[TUTORIAL] HOWTO : Wrapper Script to Use Fedora CoreOS Ignition with Proxmox cloud-init system for Docker workloads

gecoit

New Member
Mar 24, 2021
6
4
3
29
www.geco-it.fr
Hi,

we are a small compagny ( Geco-iT ) from France that strongly relies on Proxmox PVE every day and as we find proxmox more and more powerfull, we want to give back to the community by providing some of our tools for PVE.

We made a tool to use Fedora CoreOS as VM with proxmox cloud-init system !


Fedora CoreOS


For our Docker Swarm / Kubernetes container orchestration projects, we migrated from CoreOS distribution to Fedora CoreOS distribution.

Fedora CoreOS is an Operating system that is auto-updated, minimal and containers oriented. It is derived from Fedora Community distribution and especially designed for containerized environnement. The main goal is to support containerized workloads in a secure way.

The Fedora CoreOS distribution succeed to two projects, Fedora Atomic Host and CoreOS Container Linux. The idea is to merge, within a minimal operating system, OCI support and Atomic Host packaging with provisionning tools and automated roll-out of CoreOS.

Fedora CoreOS is the base of Red Hat Enterprise Linux CoreOS (RHCOS).

Fedora CoreOS features list contains :

* Automated update with stagged roll-out
* Base System : Last Fedora
* Last stable Linux Kernel
* Provisionning tools : Ignition
* OCI Support for Docker containers by Podman and Moby
* Hardenning by SeLinux
* Out of the box Cgroups support


Intégration of VM Fedora CoreOS within Proxmox VE


Proxmox VE use Cloud-Init as a provisionning tool for Virtual Machines (VM) Cloud-Init but Fedora CoreOS is only compatible with “Ignition”. So we made a « wrapper » that convert the Cloud-Init config of proxmox to an Ignition compatible config…

Our Cloud-Init ⇔ Ignition wrapper takes care of the following parameters :

* Username ; by default = admin
* Password
* DNS Domain
* DNS server(s)
* SSH Key(s)
* IP configuration(s) but only IPv4

Our tool will automatically :

1) Download the Fedora CoreOS Image
2) Create a virtual Machine
3) Import the Fedora CoreOS as a VM Disk
4) Add a cloud init config drive to that VM
5) Add the « hook-script » hook-fcos.sh at VM startup
6) Copy the Ignition template in a « Proxmox snippet » storage
7) Convert the VM to a Template that you can use after :)


Full explanation is here on our wiki : https://wiki.geco-it.net/public:pve_fcos
Source code can be seen here: https://git.geco-it.net/GECO-IT-PUBLIC/fedora-coreos-proxmox

Hope it will help someone !

Thanks to all the Proxmox Staff !

Have a nice day !
 
Last edited:

aaron

Proxmox Staff Member
Staff member
Jun 3, 2019
2,056
269
83
Thank you. I added the Tutorial prefix to the thread so people who search for tutorials/howtos can filter it more easily. :)
 
  • Like
Reactions: gecoit

jeremymoore

New Member
May 1, 2021
4
0
1
56
Hi,

we are a small compagny ( Geco-iT ) from France that strongly relies on Proxmox PVE every day and as we find proxmox more and more powerfull, we want to give back to the community by providing some of our tools for PVE.

We made a tool to use Fedora CoreOS as VM with proxmox cloud-init system !


Fedora CoreOS


For our Docker Swarm / Kubernetes container orchestration projects, we migrated from CoreOS distribution to Fedora CoreOS distribution.

Fedora CoreOS is an Operating system that is auto-updated, minimal and containers oriented. It is derived from Fedora Community distribution and especially designed for containerized environnement. The main goal is to support containerized workloads in a secure way.

The Fedora CoreOS distribution succeed to two projects, Fedora Atomic Host and CoreOS Container Linux. The idea is to merge, within a minimal operating system, OCI support and Atomic Host packaging with provisionning tools and automated roll-out of CoreOS.

Fedora CoreOS is the base of Red Hat Enterprise Linux CoreOS (RHCOS).

Fedora CoreOS features list contains :

* Automated update with stagged roll-out
* Base System : Last Fedora
* Last stable Linux Kernel
* Provisionning tools : Ignition
* OCI Support for Docker containers by Podman and Moby
* Hardenning by SeLinux
* Out of the box Cgroups support


Intégration of VM Fedora CoreOS within Proxmox VE


Proxmox VE use Cloud-Init as a provisionning tool for Virtual Machines (VM) Cloud-Init but Fedora CoreOS is only compatible with “Ignition”. So we made a « wrapper » that convert the Cloud-Init config of proxmox to an Ignition compatible config…

Our Cloud-Init ⇔ Ignition wrapper takes care of the following parameters :

* Username ; by default = admin
* Password
* DNS Domain
* DNS server(s)
* SSH Key(s)
* IP configuration(s) but only IPv4

Our tool will automatically :

1) Download the Fedora CoreOS Image
2) Create a virtual Machine
3) Import the Fedora CoreOS as a VM Disk
4) Add a cloud init config drive to that VM
5) Add the « hook-script » hook-fcos.sh at VM startup
6) Copy the Ignition template in a « Proxmox snippet » storage
7) Convert the VM to a Template that you can use after :)


Full explanation is here on our wiki : https://wiki.geco-it.net/public:pve_fcos
Source code can be seen here: https://git.geco-it.net/GECO-IT-PUBLIC/fedora-coreos-proxmox

Hope it will help someone !

Thanks to all the Proxmox Staff !

Have a nice day !

geco-it.net has been down for days - I would really like to see full explanation and source if possible.
 
Last edited:

gecoit

New Member
Mar 24, 2021
6
4
3
29
www.geco-it.fr

jeremymoore

New Member
May 1, 2021
4
0
1
56
Please tell me what you have as ip address if you run dig wiki.geco-it.net or nslookup, or a ping ?

dig wiki.geco-it.net

; <<>> DiG 9.10.6 <<>> wiki.geco-it.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3484
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;wiki.geco-it.net. IN A

;; ANSWER SECTION:
wiki.geco-it.net. 3556 IN CNAME buro.geco-it.net.
buro.geco-it.net. 16 IN CNAME burowan1.geco-it.net.
burowan1.geco-it.net. 3556 IN A 81.250.158.54

;; Query time: 1 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Thu May 06 07:05:38 AEST 2021
;; MSG SIZE rcvd: 125

----

nslookup wiki.geco-it.net
Server: 192.168.0.1
Address: 192.168.0.1#53

Non-authoritative answer:
wiki.geco-it.net canonical name = buro.geco-it.net.
buro.geco-it.net canonical name = burowan1.geco-it.net.
Name: burowan1.geco-it.net
Address: 81.250.158.54

---

ping wiki.geco-it.net
PING burowan1.geco-it.net (81.250.158.54): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
Request timeout for icmp_seq 6
Request timeout for icmp_seq 7
Request timeout for icmp_seq 8
^C
--- burowan1.geco-it.net ping statistics ---
10 packets transmitted, 0 packets received, 100.0% packet loss
 

gecoit

New Member
Mar 24, 2021
6
4
3
29
www.geco-it.fr
IP address is fine, without proper knowledge of your infrastructure i can't really help you, maybe firewall ?
I asked several people, and tried from different servers, it works everywere...
 

jeremymoore

New Member
May 1, 2021
4
0
1
56
I have managed to access links by running VPN and pretending I am in France.
So somewhere along the route my IP or range is blocked.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!