Provisioning CoreOS
Installing CoreOS on a new system involves just booting a copy of the installation media with the configuration file (produced earlier) embedded. On most systems, the installation media is a USB stick and the target storage is an internal disk or SSD. The CoreOS image is copied bitwise to the destination and is then tuned according to the configuration file. On systems like the Raspberry Pi, that boot from an integrated SD card slot, this bootable media is the target device as well.
It is possible, on systems capable of network boot by DHCP/PXE, to boot in memory over a network and then to install to local disk. In that case the configuration file is retrieved by HTTP(S) from a local web site. This demonstration will only use bootable media.
Both of the procedures shown here are derived from the Fedora CoreOS Documentation, specifically the instructions for Bare Metal Intel and Raspberry Pi 4: EKD2 Combined Fedora CoreOS + EDK2 Firmware Disk. The bare metal procedure is very close to identical. For the Raspberry Pi 4 procedure the individual steps have been scripted to a single command, but that is not strictly necessary.
Bare Metal Installation - Intel
The Bare Metal installation is the most straightforward. It consists of just five steps:
-
Download CoreOS ISO image
-
Customize ISO image - Destination Disk and Ignition File
-
Write ISO to USB Stick
-
Boot from the USB stick
-
Boot from the target disk
This example assumes that the Ignition file for the host is
coreos-config.ign and the destination disk is /dev/sda. The
invocation lets most of the CLI arguments default:
-
archtecture: x86_64
-
platform: metal
-
stream: stable
-
format: ISO
The network configuration is allowed to default to DHCP for any NICs that detect link.
# Download ISO if necessary. Write file name
IMAGE_FILE=$(coreos-installer download --format iso)
# Customize the ISO image for the target host
coreos-installer iso customize --dest-device /dev/sda --dest-ignition coreos-config.ign ${IMAGE_FILE}
# Write the ISO to bootable media
sudo dd if=${IMAGE_FILE} of=/dev/sda bs=1M status=progress
# Reset the local ISO file for next use
coreos-installer iso reset
Two things to note here about coreos-installer download
-
It checks if the ISO file exists locally, and if so, checks that it is current before trying to download again.
-
It writes the filename of the ISO file to
stdouton exit. That value can be used in following script lines.
The final step of the list above restores the ISO image for next use. The image file is under 800MB, and so will fit on even very small USB sticks.
At this point booting from the USB will install CoreOS on the target host and disk. Insert the USB stick, boot and use the system boot options to boot from the USB. Observe the installation process from the console. When installation is complete, reboot and remove the USB stick.
Raspberry Pi 4 Installation
Currently only Raspberry Pi 4 are supported for Fedora CoreOS, and that only using a set of U-Boot or EFI files managed by third parties. Raspberry Pi 5 can run Fedora with a few minor tweaks, but CoreOS is still waiting for updated EFI and BMC files.
The Raspberry Pi boots from an integrated SD card reader. The CoreOS image is written to the SD card along with the Ignition file. The CoreOS image for aarch64 needs a bootloader, either U-Boot or EFI to boot correctly. This process installs a set of EFI binaries and auxiliary files into the boot partition to take the place of the typical firmware that other systems would have.
When the SD card is inserted and the system boots for the first time, the kernel and initrd are loaded into memory, including the Ignition file and the configuration is laid into the storage before mounting the disk filesystems and handing control to the init process.
The process of writing all the files to the SD card is described in Booting on Raspberry Pi 4 - EDK2: Combined Fedora CoreOS + EDK2 Firmware Disk. First the stock raw CoreOS aarch64 image is written to the SD card. Then the EFI partition is mounted and the EDK2 UEFI firmware is written. At that point the SD card is bootable on a Raspberry Pi 4.
The complete procedure for writing the SD Card is provide in the scripts sub-directory: prepare-pi.sh
Connect the SD card to the working system. Make sure that any auto-mounted partitions are unmounted before proceding. Determine the device path and provide the ignition file.
bash scripts/prepare-sd.sh <device path> <ignition file>
As with the Intel media, the final step is to install the SD Card in the Raspberry Pi 4 and power it on. Assuming that the Pi is connected to a network with DHCP and internet access, it will boot, complete the Ignition installation, install Ansible and reboot itself.
In both cases, at that point the new system is by SSH using the core user and it is ready to be managed by Ansible.
Finally Ready
With the OS installation complete it becomes possible to start addressing the goal of this series: Deploying containerized network services with Ansible. Keep an eye out for the next post where we’ll configure Ansible and demonstrate that we have connectivity and control of our target hosts.
References
-
coreos-installer
Usage and arguments for the CoreOS installer binary. This can be run from a live ISO or on a second host to write to the boot media. -
CoreOS on Bare Metal
How to install CoreOS on Bare Metal. This includes variants for PXE, and Live ISO installations. -
CoreOS on Raspberry Pi 4
How to install CoreOS on Raspberry Pi 4 or 5. This includes instructions for installing EFI boot components that are not present in the Pi boot firmware. -
Ignition
Ignition is the engine that applies the provided configuration to a new CoreOS instance on first boot. -
UEFI-Shell
a UEFI Shell for built from EDK2 sources -
Raspberry Pi 4 UEFI Firmware Images
A build of the UEFI-Shell specifically for Rasberry Pi 4
No comments:
Post a Comment