.config.4 = ,"contents":{"source":"data:,makeste..."
ignition.config.5 = nabled":false,"mask":true,"name":"do..."
ignition.config.6 = service\n\n[Service]\nExecStart=/usr..."
ignition.config.0 = {"ignition":{"config":{"replace":{"v..."
ignition.config.1 = default.target.wants","user":{"name"..."
ignition.config.2 = "user":{"name":"root"},"contents":{"..."

Configuring Secure Boot

If you configure a Generation 2 virtual machine, Fedora CoreOS will not successfully boot until you change the Secure Boot template to Microsoft UEFI Certificate Authority. You can do this in the Security tab of the virtual machine’s Settings dialog:

Virtual machine Secure Boot settings