CoreOS Bare Metal

Transcript

1. CoreOS Bare Metal v0.1 Dalton Hubble Software Engineer @dghubble

2. Physical Hardware

3. None

4. Config Service

5. None
6. None

7. --- api_version: v1alpha1 groups: - name: Node 1 spec: etcd1

   require: uuid: 16e7d8a7-bfa9-428b-9117-363341bb330b mac: 52:54:00:89:d8:10 Matching Machines

8. --- api_version: v1alpha1 groups: - name: Workers spec: worker require:

   region: us-central1 zone: us-central1-a - name: Default spec: default Matching Machines

9. ├── cloud │ ├── etcd.yaml │ ├── master.sh │ └──

   worker.sh ├── config.yaml ├── ignition │ ├── etcd.json │ ├── master.json │ └── worker.json └── specs ├── etcd │ └── spec.json ├── master │ └── spec.json └── worker └── spec.json data • “Boot” Configs • Ignition Configs • Cloud Configs

10. { "id": "master", "boot": { "kernel": "/assets/coreos/899.5.0/coreos_production_pxe.vmlinuz", "initrd": ["/assets/coreos/899.5.0/coreos_production_pxe_image.cpio.gz"], "cmdline":

    { "cloud-config-url": "http://config.srv:8080/cloud?uuid={{uuid}}&mac={{mac}}”, "coreos.config.url": "http://config.srv:8080/ignition?uuid={{uuid}}&mac={{mac}}", "coreos.first_boot": "" } }, "cloud_id": "master.sh", "ignition_id": "master.json" } Specification

11. #cloud-config coreos: etcd2: name: node1 initial-cluster: node1=http://172.15.0.21:2380,node2=http://172. 15.0.22:2380,node3=http://172.15.0.23:2380 initial-advertise-peer-urls: http://172.15.0.21:2380

    advertise-client-urls: http://172.15.0.21:2379 listen-client-urls: http://0.0.0.0:2379 listen-peer-urls: http://172.15.0.21:2380 units: - name: etcd2.service command: start - name: fleet.service command: start Cloud Config

12. { "ignitionVersion": 1, "networkd": { "units": [ { "name": "00-ens3.network",

    "contents": "[Match]\nName=ens3\n\n[Network]\nGateway=172. 15.0.1\nAddress=172.15.0.21" } ] } } Ignition (better)

13. PXE, DHCP, TFTP, oh my

14. • iPXE, PXE->iPXE • Pixiecore • GNU GRUB (upcoming) •

    PXE via TFTP (possibly) Network Boot Endpoints

15. Config Service

16. Examples

17. $ docker pull quay.io/coreos/dnsmasq $ sudo docker run --rm --cap-add=NET_ADMIN

    quay. io/coreos/dnsmasq -d -q --dhcp-range=172. 17.0.43,172.17.0.99 --enable-tftp --tftp- root=/var/lib/tftpboot --dhcp-userclass=set:ipxe,iPXE --dhcp-boot=tag:#ipxe,undionly.kpxe --dhcp-boot=tag: ipxe,http://172.17.0.2:8080/boot.ipxe dnsmasq
18. None

19. $ sudo ./acifile $ sudo rkt run dnsmasq.aci --net=metal0 --

    -d -q -- dhcp-range=172.15.0.50,172.15.0.99 --enable-tftp -- tftp-root=/var/lib/tftpboot --dhcp-userclass=set: ipxe,iPXE --dhcp-boot=tag:#ipxe,undionly.kpxe -- dhcp-boot=tag:ipxe,http://bootcfg.foo:8080/boot.ipxe --dhcp-option=3,172.15.0.1 --address=/bootcfg. foo/172.15.0.2 dnsmasq

20. Demo 1. PXE boot 3-node TLS-auth’d Kubernetes 2. PXE boot

    3-node etcd cluster

21. Local Testing

22. None

23. $ sudo rkt run --net=metal0:IP=172.15.0.2 --mount volume=assets,target=/assets --volume assets,kind=host,source=$PWD/assets --mount

    volume=data,target=/data --volume data,kind=host,source=$PWD/examples/rkt quay.io/coreos/bootcfg -- -address=0.0.0.0:8080 - log-level=debug rkt run

24. • Usability: Ignition Rendering, Metadata service, configuration improvements • Adopt:

    Ignition • Features: GNU Grub • Guides: ◦ rkt all the things! ◦ Cluster examples, common needs ◦ Disk installs, auto-updates, deployment • End to end Distributed Trusted Computing Roadmap

25. • Bare Metal Config Service POC • Try it on

    your laptop with rkt or Docker - make a Kubernetes cluster • Try it on physical machines - make a Kubernetes cluster • Feedback / Contribute Summary

26. • https://github.com/coreos/coreos-baremetal • https://coreos.com/os/docs/latest/ • https://coreos.com/ignition/docs/latest/ • https://coreos.com/os/docs/latest/cloud-config.html Resources

27. May 9 & 10, 2016 | Berlin, Germany • Early

    bird tickets • Sponsorships are still available • Submit a talk before February 29th! coreos.com/fest @coreosfest

28. CoreOS is running the world’s containers We’re hiring: [email protected] [email protected]

    90+ Projects on GitHub, 1,000+ Contributors coreos.com Support plans, training and more OPEN SOURCE ENTERPRISE
29. None