Install Fedora CoreOS on KVM
In this article I will show you how to start with Fedora CoreOS (FCOS) in your PC using KVM, libvirt and QEMU.
The first thing that do you need to do, is install KVM, QEMU, libvirt and other tools; for this lab I will use Ubuntu, but you can adapt the corresponding commands to your distro.
Get Fedora CoreOS
First of all, you will need a Fedora CoreOS image ready to run on libvirt (a qcow2 file) and you can download this from:
Select the QEMU option, this will download a qcow2.xz file (compressed with XZ, so you will need to decompress it)
Installing KVM on Ubuntu
sudo apt-get install qemu-kvm libvirt-bin virtinst bridge-utils cpu-checker \
kvmtool qemu-system-x86 virt-top virt-goodies qemu kvmtool virt-manager virt-viewer
All these packages will help you managing your VMs, is a good idea to install it all; now you need to known if your PC can use KVM, so run the folowwing command:
sudo kvm-ok
If you have something like that, you can continue
Create a SSH key pair
Next, you will need to generate a SSH key to acces the VM; if you do not have any, create one with ssh-keygen
I will create one, in the more simpliest maner (very lazy form, with out passphrase)
Now you need to create a YAML file with the public SSH key to access with the core user (the Fedora CoreOS user), store these files in a secure place.
Create a Ignition file
FCOS use ignition files (*.ign) generated from a YAML file (*.fcc, but you can use *.yaml or *.yml file extension too)
Let’s take a look on the simpliest fcos-config.fcc file posible for this lab
variant: fcos
version: 1.0.0
passwd:
users:
— name: core
ssh_authorized_keys:
— ssh-rsa AAAAB3…YOUR_PUBLIC_SSH_KEY_GOES_HER
You can name your file as you like
And in a fancy presentation, because you need to care about identation in this type of file
In order to generate the corresponding fcos-config.ign file (in JSON format), you need a tool called fcct (Fedora CoreOS Configuration Transpiler), the easyest way to do that is using podman or docker
# — — Podman — -
podman pull quay.io/coreos/fcct
podman run -i — rm quay.io/coreos/fcct -p -s <fcos-config.fcc > fcos-config.ign# — — Docker — -
docker pull quay.io/coreos/fcct
docker run -i — rm quay.io/coreos/fcct -p -s <fcos-config.fcc > fcos-config.ign
Learn more about FCCT here:
https://docs.fedoraproject.org/en-US/fedora-coreos/producing-ign/
Configure AppArmor
Create a directory to store all your QEMU base images, you can do something like this (Stay organized is a good idea)
mkdir /var/lib/libvirt/images/base
And then copy your FCOS QEMU image downloaded to this directory, this is a optional step.
Now you need to create a directory to store all your ignition files, because AppArmor will need to know where do you have these file in order to allow read permissions to libvirt-qemu
mkdir /var/lib/libvirt/ignition
And store your ign files her, now you will need to add the next line to the end of the file /etc/apparmor.d/abstractions/libvirt-qemu
/var/lib/libvirt/ignition/* r,
And then, restart AppArmor, something like /etc/init.d/apparmor restart is good
Yeah! , this line ends with “coma”
Now you have all you need to create your firs FCOS VM
Create the Fedora CoreOS VM in KVM
Now the funy part, create a VM in KVM with this command
export BASE_IMAGE_PATH=/var/lib/libvirt/images/base
export BASE_IMAGE_NAME=fedora-coreos-31.20200310.3.0-qemu.x86_64.qcow2export IGNITION_PATH=/var/lib/libvirt/ignition
export IGNITION_FILE=config.ign#Create the VM with virt-installvirt-install \
--connect qemu:///system \
--name=fcos \
--ram=2048 \
--cpuset=0 \
--vcpus=2 \
--os-type=linux \
--os-variant=fedora30 \
--graphics=none \
--import \
--disk size=10,readonly=false,backing_store=$BASE_IMAGE_NAME/$BASE_IMAGE_NAME,serial=WD-WMAP9A966149 \
--qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=$IGNITION_PATH/$IGNITION_FILE"
Wait a while for the next message
Connect to the VM
With the SSH private key generated in a previous step, try to connect to your new FCOS VM
ssh -i fcos_rsa core@192.168.122.55
Test your Fedora CoreOS
Try to run a container using podman
podman pull nginx
Run your nginx
podman run -dt -p 8081:80 nginx
Now in a web browser, in your PC
This is all for this now, I really appreciate your time.
If this article has been useful to you, I invite you to follow me on my social networks to find out about my publications (English and Spanish):
Medium: https://medium.com/@jesus.alvb
Twitter: @JesusAlvB
Facebook: https://fb.me/JesusAlvaradoBastida
Printerest: https://www.pinterest.com.mx/JesusAlvaradoB
.