9.6 KiB
9.6 KiB
Fedora Ignition Approach for Bootc Installation
Overview
Fedora CoreOS uses Ignition instead of traditional kickstart for system configuration and bootc installation. Ignition is a modern, JSON-based configuration system designed for immutable infrastructure and container-first deployments.
Key Technical Concepts
1. Ignition vs Kickstart
| Aspect | Ignition | Kickstart |
|---|---|---|
| Format | JSON | Shell-like syntax |
| Purpose | Immutable infrastructure | Package-based installation |
| Configuration | Declarative | Imperative |
| Container Support | Native | Via ostreecontainer directive |
| Modernity | Modern, cloud-native | Traditional, legacy |
2. Ignition Configuration Structure
{
"ignition": {
"version": "3.4.0"
},
"storage": {
"disks": [
{
"device": "/dev/sda",
"partitions": [
{
"label": "BIOS-BOOT",
"number": 1,
"size": 1024
},
{
"label": "EFI-SYSTEM",
"number": 2,
"size": 268435456
},
{
"label": "ROOT",
"number": 3,
"size": 0
}
]
}
],
"filesystems": [
{
"device": "/dev/disk/by-partlabel/ROOT",
"format": "xfs",
"path": "/"
}
]
},
"systemd": {
"units": [
{
"name": "bootc-install.service",
"enabled": true,
"contents": "[Unit]\nDescription=Install bootc container\n[Service]\nType=oneshot\nExecStart=/usr/bin/bootc install to-disk /dev/sda\n[Install]\nWantedBy=multi-user.target"
}
]
}
}
3. Container Installation via Ignition
Method 1: Systemd Service
{
"systemd": {
"units": [
{
"name": "bootc-install.service",
"enabled": true,
"contents": "[Unit]\nDescription=Install bootc container\n[Service]\nType=oneshot\nExecStart=/usr/bin/bootc install to-disk /dev/sda\n[Install]\nWantedBy=multi-user.target"
}
]
}
}
Method 2: Direct Container Pull
{
"storage": {
"files": [
{
"path": "/etc/containers/registries.conf.d/bootc.conf",
"mode": 420,
"contents": {
"source": "data:text/plain;base64,W1JlZ2lzdHJ5XQpsb2NhdGlvbj0icXVheS5pbyIKc2VjdXJlPWZhbHNlCg=="
}
}
]
}
}
Fedora CoreOS ISO Analysis
ISO Structure
fedora-coreos-42.20250803.3.0-live-iso.x86_64.iso
├── coreos/
│ ├── features.json # Installer capabilities
│ ├── igninfo.json # Points to ignition.img
│ ├── kargs.json # Kernel arguments
│ └── miniso.dat # Minimal ISO data
├── images/
│ ├── ignition.img # Ignition configuration
│ ├── initrd.img # Initial ramdisk
│ ├── rootfs.img # Root filesystem
│ └── vmlinuz # Kernel
├── EFI/fedora/grub.cfg # EFI boot configuration
└── isolinux/isolinux.cfg # BIOS boot configuration
Boot Configuration
- Kernel arguments:
coreos.liveiso=fedora-coreos-42.20250803.3.0 ignition.firstboot ignition.platform.id=metal - Ignition integration:
ignition.imgloaded as initrd - No kickstart references in boot configuration
Features Capabilities
{
"installer-config": true,
"installer-config-directives": {
"append-karg": true,
"architecture": true,
"console": true,
"copy-network": true,
"delete-karg": true,
"dest-device": true,
"fetch-retries": true,
"ignition-file": true,
"ignition-hash": true,
"ignition-url": true,
"image-file": true,
"image-url": true,
"insecure": true,
"insecure-ignition": true,
"network-dir": true,
"offline": true,
"platform": true,
"preserve-on-error": true,
"save-partindex": true,
"save-partlabel": true,
"secure-ipl": true,
"stream": true,
"stream-base-url": true
},
"live-initrd-network": true
}
Ignition Configuration Examples
1. Basic Bootc Installation
{
"ignition": {
"version": "3.4.0"
},
"storage": {
"disks": [
{
"device": "/dev/sda",
"wipeTable": true,
"partitions": [
{
"label": "BIOS-BOOT",
"number": 1,
"size": 1024,
"typeGuid": "21686148-6449-6E6F-744E-656564454649"
},
{
"label": "EFI-SYSTEM",
"number": 2,
"size": 268435456,
"typeGuid": "C12A7328-F81F-11D2-BA4B-00A0C93EC93B"
},
{
"label": "ROOT",
"number": 3,
"size": 0,
"typeGuid": "4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709"
}
]
}
],
"filesystems": [
{
"device": "/dev/disk/by-partlabel/ROOT",
"format": "xfs",
"path": "/"
}
]
},
"systemd": {
"units": [
{
"name": "bootc-install.service",
"enabled": true,
"contents": "[Unit]\nDescription=Install bootc container\n[Service]\nType=oneshot\nExecStart=/usr/bin/bootc install to-disk /dev/sda\n[Install]\nWantedBy=multi-user.target"
}
]
}
}
2. Registry Authentication
{
"ignition": {
"version": "3.4.0"
},
"storage": {
"files": [
{
"path": "/etc/ostree/auth.json",
"mode": 420,
"contents": {
"source": "data:text/plain;base64,ewogICJhdXRocyI6IHsKICAgICJxdWF5LmlvIjogewogICAgICAiYXV0aCI6ICI8eW91ciBzZWNyZXQgaGVyZT4iCiAgICB9CiAgfQp9"
}
},
{
"path": "/etc/containers/registries.conf.d/bootc.conf",
"mode": 420,
"contents": {
"source": "data:text/plain;base64,W1JlZ2lzdHJ5XQpsb2NhdGlvbj0icXVheS5pbyIKc2VjdXJlPWZhbHNlCg=="
}
}
]
}
}
3. Network Configuration
{
"ignition": {
"version": "3.4.0"
},
"networkd": {
"units": [
{
"name": "00-eth0.network",
"contents": "[Match]\nName=eth0\n[Network]\nDHCP=yes"
}
]
}
}
Advantages of Ignition Approach
1. Modern Design
- JSON-based - easy to generate programmatically
- Declarative - describes desired state, not steps
- Immutable - configuration is applied once
- Cloud-native - designed for modern infrastructure
2. Container Integration
- Native container support - no special directives needed
- Registry authentication - built-in support
- Container runtime - integrated by default
- Bootc compatibility - works seamlessly with bootc
3. Flexibility
- Modular - can combine different configuration sources
- Extensible - easy to add new configuration types
- Versioned - configuration format is versioned
- Validated - JSON schema validation
Implementation for Debian
Calamares Integration
- Generate Ignition JSON from Calamares configuration
- Create custom module for container installation
- Handle registry authentication via Ignition
- Integrate with bootc installation process
debian-installer Integration
- Replace preseed with Ignition configuration
- Add container runtime to installer environment
- Implement Ignition parser in installer
- Handle container installation via systemd units
Key Implementation Steps
- Study Ignition specification and examples
- Design JSON generation from user input
- Implement container installation logic
- Handle registry authentication and configuration
- Test with real bootc containers
Comparison: Ignition vs Kickstart vs Preseed
| Feature | Ignition | Kickstart | Preseed |
|---|---|---|---|
| Format | JSON | Shell-like | Debian-specific |
| Container Support | Native | Via directive | None |
| Modernity | High | Medium | Low |
| Flexibility | High | Medium | Low |
| Validation | Schema-based | Runtime | Limited |
| Cloud Integration | Excellent | Good | Poor |
| Immutable Design | Yes | No | No |
Tools and Resources
CoreOS Installer
coreos-installer- tool for creating custom ISOsbutane- YAML to Ignition converterignition-validate- configuration validator
Configuration Examples
- Fedora CoreOS examples - official configuration samples
- Butane configs - YAML-based Ignition generation
- Container installation - bootc integration patterns
Documentation
Next Steps for Implementation
- Study Ignition examples for container installation
- Design JSON generation from user configuration
- Implement Calamares module for Ignition support
- Create debian-installer Ignition integration
- Test with real bootc containers and registries
Conclusion
The Ignition approach used by Fedora CoreOS is more modern and suitable for our Debian bootc-image-builder than traditional kickstart or preseed. Its JSON-based configuration, native container support, and immutable design make it ideal for container-first deployments.
Key advantages:
- Easier to generate programmatically
- More flexible than kickstart/preseed
- Container-native by design
- Better suited for modern infrastructure
- Future-proof approach
This makes Ignition the recommended approach for both Calamares and debian-installer integration in our Debian bootc-image-builder project.