======Fedora CoreOS======
=====Download=====
Download latest live iso from [[https://www.fedoraproject.org/coreos/download]]
=====Butane file=====
Creating a butane file for automatic deployment because the installer of CoreOS is non-interactive.
In this example I add a user core with a password hash (console access) and SSH-keys for authortized logins.
I add a root CA certificate, set my router as NTP source for chrony install 3 additional packages: docker-compose,vim,qemu-guest-agent and make docker service enabled.
variant: fcos
version: 1.6.0
passwd:
users:
- name: core
password_hash:
ssh_authorized_keys:
- ssh-rsa ...
storage:
files:
- path: /etc/chrony.conf
mode: 0644
overwrite: true
contents:
inline: |
server iburst
sourcedir /run/chrony-dhcp
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
ntsdumpdir /var/lib/chrony
leapseclist /usr/share/zoneinfo/leap-seconds.list
logdir /var/log/chrony
- path: /etc/pki/ca-trust/source/anchors/root_ca.crt
contents:
inline: |
-----BEGIN CERTIFICATE-----
.
.
.
-----END CERTIFICATE-----
links:
- path: /etc/localtime
target: ../usr/share/zoneinfo/Europe/Amsterdam
systemd:
units:
- name: docker.service
enabled: true
- name: rpm-ostree-install.service
enabled: true
contents: |
[Unit]
Description=Layer packages with rpm-ostree
Wants=network-online.target
After=network-online.target
# We run before `zincati.service` to avoid conflicting rpm-ostree
# transactions.
Before=zincati.service
ConditionPathExists=!/var/lib/%N.stamp
[Service]
Type=oneshot
RemainAfterExit=yes
# `--allow-inactive` ensures that rpm-ostree does not return an error
# if the package is already installed. This is useful if the package is
# added to the root image in a future Fedora CoreOS release as it will
# prevent the service from failing.
ExecStart=/usr/bin/rpm-ostree install -y --allow-inactive docker-compose qemu-guest-agent
ExecStart=/bin/touch /var/lib/%N.stamp
ExecStart=/bin/systemctl --no-block reboot
[Install]
WantedBy=multi-user.target
=====Convert Butane to Ignition=====
podman run --interactive --rm quay.io/coreos/butane:release \
--pretty --strict < fcos.bu > fcos.ign
Upload the fcos.ign file to a webserver reachable by the installer
=====Modify Fedora ISO to non-interactive install VM=====
In this example I donwloaded fedora-coreos-42.20250914.3.0-live-iso.x86_64.iso from the Fedora website. It creates a custom.iso to upload to my Proxmox datastore.
podman run --security-opt label=disable --pull=always --rm -v .:/data -w /data quay.io/coreos/coreos-installer:release iso customize \
--live-karg-append "coreos.inst.install_dev=/dev/sda" \
--live-karg-append "coreos.inst.ignition_url=http:///fcos.ign" \
-o custom.iso \
fedora-coreos-42.20250914.3.0-live-iso.x86_64.iso
=====Create VM in Proxmox=====
I create a VM in Proxmox with the following specifications:
* Linux 6.x - 2.6 Kernel
* ISO image: custom.iso (created above)
* Machine: q35
* BIOS: OVMF
* Select preferred datastore in EFI storage
* SCSI Controller: VirtIO SCSI single
* Check Qemu Agent
* Disk size 16 GB
* Cache: Default
* Select Discard
* Sockets: 1
* Cores: 2
* Type: x86-64-v2-AES
* Memory: 4096
* Bridge: vmbr0
* Model: VirtIO (paravirtualized)
After that convert this VM to a template and when creating a VM make a full-clone of this template.
=====Modify after boot=====
The network is DHCP enabled in this example. The following steps remain:
* Manually confige network with nmcli/nmtui
* Set hostname
=====Resize disk in Proxmox=====
When the template diskspace is too small. Resize it in Proxmox and do the following in the VM:
rescan-scsi-bus.sh
growpart /dev/sda 4
xfs_growfs /var
{{tag>linux}}