Skip to content

Instantly share code, notes, and snippets.

@williamcaban
Last active December 18, 2020 18:26
Show Gist options
  • Save williamcaban/ffea9b964d679467de0bedab8f8718fc to your computer and use it in GitHub Desktop.
Save williamcaban/ffea9b964d679467de0bedab8f8718fc to your computer and use it in GitHub Desktop.

Fetch the existing MCP and invoking the deployment

curl -o /tmp/worker.ign https://api.clusterName.baseDomain:22623/config/worker

coreos-installer install --firstboot-args="console=tty0 rd.neednet=1" --ignition=/tmp/worker.ign /dev/sda
export install_device=`/dev/nvme2n1`
export firstboot_args='console=tty0 rd.neednet=1'
export KERNEL_ARGS="ip=[fd00:555:22:11::14]::[fd00:555:22:11::1]:64:rwn1.ocp4.example.com:enp3s0f0:none:[fd00:4888:2000:1131::9]"

coreos-installer install --firstboot-args="${firstboot_args} ${KERNEL_ARGS}" --ignition=/path/to/config.ign ${install_device}
# Self contained embedded ignition file
{
"ignition": {
"config": {},
"version": "3.0.0"
},
"networkd": {},
"passwd": {
"users": [
{
"name": "core",
"sshAuthorizedKeys": [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnoq4mMCNYiyhZEzt8ruhL/Pf38iO2QZFSavIb3Dus2sIY1BSr5x/6kSQsyR1R4BQHe96KBXn5H0pE+NYZynG5Z4B4WTusZdq2j1wUwQOSF6rWbQcID7kXQdoiQHIiJYS0olcTuYV0t22yJ+9ydK3wtB+eAy5dZpt+CubpWy0pdElq5ZSt1T6jRBO/d4DWKQcG+TnR6S5u5ftitDWK9JDzakQ9RDIUwn/bb4R2spGh/FK1feUSMwRhPSKzJ+r+931AHv9aNVEBJZkIQbZmrV0OswwVEfcTYnrXZBr4ZaRkzh8msrqUvTs7y+iLWfXZSmcfrNyFuo63A7zOrhuwSqDJ [email protected]"
]
}
]
},
"storage": {
"files": [
{
"contents": {
"source": "data:,autoinstaller",
"verification": {}
},
"filesystem": "root",
"mode": 420,
"overwrite": true,
"path": "/etc/hostname"
},
{
"contents": {
"source": "data:,{{WORKER_IGNITION}}",
"verification": {}
},
"filesystem": "root",
"mode": 420,
"overwrite": true,
"path": "/root/config.ign"
},
{
"contents": {
"source": "data:,%23%21/bin/sh%0Afirstboot_args%3D%27console%3Dtty0%20rd.neednet%3D1%27%0Afor%20vg%20in%20%24%28vgs%20-o%20name%20--noheadings%29%20%3B%20do%20vgremove%20-y%20%24vg%20%3B%20done%0Afor%20pv%20in%20%24%28pvs%20-o%20name%20--noheadings%29%20%3B%20do%20pvremove%20-y%20%24pv%20%3B%20done%0Aif%20%5B%20-b%20/dev/vda%20%5D%3B%20then%0Ainstall_device%3D%27/dev/vda%27%0Aelif%20%5B%20-b%20/dev/sda%20%5D%3B%20then%0Ainstall_device%3D%27/dev/sda%27%0Aelif%20%5B%20-b%20/dev/nvme0%20%5D%3B%20then%0Ainstall_device%3D%27/dev/nvme0%27%0Aelse%0Aecho%20%22Can%27t%20find%20appropriate%20device%20to%20install%20to%22%0Aexit%201%0Afi%0Acmd%3D%22coreos-installer%20install%20--firstboot-args%3D%5C%22%24%7Bfirstboot_args%7D%5C%22%20--ignition%3D/root/config.ign%20%24%7Binstall_device%7D%22%0Aif%20%24cmd%3B%20then%0Aecho%20%22Install%20Succeeded%21%22%0Aelse%0Aecho%20%22Install%20Failed%21%22%0Aexit%201%0Afi%0Areboot%0A",
"verification": {}
},
"filesystem": "root",
"mode": 448,
"path": "/usr/local/bin/first.sh"
}
]
},
"systemd": {
"units": [
{
"contents": "[Service]\nType=oneshot\nExecStart=/usr/local/bin/first.sh\n[Install]\nWantedBy=multi-user.target\n",
"enabled": true,
"name": "first-boot.service"
}
]
}
}

Create OCP RHCOS LiveCD w/embedded Ignition

  • Download latest coreos-installer
podman pull quay.io/coreos/coreos-installer:release
  • Download latest RHCOS LiveCD
curl -O https://mirror.openshift.com/pub/openshift-v4/dependencies/rhcos/pre-release/latest-4.6/rhcos-live.x86_64.iso
  • Create Ignition file for LiveCD image (must use Ignition version 3.1.0)

  • Generate liveCD with embedded Ignition file

podman run  --privileged -ti --rm  -v .:/data -w /data \
quay.io/coreos/coreos-installer:release iso ignition embed \
-i /data/ignition.json \
-o /data/live-embed.iso /data/rhcos-live.x86_64.iso    
  • To validate the embedded Ignition file
podman run  --privileged -ti --rm  -v .:/data -w /data \
quay.io/coreos/coreos-installer:release iso ignition show /data/live-embed.iso

References

  • Create Ignition file (example core/cpeadmin)
{
  "ignition": { "version": "3.1.0" },
  "passwd": {
    "users": [
      {
        "name": "core",
        "passwordHash": "$6$2l/fFBTDFVuzZO0S$HNY9bO8AizJz0dGDqevKkn4NKlBiUfJhgEZQ4DCiywqnLVGpC3MQHSK94o25AQm473kA9lI6pUzc3XvYYbK950",
        "sshAuthorizedKeys": [
                    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIqQAuah2nPbxVy3a9IXmrFYXhnZMvUTWMZb1EiVyie4SIy8F8QVU77zbQmRRbulV/wrmaIDXHplTV/7D3BDBZxy6mExUasib4+aeEebyhd8USjiuUUPpHePHplrITCBRcCkTtTaBLi6e23WOmAL3TGFpH3aQwUSzAdpkgpwgwuIGYSnCcTOYtu1eL+m5uMA7Rhnjx60UqKHNvS0aRRpDBG5UZI1ZNYR0ORNUWkVzAK84v1y29EHww2NPRd5kbc6kYpvbKk4aydZXaca0qSo1ARfqY9zxGxVzb86VHrPmh0peGf2IibcW0ZgaTcEyY1ghq+zsqJWu8DHoxoTAHRQ4H [email protected]",
                    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnoq4mMCNYiyhZEzt8ruhL/Pf38iO2QZFSavIb3Dus2sIY1BSr5x/6kSQsyR1R4BQHe96KBXn5H0pE+NYZynG5Z4B4WTusZdq2j1wUwQOSF6rWbQcID7kXQdoiQHIiJYS0olcTuYV0t22yJ+9ydK3wtB+eAy5dZpt+CubpWy0pdElq5ZSt1T6jRBO/d4DWKQcG+TnR6S5u5ftitDWK9JDzakQ9RDIUwn/bb4R2spGh/FK1feUSMwRhPSKzJ+r+931AHv9aNVEBJZkIQbZmrV0OswwVEfcTYnrXZBr4ZaRkzh8msrqUvTs7y+iLWfXZSmcfrNyFuo63A7zOrhuwSqDJ [email protected]"
        ],
        "groups": [ "wheel","sudo" ]
      }
    ]
  }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment