I use Xenserver as my choice of home virtualization server. It is a great platform and I run many VMs that include testing Docker systems.
While I realize that I could have run something like Ubuntu bare-metal on the physical server I wanted the option to run VMs. In case you are wondering about the performance costs: Docker and XenServer: What’s Virtualization. For my purposes I do not need a ultra-high performance machine and I enjoy the flexibility that the Xenserver/VM/Docker stack can provide.
Your configurations may vary due to patches, and configuration. Please take that into account as you follow along in the guide.
If you already have an existing set of RSA public/private key set you can probably use that and skip this section.
The first step is to set up a set up a RSA SSH key set consisting of associated public and private keys.
The same task can be established using Putty on Windows just be sure you are using steps to create a RSA set of SSH keys. An excellent guide for using Windows Putty to generate RSA SSH keypair is: Generating SSH keys to use for CoreOS host connectivity
Moving forward all commands on my Windows workstation will be done using the Ubuntu Linux subsystem.
Type in the following
ssh-keygen -t rsa
This will generate your public/private/rsa keypair. Enter to accept the default location and file names. Enter again twice to not add a passphrase. Once this is complete you will have a hidden directory in your home directory name .ssh.
.ssh/ ├── id_rsa └── id_rsa.pub
Retrieve the public key from id_rsa.pub file using the
cat .ssh/id_rsa.pub. Copy for public key starting from AAAA… to the last continuous character. Do not copy the starting ‘ssh-rsa’. Do not copy the information that is added at the end of the file in the username@workstation format. I will copy this long one line key to notepad for use later. Make sure the scratch pad program you use does not insert any extra characters.
I open Xencenter on my Windows workstation. On the toolbar I select ‘New VM’. Add the following required parameter. Your environment/choices may vary the other parameter for the CoreOS installation. The required choices are:
For the ‘Cloud-Config Parameters’ edit the following:
check: Include config drive
# - ssh-rsa <Your public key> with your previously copied RSA SSH public key
- name: etcd.service with
- name: etcd2.service
It should look like this, but using your RSA public key:
#cloud-config hostname: %VMNAMETOHOSTNAME% ssh_authorized_keys: - ssh-rsa AAAAzdP6asD8qEQzYN<long string>pjKjMTPQHcJXzS5t7ywBEPAXbLhT9LycY4fsVm # The following entry will automatically be replaced with a public key # generated by container management plugin. The key-entry must exist, # in order to enable container management for this VM. - ssh-rsa %CONTAINERRSAPUB% coreos: units: - name: etcd2.service command: start - name: fleet.service command: start # Hypervisor Linux Guest Agent - name: xe-linux-distribution.service command: start content: | [Unit] Description=Hypervisor Linux Guest Agent After=docker.service [Service] ExecStartPre=/media/configdrive/agent/xe-linux-distribution /var/cache/xe-linux-distribution ExecStart=/media/configdrive/agent/xe-daemon etcd2: name: %VMNAMETOHOSTNAME% # generate a new token for each unique cluster at https://discovery.etcd.io/new # discovery: https://discovery.etcd.io/<token> write_files: # Enable ARP notifications for smooth network recovery after migrations - path: /etc/sysctl.d/10-enable-arp-notify.conf permissions: 0644 owner: root content: | net.ipv4.conf.all.arp_notify = 1 # Template loaded from /usr/lib/python2.7/site-packages/xscontainer/data/cloud-config.template
As a bonus this will also install the Xenserver guest tools.
Since CoreOS has had the Xenserver guest tools installed you can see the IP address. On the Windows workstation you should now be able to SSH using the ‘core’ user to the CoreOS VM.
javier@DESKTOP:~$ ssh email@example.com The authenticity of host '192.168.4.63 (192.168.4.63)' can't be established. ECDSA key fingerprint is SHA256:4aXMnsFpn9udLDvS9DhWQ6m&qabscmyWncPryNXQtY5. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.4.63' (ECDSA) to the list of known hosts. Last login: Sun Jan 14 07:20:28 UTC 2018 on tty1 Container Linux by CoreOS stable (1465.7.0) Update Strategy: No Reboots core@coreos1 ~ $
If can not log into new VM using ssh from your workstation the most likely problem is around the SSH that was placed into the Cloud-Config Parameters option.
When you SSH into the CoreOS VM you can test Docker functionality by using the ‘hello world’ example.
core@coreos ~ $ docker run --name hello -d busybox /bin/sh -c "while true; do echo Hello World; sleep 1; done" Unable to find image 'busybox:latest' locally latest: Pulling from library/busybox fb46b04c527d: Pull complete Digest: sha256:436bbf48aa1198ebca8eac0ad9a9c80c8929d9242e02608f76ce18334e0cfe6a Status: Downloaded newer image for busybox:latest b536683aedffa14e921be8a8adb59e3cd276c5ec47b9ac300b9d3d1dc321ee66
Up to this point it is important to understand that CoreOS is running, but only from the ISO file. If you stop, start, or reboot the VM at this point it will use the ISO and the existing ‘Config drive’ created from the ‘Cloud-Config Parameters’ file. Any containers added at this point will be lost during a stop, start, or reboot cycle.
To make it a persistent VM we will have to install CoreOS to the Xenserver. This makes it closer to a typical VM. SSH into the CoreOS VM run the following command
sudo coreos-install -d /dev/xvda -o xen -C stable.
The result should look something like this:
core@coreos ~ $ sudo coreos-install -d /dev/xvda -o xen -C stable Current version of CoreOS Container Linux stable is 1576.5.0 Downloading the signature for https://stable.release.core-os.net/amd64-usr/1576.5.0/coreos_production_xen_image.bin.bz2... 2018-01-14 07:50:31 URL:https://stable.release.core-os.net/amd64-usr/1576.5.0/coreos_production_xen_image.bin.bz2.sig [566/566] -> "/tmp/coreos-install.9JrLgB4JEq/coreos_production_xen_image.bin.bz2.sig"  Downloading, writing and verifying coreos_production_xen_image.bin.bz2... 2018-01-14 07:52:13 URL:https://stable.release.core-os.net/amd64-usr/1576.5.0/coreos_production_xen_image.bin.bz2 [345199405/345199405] -> "-"  gpg: Signature made Fri Jan 5 12:12:34 2018 UTC gpg: using RSA key 8826AD9569F575AD3F5643E7DE2F8F87EF4B4ED9 gpg: key Bxrw7xyxFDwyKMmw marked as ultimately trusted gpg: checking the trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: Good signature from "CoreOS Buildbot (Offical Builds) <firstname.lastname@example.org>" [ultimate] Success! CoreOS Container Linux stable 1576.5.0 (xen) is installed on /dev/xvda
Using the XenCenter application stop the CoreOS VM, eject coreos_production_iso_image.iso, and start the CoreOS VM.
From this point you can install Docker containers from the command line in the CoreOS VM. My favorite container to manage Docker containers is Portainer.
XenServer documentation in CONTAINER MONITORING IN LINUX VMS states you can get GUI container management tools in XenCenter using CoreOS. I didn’t see that functionality. I suspect you have to install the additional tools outlined in the ‘HOW TO MONITOR OTHER LINUX OSS’ section.
CoreOS is a light weight base system designed with Docker in mind. It has extra tools and Docker specific functionality which might be worth extra time investigating.