Create CoreOS Container Linux Ignition File
With all recent changes within CoreOS’s Container Linux distribution one of the most notable change is related to the Ignition file, basically this file handles the configuration for any Container Linux installation and we can say that it is pretty powerful. The concept behind this is somehow simple but as we have already said, quite powerful, allowing the users to configure the operating system right from the start with all basic and advanced settings needed. In this short tutorial we will cover the basics of how to create a simple .yaml CoreOS Container Linux ignition config file and how to convert it to a .json file using Config Transpiler so Container Linux can read all our settings.
Table of Contents
Context
CoreOS Container Linux Ignition File Content
Convert .yaml to .json using config transpiler
Start Container Linux with ignition.json
Context
Assuming that we have just started the exploration journey of CoreOS’s Container Linux, we’ve been assigned to a lovely project where we were asked to build the next big thing using Container Linux. For various reasons this might be actually the best OS out there for containers and ease of management, maybe not the only one but for sure one of the few. As any other task everything starts with some documentation but, unfortunately, CoreOS (the company) didn’t do a very good job in documenting their Container Linux (the product). Hopefully, after acquiring CoreOS, Red Hat will notice that gap and will improve it shortly, they proved to be quite good in terms of documentation for all other products. Now, assuming that we have Config Transpiler installed already on our local machine let’s jump straight to our ignition configuration file.
CoreOS Container Linux Ignition File Content
There are two ways which we can configure Container Linux, first option is to write right from the beginning ignition.json
file and the second option is to write a ignition.yaml
file. Indeed, both file type are accepted but JSON isn’t quite the first choice as it tends to be very difficult to read and debug when we are working with large configuration files. This is one of the reasons why we should always go for a YAML file instead, it offers flexibility to write code, it supports comments so we can always go back and understand what we have wrote previously and obviously has a much more elegant and complex way of dealing with keys and values.
So let’s open a new terminal window or a text editor and create a file called ignition.yaml
, doesn’t necessarily have to be called that way but in this tutorial we’ll stick with this name. Once the terminal window or the text editor has been open let’s edit the file, copy and paste the code lines below:
passwd:
users:
- name: core
password_hash: "$1$KiHaSHedV$P455w0rdSf5olJApF/"
groups:
- "sudo"
- "docker"
- name: theadminuser
groups:
- "sudo"
- "docker"
ssh_authorized_keys:
- "ssh-rsa ACAAB3NzaC1yc2EADAADAQABAAAAfQD..."
etcd:
name: "my1sthost"
advertise_client_urls: "10.10.10.10:2379"
initial_advertise_peer_urls: "10.10.10.24:2380"
listen_client_urls: "http://0.0.0.0:2379"
listen_peer_urls: "http://10.10.10.24:2380"
initial_cluster: "%m=http://10.10.10.24:2380"
discovery: "https://discovery.etcd.io/ec63708ed8095f144b23e17a7571ded"
systemd:
units:
- name: docker.service
enabled: true
- name: containerd.service
enabled: true
storage:
files:
- filesystem: "root"
path: "/etc/hostname"
mode: 0644
contents:
inline: my1sthost
- filesystem: "root"
path: "/etc/systemd/network/00-ens192.network"
mode: 0644
contents:
inline: |
[Match]
Name=ens192
[Network]
Address=10.10.10.24/24
Gateway=10.10.10.254
DNS=10.1.1.1
DNS=8.8.8.8
The content of our ignition.yaml
file it is pretty much self-explanatory, we would not try to detail that code line by line here as it is almost plain English, well maybe except the password for core
username, which is hashed by the way, and probably the SSH key for theadminuser
.
We can clearly see how easy is to write and read the YAML file content, using JSON this would have been a more difficult and tricky task. Indeed, Container Linux wants JSON configuration files and we will explain this in the next step.
Convert .yaml to .json using config transpiler
As we have said previously, Container Linux simply loves JSON files, YAML isn’t really his first choice or at least one of the favourites. For some odd reason CoreOS doesn’t accept YAML files as it used to accept in the past, we won’t argue with that, not in this tutorial.
Config Transpiler (ct
), this is how CoreOS called the magic tool that converts YAML files to JSON, basically ct
converts everything we’ve declared onto our YAML file previously and also adds some extra bits that are mandatory for the OS.
Without further introduction let’s see ct
in action like shown in the example below:
ct -in-file /ignition.yaml -out-file /ignition.json
Done, this is all we have to do in order to convert ignition YAML file to – a much CoreOS preferred – JSON format.
Start Container Linux with ignition.json
Having our ignition.json
file in place we can now start and test if our Container Linux can read and perform a clean install based on our configuration file. Now, in order to complete our test we have to jump to one of the nodes that’s designed to be a CoreOS server, being Master or a Worker node. Once logged in we can run the next command and begin the installation process:
coreos-install -d /dev/sda -C stable -i ignition.json
If you use VMWare you may want to use this command instead:
coreos-install -d /dev/sda -C stable -o vmware_raw -i ignition.json
That is all, our short tutorial ends here hoping that we’ve saved you a ton of time searching for an answer or maybe for a quick tutorial about how CoreOS Container Linux works and what’s the role of an Ignition file.