Docker 定製ssh、java等基礎服務映象
阿新 • • 發佈:2018-12-26
1、啟動一個基於centos映象的容器
# docker run –p 10022:22 -ti centos bash
[[email protected] /]#
-p是為了等會啟動ssh後測試能否正常登陸
2、在容器中安裝openssh-server、java等
[[email protected] /]# yum install -y -q openssh-server java-1.7.0-openjdk net-tools
3、修改sshd_config配置檔案
[[email protected] /]# ssh-keygen-q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' [[email protected] /]# ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' [[email protected] /]# ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N '' [[email protected] /]# sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config [[email protected] /]# sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config
4、修改root密碼
[[email protected] /]# echo 'root:root' |chpasswd
5、啟動openssh服務
[[email protected] /]# /usr/sbin/sshd [[email protected] /]# netstat -ntlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1/sshd tcp6 0 0 :::22
6、測試是否能登陸容器
# ssh -p 10022 192.168.62.200 The authenticity of host '[192.168.62.200]:10022 ([192.168.62.200]:10022)' can't be established. ECDSA key fingerprint is 7d:d5:8a:ea:5a:92:9e:3d:92:fe:dd:78:56:c2:d9:0e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.62.200]:10022' (ECDSA) to the list of known hosts. [email protected]192.168.62.200's password: [[email protected] ~]#
7、使用commit提交剛剛在容器內的所有操作
# docker commit f743588bbeef docker-ssh sha256:4d8d27a47d3fd2750cde8f5d0ead3af6f90dd972969a3dca369b52d1e6130085 # docker images REPOSITORY TAG IMAGE ID CREATED SIZE
8、可以看到映象列表中存在一個docker-ssh的映象
# docker run -d --name docker-ssh -p 10022:22 docker-ssh d986e0bdc2b1072b39248a691ba73f6b297842373ca7a55457f3cd8d7fa5c435 # docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d986e0bdc2b1 docker-ssh "/usr/sbin/sshd -D" 3 seconds ago Up 3 seconds 0.0.0.0:10022->22/tcp docker-ssh # ssh -p 10022 192.168.62.200 The authenticity of host '[192.168.62.200]:10022 ([192.168.62.200]:10022)' can't be established. ECDSA key fingerprint is 7d:d5:8a:ea:5a:92:9e:3d:92:fe:dd:78:56:c2:d9:0e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.62.200]:10022' (ECDSA) to the list of known hosts. [email protected]192.168.62.200's password: [[email protected] ~]#
二、用Dockerfile來定製
mkdir ssh-java ##建立一個空目錄
cd ssh-java && vim Dockerfile
FROM centos MAINTAINER <Email:[email protected] Blog:www.along.party> RUN yum install -y -q openssh-server java-1.7.0-openjdk net-tools RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N '' RUN sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config RUN sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config RUN echo 'root:change' |chpasswd EXPOSE 22 CMD ["/usr/sbin/sshd", "-D"]
FROM、RUN、EXPOSE、CMD、MAINTAINER 都是Dockerfile的指令,Dockerfile指令更多詳細介紹
FROM:指定基於哪個基礎映象
MAINTAINER : 維護者的資訊
RUN: 在shell終端執行的命令
EXPOSE: 對外提供的埠
CMD: 啟動容器是執行的命令,每個Dockerfile只能有一條CMD指令,如果存在多條,則執行最後一條。
構建映象
#docker build -t ssh-java:1.7.1 .
檢視構建的映象
docker images|grep ssh-java ssh-java 1.7.1 71fc498380f5 25 minutes ago 282 MB
使用映象啟動
# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 26b4dcc00246 ssh-java:1.7.1 "/usr/sbin/sshd -D" 3 seconds ago Up 2 seconds 0.0.0.0:32778->22/tcp ssh-java
# ssh -p 32778 192.168.62.200 The authenticity of host '[192.168.62.200]:32778 ([192.168.62.200]:32778)' can't be established. ECDSA key fingerprint is 7d:d5:8a:ea:5a:92:9e:3d:92:fe:dd:78:56:c2:d9:0e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.62.200]:32778' (ECDSA) to the list of known hosts. [email protected]192.168.62.200's password: [[email protected] ~]#