Provisioning Fedora CoreOS on Azure

This guide shows how to provision new Fedora CoreOS (FCOS) nodes on Azure. Fedora currently does not publish Fedora CoreOS images within Azure, so you must download an Azure image from Fedora and upload it to your Azure subscription.

FCOS does not support legacy Azure Service Manager virtual machines.

Prerequisites

Before provisioning an FCOS machine, you must have an Ignition configuration file containing your customizations. If you do not have one, see Producing an Ignition File.

Fedora CoreOS has a default core user that can be used to explore the OS. If you want to use it, finalize its configuration by providing e.g. an SSH key.

If you do not want to use Ignition to get started, you can make use of the Afterburn support.

You also need to have access to an Azure subscription. The examples below use the Azure CLI.

Downloading an Azure image

Fedora CoreOS is designed to be updated automatically, with different schedules per stream. Once you have picked the relevant stream, download, verify, and decompress the latest Azure image:

stream="stable"
coreos-installer download --decompress -s "${stream}" -p azure -f vhd.xz

Alternatively, you can manually download an Azure image from the download page. Verify the download, following the instructions on that page, and decompress it.

Uploading the image to Azure

  1. Create any resources that don’t already exist in your Azure account:

    Example creating Azure resources
    az_region="westus2"
    az_resource_group="my-group"
    az_storage_account="mystorageacct"
    az_container="my-container"
    # Create resource group
    az group create -l "${az_region}" -n "${az_resource_group}"
    # Create storage account for uploading FCOS image
    az storage account create -g "${az_resource_group}" -n "${az_storage_account}"
    # Retrieve connection string for storage account
    cs=$(az storage account show-connection-string -n "${az_storage_account}" -g "${az_resource_group}" | jq -r .connectionString)
    # Create storage container for uploading FCOS image
    az storage container create --connection-string "${cs}" -n "${az_container}"
  2. Create an FCOS image:

    Example creating Azure image
    downloaded_image_file="./image.vhd"
    az_image_name="my-fcos-image"
    az_image_blob="${az_image_name}.vhd"
    # Upload image blob
    az storage blob upload --connection-string "${cs}" -c "${az_container}" -f "${downloaded_image_file}" -n "${az_image_blob}"
    # Create the image
    az image create -n "${az_image_name}" -g "${az_resource_group}" --source "https://${az_storage_account}.blob.core.windows.net/${az_container}/${az_image_blob}" --location "${az_region}" --os-type Linux
    # Delete the uploaded blob
    az storage blob delete --connection-string "$cs" -c "${az_container}" -n "${az_image_blob}"

Launching a VM instance

  1. Launch a VM. Your Ignition configuration can be passed to the VM as custom data, or you can skip passing custom data if you just want SSH access. Your SSH public key from ~/.ssh will automatically be added to the VM. This provides an easy way to test out FCOS without first creating an Ignition config.

    Example launching Azure image
    az_vm_name="my-fcos-vm"
    ignition_path="./config.ign"
    az vm create -n "${az_vm_name}" -g "${az_resource_group}" --image "${az_image_name}" --admin-username core --custom-data "$(cat ${ignition_path})"
  2. You now should be able to SSH into the instance using the associated IP address.

    Example connecting
    ssh core@<ip address>
  翻译: