CoreOS - THE Docker OS

Note: I decided to finally abandon using CoreOS. Yes, it was fast and somehow strangely beautiful, but I simply couldn’t cope anymore with annoying simple problems arising from it’s read-only file system. The cup has spilled over by not being able to run svendowideit/samba container.

• CoreOS Quick Start
• How To Create and Run a Service on a CoreOS Cluster

Local server on CoreOS

CoreOS is automatically updating itself.

Sources & Articles

Install CoreOS on bare metal

Installing to Disk

wget https://raw.githubusercontent.com/coreos/init/master/bin/coreos-install -O coreos-install
# or short URL: wget http://goo.gl/Vs9qXx -O coreos-install

wget https://www.dropbox.com/s/cza3ew78w8s7tum/cloud-config.yaml?dl=1 -O cloud-config.yaml
# or short URL: wget http://goo.gl/wqHVZv -O cloud-config.yaml

chmod +x coreos-install
./coreos-install -d /dev/sda -C stable -c cloud-config.yaml

Connect to a CoreOS machine via SSH as the user core, and su to root.

ssh core@192.168.0.20
sudo su -

What to do immediately after install:

• set hostname: (foo in foo.example.com) to lanserver
• set static IP adresses

Modify configuration

coreos-install script copies the .yaml config you provide to /var/lib/coreos-install/user_data and if you delete that file it will stop re-applying settings on boot.

There can be addidional .yml config files, and the parsing order is something like:

1. /usr/share/oem/cloud-config.yml
2. /var/lib/coreos-install/user_data

In the future the oem config will strictly run before user configs (coreos-install, configdrive, metadata, etc) but this ordering is not currently enforced.

• Cloud-Init documentation
• Customize with Cloud-Config
• When is cloud-init run and how does it find its data?

Set hostname

hostname: lanserver

Set static IP address

By default, CoreOS will assign itself an IP via DHCP. I want to change that.

So, let’s detect network card’s interface name (enp2s0*) by typing ifconfig. In our case, it was enp2s0f0.

coreos:
  units:
    - name: 10-static-ip.network
      runtime: true
      content: |
        [Match]
        Name=enp2s0f0

        [Network]
        Address=192.168.0.11/24
        Gateway=192.168.0.1
        DNS=8.8.8.8

Without any specific reason, only by being idle for dome time, my system was losing it’s IP configuration. So I set network configuration with classic method using networkd:

cat <<'EOF' >> /etc/systemd/network/10-static.network
[Match]
Name=enp2s0f0

[Network]
Address=192.168.0.11/24
Gateway=192.168.0.1
DNS=8.8.8.8
EOF

And apply configuration:

sudo systemctl restart systemd-networkd

• Network Configuration

Welcome message

write_files:
  - path: /etc/motd.d/etaktiker.conf
    content: "\nWelcome to the eTaktiker Docker Cluster\n\n"

• Tips and Other Settings

Change the system timezone

Check the current timezone with:

timedatectl

And set it with:

sudo timedatectl set-timezone Europe/Berlin

• Configuring Date & Timezone

Ease power consumption

Just type and reboot after modprobe:

modprobe cpufreq_conservative
echo "conservative" | tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor

• Power Management

Add users and their SSH public keys

We can set SSH key from external sources, and I really like this method. Note that the ssh_authorized_keys parameter adds public SSH keys which will be authorized for the core user.

users:
  - name: cvladan
    coreos-ssh-import-github: cvladan
    groups:
      - sudo
      - docker

We can also set public SSH keys from GitHub or we can do it with any URL in JSON format.

Enable docker remote socket

If we want to execute Docker commands from remote (my laptop) we need to enable Docker’s remote service - Enable the Remote API

coreos:
  units:
    - name: docker-tcp.socket
      command: start
      enable: yes
      content: |
        [Unit]
        Description=Docker Socket for the API

        [Socket]
        ListenStream=2375
        BindIPv6Only=both
        Service=docker.service

        [Install]
        WantedBy=sockets.target

    - name: enable-docker-tcp.service
      command: start
      content: |
        [Unit]
        Description=Enable the Docker Socket for the API

        [Service]
        Type=oneshot
        ExecStart=/usr/bin/systemctl enable docker-tcp.socket

Change reboot-strategy

update:
    reboot-strategy: best-effort

Apply custom configuration

By reading /etc/profile I found out where to put my initial files. I had to use /etc/profile.d as /usr/share/profile.d could not be used

• it is Read-only file system?

I also noted that specifying $public_ipv4 and $private_ipv4 did not work for me, so I had to write 192.168.0.11.

write_files:
  - path: /etc/environment
    permissions: 0644
    content: |
      COREOS_PUBLIC_IPV4=192.168.0.11
      COREOS_PRIVATE_IPV4=192.168.0.11
  - path: /etc/profile.d/custom-settings.sh
    content: |
      # typing * will include hidden (dot .*) files
      shopt -s dotglob

      # both ctrl-r and ctrl-s should work on history log
      stty -ixon

      # basic aliases
      alias ls="ls -a --color=tty"  # show all and in color
      alias ll='ls -l --color=tty'

      # docker alias helpers
      alias d='docker'
      alias ds='docker ps'
      alias di='docker images'
      alias drm='docker rm -f $(docker ps -qa)'

• An Introduction to Cloud-Config Scripting
• coreos/coreos-cloudinit

Disable sleep on lid closed

systemctl is a command to control services.

To disable, do the following:

vim /etc/systemd/logind.conf
# set 'HandleLidSwitch=ignore'
# press <i> to edit. Then <esc>, pa ':wq' to write and quit.
systemctl restart systemd-logind

• Getting Started with systemd

Test cloudinit file

You can apply and test your cloudinit file:

coreos-cloudinit --from-file=/var/lib/coreos-install/user_data

Working inside CoreOS

• Install Debugging Tools

Videos:

• Installing CoreOS on a Bare Metal or Virtual Machine
• Mounting Storage in CoreOS
• Creating Wordpress Docker Container using a Dockerfile

Panamax? Thanks but no

Panamax seems incredible - but it’s not. Too complicated and bloated. Shipyard or Docker UI are much simpler and good enough.

curl -O http://download.panamax.io/installer/panamax-latest.tar.gz && mkdir -p /var/panamax && tar -C /var/panamax -zxvf panamax-latest.tar.gz
cd /var/panamax
./coreos install --stable

Once the installer completes, you can access Panamax on port 3000:

http://192.168.0.11:3000/

• Installing Panamax

Fleet?

You can think of fleet as an extension of systemd that operates at the cluster level instead of the machine level. Systemd is a single machine init system; fleet is a cluster init system.

Ubuntu was using upstartd as init system, but it is switching to systemd.

Docker Compose on CentOS

Docker Compose was called Fig before.

I tried every directory inside echo $PATH and I found out that /opt really is ideal and only viable. It wasn’t even created.

mkdir -p /opt/bin
curl -L https://github.com/docker/compose/releases/download/1.2.0/docker-compose-`uname -s`-`uname -m` > /opt/bin/docker-compose
chmod +x /opt/bin/docker-compose

• Releases

Articles & sources: