Example Configs 示例配置

These examples are written in version 3.0.0 of the config. Ignition v2.0.0+ understands all configs with version 3.0.0+.
这些示例是在配置的 3.0.0 版本中编写的。Ignition v2.0.0+ 可以理解所有版本为 3.0.0+ 的配置。

  1. Services 服务
    1. Start Services 启动服务
    2. Modify Services 修改服务
  2. Create Files on the Root Filesystem
    在根文件系统上创建文件
  3. Reformat the /var Filesystem
    重新格式化 /var 文件系统
    1. Btrfs
  4. Create a RAID-enabled Data Volume
    创建支持 RAID 的数据卷
  5. Replace the Config with a Remote Config
    用远程配置替换配置
  6. Set the Hostname 设置主机名
  7. Add Users 添加用户
  8. Create a LUKS Volume
    创建一个 LUKS 卷
  9. Set Kernel Arguments 设置内核参数

Services 服务

Start Services 启动服务

This config will write a single service unit (shown below) with the contents of an example service. This unit will be enabled as a dependency of multi-user.target and therefore start on boot.
这个配置将写入一个单个服务单元(如下所示),其中包含示例服务的内容。此单元将作为 multi-user.target 的依赖项启用,因此会在启动时启动。

{
  "ignition": { "version": "3.0.0" },
  "systemd": {
    "units": [{
      "name": "example.service",
      "enabled": true,
      "contents": "[Service]\nType=oneshot\nExecStart=/usr/bin/echo Hello World\n\n[Install]\nWantedBy=multi-user.target"
    }]
  }
}

example.service:

[Service]
Type=oneshot
ExecStart=/usr/bin/echo Hello World

[Install]
WantedBy=multi-user.target

Modify Services 修改服务

This config will add a systemd unit drop-in to modify the existing service systemd-journald and sets its environment variable SYSTEMD_LOG_LEVEL to debug.
此配置将添加一个 systemd 单元的附加配置,以修改现有服务 systemd-journald 并将其环境变量 SYSTEMD_LOG_LEVEL 设置为 debug

{
  "ignition": { "version": "3.0.0" },
  "systemd": {
    "units": [{
      "name": "systemd-journald.service",
      "dropins": [{
        "name": "debug.conf",
        "contents": "[Service]\nEnvironment=SYSTEMD_LOG_LEVEL=debug"
      }]
    }]
  }
}

systemd-journald.service.d/debug.conf:

[Service]
Environment=SYSTEMD_LOG_LEVEL=debug

Create Files on the Root Filesystem
在根文件系统上创建文件

In many cases it is useful to write files to the root filesystem. This example writes a single file to /etc/someconfig on the root filesystem. The contents of the file (“example file”) are specified inline in the config using the data URL scheme.
在许多情况下,将文件写入根文件系统非常有用。此示例将一个文件写入根文件系统上的 /etc/someconfig 。文件的内容(“示例文件”)在配置中使用数据 URL 方案内联指定。

{
  "ignition": { "version": "3.0.0" },
  "storage": {
    "files": [{
      "path": "/etc/someconfig",
      "mode": 420,
      "contents": { "source": "data:,example%20file%0A" }
    }]
  }
}

Paths are specified relative to the root filesystem of the system Ignition is configuring. Symlinks are followed as if Ignition was running from the final system. See the operator notes for more information about how Ignition follows symlinks.
路径是相对于 Ignition 配置的系统的根文件系统指定的。符号链接将被跟随,就好像 Ignition 是从最终系统运行的一样。有关 Ignition 如何跟随符号链接的更多信息,请参阅操作员注意事项。

Reformat the /var Filesystem
重新格式化 /var 文件系统

Btrfs

This example Ignition configuration will locate the device with the “VAR” filesystem label and reformat it to btrfs, recreating the filesystem label. The wipeFilesystem option is set to ensure that Ignition ignores any existing filesystem. This configuration also writes a file to /var/example-asset, fetching its contents from https://example.com/asset. Ignition mounts filesystems it creates at the specified path before creating anything on the filesystems, ensuring /var/example-asset is created on the newly created filesystem. Note that Ignition will not automatically create mount units or /etc/fstab entries for the filesystems it creates. In this case we assume the OS already has a mount unit or /etc/fstab entry for the /var filesystem by label.
这个示例 Ignition 配置将定位带有“VAR”文件系统标签的设备,并将其重新格式化为 btrfs,重新创建文件系统标签。 wipeFilesystem 选项被设置为确保 Ignition 忽略任何现有的文件系统。此配置还将一个文件写入到 /var/example-asset ,从 https://example.com/asset 获取其内容。Ignition 在创建任何文件系统上的内容之前,会将其创建的文件系统挂载到指定的 path ,确保 /var/example-asset 在新创建的文件系统上创建。请注意,Ignition 不会自动为其创建的文件系统创建挂载单元或 /etc/fstab 条目。在这种情况下,我们假设操作系统已经通过标签为 /var 的文件系统创建了挂载单元或 /etc/fstab 条目。

{
  "ignition": { "version": "3.0.0" },
  "storage": {
    "filesystems": [{
      "device": "/dev/disk/by-label/VAR",
      "path": "/var",
      "format": "btrfs",
      "wipeFilesystem": true,
      "label": "VAR"
    }],
    "files": [{
      "path": "/var/example-asset",
      "mode": 420,
      "contents": {
        "source": "http://example.com/asset",
        "verification": { "hash": "sha512-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" }
      }
    }]
  }
}

The SHA512 sum of the file can be determined using sha512sum. SHA256 sums are also supported, and can be calculated using sha256sum.
文件的 SHA512 校验和可以使用 sha512sum 来确定。也支持 SHA256 校验和,可以使用 sha256sum 来计算。

Create a RAID-enabled Data Volume
创建一个支持 RAID 的数据卷

In many scenarios, it may be useful to have an external data volume. This config will set up a RAID0 ext4 volume, data, between two separate disks. It also writes a mount unit (shown below) which will automatically mount the volume to /var/lib/data.
在许多场景中,拥有一个外部数据卷可能非常有用。此配置将在两个独立磁盘之间设置一个 RAID0 ext4 卷 data 。它还会写入一个挂载单元(如下所示),该单元将自动将卷挂载到 /var/lib/data

{
  "ignition": { "version": "3.0.0" },
  "storage": {
    "disks": [
      {
        "device": "/dev/sdb",
        "wipeTable": true,
        "partitions": [{
          "label": "raid.1.1",
          "number": 1,
          "sizeMiB": 1024,
          "startMiB": 0
        }]
      },
      {
        "device": "/dev/sdc",
        "wipeTable": true,
        "partitions": [{
          "label": "raid.1.2",
          "number": 1,
          "sizeMiB": 1024,
          "startMiB": 0
        }]
      }
    ],
    "raid": [{
      "devices": [
        "/dev/disk/by-partlabel/raid.1.1",
        "/dev/disk/by-partlabel/raid.1.2"
      ],
      "level": "stripe",
      "name": "data"
    }],
    "filesystems": [{
      "device": "/dev/md/data",
      "path": "/var/lib/data",
      "format": "ext4",
      "label": "DATA"
    }]
  },
  "systemd": {
    "units": [{
      "name": "var-lib-data.mount",
      "enabled": true,
      "contents": "[Mount]\nWhat=/dev/md/data\nWhere=/var/lib/data\nType=ext4\n\n[Install]\nWantedBy=local-fs.target"
    }]
  }
}

var-lib-data.mount:

[Mount]
What=/dev/md/data
Where=/var/lib/data
Type=ext4

[Install]
WantedBy=local-fs.target

Replace the Config with a Remote Config
用远程配置替换配置

In some cloud environments, there is a limit on the size of the config which may be provided to a machine. To work around this, Ignition allows configs to be replaced with the contents of an alternate, remote config. The following demonstrates this, using a SHA512 sum to verify the contents of the config.
在某些云环境中,对于可以提供给机器的配置存在限制。为了解决这个问题,Ignition 允许将配置替换为替代的远程配置内容。以下示例演示了如何使用 SHA512 校验和来验证配置的内容。

{
  "ignition": {
    "version": "3.0.0",
    "config": {
      "replace": {
        "source": "http://example.com/config.json",
        "verification": { "hash": "sha512-0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" }
      }
    }
  }
}

The SHA512 sum of the config can be determined using sha512sum. SHA256 sums are also supported, and can be calculated using sha256sum.
可以使用 sha512sum 来确定配置的 SHA512 校验和。同时也支持 SHA256 校验和,可以使用 sha256sum 来计算。

Set the Hostname 设置主机名

Setting the hostname of a system is as simple as writing /etc/hostname:
设置系统的主机名就像写入 /etc/hostname 一样简单:

{
  "ignition": { "version": "3.0.0" },
  "storage": {
    "files": [{
      "path": "/etc/hostname",
      "mode": 420,
      "overwrite": true,
      "contents": { "source": "data:,core1" }
    }]
  }
}

Add Users 添加用户

Users can be added to an OS with the passwd.users key which takes a list of objects that specify a given user. If you wanted to configure a user “systemUser” and a user “jenkins” you would do that as follows:
用户可以使用 passwd.users 密钥将用户添加到操作系统,该密钥接受指定用户的对象列表。如果您想配置用户“systemUser”和用户“jenkins”,可以按照以下步骤操作:

{
  "ignition": { "version": "3.0.0" },
  "passwd": {
    "users": [
      {
        "name": "systemUser",
        "passwordHash": "$superSecretPasswordHash.",
        "sshAuthorizedKeys": [
          "ssh-rsa veryLongRSAPublicKey"
        ]
      },
      {
        "name": "jenkins",
        "uid": 1000
      }
    ]
  }
}

To add more users, configure them within the users list structure ([...]).
要添加更多用户,请在 users 列表结构( [...] )中配置它们。

Create a LUKS Volume
创建一个 LUKS 卷

This config will set up a key-file based LUKS2 volume, data, put a filesystem on the volume, and write a mount unit (shown below) to automatically mount the volume to /var/lib/data.
此配置将设置基于密钥文件的 LUKS2 卷, data ,在卷上放置文件系统,并编写一个挂载单元(如下所示)以自动将卷挂载到 /var/lib/data

{
  "ignition": {"version": "3.2.0"},
  "storage": {
    "luks": [{
      "name": "data",
      "device": "/dev/sdb"
    }],
    "filesystems": [{
      "path": "/var/lib/data",
      "device": "/dev/disk/by-id/dm-name-data",
      "format": "ext4",
      "label": "DATA"
    }]
  },
  "systemd": {
    "units": [{
      "name": "var-lib-data.mount",
      "enabled": true,
      "contents": "[Mount]\nWhat=/dev/disk/by-label/DATA\nWhere=/var/lib/data\nType=ext4\n\n[Install]\nWantedBy=local-fs.target"
    }]
  }
}

var-lib-data.mount:

[Mount]
What=/dev/disk/by-label/DATA
Where=/var/lib/data
Type=ext4

[Install]
WantedBy=local-fs.target

Set Kernel Arguments 设置内核参数

This config will ensure that the example and foo bar kernel arguments are set and the somekarg kernel argument is not set.
此配置将确保设置 examplefoo bar 内核参数,并且未设置 somekarg 内核参数。

{
  "ignition": {"version": "3.3.0"},
  "kernelArguments": {
    "shouldExist": ["example", "foo bar"],
    "shouldNotExist": ["somekarg"]
  }
}