The wikis are now using the new authentication system.
If you did not migrate your account yet, visit https://idp-portal-info.suse.com/

Portal:MicroOS/Ignition

Jump to: navigation, search

Ignition Quick Start

On first boot the system will try to configure itself using Ignition. The configuration is read from a file called config.ign that needs to be stored on an storage media besides the main disk image containing MicroOS. This configuration storage media can be any of what your virtualization system or your hardware does support, e.g. an ISO-Image, an USB Flash drive or even a floppy disk.

Whatever media you use, the volume label needs to be ignition and the directory structure needs to look like this:

<root directory>
└── ignition
    └── config.ign

Example config.ign:

{
  "ignition": { "version": "3.1.0" },
  "passwd": {
    "users": [
      {
        "name": "root",
        "passwordHash": "pemFK1OejzrTI"
      }
    ]
  },
  "systemd": {
     "units": [
        {
           "name": "sshd.service",
           "enabled": true
        },
     ]
  }
}

Create the value for the key passwordHash by using the command line

# openssl passwd

which prompts you for a password of your choice. The password from the example above is opensuse.

Create an ISO-Image

Using a virtual machine the most generic way to provide config.ign is to create an ISO-Image. Create the directory structure from above by using this commands:

# mkdir -p disk/ignition
# cd disk/ignition
# touch config.ign

Open config.ign with the editor of your choice and copy & paste the code from the example above.

Create the ISO-Image using mkisofs:

# mkisofs -o ignition.iso -V ignition disk

Now add ignition.iso to your VM and you are ready to go.

USB flash drive

Especially for the ARM images below the best solution to provide config.ign is on a USB flash drive.

To use this feature:

  • Format your USB flash drive with any file system supported by MicroOS (e.g. FAT, EXT4, …)
  • Set the partition label to ignition (lower case; for an EXT4 formatted drive with one partition, use e2label /dev/sdX1 ignition)
  • Mount that partition
  • Create the directory structure as mentioned above and add your config.ign

Advanced Usage

To learn more about Ignition and its capabilities please continue with the official documentation or check out the examples below for some of the common use cases.

Examples

Add a password and a SSH key for the root user

{
	"ignition": { "version": "3.1.0" },
	"passwd": {
		"users": [
			{
				"name": "root",
				"passwordHash": "hash, created with e.g. `openssl passwd -6`",
				"sshAuthorizedKeys": [
					"ssh-rsa long...key user@host"
				]
			}
		]
	}
}

Create new users

By default the user's home directory will be located in /home/<username>. As /home is not mounted in the initrd by default (see #Default mounts), the mount has to be defined explicitly.

{
	"ignition": { "version": "3.1.0" },
	"storage": {
		"filesystems": [
			{
				"path": "/home",
				"device": "Path to the root device such as /dev/sda3, /dev/mmcblk0p2 or /dev/disk/by-label/ROOT",
				"format": "btrfs",
				"wipeFilesystem": false,
				"mountOptions": [
					"subvol=/@/home"
				]
			}
		]
	},
	"passwd": {
		"users": [
			{
				"name": "username",
				"passwordHash": "hash, created with e.g. `openssl passwd -6`",
				"sshAuthorizedKeys": [
					"ssh-rsa long...key user@host"
				]
			}
		]
	}
}

Create files

Like in the #Create new user example before, if you want to create files outside of the default initrd mount directories you will also have to add storage -> filesystem for the corresponding device in addition to the snippet below.

{
	"ignition": { "version": "3.0.0" },
	"storage": {
		"files": [
			{
				"path": "/var/test.txt",
				"mode": 420,
				"contents": {
					"source": "data:,testcontents"
				},
				"overwrite": true
			}
		]
	}
}

Change hostname

According to the example before, we can set the hostname by creating the /etc/hostname file.

{
	"ignition": { "version": "3.0.0" },
	"storage": {
		"files": [{
			"filesystem": "root",
			"path": "/etc/hostname",
			"mode": 420,
			"overwrite": true,
			"contents": { "source": "data:,kubic-1" }
		}]
	}
}

Enable services

Ignition can also enable systemd services

 {
 	"ignition": { "version": "3.0.0" },
 	"systemd": {
 		"units": [{
 			"name": "sshd.service",
 			"enabled": true
 		}]
 	}
 }

More Examples

Find some more examples on the Ignition documentation website.