June 8, 2020

Installation of Fedora CoreOS on Bare metal

Installation of Fedora CoreOS on Bare metal

This article is for newbie who is going to start working with Fedora CoreOS. Here we will cover the basic installation of Fedora CoreOS on bare metal servers.

1. Download ISO of Fedora CoreOS

Download the latest stable iso from fedora download center

Download Link

Current version of latest stable ISO link is given below.

Download link

2. Creation of Ignition file

This is the most important part of this article. Here we will cover the basic ignition file for installation of fedora coreos on bare metal server. In this ignition file we will create a user named core with password and will add ssh public key to this core user, for remote access of server through ssh.

A. Setting of fcct binary

Download the latest binary fcct binary from here on your any linux OS.

Download Page

Use wget to download and move binary under /user/local/bin

$wget https://github.com/coreos/fcct/releases/download/v0.6.0/fcct-x86_64-unknown-linux-gnu
$sudo mv fcct-x86_64-unknown-linux-gnu /usr/local/bin/fcct
$sudo chmod +x /usr/local/bin/fcct

B. Generate password hash for user

We will use openssl command to generate password hash.

$openssl passwd -1 -salt yoursalt

It will ask for password, You can give any password, here I gave 'fed0r@' it generate below hash:


C. Creating yml file named config.yml

Syntex of yml file should be proper, we are using below contents in this file.

variant: fcos
version: 1.0.0
    - name: core
      password_hash: "$1$yoursalt$zuE/ptA7ymZMM1b55n2NQ1"
        - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSNZn3WDvVg1ZdtTOhn1lHkUGfAsaoiTufMULduM804oc62dwgnnryfB1z9YZ5NUtMQdJANu5dc0+UaxLxrvKkVct6N903IjnsEh6l8JIUcFxpExVZBUEOAQ4Gl2dN44OVH1rdjXBJxgWc/+o3kCvOkUmQzjHpp7C0S0HJfZcvEzaIyho4+RrqNjaQw/xiiaKbo6hbnq02JWeZuy8SaUAzZG1uo2I/5KOKi9vlhOuhXS1lrbFWQ5IJN0g9iaz5I01zCxO/AC2ETHA4GN7CqFAG/H/sfW1eht8py6R/s4b4wVLMOPzn5G4sF3y2p+puoBfO0PuPVwWdx4le7isdsdsdsdsdefOc8d amit@bondwal"

This file contain core user, and it's password hash. In ssh authorized key, I am adding my laptop public ssh key to access it remotely. You can use your's public key instead of above. Above public is example ssh key.

D. Generation of Ignition file

$fcct  config.yml --output config.ign

This will create new file config.ign, when you will cat this file, it will looks like below output, in json format.

{"ignition":{"version":"3.0.0"},"passwd":{"users":[{"name":"core","passwordHash":"$1$yoursalt$zuE/ptA7ymZMM1b55n2NQ1","sshAuthorizedKeys":["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSNZn3WDvVg1ZdtTOhn1lHkUGfAsaoiTufMULduM804oc62dwgnnryfB1z9YZ5NUtMQdJANu5dc0+UaxLxrvKkVct6N903IjnsEh6l8JIUcFxpExVZBUEOAQ4Gl2dN44OVH1rdjXBJxgWc/+o3kCvOkUmQzjHpp7C0S0HJfZcvEzaIyho4+RrqNjaQw/xiiaKbo6hbnq02JWeZuy8SaUAzZG1uo2I/5KOKi9vlhOuhXS1lrbFWQ5IJN0g9iaz5I01zCxO/AC2ETHA4GN7CqFAG/H/sfW1eht8py6R/s4b4wVLMOPzn5G4sF3y2p+puoBfO0PuPVwWdx4le7isdsdsdsdsdefOc8d amit@bondwal"]}]}}

Upload this file to any of the web server, where you can access it using curl command like curl http://example.com/config.ign from the server on which we are going to install fedora coreos.

3. Install Fedora CoreOS on server

In your environment DHCP should be running. So that, when Fedora CoreOS run in live mode, it can access web server, on which you have uploaded config.ign file.

A. Burn a usb with bootable with fedora ISO for bare metal server, or in case on virtual box, after creating a new VM, boot the VM with fedora-coreos iso. This will boot the VM in Live CD mode. you will get the VM running in Live CD mode in few minute, you will get shell like this.

[core@localhost ~]$

B. Download config.ign file with curl from webserver

#curl http://example.com/config.ign -o config.ign

Check file, it should be same as shown above.

C. Run the Fedora CoreOS installation.

$sudo coreos-installer install /dev/sda --ignition-file config.ign

This will take few minute to complete, it will show installation complete message. You can replace disk name if it is not /dev/sda, you can check it with fdisk -l, before running above command. Once it completed then power off the server/VM and remove bootable USB/ISO (in case of virtual box). Start the VM again.

It will prompt login screen once booted, now you can login with user 'core' and password to this server. It is still using dhcp server, after logged in check the IP address of server and then you can access it from remote, through ssh too.

If you want to embed comments, this is a good place to do it!