coreos官方安装文档 cloud-config官方说明文档
https://coreos.com/os/docs/latest/booting-with-iso.html
这里我使用的是虚拟机,为了后面配置更方便,所以需要打开ssh连接,而coreos默认是禁止root登陆的,所以需要去配置一下
# 切换到root用户,去到ssh配置目录
sudo su
cd /etc/ssh
# 这里是无法编辑sshd_config文件的,因为该文件是/usr/share/ssh/sshd_config的软连接
# 因为源文件不可写,所以我们需要重新创建一个配置文件
mv sshd_config sshd_config.bak
cat sshd_config.bak > sshd_config
vim sshd_config
*******************************************************
# 增加root登陆的配置
PermitRootLogin yes
*******************************************************
# 重启sshd服务
systemctl restart sshd
# 给root配置一个密码
sudo passwd root
# 查看当前ip地址,然后使用它ssh进来
ip a
# 如果你使用的是nat的网卡方式的话,需要设置端口转发才可以ssh进来
wget https://raw.githubusercontent.com/coreos/init/master/bin/coreos-install
# 给coreos-install添加执行权限
chmod +x coreos-install
# 1. 首先,创建一个key,用来后期访问你的coreos
# 确保你生成后此密钥对你会持久化保存下来
# coreos livecd中生成的key会随着重启丢失掉,所以推荐在你的linux或mac系统中生成它
ssh-keygen -t rsa -b 1024
# 此时我们就可以通过cat你生成的~/.ssh/id_rsa.pub,然后将公玥内容配置到cloud-config中
# 来达到我们装完coreos系统,然后可以直接使用key访问的目的
# 2. 因为coreos使用etcd服务,而推荐的etcd部署方式是集群
# 为了使etcd集群中的节点可以发现彼此,我们选择etcd官方提供的云端api
# 即去访问如下网址,通过制定size的数目来确定集群的节点数目,当然这个也可以后期在集群中配置更改
curl https://discovery.etcd.io/new?size=3
https://discovery.etcd.io/2126a604d62d838d22b7e81f4b370e38
# 获得了这个token后,我们可以将其配置在cloud-config中
# 3. 确定网卡名称,用于配置cloud-config中的网卡配置
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:a1:ab:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.27/24 brd 192.168.0.255 scope global dynamic enp0s3
valid_lft 604385sec preferred_lft 604385sec
inet6 fe80::a00:27ff:fea1:ab02/64 scope link
valid_lft forever preferred_lft forever
# 获取网卡名称enp0s3
vim cloud-config.yaml
*******************************************************
#cloud-config
# include one or more SSH public keys
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAnIZFP4F+IW5+ii9X59ggYpZqIEG7OryZQ...
coreos:
etcd2:
# generate a new token for each unique cluster from https://discovery.etcd.io/new?size=3
# specify the initial size of your cluster with ?size=X
discovery: https://discovery.etcd.io/2126a604d62d838d22b7e81f4b370e38
advertise-client-urls: http://192.168.0.25:2379,http://192.168.0.25:4001
initial-advertise-peer-urls: http://192.168.0.25:2380
# listen on both the official ports and the legacy ports
# legacy ports can be omitted if your application doesn't depend on them
listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
listen-peer-urls: http://192.168.0.25:2380
units:
- name: static.network
runtime: true
content: |
[Match]
Name=enp0s3
[Network]
DNS=8.8.8.8
Address=192.168.0.25/32
Gateway=192.158.0.1
- name: etcd2.service
command: start
- name: fleet.service
command: start
- name: flanneld.service
command: start
drop-ins:
- name: 50-network-config.conf
content: |
[Service]
ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{"Network":"10.1.0.0/16", "Backend": {"Type": "vxlan"}}'
*******************************************************
# 值得注意的是
# 官方示例中的$private_ipv4 和 $public_ipv4这两个变量只在以下平台有效
# Amazon EC2, Google Compute Engine, OpenStack, Rackspace, DigitalOcean, and Vagrant.
# 这就意味着,如果你不是使用这些平台,请将此变量替换为该coreos对应的公用ip和私有ip
# 使用fdisk -l命令发现目标磁盘
fdisk -l
Disk /dev/loop0: 236.9 MiB, 248406016 bytes, 485168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/sda: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
# 获得磁盘文件名称/dev/sda
# -C选择系统版本(我们选择稳定版),-c指定配置文件
./coreos-install -d /dev/sda -C stable -c ./cloud-config.yaml
2017/03/25 13:41:38 Checking availability of "local-file"
2017/03/25 13:41:38 Fetching user-data from datasource of type "local-file"
Downloading the signature for https://stable.release.core-os.net/amd64-usr/1298.6.0/coreos_production_image.bin.bz2...
2017-03-25 13:41:46 URL:https://stable.release.core-os.net/amd64-usr/1298.6.0/coreos_production_image.bin.bz2.sig [564/564] -> "/tmp/coreos-install.5Vs9gpsKH1/coreos_production_image.bin.bz2.sig" [1]
Downloading, writing and verifying coreos_production_image.bin.bz2...
2017-03-25 14:31:27 URL:https://stable.release.core-os.net/amd64-usr/1298.6.0/coreos_production_image.bin.bz2 [281054307/281054307] -> "-" [1]
gpg: Signature made Tue Mar 14 21:34:55 2017 UTC
gpg: using RSA key 48F9B96A2E16137F
gpg: issuer "buildbot@coreos.com"
gpg: key 50E0885593D2DCB4 marked as ultimately trusted
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Good signature from "CoreOS Buildbot (Offical Builds) <buildbot@coreos.com>" [ultimate]
Installing cloud-config...
Success! CoreOS stable 1298.6.0 is installed on /dev/sda
# 在livecd界面执行重启命令
systemctl reboot
# 重新启动系统,确保livecd镜像已经推出才会进入真正的coreos正式系统
# 启动界面完成后,会在登陆命令行上面看到ip地址,如果你忘记自己配置的ip的话。
# 默认的用户是core
ssh core@192.168.0.25