Producing an Ignition File

This guide provides step-by-step instructions on how to produce a basic Ignition file.

Fedora CoreOS (FCOS) Ignition files specify the configuration for provisioning FCOS instances. The process begins with a YAML configuration file. The FCOS Configuration Transpiler (FCCT) converts the human-friendly YAML file into machine-friendly JSON, which is the final configuration file for Ignition.

FCOS ingests the Ignition file only on first boot, applying the whole configuration or failing to boot in case of errors. After that, instance configuration is meant to be immutable.

Before provisioning an FCOS instance, plan your configuration with the full set of customization details. If you forgot something, simply fix the configuration and re-deploy the instance from a fresh image.

A simple example

Create a basic Ignition file that modifies the default FCOS user core to allow this user login with an SSH key.

The overall steps are as follows:

  1. Write the Fedora CoreOS Configuration (FCC) file in the YAML format.

  2. Use the quay.io/coreos/fcct:release container image to convert the FCC file into an Ignition (JSON) file.

  3. Boot a fresh FCOS image with the resulting Ignition configuration.

Prerequisite

This example uses a pair of SSH public and private keys. If you don’t already have it, you can generate an SSH key pair.

The SSH public key will be provisioned to the FCOS machine (via Ignition). The SSH private key needs to be available to your user on the local workstation, in order to remotely authenticate yourself over SSH.

Writing the FCC file

  1. Copy the following example into a text editor:

    variant: fcos
version: 1.1.0
passwd:
  users:
    - name: core
      ssh_authorized_keys:
        - ssh-rsa AAAA...

  2. Replace the above line starting with ssh-rsa with the contents of your SSH public key file.

  3. Save the file with the name example.fcc.

YAML files must have consistent indentation. Although fcct checks for syntax errors, ensure that the indentation matches the above example. Overall, the FCC files must conform to fcct's schema.

Using FCCT

fcct, the Fedora CoreOS Config Transpiler, is a tool that produces a JSON Ignition file from the YAML FCC file. Using the FCC file, an FCOS machine can be told to create users, create filesystems, set up the network, install systemd units, and more.

An easy way to use fcct is to run it in a container with podman:

  1. Pull the container for fcct:

    podman pull quay.io/coreos/fcct:release

  2. Run fcct on the FCC file:

    podman run -i --rm quay.io/coreos/fcct:release --pretty --strict < example.fcc > example.ign

  3. Use the example.ign file to boot FCOS.

FCC configuration details

Refer to Provisioning and Configuration for the full configuration specification.