CoreOS quickstart

Published at 21 Jan 2017 by soywiz

Today I have tried coreOS inside vmware player and it has been pretty easy. So now I’m ready to share the steps I have followed:

Installation

Downloading OVA

OVA file can be imported in both vmware and virtualbox:

curl -LO https://stable.release.core-os.net/amd64-usr/current/coreos_production_vmware_ova.ova

Creating the config-drive

We have to created the file user_data with the following yaml content, changing ssh-rsa line with our own public key:

#cloud-config
# include one or more SSH public keys
ssh_authorized_keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq.......
coreos:
  etcd2:
    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
    # specify the initial size of your cluster with ?size=X
    discovery: https://discovery.etcd.io/<token>
    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
    initial-advertise-peer-urls: http://$private_ipv4:2380
    # listen on both the official ports and the legacy ports
    # legacy ports can be omitted if your application doesn't depend on them
    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
    listen-peer-urls: http://$private_ipv4:2380
  units:
    - name: etcd2.service
      command: start
    - name: fleet.service
      command: start

Now we are going to create configdrive.iso with the user_datafile inside:

mkdir -p /tmp/new-drive/openstack/latest
cp user_data /tmp/new-drive/openstack/latest/user_data
mkisofs -R -V config-2 -o configdrive.iso /tmp/new-drive
rm -r /tmp/new-drive

In the case you are using windows 10, you can open a bash for windows, and install genisoimage:

sudo apt-get install genisoimage

Attach the ISO as a DVD

After that it is enough to attach the ISO file that we have just created to the virtual machine and start it. CoreOS will detect it and we will be able to log-in with the user core using our own private key. CoreOS doesn’t have a default password, so this is mandatory.

Connecting

ssh core@192.168.0.15

Usage

CoreOS has a very limited functionality included in its core. That’s ideal for performance and security.

  • We have some tools available from the beginning: docker, git, wget, curl, vi.
  • But we don’t have: nano, gcc, php, python, ruby, svn, or other tools.

In order to access advanced functionality, coreOS offers the tool /bin/toolbox that starts a container with fedora mounting the main file system in /media/root. In this fedora we can install whatever we want: starting with nano, gcc or php. And in the case we need to access our main filesystem, we have it mounted as /media/root.

Hoy me ha dado por probar coreOS en un vmware player y ha sido bastante sencillito, pero voy a comentar los pasos que he seguido:

Instalación

Descargar OVA

El archivo OVA se puede importar tanto en vmware como virtualbox:

curl -LO https://stable.release.core-os.net/amd64-usr/current/coreos_production_vmware_ova.ova

Creación de config-drive

Creamos el archivo user_data con el siguiente contenido cambiando ssh-rsa por nuestra clave pública:

#cloud-config

# include one or more SSH public keys
ssh_authorized_keys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGdByTgSVHq.......
coreos:
  etcd2:
    # generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
    # specify the initial size of your cluster with ?size=X
    discovery: https://discovery.etcd.io/<token>
    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
    initial-advertise-peer-urls: http://$private_ipv4:2380
    # listen on both the official ports and the legacy ports
    # legacy ports can be omitted if your application doesn't depend on them
    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
    listen-peer-urls: http://$private_ipv4:2380
  units:
    - name: etcd2.service
      command: start
    - name: fleet.service
      command: start

Creamos configdrive.iso con el archivo user_data dentro:

mkdir -p /tmp/new-drive/openstack/latest
cp user_data /tmp/new-drive/openstack/latest/user_data
mkisofs -R -V config-2 -o configdrive.iso /tmp/new-drive
rm -r /tmp/new-drive

En el caso de usar windows 10, basta con abrir un bash for windows e instalar genisoimage:

sudo apt-get install genisoimage

Atachear la ISO creada como dvd

Luego basta con atachear el archivo ISO que acabamos de crear a la máquina virtual y arrancarla. CoreOS lo detectará y podremos loguearnos con el usuario core a nuestra máquina usando nuestra clave privada. CoreOS no tiene password por defecto, así que esto es necesario.

Conexión

ssh core@192.168.0.15

Uso

CoreOS tiene funcionalidad muy limitada incluída en el núcleo. Lo que es ideal para el rendimiento y la seguridad.

  • Disponemos de algunas herramientas ya de base: docker, git, wget, curl, vi.
  • No tenemos: nano, ni gcc, ni php, ni python, ni ruby, ni svn, ni similares

Para poder acceder a funcionalidad avanzada coreOS ofrece la herramienta /bin/toolbox que lo que hace es arrancar un contenedor con un fedora montando el sistema de archivos raíz en /media/root. En ese fedora podemos instalar lo que queramos: desde nano, gcc, php. Y si necesitamos acceder a archivos de nuestro sistema de archivos principal, lo tenemos montado en /media/root.