Add example for Fedora CoreOS, running ignition not cloud-init #1653
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Now with $ export LIMA_INSTANCE=fedora-coreos
$ nerdctl.lima version
FATA[0000] rootless containerd not running? (hint: use `containerd-rootless-setuptool.sh install` to start rootless containerd): stat /run/user/1001/containerd-rootless: no such file or directory
$ lima containerd-rootless-setuptool.sh install
[INFO] Checking RootlessKit functionality
[INFO] Checking cgroup v2
[INFO] Checking overlayfs
[INFO] Requirements are satisfied
[INFO] Creating "/var/home/anders/.config/systemd/user/containerd.service"
[INFO] Starting systemd unit "containerd.service"
...
[INFO] Installed "containerd.service" successfully.
[INFO] To control "containerd.service", run: `systemctl --user (start|stop|restart) containerd.service`
[INFO] To run "containerd.service" on system startup automatically, run: `sudo loginctl enable-linger anders`
[INFO] ------------------------------------------------------------------------------------------
[INFO] Use `nerdctl` to connect to the rootless containerd.
[INFO] You do NOT need to specify $CONTAINERD_ADDRESS explicitly.
$ nerdctl.lima version
Client:
Version: v1.4.0
OS/Arch: linux/amd64
Git commit: 7e8114a82da342cdbec9a518c5c6a1cce58105e9
buildctl:
Version: v0.11.6
GitCommit: 2951a28cd7085eb18979b1f710678623d94ed578
Server:
containerd:
Version: v1.7.1
GitCommit: 1677a17964311325ed1c31e2c0a3589ce6d5c30d
runc:
Version: 1.1.7
GitCommit: v1.1.7-0-g860f061b
|
afbjorklund
force-pushed
the
fedora-coreos
branch
from
cda58bf
to
4d174a7
Compare
AkihiroSuda
reviewed
Jul 8, 2023
AkihiroSuda
reviewed
Jul 8, 2023
AkihiroSuda
reviewed
Jul 8, 2023
examples/fedora-coreos.yaml
Outdated
| arch: "aarch64" | ||
| digest: "sha256:0410362c212df040096933738607e56027005deb1c4a3eae417079180aaadc65" | ||
|
|
||
| # The guest home directory can not be changed with CoreOS currently. |
There was a problem hiding this comment.
The host home directory can be still mounted?
There was a problem hiding this comment.
My problem was they both use /home/anders... but there is a "homeDir" field in ignition - just that it looks unimplemented at the moment, and gives errors.
Another issue was that the "core" user now claims UID 1000, previously it used 500
AkihiroSuda
reviewed
Jul 8, 2023
examples/fedora-coreos.yaml
Outdated
There was a problem hiding this comment.
I'm not sure what the test flow is for "Tier 2", but I don't see why not
There was a problem hiding this comment.
This program is required to be installed on the host, as butane:
-
https://github.com/coreos/butane/releases/download/v0.18.0/butane-x86_64-unknown-linux-gnu
-
https://github.com/coreos/butane/releases/download/v0.18.0/butane-aarch64-unknown-linux-gnu
It translates the ignition.yaml into config.ign, which is required.
afbjorklund
force-pushed
the
fedora-coreos
branch
from
d647277
to
ea089cb
Compare
This comment was marked as outdated.
This comment was marked as outdated.
|
Very cool, seems to work as expected for me. |
afbjorklund
force-pushed
the
fedora-coreos
branch
from
ea089cb
to
2d9acce
Compare
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
CoreOS doesn't use cloud-init like the rest of the world, but a custom system called ignition that requires compiling. A host program called "butane" converts the cidata yaml, to a host config file called config.ign (which is in json). Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
This doesn't actually start any services, but waiting for the nerdctl user to run `containerd-rootless-setuptool.sh install`. Alternatively to start up the installed system containerd.service, replacing the one from docker, and run `sudo nerdctl` with it. Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
It is only possible to lint the executed template, not the raw "yaml". But it is syntax-checked by butane --strict anyway, so is not needed. Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
afbjorklund
force-pushed
the
fedora-coreos
branch
from
2d9acce
to
926ca37
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The default image comes with podman and docker and containerd installed.
It is read-only (for the most part), so the regular scripts wouldn't work anyway.
Apparently the uid conflicts, and setting the home directory doesn't work.
But otherwise it seems to be working - as long you have installed
butane.https://docs.fedoraproject.org/en-US/fedora-coreos/provisioning-qemu/
https://docs.fedoraproject.org/en-US/fedora-coreos/producing-ign/
Flatcar Container Linux support #1372
Any plan to support Container Linux, such as CoreOS, Flatcar? #1406