标签:meta with mat mode secure ipv4 oba alpine unit
通过vmware平台,iso的fedora-core安装到bare-metal,docker/podman
https://docs.fedoraproject.org/en-US/fedora-coreos/bare-metal/
fedora-coreos-32.20200629.3.0-live.x86_64.iso
//挂载iso启动进入会自动分配ip,查看服务器相关信息
[core@localhost ~]$ ip a //网卡名字 ens32
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:d5:d2:69 brd ff:ff:ff:ff:ff:ff
altname enp2s0
inet 192.168.3.22/24 brd 192.168.3.255 scope global dynamic noprefixroute ens32
valid_lft 86132sec preferred_lft 86132sec
inet6 fe80::20c:29ff:fed5:d269/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[core@localhost ~]$ sudo fdisk -l //磁盘名字 /dev/nvme0n1
Disk /dev/nvme0n1: 20 GiB, 21474836480 bytes, 41943040 sectors
Disk model: VMware Virtual NVMe Disk
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/loop0: 615.51 MiB, 645394432 bytes, 1260536 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[core@localhost ~]$ coreos-installer --help //coreos-installer
coreos-installer 0.2.1
USAGE:
coreos-installer
coreos-installer <SUBCOMMAND>
OPTIONS:
-h, --help Prints help information
-V, --version Prints version information
SUBCOMMANDS:
install Install Fedora CoreOS or RHEL CoreOS
download Download a CoreOS image
list-stream List available images in a Fedora CoreOS stream
iso Embed an Ignition config in a CoreOS live ISO image
[core@localhost ~]$ coreos-installer install --help
coreos-installer-install
Install Fedora CoreOS or RHEL CoreOS
USAGE:
coreos-installer install [OPTIONS] <device>
OPTIONS:
-s, --stream <name> Fedora CoreOS stream
-u, --image-url <URL> Manually specify the image URL //iso
-f, --image-file <path> Manually specify a local image file
-i, --ignition-file <path> Embed an Ignition config from a file
--ignition-hash <digest> Digest (type-value) of the Ignition config
-p, --platform <name> Override the Ignition platform ID
--firstboot-args <args> Additional kernel args for the first boot
-n, --copy-network Copy network config from install environment
--network-dir <path>
For use with -n. [default: /etc/NetworkManager/system-connections/]
--offline Force offline installation
--insecure Skip signature verification
--stream-base-url <URL> Base URL for Fedora CoreOS stream metadata
--architecture <name> Target CPU architecture [default: x86_64]
--preserve-on-error Don‘t clear partition table on error
-h, --help Prints help information
ARGS:
<device> Destination device
[core@core-3-60 docker]$ sudo su -
Last login: Sat Jul 25 11:05:15 UTC 2020 on pts/0
[root@core-3-60 ~]# cd /etc/ssh/sshd_config.d/
[root@core-3-60 sshd_config.d]# ll
total 12
-rw-r--r--. 1 root root 210 Jul 10 18:13 40-disable-passwords.conf
-rw-r--r--. 1 root root 262 Jul 10 18:13 40-ssh-key-dir.conf
-rw-------. 1 root root 1002 Jul 10 18:13 50-redhat.conf
[root@core-3-60 sshd_config.d]# cat 40-disable-passwords.conf
# Disable password logins by default.
# https://github.com/coreos/fedora-coreos-tracker/issues/138
# This file must sort before 50-redhat.conf, which enables
# PasswordAuthentication.
PasswordAuthentication no // yes
[root@core-3-60 sshd_config.d]# systemctl restart sshd
passwd core //set passwd
//简单的
variant: fcos
version: 1.0.0
passwd:
users:
- name: core
ssh_authorized_keys:
- ssh-rsa <ssh-pub-key>
//附带网络设置
variant: fcos
version: 1.0.0
storage:
files:
- path: /etc/NetworkManager/system-connections/eth0.nmconnection
mode: 0600
overwrite: true
contents:
inline: |
[connection]
type=ethernet
interface-name=eth0 //ens32,根据实际的情况设置
[ipv4]
method=manual
addresses=192.168.3.60/24
gateway=192.168.3.1
dns=223.5.5.5;8.8.8.8
passwd:
users:
- name: core
ssh_authorized_keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsKc8PGzOU/+i73RqyHknBfiIMaHETSFjPvCgVcysx41v0jazIZzaGl//7G+MgEQrU0yxR6LaC2RFTGN8D0w2Ugqnvocuudr+jVoTrC0KrPv1Dhqepgnk8cg2QGHWpwhg2vUx6arW0MNbUo35q0Q1cdBjYcMctwIuT8p39uGYjIk/PkQvFtc3czGlxeLQAwGFTQgNkUTOEAuV/VgX3gmzrYBnnrKxRZKZkzt9a3VD8hCuDPV6aJixzN+H33Ix5ajEU/etXX5eUZXcWa8EbF0+acsPeVgB/vaqKDGjXbB3ngcsKoaeBX24FwtBdr/VydYtnyOrDvRt12i+GAwKuWJol"
groups: [ sudo, docker ]
其中的信息请按情况设置,网络,ssh秘钥,网卡名字等相关信息,切记!!!
docker pull quay.io/coreos/fcct
docker run -i --rm quay.io/coreos/fcct --pretty --strict <fcos.fcc > fcos.ign
sudo coreos-installer install /dev/nvme0n1 --ignition-file fcos.ign
[core@localhost ~]$ sudo coreos-installer install /dev/nvme0n1 --ignition-file fcos.ign
Installing Fedora CoreOS 32.20200629.3.0 x86_64 (512-byte sectors)
> Read disk 2.7 GiB/2.7 GiB (100%)
Writing Ignition config
Install complete.
//iso下载不通过网络的形式
sudo coreos-installer install /dev/sda --ignition-file fcos.ign -u http://192.168.1.251/fedora-coreos-31.20200323.3.2-live.x86_64.iso
sudo su -
cat >> /etc/docker/daemon.json <<‘EOF‘
{
"registry-mirrors": ["https://ierl59hw.mirror.aliyuncs.com"]
}
EOF
systemctl restart docker
[core@core-3-60 ~]$ docker run --rm alpine ip a
Unable to find image ‘alpine:latest‘ locally
latest: Pulling from library/alpine
df20fa9351a1: Pull complete
Digest: sha256:185518070891758909c9f839cf4ca393ee977ac378609f700f60a771a2dfe321
Status: Downloaded newer image for alpine:latest
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
//podman info mirrros
- registry.fedoraproject.org
- registry.access.redhat.com
- registry.centos.org
- docker.io
标签:meta with mat mode secure ipv4 oba alpine unit
原文地址:https://www.cnblogs.com/xiaochina/p/13377930.html