No one will believe me, but I was pretty surprised to find that VMware’s Photon OS seemed to be the perfect fit. Of course, we have it as the base of many VMware appliances, and it’s also commonly used as the OS inside the containers deployed in Tanzu Kubernetes Grid, such as the supervisor nodes. That it also comes as a standalone OS with the Docker Engine in place and ready to go hadn’t registered with me before. And, of course, it’s already optimized to run on a hypervisor with as small a footprint as possible.

This is primarily for my own reference to know what I did when I need to redo this; here’s the process.

First, go to the download page and grab the latest version. Since I’m deploying this on ESXi, I’m getting the OVA with virtual HW version 13, which VMware describes as a “Pre-installed minimal environment, customized for VMware hypervisor environments. These customizations include a highly sanitized and optimized kernel to give improved boot and runtime performance for containers and Linux applications.”. There’s also an ISO installer and images for other hypervisors and clouds. Some of the stuff here is covered in the installation docs, but some of it is not. Surprisingly.

Deploy the OVA as you would any other OVF/OVA. There’s not much to decide on during the deployment, but I make sure to set the disk to thin-provisioned as I’m starting to run out of space on my SSD datastore.

Once deployed, it’s set up with 1 vCPU and 2GB RAM. The disk footprint with thin provisioning is an impressive 670MB. I increase this to 2 CPUs and 4GB RAM and fire it up. As instructed, you need to change the root password from “changeme” on the first login.

Welcome to Photon 4.0 (x86_64) - Kernel 5.10.83-6.ph4-esx (ttyl)
photon-machine login: root
Password :
You are required to change your password immediately (administrator enforced). 

The next step is to set a static IP address. Find the name of your Ethernet interface:

root@photon-machine [~]# networkctl
IDX LINK TYPE     OPERATIONAL SETUP
1   lo   loopback carrier     unmanaged
2   ethO ether    routable    configured
2 links 1isted.

Then create a network configuration file and fill out the info for the name of the Ethernet interface:

root@photon-machine [~]# cat > /etc/systemd/network/10-static-en.network << "EOF"

>[Match]
>Name=eth0

>
>[Network]
>Address=198.51.0.2/24
>Gateway=198.51.0.1
>EOF

Change the permissions of the file

chmod 644 10-static-en.network

And apply the new network config

systemctl restart systemd-networkd

While we’re at it, we might as well set the hostname to keep things nice and tidy and help identify resources on the network:

hostnamectl set-hostname MyComputerName

Check that your VM has the static IP. Now it’s time to get it up to date and secure. First, see which packages are available:

tdnf check-update

Or, if you’re curious about the relevant security advisories:

tdnf updateinfo info

Then run the upgrade command to apply the patches

tdnf upgrade

OK, so the OS is running, connected to the internet and up to date. Let’s get Docker up and running. I initialize the docker engine:

 systemctl start docker

And then make sure it’ll run on boot:

 systemctl enable docker

Let’s check out what the status is

docker version

Looks great! I could start to deploy containers right now. But let’s get some management functionality up and running to make things easier. I think that’s suitable for a separate post; read on here.