This is written for users who are already familiar with Triton and are ready to add Linux CNs to an existing datacenter.
WARNING: Linux CN is a technology preview. Some features are not yet implemented and the behavior will change without explicit notification. A general rule of thumb is that we want Linux CN to behave mostly like SmartOS.
Linux CNs are currently not recomended for multi-tenant hosting providers. There will most likely be breaking changes with little to no warning.
-
Update all components to the latest
releaseimage. See the Triton Maintenance and Upgrades documentation. -
Update
imgapito the latestdevimage.sdcadm update -C dev imgapi --latest
Linux Platform images are currently only available in Manta. At a later time,
they'll start being added to the experimental channel. You should keep as
up to date as possible with Linux CN images. Things can move pretty fast.
-
Check Manta for the latest platform image (https://us-central.manta.mnx.io/Joyent_Dev/public/manta-browse/browse.html, drill down to the TritonDCLinux directory).
-
Download the image
mkdir /var/tmp/linuxcn cd /var/tmp/linuxcn curl -OC - https://us-central.manta.mnx.io/Joyent_Dev/public/TritonDCLinux/20210731T223008Z/platform-20210731T223008Z.tgz -
Install the image
sdcadm platform install ./platform-20210731T223008Z.tgz
You'll need to have an un-setup CN. If you don't have an available un-setup CN you can wipe an existing CN. THIS WILL DESTROY ALL DATA ON THE CN.
WARNING: These steps will irecoverably destroy all data on the CN. Make sure you are sure!!
-
Migrate any zones that are still on the CN. See the
sdc-migratecommand. -
SSH to the compute node
-
Issue the
sdc-factoryresetcommand -
After the server reboots, power it off. This can be done with IPMI if you have that available.
-
Delete the server from CNAPI. First make note of the CN UUID, then delte it
sdc-server delete <CN UUID> -
Delete all NICs from NAPI
for m in $(sdc-napi /nics?belongs_to_uuid="<CN UUID>" | json -Ha mac); do sdc-napi /nics/"$m" -X DELETE done -
Verify with
sdc-server listthat no background tasks have re-added the CN to CNAPI. If necessary, issuesdc-server deleteagain.
-
Boot the CN. It will boot to the default platform image, which will most likely be SmartOS.
-
Assign a Linux platform, and reboot it
sdcadm platform assign <platform> <CN UUID> sdc-oneachnode -n <CN UUID> 'exit 113' -
The CN will now boot to the designated platform image.
- To verify the OS run
sdc-oneachnode -n <CN UUID> 'uname -s'
- To verify the OS run
-
Run
sdc-server setupas normal. Note that not all options are supported yet. Settinghostnameis supported. -
Assign nic tags via AdminUI or NAPI.
-
Reboot the CN after nic tags are assigned.
The CN is now ready for use. You should be able to ssh to the CN from the
headnode using the sdc.id_rsa key.
Linux CN currently only supports LXC instances. To import images, first you need to identify an image alias. You can use the following command on any Linux system with LXC/LXD installed to list images.
lxc image list images:
lxc image list ubuntu:
Images in the ubuntu: repo are produced by Canonical. Any of these images
should work fine. Canonical image aliases are named after the Ubuntu code name.
E.g., ubuntu:f for Ubuntu 20.04 Focal Fossa.
Images in the images: repo are produced by https://linuxcontainers.org.
The images: repo provides images of type CONTAINER or VIRTUAL-MACHINE.
Virtual machine images are not yet supported (we will be adding support
at a later date). Most images tagged with cloud should work.
The requirement for an image to work properly is that it has both cloud-init
and ssh-server installed in the image. Unfortunately, not all images tagged
with cloud have ssh installed and there's no way to know without trying
it out.
Linuxcontainers.org image aliases are named in the format
<distribution>/<version>/<variant>/<arch>. Variant and arch are optional. If
the arch isn't listed in the tag, then it will be the same arch that matches
the host on which the command was run. In any case, imgapi will only import
amd64/x86_64 images implicitly, so don't include the arch or the image won't
be found. Images that are not tagged with cloud will no thave cloud-init
installed, and will not set up correctly post-creation. They will be created,
but you won't be able to log into them.
A valid alias will look like images:centos/7/cloud or ubuntu:f. You must
include the image repo source to import the image to imgapi.
Once you have found an image you'll need to import it, and modify the access control.
From the headnode, import the image:
sdc-imgapi /images?action=import-lxd-image\&alias="${alias:?}" -X POST
After the image is installed, use sdc-imgadm list type=lxd to find the image
UUID.
Triton users will only be able to see the image via cloudapi if they are on the ACL, or the image is public.
To add users to the ACL, use the following command:
sdc-imgapi /images/${uuid:?}/acl?action=add -X POST -d '["<user_uuid>"]'
Note: this is a JSON array, so you can list multiple owners.
To make the image public, use the following command:
sdc-imgapi "/images/${uuid:?}?action=update" -X POST -d '{"public":true}'
Making an image public does not remove the ACL, it is just ignored. To make an
image private pass {"public":false}. Access will revert to the existing ACL.
Following the steps above, you should now be able to proviison instances using
CloudAPI. Use triton images to list images and triton packages to list
packages. You'll need to select packages that use no brand requirement. Packages
that work for SmartOS (joyent) or LX brand will work fine.
Linux CNs do not support fabric networking, so if you have fabric networking configured you'll need to explicitly pass hard VLAN networks at create time or the instance will fail to be created.
Not all provision options are supported. E.g., delegated datasets. Provisions are equally likely to fail or silently ignore unsupported options. If there's a feature you're eagerly looking forward to, file an issue.