bh7cw

## FCOS-Fedora CoreOS
Launch FCOS:
Launch FCOS on AWS with Ignition: FCOS reads and applies configuration files with Ignition.
Launching with QEMU-hypervisor(temporary/persistent storage) or libvirt
Install FCOS on bare metal with live ISO or PXE
Migrating from Fedora Atomic Host (FAH) to Fedora CoreOS (FCOS)

OS:
1. Red Hat CoreOS: a focused OS for OpenShift, released and life-cycled in tandem with the platform.
2. Fedora CoreOS (FCOS): combine the best of both CoreOS Container Linux and Fedora Atomic Host,
provide the best container host to run containerized workloads securely and at scale.

## Producing an Ignition File

Ref:
https://docs.fedoraproject.org/en-US/fedora-coreos/producing-ign/

## rpm-ostree
OSTree is an upgrade system for Linux-based operating systems that performs atomic upgrades of complete filesystem trees.
It is not a package system; rather, it is intended to complement them.
A primary model is composing packages on a server, and then replicating them to clients.

The underlying architecture might be summarized as "git for operating system binaries".
It operates in userspace, and will work on top of any Linux filesystem.

rpm: "Red Hat Package Manager" but now "RPM Package Manager".
Build rpm:
https://docs.google.com/document/d/1KrxNdQOUY3Jzw0GDA1P3VcXbMAn-JYy_pc6Bz4IdKTQ/edit

## Build RHCOS with COSA
sudo curl -kL -o /etc/pki/ca-trust/source/anchors/Red_Hat_IT_Root_CA.crt https://password.corp.redhat.com/RH-IT-Root-CA.crt
sudo update-ca-trust

# fetch the Red Hat CoreOS configuration
cosa init https://gitlab.cee.redhat.com/coreos/redhat-coreos.git
cosa fetch
cosa build

## add cosa and rhcos commit
I am trying to tackle this issue https://issues.redhat.com/browse/GRPA-2086
This is my commit in cosa https://github.com/bh7cw/coreos-assembler/commit/1cf18ba390af2083b16516b9a6da9ac9d446041e
Then, I tested the code:
1) create a trigger on quay.io to build image after Git repo is pushed https://quay.io/repository/bh7cw/coreos-assembler?tab=builds
2) Run the cosa on local machine:
    cosa file:
        #!/usr/bin/env bash

        # this script will use podman, but docker will work too
        rpm -qa | grep -q podman || (echo "podman not installed!" ; exit 1)

## cosa
#!/usr/bin/env bash

rpm -qa | grep -q podman || (echo "podman not installed!" ; exit 1)

podman pull quay.io/coreos-assembler/coreos-assembler

mkdir -p fcos && cd fcos

cosa() {
   env | grep COREOS_ASSEMBLER

## Ignition Partition File
variant: fcos
version: 1.1.0
passwd:
  users:
    - name: core
      ssh_authorized_keys:
        - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsXe6CfHl45kCIzMF90VhDf2NpBWUyS1+IiTtxm5a83mT9730Hb8xim7GYeJu47kiESw2DAN8vNJ/Irg0apZ217ah2rXXjPQuWYSXuEuap8yLBSjqw8exgqVj/kzW+YqmnHASxI13eoFDxTQQGzyqbqowvxu/5gQmDwBmNAa9bT809ziB/qmpS1mD6qyyFDpR23kUwu3TkgAbwMXBDoqK+pdwfaF9uo9XaLHNEH8lD5BZuG2BeDafm2o76DhNSo83MvcCPNXKLxu3BbX/FCMFO6O8RRqony4i91fEV1b8TbXrbJz1bwEYEnJRvmjnqI/389tQFeYvplXR2WdT9PCKyEAG+j8y6XgecIcdTqV/7gFfak1mp2S7mYHZDnXixsn3MjCP/cIxxJVDitKusnj1TdFqtSXl4tqGccbg/5Sqnt/EVSK4bGwwBxv/YmE0P9cbXLxuEVI0JYzgrQvC8TtUgd8kUu2jqi1/Yj9IWm3aFsl/hhh8YwYrv/gm7PV0TxkM= jingzhan@localhost.localdomain
storage:
  disks:
    - device: /dev/vda

## autologin
{
  "ignition": {
    "version": "3.1.0"
  },
  "passwd": {
    "users": [
      {
        "name": "core",
        "sshAuthorizedKeys": [
          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCRvfOoVVuVw0+Pjv2wMYhr0h2J9LAc2ptz9ghsZXe1beTgYeJrH3ZezEdXLxZsAmgZAgwlf191K74idSJbM+8HhJAFPf5rQcB2EZzwXtwANCMGVnezavtJJlwZsr8+l9Y2xfKQ9bBwuoAQ6Rsp6Llav+QblI2rxYeNOv/4+jNcziwWjDWtsGNor/pcV6lIy6XCRzdgu8Mk9a1Z7itwH/WyNJE2mqEIljch4H5AjZbMA++9jb5jwYjg1RN5Tlmt+/GWgDn5TvQZKMtTt9mlkeE972E8vym9o1R8IQGoixKGuBmDuNEPUZ+b+wSc8+iZU8MIi3pNt6KNm25lJab9iuAB"

## test manifest by overriding the image
[jingzhan@jing cluster_0715]$ OPENSHIFT_INSTALL_OS_IMAGE_OVERRIDE=ami-0b7dd156ccbd25423 ./openshift-install create manifests
? SSH Public Key /home/jingzhan/.ssh/cluster-0715.pub
? Platform aws
INFO Credentials loaded from the "default" profile in file "/home/jingzhan/.aws/credentials"
? Region us-east-2
? Base Domain devcluster.openshift.com
? Cluster Name cluster-bh7cw-727-06
? Pull Secret [? for help] ***************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************

## 99_openshift-machineconfig_99-master-ssh.yaml
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  labels:
    machineconfiguration.openshift.io/role: master
  name: 99-master-ssh
spec:
  config:
    ignition:
      version: 3.1.0
	Launch FCOS:
	Launch FCOS on AWS with Ignition: FCOS reads and applies configuration files with Ignition.
	Launching with QEMU-hypervisor(temporary/persistent storage) or libvirt
	Install FCOS on bare metal with live ISO or PXE
	Migrating from Fedora Atomic Host (FAH) to Fedora CoreOS (FCOS)

	OS:
	1. Red Hat CoreOS: a focused OS for OpenShift, released and life-cycled in tandem with the platform.
	2. Fedora CoreOS (FCOS): combine the best of both CoreOS Container Linux and Fedora Atomic Host,
	provide the best container host to run containerized workloads securely and at scale.

	Ref:
	https://docs.fedoraproject.org/en-US/fedora-coreos/producing-ign/
	OSTree is an upgrade system for Linux-based operating systems that performs atomic upgrades of complete filesystem trees.
	It is not a package system; rather, it is intended to complement them.
	A primary model is composing packages on a server, and then replicating them to clients.

	The underlying architecture might be summarized as "git for operating system binaries".
	It operates in userspace, and will work on top of any Linux filesystem.

	rpm: "Red Hat Package Manager" but now "RPM Package Manager".
	Build rpm:
	https://docs.google.com/document/d/1KrxNdQOUY3Jzw0GDA1P3VcXbMAn-JYy_pc6Bz4IdKTQ/edit
	sudo curl -kL -o /etc/pki/ca-trust/source/anchors/Red_Hat_IT_Root_CA.crt https://password.corp.redhat.com/RH-IT-Root-CA.crt
	sudo update-ca-trust

	# fetch the Red Hat CoreOS configuration
	cosa init https://gitlab.cee.redhat.com/coreos/redhat-coreos.git
	cosa fetch
	cosa build
	I am trying to tackle this issue https://issues.redhat.com/browse/GRPA-2086
	This is my commit in cosa https://github.com/bh7cw/coreos-assembler/commit/1cf18ba390af2083b16516b9a6da9ac9d446041e
	Then, I tested the code:
	1) create a trigger on quay.io to build image after Git repo is pushed https://quay.io/repository/bh7cw/coreos-assembler?tab=builds
	2) Run the cosa on local machine:
	cosa file:
	#!/usr/bin/env bash

	# this script will use podman, but docker will work too
	rpm -qa \| grep -q podman \|\| (echo "podman not installed!" ; exit 1)
	#!/usr/bin/env bash

	rpm -qa \| grep -q podman \|\| (echo "podman not installed!" ; exit 1)

	podman pull quay.io/coreos-assembler/coreos-assembler

	mkdir -p fcos && cd fcos

	cosa() {
	env \| grep COREOS_ASSEMBLER
	variant: fcos
	version: 1.1.0
	passwd:
	users:
	- name: core
	ssh_authorized_keys:
	- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsXe6CfHl45kCIzMF90VhDf2NpBWUyS1+IiTtxm5a83mT9730Hb8xim7GYeJu47kiESw2DAN8vNJ/Irg0apZ217ah2rXXjPQuWYSXuEuap8yLBSjqw8exgqVj/kzW+YqmnHASxI13eoFDxTQQGzyqbqowvxu/5gQmDwBmNAa9bT809ziB/qmpS1mD6qyyFDpR23kUwu3TkgAbwMXBDoqK+pdwfaF9uo9XaLHNEH8lD5BZuG2BeDafm2o76DhNSo83MvcCPNXKLxu3BbX/FCMFO6O8RRqony4i91fEV1b8TbXrbJz1bwEYEnJRvmjnqI/389tQFeYvplXR2WdT9PCKyEAG+j8y6XgecIcdTqV/7gFfak1mp2S7mYHZDnXixsn3MjCP/cIxxJVDitKusnj1TdFqtSXl4tqGccbg/5Sqnt/EVSK4bGwwBxv/YmE0P9cbXLxuEVI0JYzgrQvC8TtUgd8kUu2jqi1/Yj9IWm3aFsl/hhh8YwYrv/gm7PV0TxkM= jingzhan@localhost.localdomain
	storage:
	disks:
	- device: /dev/vda
	{
	"ignition": {
	"version": "3.1.0"
	},
	"passwd": {
	"users": [
	{
	"name": "core",
	"sshAuthorizedKeys": [
	"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCRvfOoVVuVw0+Pjv2wMYhr0h2J9LAc2ptz9ghsZXe1beTgYeJrH3ZezEdXLxZsAmgZAgwlf191K74idSJbM+8HhJAFPf5rQcB2EZzwXtwANCMGVnezavtJJlwZsr8+l9Y2xfKQ9bBwuoAQ6Rsp6Llav+QblI2rxYeNOv/4+jNcziwWjDWtsGNor/pcV6lIy6XCRzdgu8Mk9a1Z7itwH/WyNJE2mqEIljch4H5AjZbMA++9jb5jwYjg1RN5Tlmt+/GWgDn5TvQZKMtTt9mlkeE972E8vym9o1R8IQGoixKGuBmDuNEPUZ+b+wSc8+iZU8MIi3pNt6KNm25lJab9iuAB"
	[jingzhan@jing cluster_0715]$ OPENSHIFT_INSTALL_OS_IMAGE_OVERRIDE=ami-0b7dd156ccbd25423 ./openshift-install create manifests
	? SSH Public Key /home/jingzhan/.ssh/cluster-0715.pub
	? Platform aws
	INFO Credentials loaded from the "default" profile in file "/home/jingzhan/.aws/credentials"
	? Region us-east-2
	? Base Domain devcluster.openshift.com
	? Cluster Name cluster-bh7cw-727-06
	? Pull Secret [? for help] ***************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
	apiVersion: machineconfiguration.openshift.io/v1
	kind: MachineConfig
	metadata:
	labels:
	machineconfiguration.openshift.io/role: master
	name: 99-master-ssh
	spec:
	config:
	ignition:
	version: 3.1.0