CoreOS用cloud-config.ymlメモ

参考

• Running CoreOS on VMware
• CoreOSのSSHポートを変更する - Qiita
• CoreOS で Docker をはじめる - Qiita
• CoreOSにscreenをインストールする君作った - Qiita

インストール手順

読み込み

sudo -s
passwd core
ip addr add 10.0.2.15/24 dev ens192
ip route add default via 10.0.2.1
echo "nameserver 8.8.8.8" > /etc/resolv.conf 

wget http://192.168.100.70/cloud-config.yml
coreos-cloudinit -validate=true -from-file=cloud-config.yml
#coreos-install -d /dev/sda -C stable -c cloud-config.yml
coreos-install -d /dev/sda -C alpha -V 1081.2.0 -c cloud-config.yml
reboot

cloud-config.yml

特徴

• 自動再起動をOFF
• docker起動
• TimezoneをAsia/Tokyo
• sshdのポートを22から変更
• toolboxの初期設定
• screenのインストールコマンド設置

---

userのパスワード文字列生成

$ openssl passwd -salt coreos -1 fjpoaeifji
$1$coreos$5tow1kTF0qjJ0qi.G8N9/1

cloud-config.yml

#cloud-config

hostname: coreos01

#-----------
coreos:
#-----------
  #update:
    # disable auto update.
    #reboot-strategy: off

  units:

    - name: 10-static.network
      runtime: no
      content: |
        [Match]
        Name=eth*
        [Network]
        Address=192.168.100.202/24
        Gateway=192.168.100.1
        DNS=8.8.8.8

    # set timezone Asia/Tokyo.
    - name: timezone.service
      command: start
      content: |
        [Unit]
        Description=timezone
        [Service]
        Type=oneshot
        RemainAfterExit=yes
        ExecStart=/usr/bin/ln -sf ../usr/share/zoneinfo/Japan /etc/localtime

    # change ssh listen port.
    - name: sshd.socket
      command: start
      content: |
        [Socket]
        #ListenStream=22
        ListenStream=9100
        Accept=yes

#-----------
users:
#-----------
  - name: core
    passwd: $1$coreos$5tow1kTF0qjJ0qi.G8N9/1
    ssh-authorized-keys: 
      - ssh-rsa ... osx/id_rsa
  - groups:
      - sudo
      - docker

#-----------
write_files:
#-----------
  - path: /etc/ssh/sshd_config
    permissions: 0600
    owner: root:root
    content: |
      # Use most defaults for sshd configuration.
      UsePrivilegeSeparation sandbox
      Subsystem sftp internal-sftp
      ClientAliveInterval 180
      #
      PermitRootLogin no
      MaxAuthTries 1
      PasswordAuthentication no
      ChallengeResponseAuthentication no
      AllowUsers core

  # toolbox
  - path: /home/core/.toolbox
    permissions: 0644
    owner: core:core
    content: |
      TOOLBOX_DOCKER_IMAGE=ubuntu
      TOOLBOX_DOCKER_TAG=latest

  # custom .bash_profile
  - path: /home/core/.bash_profile
    permissions: 0644
    owner: core:core
    content: |
      alias toolbox='toolbox --bind=/run:/run'
      alias t='toolbox --bind=/run:/run'

  # update cloud-config.yml
  - path: /home/core/update-cloud-config.sh
    permissions: 0700
    owner: core:core
    content: |
      sudo coreos-cloudinit --from-url=http://192.168.100.70:8000/cloud-config.yml

  # install screen command
  - path: /home/core/install_screen.sh
    permissions: 0700
    owner: core:core
    content: |
      sudo wget -q https://raw.githubusercontent.com/tukiyo/coreos-screen.run/master/screen.run -O /usr/share/oem/screen.run
      sudo sh /usr/share/oem/screen.run