Fedora CoreOS & podman, hello world?

Posted on Jun 2, 2020

Sometimes I try to learn something new, instead of just repeating what I already know and love. It’s hard and I sometimes prefer to avoid it.

However, I had some time to mess around tonight and decided to try Fedora CoreOS. Bear with me.

The tutorial was nice and easy, and I just had to suffer from the relatively poor ergonomics of generating multiple throw-away VMs with QEMU, a tool which I haven’t used much. So I’ve basically created virtual machines named httpd, httpd2, …, httpdN. Yay me.

sudo virt-install --connect qemu:///system --name httpd2 \
--memory 2048 --os-variant=fedora31 --import --graphics=none \
--disk size=10,backing_store=/tmp/fedora-coreos-31.20200505.3.0-qemu.x86_64.qcow2 \
--qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=/tmp/httpd.ign"

As I obviously was missing something regarding creating these VMs in a convenient manner, I also had to rely to manually assigning any needed file to QEMU/KVM.

sudo chown qemu:qemu /tmp/helloworld.* /tmp/fedora-coreos-31.20200505.3.0-qemu.x86_64.qcow2

Here’s my helloworld.fcc, which I transcompiled (I get grumpy whenever I have to transpile anything) to httpd.ign to make things confusing.

variant: fcos
version: 1.0.0
passwd:
  users:
    - name: core
      ssh_authorized_keys:
        # my super secret ssh pubkey goes here, as per the tutorial
        - ssh-.......
systemd:
  units:
    - name: helloworld.service
      enabled: true
      contents: |
        [Unit]
        Description=gimme webz
        After=network-online.target
        Wants=network-online.target

        [Service]
        ExecStartPre=-/bin/podman kill httpd
        ExecStartPre=-/bin/podman rm httpd
        ExecStartPre=-/bin/podman pull docker.io/httpd:2.4
        ExecStart=/bin/podman run --name httpd -p 8080:80 httpd:2.4

        ExecStop=/bin/podman stop httpd

        [Install]
        WantedBy=multi-user.target        

To transpile it, download and run the fcct utility using podman. OK.

podman pull quay.io/coreos/fcct:release
podman run -i --rm quay.io/coreos/fcct:release --pretty --strict < helloworld.fcc > /tmp/httpd.ign

One thing that bit me was that podman-pull has an order of container repositories, and that the only documentation I found (as in the first hit on Google) was old and indicated that I had to use a docker-daemon bridge to pull from dockerhub.

podman pull docker-daemon:docker.io/httpd:2.4 # wrong
podman pull httpd:2.4                         # correct
podman pull docker.io/httpd:2.4               # correct-er

Not sure why quay.io isn’t included in the default repository list, but it’s easy to specify for fcct and friends, I guess?

Well, now I can visit a website that says “It works!”, running on a virtual machine on my laptop, using just 30 lines of yaml, transcompiled into json and then provisioned unto my new VM. I honestly think this is pretty nice, now I just have to learn how to actually use this for something - but only after learning how to gracefully shutdown the machine. That has the difficulty setting on par with exiting vi

Hopefully next iteration might be useful - maybe this article will help me? Who knows?