Provisioning Fedora CoreOS on OpenStack

This guide shows how to provision new Fedora CoreOS (FCOS) nodes on an OpenStack cloud environment, either private, or public (like VEXXHOST).

The steps below were tested against the OpenStack Victoria release.

Prérequis

Before provisioning an FCOS machine, you must have an Ignition configuration file containing your customizations. If you do not have one, see Producing an Ignition File.

Fedora CoreOS has a default core user that can be used to explore the OS. If you want to use it, finalize its configuration by providing e.g. an SSH key.

If you do not want to use Ignition to get started, you can make use of the Afterburn support.

You also need to have access to an OpenStack environment and a functioning openstack CLI. Typically, you’ll configure the client by using a clouds.yaml file or via environment variables. If you’re starting from scratch, this environment may need networks, SSH key pairs, security groups, etc.. set up. Please consult the OpenStack Documentation to learn more.

Downloading an OpenStack Image

Fedora CoreOS is designed to be updated automatically, with different schedules per stream. Once you have picked the relevant stream, download, verify, and decompress the latest OpenStack image:

For more information on FCOS stream offerings see Update Streams.
STREAM="stable"
coreos-installer download --decompress -s $STREAM -p openstack -f qcow2.xz

Alternatively, you can manually download an OpenStack image from the download page. Verify the download, following the instructions on that page, and decompress it.

Uploading the Image to OpenStack

Create the FCOS image in OpenStack
FILE=fedora-coreos-XX.XXXXXXXX.X.X-openstack.x86_64.qcow2
IMAGE=${FILE:0:-6} # pull off .qcow2
openstack image create --disk-format=qcow2 --min-disk=10 --min-ram=2 --progress --file="${FILE}" "${IMAGE}"
If you’re uploading an aarch64 disk image then add --property architecture=aarch64.
Monitor image creation progress by listing the image
openstack image list --name="${IMAGE}"

Once the image is listed as active, it’s ready to be used.

Launching a VM instance

Now that you have an image created in your account you can launch a VM instance. You’ll have to specify several pieces of information in the command, such as instance flavor, network information, SSH key, etc…​

You’ll also need the Ignition config you created earlier. Here it is represented in the example command as ./example.ign, which indicates a file in the current directory named example.ign.

Launching a VM instance
OPENSTACK_NETWORK="private"
OPENSTACK_KEYPAIR="mykeypair" # optional
OPENSTACK_FLAVOR="v1-standard-2"
INSTANCE_NAME="myinstance" # choose a name
openstack server create                \
     --key-name="${OPENSTACK_KEYPAIR}" \
     --network=$OPENSTACK_NETWORK      \
     --flavor=$OPENSTACK_FLAVOR        \
     --image="${IMAGE}"                \
     --user-data ./example.ign         \
     "${INSTANCE_NAME}"
Specifying --key-name is optional if you provide an SSH key in your Ignition config.
Monitor progress of the instance creation with openstack server show "${INSTANCE_NAME}". You can also use the --wait parameter when calling openstack server create to block until the instance is active.

Next, if the instance’s network isn’t externally facing and you’d like to SSH into it from outside the OpenStack environment, you will have to assign a public IP to the instance:

Create and Assign a Floating IP
OPENSTACK_NETWORK=public
openstack floating ip create $OPENSTACK_NETWORK

FLOATING_IP=1.1.1.1  # from just created floating IP
openstack server add floating ip "${INSTANCE_NAME}" $FLOATING_IP

You now should be able to SSH into the instance using the floating IP address.

Example connecting
ssh core@<adresse ip>