Bare Metal

Deis clusters can be provisioned anywhere CoreOS can, including on your own hardware.

Please get the source and refer to the scripts in contrib/bare-metal while following this documentation.

To get CoreOS running on raw hardware, you can boot with PXE or iPXE - this will boot a CoreOS machine running entirely from RAM. Then, you can install CoreOS to disk.


Deis runs on CoreOS version 494.5.0 or later in the Stable channel.

Check System Requirements

Please refer to System Requirements for resource considerations when choosing a machine size to run Deis.

Generate SSH Key

The deisctl utility communicates with remote machines over an SSH tunnel. If you don’t already have an SSH key, the following command will generate a new keypair named “deis”:

$ ssh-keygen -q -t rsa -f ~/.ssh/deis -N '' -C deis

Customize user-data

Generate a New Discovery URL

A discovery URL links etcd instances together by storing their peer addresses and metadata under a unique identifier. Run this command from the root of the repository to generate a contrib/coreos/user-data file with a new discovery URL:

$ make discovery-url

Required scripts are supplied in this user-data file, so do not provision a Deis cluster without running make discovery-url.


Add the public key part for the SSH key generated in the first step to the user-data file:

  - ssh-rsa AAAAB3... deis

Update $private_ipv4

CoreOS on bare metal doesn’t detect the $private_ipv4 reliably. Replace all occurences in the user-data with the (private) IP address of the node.

Due to changes introduced in Docker 1.3.1 related to insecure Docker registries, the hosts running Deis must be able to communicate via a private network in one of the RFC 1918 or RFC 6598 private address spaces:,,, or

Add Environment

Since CoreOS doesn’t detect private and public IP adresses, /etc/environment file doesn’t get written on boot. Add it to the write_files section of the user-data file:

- path: /etc/environment
  permissions: 0644
  content: |
    COREOS_PUBLIC_IPV4=<your public ip>
    COREOS_PRIVATE_IPV4=<your private ip>

Install CoreOS to disk

Assuming you have booted your bare metal server into CoreOS, you can now perform the installation to disk.

Review disk usage

See Disk Usage for more information on how to optimize local disks for Deis.

Provide the config file to the installer

Save the user-data file to your bare metal machine. The example assumes you transferred the config to /tmp/config

Start the installation

coreos-install -C stable -c /tmp/config -d /dev/sda

This will install the latest CoreOS stable release to disk. The Deis provision scripts for other platforms typically specify a CoreOS version - currently, 647.2.0. To specify a CoreOS version, append the -V parameter to the install command, e.g. -V 647.2.0.

After the installation has finished, reboot your server. Once your machine is back up, you should be able to log in as the core user using the deis ssh key.

Configure DNS

See Configure DNS for more information on properly setting up your DNS records with Deis.

Install Deis Platform

Now that you’ve finished provisioning a cluster, please refer to Install the Deis Platform to start installing the platform.

Known Problems

Hostname is localhost

If your hostname after installation to disk is localhost, set the hostname in user-data before installation:

hostname: your-hostname

The hostname must not be the fully qualified domain name!

Slow name resolution

Certain DNS servers and firewalls have problems with glibc sending out requests for IPv4 and IPv6 addresses in parallel. The solution is to set the option single-request in /etc/resolv.conf. This can best be accomplished in the user-data when installing CoreOS to disk. Add the following block to the write_files section:

- path: /etc/resolv.conf
  permissions: 0644
  content: |
    options single-request