An updated version of CentOS Atomic Host (tree version 7.20170428), is now available, featuring the option of substituting the host’s default docker 1.12 container engine with a more recent, docker 1.13-based version, provided via the docker-latest package.

CentOS Atomic Host is a lean operating system designed to run Docker containers, built from standard CentOS 7 RPMs, and tracking the component versions included in Red Hat Enterprise Linux Atomic Host.

CentOS Atomic Host is available as a VirtualBox or libvirt-formatted Vagrant box, or as an installable ISO, qcow2 or Amazon Machine image. These images are available for download at cloud.centos.org. The backing ostree repo is published to mirror.centos.org.

CentOS Atomic Host includes these core component versions:

  • atomic-1.15.4-2.el7.x86_64
  • cloud-init-0.7.5-10.el7.centos.1.x86_64
  • docker-1.12.6-16.el7.centos.x86_64
  • etcd-3.1.3-1.el7.x86_64
  • flannel-0.7.0-1.el7.x86_64
  • kernel-3.10.0-514.16.1.el7.x86_64
  • kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64
  • ostree-2017.3-2.el7.x86_64
  • rpm-ostree-client-2017.3-1.atomic.el7.x86_64

Containerized kubernetes-master

The downstream release of CentOS Atomic Host ships without the kubernetes-master package built into the image. Instead, you can run the master kubernetes components (apiserver, scheduler, and controller-manager) in containers, managed via systemd, using the service files and instructions on the CentOS wiki. The containers referenced in these systemd service files are built in and hosted from the CentOS Community Container Pipeline, based on Dockerfiles from the CentOS-Dockerfiles repository.

These containers have been tested with the kubernetes ansible scripts provided in the upstream contrib repository, and they work as expected, provided you first copy the service files onto your master.

Alternatively, you can install the kubernetes-master components using rpm-ostree package layering using the command: atomic host install kubernetes-master.

docker-latest

You can switch to the alternate docker version by running:

# systemctl disable docker --now
# systemctl enable docker-latest --now
# sed -i '/DOCKERBINARY/s/^#//g' /etc/sysconfig/docker

Because both docker services share the /run/docker directory, you cannot run both docker and docker-latest at the same time on the same system.

Upgrading

If you’re running a previous version of CentOS Atomic Host, you can upgrade to the current image by running the following command:

$ sudo atomic host upgrade

Images

Vagrant

CentOS-Atomic-Host-7-Vagrant-Libvirt.box and CentOS-Atomic-Host-7-Vagrant-Virtualbox.box are Vagrant boxes for Libvirt and Virtualbox providers.

The easiest way to consume these images is via the Atlas / Vagrant Cloud setup (see https://atlas.hashicorp.com/centos/boxes/atomic-host). For example, getting the VirtualBox instance up would involve running the following two commands on a machine with vagrant installed:

$ vagrant init centos/atomic-host && vagrant up --provider virtualbox 

ISO

The installer ISO can be used via regular install methods (PXE, CD, USB image, etc.) and uses the Anaconda installer to deliver the CentOS Atomic Host. This image allows users to control the install using kickstarts and to define custom storage, networking and user accounts. This is the recommended option for getting CentOS Atomic Host onto bare metal machines, or for generating your own image sets for custom environments.

QCOW2

The CentOS-Atomic-Host-7-GenericCloud.qcow2 image is suitable for use in on-premise and local virtualized environments. We test this on OpenStack, AWS and local Libvirt installs. If your virtualization platform does not provide its own cloud-init metadata source, you can create your own NoCloud iso image.

Amazon Machine Images

Region Image ID
ap-south-1 ami-9c7b06f3
eu-west-2 ami-14425570
eu-west-1 ami-a1b9b7c7
ap-northeast-2 ami-e01cc18e
ap-northeast-1 ami-2a0d304d
sa-east-1 ami-ce7619a2
ca-central-1 ami-8b813def
ap-southeast-1 ami-61e36702
ap-southeast-2 ami-84c7cde7
eu-central-1 ami-f970ae96
us-east-1 ami-4a70015c
us-east-2 ami-d2cfe8b7
us-west-1 ami-57ba9c37
us-west-2 ami-fbd8bd9b

SHA Sums

977c9b6e70dd0170fc092520f01be26c4d256ffe5340928d79c762850e5cedd9  CentOS-Atomic-Host-7.1704-GenericCloud.qcow2
781074c43aa6a6f3cad61a77108541976776eb3cb6fe30f54ca746a8314b5f87  CentOS-Atomic-Host-7.1704-GenericCloud.qcow2.gz
aef7fedf01b920ee75449467eb93724405cb22d861311fbc42406a7bd4dbfee2  CentOS-Atomic-Host-7.1704-GenericCloud.qcow2.xz
669c5fd1b97bc2849a7e3dbec325207d98e834ce71e17e0921b583820d91f4f5  CentOS-Atomic-Host-7.1704-Installer.iso
b5ef69bff65ab595992649f62c8fc67c61faa59ba7f4ff0cb455a9196e450ae2  CentOS-Atomic-Host-7.1704-Vagrant-Libvirt.box
73757f50ef9cdac2e3ba6d88a216cca23000a32fa96891902feaa86d49147e3f  CentOS-Atomic-Host-7.1704-Vagrant-VirtualBox.box

Release Cycle

The CentOS Atomic Host image follows the upstream Red Hat Enterprise Linux Atomic Host cadence. After sources are released, they’re rebuilt and included in new images. After the images are tested by the SIG and deemed ready, we announce them.

Getting Involved

CentOS Atomic Host is produced by the CentOS Atomic SIG, based on upstream work from Project Atomic. If you’d like to work on testing images, help with packaging, documentation — join us!

The SIG meets weekly on Thursdays at 16:00 UTC in the #centos-devel channel, and you’ll often find us in #atomic and/or #centos-devel if you have questions. You can also join the atomic-devel mailing list if you’d like to discuss the direction of Project Atomic, its components, or have other questions.

Getting Help

If you run into any problems with the images or components, feel free to ask on the centos-devel mailing list.

Have questions about using Atomic? See the atomic mailing list or find us in the #atomic channel on Freenode.

We are pleased to announce new official Vagrant images of CentOS Linux 6.9 and CentOS Linux 7.3.1611 for x86_64, featuring updated packages to 30 April 2017 and the following changes:

  • kdump has been removed from the images, since it needs to reserve 160MB + 2bits/4kB RAM for the crash kernel, and automatic allocation only works on systems with at least 2GB RAM

Known Issues

  1. The VirtualBox Guest Additions are not preinstalled; if you need them for shared folders, please install the vagrant-vbguest plugin and add the following line to your Vagrantfile:
    config.vm.synced_folder “.”, “/vagrant”, type: “virtualbox”

    . Please note that there is a bug in VirtualBox 5.1.20 that prevents vagrant-vbguest from working.
    We recommend using NFS instead of VirtualBox shared folders if possible. You can also use the vagrant-sshfs plugin, which, unlike NFS, works on all operating systems.

  2. Since the Guest Additions are missing, our images are preconfigured to use rsync for synced folders. Windows users can either use SMB for synced folders, or disable the sync directory by adding the line
    config.vm.synced_folder ".", "/vagrant", disabled: true

    to their Vagrantfile, to prevent errors on “vagrant up”.

  3. Vagrant 1.8.5 is unable to create new CentOS Linux boxes due to Vagrant bug #7610
  4. Vagrant 1.8.7 is unable to download or update boxes due to Vagrant bug #7969.
  5. Vagrant 1.9.1 broke private networking, see Vagrant bug #8166
  6. Vagrant 1.9.3 doesn’t work with SMB sync due to Vagrant bug #8404
  7. The vagrant-libvirt plugin is only compatible with Vagrant 1.5 to 1.8
  8. Installing open-vm-tools is not enough for enabling shared folders with Vagrant’s VMware provider. Please follow the detailed instructions in https://github.com/mvermaes/centos-vmware-tools (updated for this release).

Recommended Setup on the Host

Our automatic testing is running on a CentOS Linux 7 host, using Vagrant 1.9.3 with vagrant-libvirt and VirtualBox 5.1.20 (without the Guest Additions) as providers. We strongly recommend using the libvirt provider when stability is required.

We also performed additional manual testing with Vagrant 1.9.4 on OS X 10.11.6, with VirtualBox 5.1.20.

Downloads

The official images can be downloaded from Hashicorp’s Atlas. We provide images for libvirt-kvm, VirtualBox and VMware.

If you never used our images before:

vagrant box add centos/6 # for CentOS Linux 6, or...
vagrant box add centos/7 # for CentOS Linux 7

Existing users can upgrade their images:

vagrant box update --box centos/6
vagrant box update --box centos/7

Verifying the integrity of the images

The SHA256 checksums of the images are signed with the CentOS 7 Official Signing Key. First, download and verify the checksum file:

$ curl http://cloud.centos.org/centos/7/vagrant/x86_64/images/sha256sum.txt.asc -o sha256sum.txt.asc
$ gpg --verify sha256sum.txt.asc

If the check passed, you can use the corresponding checksum when downloading the image with Vagrant:

$ vagrant box add --checksum-type sha256 --checksum f8cd95ce24fd9f615dd38bbf8b6c285a916a4cac1d98ada4ab16d6626468032b --provider libvirt --box-version 1704.01 centos/7

Unfortunately, this is not possible with vagrant box update.

Feedback

If you encounter any unexpected issues with the Vagrant images, feel free to ask on the centos-devel mailing list, or via IRC, in #centos on Freenode.

Ackowledgements

We would like to thank Fabian Arrotin and Thomas Oulevey for their work on the build infrastructure.

We would also like to thank the following people (listed alphabetically):

  • Graham Mainwaring, for helping with tests and validations
  • Michael Vermaes, for testing our official images, as well as for writing the detailed guide to using them with VMware Fusion Pro and VMware Workstation Pro.

An updated version of CentOS Atomic Host (tree version 7.20170405), is now available, including significant updates to kubernetes (version 1.5.2), etcd (version 3.1) and flannel (version 0.7).

CentOS Atomic Host is a lean operating system designed to run Docker containers, built from standard CentOS 7 RPMs, and tracking the component versions included in Red Hat Enterprise Linux Atomic Host.

CentOS Atomic Host is available as a VirtualBox or libvirt-formatted Vagrant box, or as an installable ISO, qcow2 or Amazon Machine image. These images are available for download at cloud.centos.org. The backing ostree repo is published to mirror.centos.org.

CentOS Atomic Host includes these core component versions:

  • atomic-1.15.4-2.el7.x86_64
  • cloud-init-0.7.5-10.el7.centos.1.x86_64
  • docker-1.12.6-11.el7.centos.x86_64
  • etcd-3.1.0-2.el7.x86_64
  • flannel-0.7.0-1.el7.x86_64
  • kernel-3.10.0-514.10.2.el7.x86_64
  • kubernetes-node-1.5.2-0.2.gitc55cf2b.el7.x86_64
  • ostree-2017.1-3.atomic.el7.x86_64
  • rpm-ostree-client-2017.1-6.atomic.el7.x86_64

Containerized kubernetes-master

The downstream release of CentOS Atomic Host ships without the kubernetes-master package built into the image. Instead, you can run the master kubernetes components (apiserver, scheduler, and controller-manager) in containers, managed via systemd, using the service files and instructions on the CentOS wiki. The containers referenced in these systemd service files are built in and hosted from the CentOS Community Container Pipeline, based on Dockerfiles from the CentOS-Dockerfiles repository.

These containers have been tested with the kubernetes ansible scripts provided in the upstream contrib repository, and they work as expected, provided you first copy the service files onto your master.

Upgrading

If you’re running a previous version of CentOS Atomic Host, you can upgrade to the current image by running the following command:

$ sudo atomic host upgrade

Images

Vagrant

CentOS-Atomic-Host-7-Vagrant-Libvirt.box and CentOS-Atomic-Host-7-Vagrant-Virtualbox.box are Vagrant boxes for Libvirt and Virtualbox providers.

The easiest way to consume these images is via the Atlas / Vagrant Cloud setup (see https://atlas.hashicorp.com/centos/boxes/atomic-host). For example, getting the VirtualBox instance up would involve running the following two commands on a machine with vagrant installed:

$ vagrant init centos/atomic-host && vagrant up --provider virtualbox 

ISO

The installer ISO can be used via regular install methods (PXE, CD, USB image, etc.) and uses the Anaconda installer to deliver the CentOS Atomic Host. This image allows users to control the install using kickstarts and to define custom storage, networking and user accounts. This is the recommended option for getting CentOS Atomic Host onto bare metal machines, or for generating your own image sets for custom environments.

QCOW2

The CentOS-Atomic-Host-7-GenericCloud.qcow2 image is suitable for use in on-premise and local virtualized environments. We test this on OpenStack, AWS and local Libvirt installs. If your virtualization platform does not provide its own cloud-init metadata source, you can create your own NoCloud iso image.

Amazon Machine Images

Region Image ID
us-east-1 ami-a50d85b3
ap-south-1 ami-13f6857c
eu-west-2 ami-42233726
eu-west-1 ami-49063c2f
ap-northeast-2 ami-d1c81abf
ap-northeast-1 ami-7b1c3e1c
sa-east-1 ami-914f2dfd
ca-central-1 ami-2de75b49
ap-southeast-1 ami-53328c30
ap-southeast-2 ami-6d929c0e
eu-central-1 ami-dca270b3
us-east-2 ami-18bc987d
us-west-1 ami-b22a0fd2
us-west-2 ami-2e2bbb4e

SHA Sums

b337bc56a71b6b25237a5c0c06c9f48a33973b4e41c648288bcfaf5a494af98c  CentOS-Atomic-Host-7.1703-GenericCloud.qcow2
707db9907a850816fca7782da1dca3584fa0d8be821d0ee95525b688aaa0cc6d  CentOS-Atomic-Host-7.1703-GenericCloud.qcow2.gz
c4ef91cc801777e214106522f848f8b388fb92699d67ed4fe86cc942a361f7a2  CentOS-Atomic-Host-7.1703-GenericCloud.qcow2.xz
5e41a0306a8c1c212117c68eae10f0f59b25cb6c57dec9629bf3ac760bca54bc  CentOS-Atomic-Host-7.1703-Installer.iso
f509eb482a614d2eb047009aaa6c37c125b66cdd483e7015983cae5f72d9f041  CentOS-Atomic-Host-7.1703-Vagrant-Libvirt.box
2c0ba7dda2f4f249aa6c31cfcb36df1a17913b9d8786afb7b340a24b15b404f1  CentOS-Atomic-Host-7.1703-Vagrant-VirtualBox.box

Release Cycle

The CentOS Atomic Host image follows the upstream Red Hat Enterprise Linux Atomic Host cadence. After sources are released, they’re rebuilt and included in new images. After the images are tested by the SIG and deemed ready, we announce them.

Getting Involved

CentOS Atomic Host is produced by the CentOS Atomic SIG, based on upstream work from Project Atomic. If you’d like to work on testing images, help with packaging, documentation — join us!

The SIG meets weekly on Thursdays at 16:00 UTC in the #centos-devel channel, and you’ll often find us in #atomic and/or #centos-devel if you have questions. You can also join the atomic-devel mailing list if you’d like to discuss the direction of Project Atomic, its components, or have other questions.

Getting Help

If you run into any problems with the images or components, feel free to ask on the centos-devel mailing list.

Have questions about using Atomic? See the atomic mailing list or find us in the #atomic channel on Freenode.

We are pleased to announce new official Vagrant images of CentOS Linux 6.8 and CentOS Linux 7.3.1611 for x86_64, featuring updated packages to 30 March 2017 and the following changes:

  • The VMware images now use the paravirtualized SCSI controller (the kernel module for the LSILogic controller has been deprecated upstream).
  • The VMware images now specify vmware_desktop, allowing them to work with bth VMware Fusion and VMware Workstation

Known Issues

  1. The VirtualBox Guest Additions are not preinstalled; if you need them for shared folders, please install the vagrant-vbguest plugin and add the following line to your Vagrantfile:
    config.vm.synced_folder “.”, “/vagrant”, type: “virtualbox”

    We recommend using NFS instead of VirtualBox shared folders if possible. You can also use the vagrant-sshfs plugin, which, unlike NFS, works on all operating systems.

  2. Since the Guest Additions are missing, our images are preconfigured to use rsync for synced folders. Windows users can either use SMB for synced folders, or disable the sync directory by adding the line
    config.vm.synced_folder ".", "/vagrant", disabled: true

    to their Vagrantfile.

  3. Vagrant 1.8.5 is unable to create new CentOS Linux boxes due to Vagrant bug #7610
  4. Vagrant 1.8.7 is unable to download or update boxes due to Vagrant bug #7969.
  5. Vagrant 1.9.1 broke private networking, see Vagrant bug #8166
  6. Vagrant 1.9.3 doesn’t work with SMB sync due to Vagrant bug #8404
  7. Installing open-vm-tools is not enough for enabling shared folders with Vagrant’s VMware provider. Please follow the detailed instructions in https://github.com/mvermaes/centos-vmware-tools (updated for this release).

Recommended Setup on the Host

Our automatic testing is running on a CentOS Linux 7 host, using Vagrant 1.8.1 from SCL, with libvirt and VirtualBox 5.0.30 (without the VirtualBox Guest Additions) as providers. We strongly recommend using the libvirt provider when stability is required.

We also performed additional manual testing with Vagrant 1.9.3 on OS X 10.11.6, with VirtualBox 5.1.18.

Downloads

The official images can be downloaded from Hashicorp’s Atlas. We provide images for libvirt-kvm, VirtualBox and VMware.

If you never used our images before:

$ vagrant box add centos/6 # for CentOS Linux 6
$ vagrant box add centos/7 # for CentOS Linux 7

Existing users can upgrade their images:

$ vagrant box update --box centos/6
$ vagrant box update --box centos/7

Verifying the integrity of the images

The SHA256 checksums of the images are signed with the CentOS 7 Official Signing Key. First, download and verify the checksum file:

$ curl http://cloud.centos.org/centos/7/vagrant/x86_64/images/sha256sum.txt.asc -o sha256sum.txt.asc
$ gpg --verify sha256sum.txt.asc

If the check passed, you can use the corresponding checksum when downloading the image with Vagrant:

$ vagrant box add --checksum-type sha256 --checksum 82bbed14c34fdd8fd3cb617b0e8c0f154ebd4d1388f45de3335b2cdf791e5fed --provider libvirt --box-version 1703.01 centos/7

Unfortunately, this is not possible with vagrant box update.

Feedback

If you encounter any unexpected issues with the Vagrant images, feel free to ask on the centos-devel mailing list, or via IRC, in #centos on Freenode.

Ackowledgements

We would like to thank Fabian Arrotin and Thomas Oulevey for their work on the build infrastructure.

We would also like to thank the following people (listed alphabetically):

  • Graham Mainwaring, for helping with tests and validations
  • Michael Vermaes, for testing our official images, as well as for writing the detailed guide to using them with VMware Fusion Pro and VMware Workstation Pro.

We are pleased to announce new official Vagrant images of CentOS Linux 6.8 and CentOS Linux 7.3.1611 for x86_64, featuring updated packages to 28 February 2017.

Known Issues

  1. The VirtualBox Guest Additions are not preinstalled; if you need them for shared folders, please install the vagrant-vbguest plugin and add the following line to your Vagrantfile:
    config.vm.synced_folder “.”, “/vagrant”, type: “virtualbox”

    We recommend using NFS instead of VirtualBox shared folders if possible. You can also use the vagrant-sshfs plugin, which, unlike NFS, works on all operating systems.

  2. Since the Guest Additions are missing, our images are preconfigured to use rsync for synced folders. Windows users can either use SMB for synced folders, or disable the sync directory by adding the line
    config.vm.synced_folder ".", "/vagrant", disabled: true

    to their Vagrantfile.

  3. Vagrant 1.8.5 is unable to create new Linux boxes due to Vagrant bug #7610
  4. Vagrant 1.8.7 is unable to download or update boxes due to Vagrant bug #7969.
  5. Vagrant 1.9.1 broke private networking, see Vagrant bug #8166
  6. Installing open-vm-tools is not enough for enabling shared folders with Vagrant’s VMware provider. Please follow the detailed instructions in https://github.com/mvermaes/centos-vmware-tools (updated for this release).
  7. The metadata of the images for VMware is set to vmware_fusion. Please specify vmware_fusion as the provider when downloading the images, even if you’re using VMware Workstation.

Recommended Setup on the Host

Our automatic testing is running on a CentOS Linux 7 host, using Vagrant from SCL, with libvirt and VirtualBox 5.0.30 (without the VirtualBox Guest Additions) as providers. We strongly recommend using the libvirt provider when stability is required.

We also performed additional manual testing with Vagrant 1.9.0 on OS X 10.11.6, with VirtualBox 5.0.30.

Downloads

The official images can be downloaded from Hashicorp’s Atlas. We provide images for libvirt-kvm, VirtualBox and VMware.

If you never used our images before:

$ vagrant box add centos/6 # for CentOS Linux 6
$ vagrant box add centos/7 # for CentOS Linux 7

Existing users can upgrade their images:

$ vagrant box update --box centos/6
$ vagrant box update --box centos/7

Verifying the integrity of the images

The SHA256 checksums of the images are signed with the CentOS 7 Official Signing Key. First, download and verify the checksum file:

$ curl http://cloud.centos.org/centos/7/vagrant/x86_64/images/sha256sum.txt.asc -o sha256sum.txt.asc
$ gpg --verify sha256sum.txt.asc

If the check passed, you can use the corresponding checksum when downloading the image with Vagrant:

$ vagrant box add --checksum-type sha256 --checksum 48745c0f2dd4fbee366d830e3e333b637528ad936dd66ed5911df2adc02f46d7 --provider libvirt --box-version 1702.01 centos/7

Unfortunately, this is not possible with vagrant box update.

Feedback

If you encounter any unexpected issues with the Vagrant images, feel free to ask on the centos-devel mailing list, or via IRC, in #centos on Freenode.

Ackowledgements

We would like to thank Fabian Arrotin and Thomas Oulevey for their work on the build infrastructure.

We would also like to thank the following people (listed alphabetically):

  • Graham Mainwaring, for helping with tests and validations
  • Michael Vermaes, for testing our official images, as well as for writing the detailed guide to using them with VMware Fusion Pro and VMware Workstation Pro.

As announced, and confirmed on the centos-devel list, next week we’ll have a major outage impacting several services that are hosted in the same DC : due to some reorganization at the DC/Cage level, we’ll have to shutdown/move/reconfigure a big part of our hosted infra for the following services :

  • https://cbs.centos.org (Koji)
  • https://accounts.centos.org (auth backend, and also https://id.centos.org, our idp in front of ACO)
  • https://ci.centos.org (jenkins-driven CI environment)
  • https://registry.centos.org (that one will be temporary migrated to a read-only registry, so that people already pointing to that node will continue to be able to pull images)

We’re working on a plan to minimize the downtime/reconfiguration part, but at first sight, due to the hardware move of the racks/recabling parts/etc, the announced downtime will be probably ~48h.

What does that mean ? That during this maintenance window, nobody will be able to build/tests packages, nor be able to triggers automatically CI jobs (important). This hardware migration is scheduled for March 14th, starting at 13:00 UTC.

We’ll obviously try to restore those services as soon as possible, to minimize the impact on people building pkgs for SIGs

If you have questions, feel free to discuss this in the #centos-devel channel on irc.freenode.net, or the centos-devel mailing list

An updated version of CentOS Atomic Host (tree version 7.20170209), is now available, including significant updates to docker (version 1.12.5), kubernetes (version 1.4) and etcd (version 3.0.15).

CentOS Atomic Host is a lean operating system designed to run Docker containers, built from standard CentOS 7 RPMs, and tracking the component versions included in Red Hat Enterprise Linux Atomic Host.

CentOS Atomic Host is available as a VirtualBox or libvirt-formatted Vagrant box, or as an installable ISO, qcow2 or Amazon Machine image. These images are available for download at cloud.centos.org. The backing ostree repo is published to mirror.centos.org.

CentOS Atomic Host includes these core component versions:

  • atomic-1.14.1-5.el7.x86_64
  • cloud-init-0.7.5-10.el7.centos.1.x86_64
  • docker-1.12.5-14.el7.centos.x86_64
  • etcd-3.0.15-1.el7.x86_64
  • flannel-0.5.5-2.el7.x86_64
  • kernel-3.10.0-514.6.1.el7.x86_64
  • kubernetes-node-1.4.0-0.1.git87d9d8d.el7.x86_64
  • ostree-2016.15-1.atomic.el7.x86_64
  • rpm-ostree-client-2016.13-1.atomic.el7.x86_64

Containerized kubernetes-master

The downstream release of CentOS Atomic Host ships without the kubernetes-master package built into the image. Instead, you can run the master kubernetes components (apiserver, scheduler, and controller-manager) in containers, managed via systemd, using the service files and instructions on the CentOS wiki. The containers referenced in these systemd service files are built in and hosted from the CentOS Community Container Pipeline, based on Dockerfiles from
the CentOS-Dockerfiles repository.

These containers have been tested with the kubernetes ansible scripts provided in the upstream contrib repository, and they work as expected, provided you first copy the service files onto your master.

Upgrading

If you’re running a previous version of CentOS Atomic Host, you can upgrade to the current image by running the following command:

$ sudo atomic host upgrade

Images

Vagrant

CentOS-Atomic-Host-7-Vagrant-Libvirt.box and CentOS-Atomic-Host-7-Vagrant-Virtualbox.box are Vagrant boxes for Libvirt and Virtualbox providers.

The easiest way to consume these images is via the Atlas / Vagrant Cloud setup (see https://atlas.hashicorp.com/centos/boxes/atomic-host). For example, getting the VirtualBox instance up would involve running the following two commands on a machine with vagrant installed:

$ vagrant init centos/atomic-host && vagrant up --provider virtualbox 

ISO

The installer ISO can be used via regular install methods (PXE, CD, USB image, etc.) and uses the Anaconda installer to deliver the CentOS Atomic Host. This image allows users to control the install using kickstarts and to define custom storage, networking and user accounts. This is the recommended option for getting CentOS Atomic Host onto bare metal machines, or for generating your own image sets for custom environments.

QCOW2

The CentOS-Atomic-Host-7-GenericCloud.qcow2 image is suitable for use in on-premise and local virtualized environments. We test this on OpenStack, AWS and local Libvirt installs. If your virtualization platform does not provide its own cloud-init metadata source, you can create your own NoCloud iso image.

Amazon Machine Images

Region Image ID
us-east-1 ami-10f53a06
us-west-2 ami-4d9b1c2d
us-west-1 ami-4ae1bd2a
eu-west-1 ami-1daa8c7b
eu-central-1 ami-e8c20987
ap-southeast-1 ami-a8388fcb
ap-northeast-1 ami-ba2b67dd
ap-southeast-2 ami-1f84857c
ap-northeast-2 ami-adbd6dc3
sa-east-1 ami-1f492e73

SHA Sums

6f8b91373c763cf96ffead6ca044ddf6eea5c0b102a239933c112a7f1089396e  CentOS-Atomic-Host-7.1701-GenericCloud.qcow2
380dcbdd4514f87f8915fee418cc965985c89a91b9182af622e36ffad26c9e04  CentOS-Atomic-Host-7.1701-GenericCloud.qcow2.gz
0bf3d5ec95d40cee94bc80e7c19206b3a260d2835fa43f1e99965bb8f99a777d  CentOS-Atomic-Host-7.1701-GenericCloud.qcow2.xz
bc55326e54832e3e08530e41cb738c4b293a7645c960a4c9be7f66024770a68c  CentOS-Atomic-Host-7.1701-Installer.iso
aaba6ca5e3b0a64abff843bff28eb82092e39fe82f120c76614822334ff22462  CentOS-Atomic-Host-7.1701-Vagrant-Libvirt.box
8d3c64895a40638cb8659186a0caabef9fc10ba944a130eda53f7d2109cfba35  CentOS-Atomic-Host-7.1701-Vagrant-VirtualBox.box

Release Cycle

The CentOS Atomic Host image follows the upstream Red Hat Enterprise Linux Atomic Host cadence. After sources are released, they’re rebuilt and included in new images. After the images are tested by the SIG and deemed ready, we announce them.

Getting Involved

CentOS Atomic Host is produced by the CentOS Atomic SIG, based on upstream work from Project Atomic. If you’d like to work on testing images, help with packaging, documentation — join us!

The SIG meets weekly on Thursdays at 16:00 UTC in the #centos-devel channel, and you’ll often find us in #atomic and/or #centos-devel if you have questions. You can also join the atomic-devel mailing list if you’d like to discuss the direction of Project Atomic, its components, or have other questions.

Getting Help

If you run into any problems with the images or components, feel free to ask on the centos-devel mailing list.

Have questions about using Atomic? See the atomic mailing list or find us in the #atomic channel on Freenode.

As a part of CentOS Container Pipeline project, we’ve been continually discussing, debating and working towards features that developers and sysadmins out there would like to have from a build pipeline. In the sense, besides just building the container images upon a push to some git repository, what else would add value for the devs and admins?

If you read the previous blog that talked about CentOS Container Image scanners, you already know that we have scanners based on atomic scan. These scanners scan the container image post build and report the results as an email to the user. If you’re already using it, you might find the JSON content of the email to be a bit untidy. But, rest assured, we’re working towards making it more eye candy. 🙂

As is the case with build pipelines similar to CentOS Container Pipeline, most container images are scanned only at the time of build. However, with CentOS Container Pipeline, we cannot afford to have such an architecture. Enterprises, academics, research institutes and various other large & small scale projects that use CentOS as their base platform for servers and developing containerized applications, often have stringent security rules which require them to update to the latest version of enterprise Linux packages. Besides security updates, new version of packages are often bundled with new features!

So, we figured it would be helpful for the devs and admins to have a weekly update about the status of their container images. In simplest terms, weekly image scans present exactly same output to the users as a post-build scan does, albeit on a weekly basis instead of forgetting about the images after building them. Weekly scans are a part of our Scheduled Scans story wherein we want to be able to provide the users with various time intervals, at the end of which, they want to get their container image scanned.

Based on the results of such scheduled scan, a dev or an admin can decide if their image needs to be upgraded or are they OK with its current state. So far, the only way you can do this is by running a container and checking the result of yum check-update.

To use this feature now, all you need to do is checkout the first blog about how to get started with CentOS Container Pipeline. Once you build images with CentOS Container Pipeline, those images are automatically scanned on a weekly basis and an email is sent out to the user for each of his/her image(s).

If you would like to have a feature included in CentOS Container Pipeline, come talk to us on the IRC channel #centos-devel on Freenode server. Alternatively, you can also checkout our GitHub repo and open an issue for discussion there. We are excited to hear and understand about features that developers and sysadmins would find helpful!

We are pleased to announce new official Vagrant images of CentOS Linux 6.8 and CentOS Linux 7.3.1611 for x86_64, featuring updated packages to 15 December 2016, as well as the following user-visible changes:

  • the size of the boot partition has been increased to 1GB in centos/7, to conform with the new upstream recommendations
  • the centos/7 image is now based on CentOS Linux 7.3.1611

Known Issues

  1. The VirtualBox Guest Additions are not preinstalled; if you need them for shared folders, please install the vagrant-vbguest plugin and add the following line to your Vagrantfile:
    config.vm.synced_folder “.”, “/vagrant”, type: “virtualbox”

    We recommend using NFS instead of VirtualBox shared folders if possible. You can also use the vagrant-sshfs plugin, which, unlike NFS, works on all operating systems.

  2. Since the Guest Additions are missing, our images are preconfigured to use rsync for synced folders. Windows users can either use SMB for synced folders, or disable the sync directory by adding the line
    config.vm.synced_folder ".", "/vagrant", disabled: true

    to their Vagrantfile.

  3. Vagrant 1.8.5 is unable to create new Linux boxes due to Vagrant bug #7610
  4. Vagrant 1.8.7 is unable to download or update boxes due to Vagrant bug #7969.
  5. Vagrant 1.9.1 seems unable to assign an address to VirtualBox host-only interfaces.
  6. Installing open-vm-tools is not enough for enabling shared folders with Vagrant’s VMware provider. Please follow the detailed instructions in https://github.com/mvermaes/centos-vmware-tools (updated for this release).

Recommended Setup on the Host

Our automatic testing is running on a CentOS Linux 7 host, using Vagrant from SCL, with libvirt and VirtualBox 5.0.30 (without the VirtualBox Guest Additions) as providers. We strongly recommend using the libvirt provider when stability is required.

We also performed additional manual testing with Vagrant 1.9.0 on OS X 10.11.6, with VirtualBox 5.0.30.

Downloads

The official images can be downloaded from Hashicorp’s Atlas. We provide images for libvirt-kvm, VirtualBox and VMware.

If you never used our images before:

$ vagrant box add centos/6 # for CentOS Linux 6
$ vagrant box add centos/7 # for CentOS Linux 7

Existing users can upgrade their images:

$ vagrant box update --box centos/6
$ vagrant box update --box centos/7

Verifying the integrity of the images

The SHA256 checksums of the images are signed with the CentOS 7 Official Signing Key. First, download and verify the checksum file:

$ curl http://cloud.centos.org/centos/7/vagrant/x86_64/images/sha256sum.txt.asc -o sha256sum.txt.asc
$ gpg --verify sha256sum.txt.asc

If the check passed, you can use the corresponding checksum when downloading the image with Vagrant:

$ vagrant box add --checksum-type sha256 --checksum 74a95be409cef813881f5312dc1221e2559cdbf25f45d5234d81e91632f99cce --provider libvirt --box-version 1610.01 centos/7

Unfortunately, this is not possible with vagrant box update.

Feedback

If you encounter any unexpected issues with the Vagrant images, feel free to ask on the centos-devel mailing list, or via IRC, in #centos on Freenode.

Ackowledgements

We would like to thank the following people (listed alphabetically):

  • Graham Mainwaring, for helping with tests and validations
  • Michael Vermaes, for testing our official images, as well as for writing the detailed guide to using them with VMware Fusion Pro and VMware Workstation Pro.

Official Vagrant images for CentOS Linux 6.8 and CentOS Linux 7.2.1511 for x86_64 are now available for download, featuring updated packages to 30 October 2016, as well as the following user-visible changes:

  • several optimisations to make the images smaller and faster:
    • do not install most firmware packages
    • do not install microcode_ctl
    • do not build a rescue initramfs (resulting in significantly faster kernel updates)
    • do not load the floppy module on centos/7 (this reduces boot time by ca. 5s)
  • [security]: do not allow regular users to use su to become root or vagrant – see issue #76
  • set the SELinux type of /etc/sudoers.d/vagrant to etc_t

Known Issues

  1. The centos/7 image is based on CentOS Linux 7.2.1511, since CentOS Linux 7.3 is not available yet.
  2. The VirtualBox Guest Additions are not preinstalled; if you need them for shared folders, please install the vagrant-vbguest plugin and add the following line to your Vagrantfile:
    config.vm.synced_folder “.”, “/vagrant”, type: “virtualbox”

    We recommend using NFS instead of VirtualBox shared folders if possible.

  3. Since the Guest Additions are missing, our images are preconfigured to use rsync for synced folders. Windows users can either use SMB for synced folders, or disable the sync directory by adding the line
    config.vm.synced_folder ".", "/vagrant", disabled: true

    to your Vagrantfile.

  4. Please use Vagrant 1.8.6 (version 1.8.5 is unable to create new Linux boxes due to Vagrant bug #7610, while version 1.8.7 is unable to download or update boxes due to Vagrant bug #7969).
  5. Installing open-vm-tools is not enough for enabling shared folders with Vagrant’s VMware provider. Please follow the detailed instructions in https://github.com/mvermaes/centos-vmware-tools.

Downloads

The official images can be downloaded from Hashicorp’s Atlas. We provide images for libvirt-kvm, VirtualBox and VMware.

If you never used our images before:

$ vagrant box add centos/6 # for CentOS Linux 6
$ vagrant box add centos/7 # for CentOS Linux 7

Existing users can upgrade their images:

$ vagrant box update --box centos/6
$ vagrant box update --box centos/7

If you are using CentOS Linux on the host, we recommend installing Vagrant from SCL and using the libvirt images. In general, the Vagrant packages provided by your Linux distribution are preferable, since they usually backport fixes for some upstream bugs. If you are using Vagrant on other operating systems, please use Vagrant 1.8.6 (see Known issues, item 4).

Verifying the integrity of the images

The SHA256 checksums of the images are signed with the CentOS 7 Official Signing Key. First, download and verify the checksum file:

$ curl http://cloud.centos.org/centos/7/vagrant/x86_64/images/sha256sum.txt.asc -o sha256sum.txt.asc
$ gpg --verify sha256sum.txt.asc

If the check passed, you can use the corresponding checksum when downloading the image with Vagrant:

$ vagrant box add --checksum-type sha256 --checksum ce12f84646efab28b007bdf16f3134686a23fa052f809c4600919561274051da --provider libvirt --box-version 1610.01 centos/7

Unfortunately, this is not possible with vagrant box update.

Feedback

If you encounter any unexpected issues with the Vagrant images, feel free to ask on the centos-devel mailing list, or via IRC, in #centos on Freenode.

Ackowledgements

Some of the optimisations in this release were inspired by the Vagrant images from Fedora Cloud and Debian Cloud.

We would also like to thank the following people (in alphabetical order):

  • Graham Mainwaring, for helping with tests and validations
  • Michael Vermaes, for testing our official images, as well as for writing the detailed guide to using them with VMware Fusion Pro and VMware Workstation Pro.