Skip to content

Latest commit

 

History

History
92 lines (88 loc) · 9.04 KB

configuration-v2_0.md

File metadata and controls

92 lines (88 loc) · 9.04 KB
Raw

Configuration Specification v2.0.0

NOTE: The configuration specification 2.2.0 is currently the latest stable version of the spec, and it's advised to use that over version 2.0.0.

The Ignition configuration is a JSON document conforming to the following specification, with italicized entries being optional:

  • ignition (object): metadata about the configuration itself.
    • version (string): the semantic version number of the spec. The spec version must be compatible with the latest version (2.0.0). Compatibility requires the major versions to match and the spec version be less than or equal to the latest version.
    • config (objects): options related to the configuration.
      • append (list of objects): a list of the configs to be appended to the current config.
        • source (string): the URL of the config. Supported schemes are http, https, and data. Note: When using http, it is advisable to use the verification option to ensure the contents haven't been modified.
        • verification (object): options related to the verification of the config.
          • hash (string): the hash of the config, in the form <type>-<value> where type is sha512.
      • replace (object): the config that will replace the current.
        • source (string): the URL of the config. Supported schemes are http, https, and data. Note: When using http, it is advisable to use the verification option to ensure the contents haven't been modified.
        • verification (object): options related to the verification of the config.
          • hash (string): the hash of the config, in the form <type>-<value> where type is sha512.
  • storage (object): describes the desired state of the system's storage devices.
    • disks (list of objects): the list of disks to be configured and their options.
      • device (string): the absolute path to the device. Devices are typically referenced by the /dev/disk/by-* symlinks.
      • wipeTable (boolean): whether or not the partition tables shall be wiped. When true, the partition tables are erased before any further manipulation. Otherwise, the existing entries are left intact.
      • partitions (list of objects): the list of partitions and their configuration for this particular disk.
        • label (string): the PARTLABEL for the partition.
        • number (integer): the partition number, which dictates it's position in the partition table (one-indexed). If zero, use the next available partition slot.
        • size (integer): the size of the partition (in device logical sectors, 512 or 4096 bytes). If zero, the partition will be made as large as possible.
        • start (integer): the start of the partition (in device logical sectors). If zero, the partition will be positioned at the start of the largest block available.
        • typeGuid (string): the GPT partition type GUID. If omitted, the default will be 0FC63DAF-8483-4772-8E79-3D69D8477DE4 (Linux filesystem data).
    • raid (list of objects): the list of RAID arrays to be configured.
      • name (string): the name to use for the resulting md device.
      • level (string): the redundancy level of the array (e.g. linear, raid1, raid5, etc.).
      • devices (list of strings): the list of devices (referenced by their absolute path) in the array.
      • spares (integer): the number of spares (if applicable) in the array.
    • filesystems (list of objects): the list of filesystems to be configured and/or used in the "files" section. Either "mount" or "path" needs to be specified.
      • name (string): the identifier for the filesystem, internal to Ignition. This is only required if the filesystem needs to be referenced in the "files" section.
      • mount (object): contains the set of mount and formatting options for the filesystem. A non-null entry indicates that the filesystem should be mounted before it is used by Ignition.
        • device (string): the absolute path to the device. Devices are typically referenced by the /dev/disk/by-* symlinks.
        • format (string): the filesystem format (ext4, btrfs, or xfs).
        • create (object): contains the set of options to be used when creating the filesystem. A non-null entry indicates that the filesystem shall be created.
          • force (boolean): whether or not the create operation shall overwrite an existing filesystem.
          • options (list of strings): any additional options to be passed to the format-specific mkfs utility.
      • path (string): the mount-point of the filesystem. A non-null entry indicates that the filesystem has already been mounted by the system at the specified path. This is really only useful for "/sysroot".
    • files (list of objects): the list of files to be written.
      • filesystem (string): the internal identifier of the filesystem in which to write the file. This matches the last filesystem with the given identifier.
      • path (string): the absolute path to the file.
      • contents (object): options related to the contents of the file.
        • compression (string): the type of compression used on the contents (null or gzip)
        • source (string): the URL of the file contents. Supported schemes are http, https, and data. Note: When using http, it is advisable to use the verification option to ensure the contents haven't been modified.
        • verification (object): options related to the verification of the file contents.
          • hash (string): the hash of the config, in the form <type>-<value> where type is sha512.
      • mode (integer): the file's permission mode. Note that the mode must be properly specified as a decimal value (i.e. 0644 -> 420).
      • user (object): specifies the file's owner.
        • id (integer): the user ID of the owner.
      • group (object): specifies the group of the owner.
        • id (integer): the group ID of the owner.
  • systemd (object): describes the desired state of the systemd units.
    • units (list of objects): the list of systemd units.
      • name (string): the name of the unit. This must be suffixed with a valid unit type (e.g. "thing.service").
      • enable (boolean): whether or not the service shall be enabled. When true, the service is enabled. In order for this to have any effect, the unit must have an install section.
      • mask (boolean): whether or not the service shall be masked. When true, the service is masked by symlinking it to /dev/null.
      • contents (string): the contents of the unit.
      • dropins (list of objects): the list of drop-ins for the unit.
        • name (string): the name of the drop-in. This must be suffixed with ".conf".
        • contents (string): the contents of the drop-in.
  • networkd (object): describes the desired state of the networkd files.
    • units (list of objects): the list of networkd files.
      • name (string): the name of the file. This must be suffixed with a valid unit type (e.g. "00-eth0.network").
      • contents (string): the contents of the networkd file.
  • passwd (object): describes the desired additions to the passwd database.
    • users (list of objects): the list of accounts to be added.
      • name (string): the username for the account.
      • passwordHash (string): the encrypted password for the account.
      • sshAuthorizedKeys (list of strings): a list of SSH keys to be added to the user's authorized_keys.
      • create (object): contains the set of options to be used when creating the user. A non-null entry indicates that the user account shall be created.
        • uid (integer): the user ID of the new account.
        • gecos (string): the GECOS field of the new account.
        • homeDir (string): the home directory of the new account.
        • noCreateHome (boolean): whether or not to create the user's home directory.
        • primaryGroup (string): the name or ID of the primary group of the new account.
        • groups (list of strings): the list of supplementary groups of the new account.
        • noUserGroup (boolean): whether or not to create a group with the same name as the user.
        • noLogInit (boolean): whether or not to add the user to the lastlog and faillog databases.
        • shell (string): the login shell of the new account.
        • system (bool): whether or not to make the user a system user.
    • groups (list of objects): the list of groups to be added.
      • name (string): the name of the group.
      • gid (integer): the group ID of the new group.
      • passwordHash (string): the encrypted password of the new group.
      • system (bool): whether or not the group should be a system group. This only has an effect if the group doesn't exist yet.