Fedora CoreOS(FCOS) can be defined as an automatically-updating minimal monolithic Operating System used to securely run containerized workloads. The FCOS has 3 streams available i.e the stable, testing, and next streams each stream having a canonical URL to represent its current state. This state is normally in a JSON format often referred to as the stream metadata
The main goal of this project was to produce a container host to be able to run containerized workloads securely and at a scale. This was done by combining the CoreOS Container Linux and the Fedora Atomic host which resulted in technologies such as SELinux hardening from the Atomic project and Ignition from CoreOS Container Linux being integrated into the project.
In our previous guide, we went through how to run Fedora CoreOS (FCOS) on VirtualBox. FCOS can also be installed on Azure, AWS cloud, DigitalOcean, Alibaba Cloud, IBM Cloud, Bare Metal, QEMU, Vultr, and VMware.
This guide takes a deep dive into how to run the Fedora CoreOS (FCOS) on VMware Workstation.
Prerequisites.
In this guide, we need to have VMware Workstation installed on our system, This can be achieved using the dedicated guides below:
- On Debian
- On Arch Linux/Manjaro
- On CentOS/Rocky Linux/Alma Linux
- On Kali Linux
Step 1 – Download Fedora CoreOS OVA
Download the Fedora CoreOS OVA file for VMware from the Fedora CoreOS downloads page. On the page, download the stream that best suits you. You can as well use Wget to pull the images as below.
wget https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/38.20230806.3.0/x86_64/fedora-coreos-38.20230806.3.0-vmware.x86_64.ova -O fedora-coreos-vmware.ovaStep 2 – Create an Ignition Config for Fedora CoreOS
An Ignition Config is a JSON format file containing the user and SSH keys to enable remote access. Read through official Fedora CoreOS documentation for detailed information on creating Ignition configuration files.
This file can be created as below.
vim fcos.buAdd the below lines to the file.
variant: fcos
version: 1.4.0
passwd:
users:
- name: core
ssh_authorized_keys:
- replace-me-with-public-ssh-keyRemember to replace replace-me-with-public-ssh-key above with an actual SSH public key of your host system. View the public key using the command:
cat ~/.ssh/id_rsa.pubSave the file and proceed below to produce a YAML-formatted Butane config. Ensure that butane is installed on your system.
### Fedora ###
sudo dnf install butane
In this guide, I will make this process simple by using Podman. Install Podman using aid below:
- Install Podman on Debian
- Install Podman on Fedora / CentOS / RHEL 7|8
- Install Podman on Ubuntu
- Install Podman on Arch Linux / Manjaro
With Podman installed, we can pull the butane image as below.
podman pull quay.io/coreos/butane:releaseConvert the Ignition file to a YAML-formatted Butane config.
podman run --interactive --rm quay.io/coreos/butane:release \
--pretty --strict < fcos.bu > fcos.ignOnce complete, you should have a new file generated, fcos.ign. This is the Ignition file.
Step 3 – Encode the Ignition Configuration
For VMware, we need to have two guestinfo fields generated from the Ignition file. These files are:
- guestinfo.ignition.config.data.encoding – the encoding of the Ignition configuration. (base64, gzip+base64)
- guestinfo.ignition.config.data – the content of the Ignition configuration, encoded according to the format specified above.
The supported formats include base64, gzip+base64. Now export the variables for the two configurations as below.
- For base64
CONFIG_ENCODING='base64'
CONFIG_ENCODED=$(cat fcos.ign | base64 -w0 -)
- For gzip+base64
CONFIG_ENCODING='gzip+base64'
CONFIG_ENCODED=$(cat fcos.ign | gzip -9 | base64 -w0 -)Once exported, proceed as below.
Step 4 – Run Fedora CoreOS VM on VMware Workstation
Having made all the required configurations, we will proceed and boot into the Fedora CoreOS VM. In this guide, we will use the command line although the steps can as well be performed using the GUI.
On your terminal, run the command below replacing appropriately.
VM_NAME='fcos-node01'
FCOS_OVA='fedora-coreos-vmware.ova'
LIBRARY="$HOME/Virtual Machines.localized"
ovftool \
--powerOffTarget \
--name="${VM_NAME}" \
--allowExtraConfig \
--extraConfig:guestinfo.ignition.config.data.encoding="${CONFIG_ENCODING}" \
--extraConfig:guestinfo.ignition.config.data="${CONFIG_ENCODED}" \
"${FCOS_OVA}" "${LIBRARY}"Remember to replace the correct path of your FCOS ova file. Then proceed to generate the VMware workstation files as below.
Opening OVA source: fedora-coreos-vmware.ova
Opening VMX target: /home/thor/Virtual Machines.localized
Writing VMX file: /home/thor/Virtual Machines.localized
Disk progress: 53%
.....
> --powerOffTarget \
> --name="${VM_NAME}" \
> --allowExtraConfig \
> --extraConfig:guestinfo.ignition.config.data.encoding="${CONFIG_ENCODING}" \
> --extraConfig:guestinfo.ignition.config.data="${CONFIG_ENCODED}" \
> "${FCOS_OVA}" "${LIBRARY}"
Opening OVA source: fedora-coreos-vmware.ova
Opening VMX target: /home/thor/Virtual Machines.localized
Writing VMX file: /home/thor/Virtual Machines.localized
Transfer Completed
Completed successfullyNow after this, a new VM with the name fcos-node01 should be present. If not, you can manually import the vmx file by clicking open a VM.
Select the FCOS vmx file created, Virtual Machines.vmx
Once loaded, the VM will be available ready to be powered on. Here, you can make adjustments to the VM i.e network adapter, and set it to Bridged Adapter.
On power-on, the VM boots into Fedora CoreOS. You will see the username and IP address assigned to the VM.
Step 5 – Post Installation Basic Fedora CoreOS Configurations
Once the system boots successfully, access it using SSH as below.
ssh core@IP_AddressFor example.
On success full login, set the IP to DHCP using NMTUI as below.
sudo su -
nmtuiProceed and edit the Wired connection to DHCP. Remember to check the Automatically connect box
Once made, reboot your system and access it using the set IP address.
sudo reboot nowLog in to the system using the set IP address and verify your FCOS ability to pull docker registries and run containers.
sudo docker run hello-worldSample Output:
Using rpm-ostree on Fedora CoreOS
On Fedora CoreOS, there are a few things you should get familiar with:
- To show deployments on your sysytem on the order they appear. Remember the fist one is the default current state.
rpm-ostree statusSample Output:
- To upgrade the system and set it as default in the next boot
rpm-ostree upgrade
sudo systemctl reboot- Roll back to the default deployment.
rpm-ostree deploy <version>Adding Layered Packages using rpm-ostree
The below syntax is used to add a layered package on FCOS.
rpm-ostree install <PACKAGE>You can as well use the above syntax to install multiple packages as below.
sudo rpm-ostree install git asciiquariumSample Output:
Verify your installation.
$ git --version
git version 2.33.1At times, an added layered package may not take effect due to the atomic nature of the Operating system. Just reboot to apply the made changes.
sudo reboot nowNow verify the layered package installation.
$ git --version
git version 2.33.1VMware Learning Materials:
Conclusion.
We have successfully walked through how to run the Fedora CoreOS (FCOS) on VMware Workstation. You are set to deploy containerized workloads at a scale using FCOS. I hope you found this guide amazing.
Reference:
Related posts
