|
|
|
|
@@ -12,23 +12,28 @@ WARNING: This image has **not** been heavily tested, though the underlying compo
|
|
|
|
|
|
|
|
|
|
### `ucore`
|
|
|
|
|
|
|
|
|
|
Suitable for running containerized workloads on either baremetal or virtual machines, this image tries to stay lightweight with not too many additions.
|
|
|
|
|
Suitable for running containerized workloads on either baremetal or virtual machines, this image tries to stay lightweight but functional for multiple use cases, including that of a storage server (NAS).
|
|
|
|
|
|
|
|
|
|
- Starts with a [Fedora CoreOS image](https://quay.io/repository/fedora/fedora-coreos?tab=tags)
|
|
|
|
|
- Adds the following:
|
|
|
|
|
- [cockpit](https://cockpit-project.org)
|
|
|
|
|
- [distrobox](https://github.com/89luca89/distrobox)
|
|
|
|
|
- [duperemove](https://github.com/markfasheh/duperemove)
|
|
|
|
|
- guest VM agents (`qemu-guest-agent` and `open-vm-tools`)
|
|
|
|
|
- intel wifi firmware - CoreOS omits this despite including atheros wifi firmware... hardware enablement FTW
|
|
|
|
|
- [mergerfs](https://github.com/trapexit/mergerfs)
|
|
|
|
|
- moby-engine(docker), docker-compose and podman-compose
|
|
|
|
|
- [snapraid](https://www.snapraid.it/)
|
|
|
|
|
- [tailscale](https://tailscale.com) and [wireguard-tools](https://www.wireguard.com)
|
|
|
|
|
- [tmux](https://github.com/tmux/tmux/wiki/Getting-Started)
|
|
|
|
|
- udev rules enabling full functionality on some [Realtek 2.5Gbit USB Ethernet](https://github.com/wget/realtek-r8152-linux/) devices
|
|
|
|
|
- Optional [nvidia versions](#tag-matrix) also add:
|
|
|
|
|
- [nvidia driver](https://negativo17.org/nvidia-driver) - latest driver (currently version 535) built from negativo17's akmod package
|
|
|
|
|
- [nvidia driver](https://github.com/ublue-os/ucore-kmods) - latest driver (currently version 535) built from negativo17's akmod package
|
|
|
|
|
- [nvidia-container-toolkit](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/sample-workload.html) - latest toolkit which supports both root and rootless podman containers and CDI
|
|
|
|
|
- [nvidia container selinux policy](https://github.com/NVIDIA/dgx-selinux/tree/master/src/nvidia-container-selinux) - allos using `--security-opt label=type:nvidia_container_t` for some jobs (some will still need `--security-opt label=disable` as suggested by nvidia)
|
|
|
|
|
- [nvidia container selinux policy](https://github.com/NVIDIA/dgx-selinux/tree/master/src/nvidia-container-selinux) - allows using `--security-opt label=type:nvidia_container_t` for some jobs (some will still need `--security-opt label=disable` as suggested by nvidia)
|
|
|
|
|
- Optional [ZFS versions](#tag-matrix) also add:
|
|
|
|
|
- [sanoid/syncoid dependencies](https://github.com/jimsalterjrs/sanoid) - [see below](#zfs) for details
|
|
|
|
|
- [ZFS](https://github.com/openzfs/zfs)
|
|
|
|
|
- [zfs driver](https://github.com/ublue-os/ucore-kmods) - latest driver (currently pinned to 2.1.x series)
|
|
|
|
|
- Enables staging of automatic system updates via rpm-ostreed
|
|
|
|
|
- Enables password based SSH auth (required for locally running cockpit web interface)
|
|
|
|
|
- Disables Zincati auto upgrade/reboot service
|
|
|
|
|
@@ -38,19 +43,14 @@ Note: per [cockpit instructions](https://cockpit-project.org/running.html#coreos
|
|
|
|
|
|
|
|
|
|
### `ucore-hci`
|
|
|
|
|
|
|
|
|
|
Hyper-Coverged Infrastructure(HCI) refers to storage and virtualization in one place... So this image is suitable for use as a hypervisor, storage server(NAS), as well as running containerized workloads). Accordingingly, it will be a bit larger due to extra hardware support, storage and virtualization packages.
|
|
|
|
|
Hyper-Coverged Infrastructure(HCI) refers to storage and virtualization in one place... So this image primarily adds the virtualization stack.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Starts with `ucore` to give you everything above, plus:
|
|
|
|
|
- Adds the following:
|
|
|
|
|
- [cockpit-machines](https://github.com/cockpit-project/cockpit-machines): Cockpit GUI for managing virtual machines
|
|
|
|
|
- [duperemove](https://github.com/markfasheh/duperemove)
|
|
|
|
|
- intel wifi firmware - CoreOS omits this despite including atheros wifi firmware... hardware enablement FTW
|
|
|
|
|
- [libvirt-client](https://libvirt.org/): `virsh` command-line utility for managing virtual machines
|
|
|
|
|
- [libvirt-daemon-kvm](https://libvirt.org/): libvirt KVM hypervisor management
|
|
|
|
|
- [mergerfs](https://github.com/trapexit/mergerfs)
|
|
|
|
|
- [snapraid](https://www.snapraid.it/)
|
|
|
|
|
- udev rules enabling full functionality on some [Realtek 2.5Gbit USB Ethernet](https://github.com/wget/realtek-r8152-linux/) devices
|
|
|
|
|
- virt-install: command-line utility for installing virtual machines
|
|
|
|
|
|
|
|
|
|
Note: Fedora now uses `DefaultTimeoutStop=45s` for systemd services which could cause `libvirtd` to quit before shutting down slow VMs. Consider adding `TimeoutStopSec=120s` as an override for `libvirtd.service` if needed.
|
|
|
|
|
|
Benjamin Sherman