# Fedora Ignition Approach for Bootc Installation ## Overview Fedora CoreOS uses **Ignition** instead of traditional kickstart for system configuration and bootc installation. Ignition is a modern, JSON-based configuration system designed for immutable infrastructure and container-first deployments. ## Key Technical Concepts ### 1. Ignition vs Kickstart | Aspect | Ignition | Kickstart | |--------|----------|-----------| | **Format** | JSON | Shell-like syntax | | **Purpose** | Immutable infrastructure | Package-based installation | | **Configuration** | Declarative | Imperative | | **Container Support** | Native | Via `ostreecontainer` directive | | **Modernity** | Modern, cloud-native | Traditional, legacy | ### 2. Ignition Configuration Structure ```json { "ignition": { "version": "3.4.0" }, "storage": { "disks": [ { "device": "/dev/sda", "partitions": [ { "label": "BIOS-BOOT", "number": 1, "size": 1024 }, { "label": "EFI-SYSTEM", "number": 2, "size": 268435456 }, { "label": "ROOT", "number": 3, "size": 0 } ] } ], "filesystems": [ { "device": "/dev/disk/by-partlabel/ROOT", "format": "xfs", "path": "/" } ] }, "systemd": { "units": [ { "name": "bootc-install.service", "enabled": true, "contents": "[Unit]\nDescription=Install bootc container\n[Service]\nType=oneshot\nExecStart=/usr/bin/bootc install to-disk /dev/sda\n[Install]\nWantedBy=multi-user.target" } ] } } ``` ### 3. Container Installation via Ignition #### Method 1: Systemd Service ```json { "systemd": { "units": [ { "name": "bootc-install.service", "enabled": true, "contents": "[Unit]\nDescription=Install bootc container\n[Service]\nType=oneshot\nExecStart=/usr/bin/bootc install to-disk /dev/sda\n[Install]\nWantedBy=multi-user.target" } ] } } ``` #### Method 2: Direct Container Pull ```json { "storage": { "files": [ { "path": "/etc/containers/registries.conf.d/bootc.conf", "mode": 420, "contents": { "source": "data:text/plain;base64,W1JlZ2lzdHJ5XQpsb2NhdGlvbj0icXVheS5pbyIKc2VjdXJlPWZhbHNlCg==" } } ] } } ``` ## Fedora CoreOS ISO Analysis ### ISO Structure ``` fedora-coreos-42.20250803.3.0-live-iso.x86_64.iso ├── coreos/ │ ├── features.json # Installer capabilities │ ├── igninfo.json # Points to ignition.img │ ├── kargs.json # Kernel arguments │ └── miniso.dat # Minimal ISO data ├── images/ │ ├── ignition.img # Ignition configuration │ ├── initrd.img # Initial ramdisk │ ├── rootfs.img # Root filesystem │ └── vmlinuz # Kernel ├── EFI/fedora/grub.cfg # EFI boot configuration └── isolinux/isolinux.cfg # BIOS boot configuration ``` ### Boot Configuration - **Kernel arguments**: `coreos.liveiso=fedora-coreos-42.20250803.3.0 ignition.firstboot ignition.platform.id=metal` - **Ignition integration**: `ignition.img` loaded as initrd - **No kickstart references** in boot configuration ### Features Capabilities ```json { "installer-config": true, "installer-config-directives": { "append-karg": true, "architecture": true, "console": true, "copy-network": true, "delete-karg": true, "dest-device": true, "fetch-retries": true, "ignition-file": true, "ignition-hash": true, "ignition-url": true, "image-file": true, "image-url": true, "insecure": true, "insecure-ignition": true, "network-dir": true, "offline": true, "platform": true, "preserve-on-error": true, "save-partindex": true, "save-partlabel": true, "secure-ipl": true, "stream": true, "stream-base-url": true }, "live-initrd-network": true } ``` ## Ignition Configuration Examples ### 1. Basic Bootc Installation ```json { "ignition": { "version": "3.4.0" }, "storage": { "disks": [ { "device": "/dev/sda", "wipeTable": true, "partitions": [ { "label": "BIOS-BOOT", "number": 1, "size": 1024, "typeGuid": "21686148-6449-6E6F-744E-656564454649" }, { "label": "EFI-SYSTEM", "number": 2, "size": 268435456, "typeGuid": "C12A7328-F81F-11D2-BA4B-00A0C93EC93B" }, { "label": "ROOT", "number": 3, "size": 0, "typeGuid": "4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709" } ] } ], "filesystems": [ { "device": "/dev/disk/by-partlabel/ROOT", "format": "xfs", "path": "/" } ] }, "systemd": { "units": [ { "name": "bootc-install.service", "enabled": true, "contents": "[Unit]\nDescription=Install bootc container\n[Service]\nType=oneshot\nExecStart=/usr/bin/bootc install to-disk /dev/sda\n[Install]\nWantedBy=multi-user.target" } ] } } ``` ### 2. Registry Authentication ```json { "ignition": { "version": "3.4.0" }, "storage": { "files": [ { "path": "/etc/ostree/auth.json", "mode": 420, "contents": { "source": "data:text/plain;base64,ewogICJhdXRocyI6IHsKICAgICJxdWF5LmlvIjogewogICAgICAiYXV0aCI6ICI8eW91ciBzZWNyZXQgaGVyZT4iCiAgICB9CiAgfQp9" } }, { "path": "/etc/containers/registries.conf.d/bootc.conf", "mode": 420, "contents": { "source": "data:text/plain;base64,W1JlZ2lzdHJ5XQpsb2NhdGlvbj0icXVheS5pbyIKc2VjdXJlPWZhbHNlCg==" } } ] } } ``` ### 3. Network Configuration ```json { "ignition": { "version": "3.4.0" }, "networkd": { "units": [ { "name": "00-eth0.network", "contents": "[Match]\nName=eth0\n[Network]\nDHCP=yes" } ] } } ``` ## Advantages of Ignition Approach ### 1. Modern Design - **JSON-based** - easy to generate programmatically - **Declarative** - describes desired state, not steps - **Immutable** - configuration is applied once - **Cloud-native** - designed for modern infrastructure ### 2. Container Integration - **Native container support** - no special directives needed - **Registry authentication** - built-in support - **Container runtime** - integrated by default - **Bootc compatibility** - works seamlessly with bootc ### 3. Flexibility - **Modular** - can combine different configuration sources - **Extensible** - easy to add new configuration types - **Versioned** - configuration format is versioned - **Validated** - JSON schema validation ## Implementation for Debian ### Calamares Integration 1. **Generate Ignition JSON** from Calamares configuration 2. **Create custom module** for container installation 3. **Handle registry authentication** via Ignition 4. **Integrate with bootc** installation process ### debian-installer Integration 1. **Replace preseed** with Ignition configuration 2. **Add container runtime** to installer environment 3. **Implement Ignition parser** in installer 4. **Handle container installation** via systemd units ### Key Implementation Steps 1. **Study Ignition specification** and examples 2. **Design JSON generation** from user input 3. **Implement container installation** logic 4. **Handle registry authentication** and configuration 5. **Test with real bootc containers** ## Comparison: Ignition vs Kickstart vs Preseed | Feature | Ignition | Kickstart | Preseed | |---------|----------|-----------|---------| | **Format** | JSON | Shell-like | Debian-specific | | **Container Support** | Native | Via directive | None | | **Modernity** | High | Medium | Low | | **Flexibility** | High | Medium | Low | | **Validation** | Schema-based | Runtime | Limited | | **Cloud Integration** | Excellent | Good | Poor | | **Immutable Design** | Yes | No | No | ## Tools and Resources ### CoreOS Installer - **`coreos-installer`** - tool for creating custom ISOs - **`butane`** - YAML to Ignition converter - **`ignition-validate`** - configuration validator ### Configuration Examples - **Fedora CoreOS examples** - official configuration samples - **Butane configs** - YAML-based Ignition generation - **Container installation** - bootc integration patterns ### Documentation - [Ignition specification](https://coreos.github.io/ignition/) - [Butane documentation](https://coreos.github.io/butane/) - [CoreOS installer](https://coreos.github.io/coreos-installer/) ## Next Steps for Implementation 1. **Study Ignition examples** for container installation 2. **Design JSON generation** from user configuration 3. **Implement Calamares module** for Ignition support 4. **Create debian-installer** Ignition integration 5. **Test with real bootc containers** and registries ## Conclusion The Ignition approach used by Fedora CoreOS is **more modern and suitable** for our Debian bootc-image-builder than traditional kickstart or preseed. Its JSON-based configuration, native container support, and immutable design make it ideal for container-first deployments. Key advantages: - **Easier to generate** programmatically - **More flexible** than kickstart/preseed - **Container-native** by design - **Better suited** for modern infrastructure - **Future-proof** approach This makes Ignition the recommended approach for both Calamares and debian-installer integration in our Debian bootc-image-builder project.