«

Deploying CoreOS in vSphere

We are in the process of evaluating the deployment of applications using Docker. We thought it was a good time to take a look at a Linux distribution custom made just for this type of workload. This post will show you how we got a CoreOS machine up and running on vSphere 5.5.

All of the following documentation was done from a Mac OSX client machine. It is of course possible from Windows, but will take some minor modifications of the commands listed.

Machine Preparation

CoreOS provides VMware OVF templates to assist you getting up and running. There are still some steps required though to get this up and going. The initial steps listed below were found in the Docker Documentation.

On the CoreOS Releases page you will be able to choose from stable, beta or alpha releases. We chose a stable release and downloaded the coreos_production_vmware_insecure.zip file for our installation. The insecure portion of the filename refers to the fact that it is shipped with an insecure ssh key, don't worry, we will replace this later. The following steps will download the release unpack it and convert it into the ovf template needed for importing into vSphere. The only tool we needed for this was the OVF Tool from VMware (free, registration required).

$ mkdir coreos
$ cd coreos
$ curl -O http://stable.release.core-os.net/amd64-usr/current/coreos_production_vmware_insecure.zip
$ unzip coreos_production_vmware_insecure.zip -d coreos_production_vmware_insecure
$ cd coreos_production_vmware_insecure/
$ mkdir coreos
$ /Applications/VMware\ OVF\ Tool/ovftool coreos_production_vmware_insecure.vmx coreos/coreos.insecure.ovf

The above commands will create a coreos.insecure.ovf file in the coreos subfolder that we will use to import into vSphere.

Virtual Machine Creation

We are now ready to import the template into vSphere. We will be using the web interface to do this.

If you chose your network to be DHCP based, you can skip the next section.

Statically IP CoreOS (Optional)

Using the OVF template the way it is given to you expects a DHCP address for your machine when it is booted the first time. We don't support DHCP on our server network segment, so we have to statically IP the machine before we can do anything.

CoreOS doesn't come with a username/password available to us, so we have to get in to the server through their autologin options. To do this you will need to stop the boot loader before it automatically boots. You can do this by hitting any key (space bar works nicely) as soon as you see something in the console and continue to hit it until you see the GNU GRUB menu. If you miss it and you get back to the login screen, don't worry just hit ctrl-alt-delete and try again.

At the GRUB menu you should see three choices:

Use your mouse arrows to select USR-A and hit the e key to edit.

You will then see a bunch of boot loading options, move your cursor over to the end of the last line of text and typea space and the following:

coreos.autologin

When this is done, hit the F10 key and your machine should boot up to the command line.

Here is where we followed instructions from here to finish up the static IP steps necessary.

Run the following:

$ ifconfig

You should see an lo: section and also enxxxx: section with the x's being dynamic based on your system. You will need this enxxxx key for the next step.

You will then need to create a new file with your custom network settings.

$ cd /etc/systemd/network
$ sudo vim static.network

Your file will need to look like the following, replacing your local values for the ones in the file. (Type i to start editing the file)

[Match]
Name=enxxxx

[Network]
Address=10.0.0.162/24
Gateway=10.0.0.1
DNS=8.8.8.8
DNS=8.8.4.4

You can then save your file <esc> :wq <enter> in case you dont work in vim much.

Then you can reboot the box and your static network should be working: sudo reboot

Replacing Insecure Shared Key

Once your machine has an ip address (which you will see from the login screen) you are then able to swap out the old ssh key with your own personal ssh key.

First you will want to test that the insecure key is working. You can do this from the folder you used earlier to create the ovf file on your local machine:

$ cd coreos_production_vmware_insecure
$ ssh -i insecure_ssh_key core@yourIpAddress

Once this works, then you can issue the following command to swap out your personal key for the old one.

$ cat ~/.ssh/id_rsa.pub |  ssh core@10.0.1.81 -i insecure_ssh_key update-ssh-keys -a user 
$ ssh core@10.0.1.81 update-ssh-keys -D oem
Conclusion

You should now have a fully working CoreOS machine built on vSphere. In future articles, we will discuss building multiple machines, creating a CoreOS cluster, and getting started with using Docker on top of CoreOS.

If you have any questions or comments, please let us know.

Share Comment on Twitter