===
参考资料:
[业务架构实践]应该如何使用阿里云?高级篇 http:
//bbs
.aliyun.com
/read/182036
.html?spm=5176.7189909.0.0.R1MNwz&displayMode=1
利用Docker构建开发环境 http:
//tech
.uc.cn/?p=2726
Docker:利用Linux容器实现可移植的应用部署 http:
//www
.infoq.com
/cn/articles/docker-containers
cnetos7安装docker V1.0 http:
//www
.51ou.com
/browse/centos/57797
.html
笔记- api管理docker Container的lnmp操作 http:
//www
.tuicool.com
/articles/3QJFRzI
CentOS 6.5下使用docker 容器 http:
//www
.21ops.com
/linux/7324
.html
构建一个高可用及自动发现的Docker基础架构-HECD[原创] http:
//blog
.liuts.com
/post/242/
Dockerfile Reference https:
//docs
.docker.com
/reference/builder/
Docker使用Dockerfile创建支持
ssh
服务自启动的容器镜像 http:
//blog
.csdn.net
/kongxx/article/details/38412119
Docker之配置Centos_ssh http:
//blog
.chinaunix.net
/uid-10915175-id-4442800
.html
CentOS 6.5 制作可以
ssh
登录的Docker镜像 http:
//www
.21ops.com
/linux/26334
.html
/comment-page-1
===
【】安装
[root@server200-21 ~]
[root@server200-21 ~]
Docker version 1.4.1, build 5bc2ff8
/1
.4.1
【】启动服务
[root@server200-21 ~]
【】查看状态
[root@server200-21 ~]
【】将某个用户加入到docker组,以便已非root用户来运行docker命令。
[root@server200-21 ~]
切换到用户目录
【】从国内的仓库docker.cn上pull一个image到本地
[Jack@server200-21 ~]$ docker pull docker.cn
/docker/centos
【】查看images
[Jack@server200-21 ~]$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker.cn
/docker/centos
latest 8efe422e6104 4 weeks ago 224 MB
docker.cn
/docker/centos
7 8efe422e6104 4 weeks ago 224 MB
docker.cn
/docker/centos
centos7 8efe422e6104 4 weeks ago 224 MB
【】Dockerfile
[Jack@server200-21 ~]$
mkdir
repository
[Jack@server200-21 ~]$
cd
repository/
】编辑启动脚本
[Jack@server200-21 repository]$ vim start.sh
[Jack@server200-21 repository]$
cat
start.sh
__create_user() {
useradd
admin
SSH_USERPASS=admin
echo
-e
"$SSH_USERPASS\n$SSH_USERPASS"
| (
passwd
--stdin admin)
echo
ssh
user password: $SSH_USERPASS
}
__create_user
】编辑Dockerfile
[Jack@server200-21 repository]$ vim Dockerfile
[Jack@server200-21 repository]$
cat
Dockerfile
FROM docker.cn
/docker/centos
:7
MAINTAINER pcnk
RUN yum -y update; yum clean all
RUN yum -y
install
openssh-server
passwd
; yum clean all
ADD .
/start
.sh
/root/start
.sh
RUN
mkdir
/var/run/sshd
RUN
/bin/sed
-i
's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g'
/etc/pam
.d
/sshd
RUN
ssh
-keygen -t rsa -f
/etc/ssh/ssh_host_rsa_key
-N
''
RUN
chmod
755
/root/start
.sh
RUN .
/root/start
.sh
ENTRYPOINT [
"/usr/sbin/sshd"
,
"-D"
]
】查看images:
[Jack@server200-21 repository]$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker.cn
/docker/centos
centos7 8efe422e6104 4 weeks ago 224 MB
docker.cn
/docker/centos
latest 8efe422e6104 4 weeks ago 224 MB
docker.cn
/docker/centos
7 8efe422e6104 4 weeks ago 224 MB
】build一个image:
[Jack@server200-21 repository]$ docker build --
rm
-t develop
/ssh
:v1 .
Sending build context to Docker daemon 3.072 kB
Sending build context to Docker daemon
Step 0 : FROM docker.cn
/docker/centos
:7
---> 8efe422e6104
Step 1 : MAINTAINER pcnk
---> Running
in
77605343a277
---> 26a7e9d91296
Removing intermediate container 77605343a277
Step 2 : RUN yum -y update; yum clean all
---> Running
in
43889045a3ed
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.cug.edu.cn
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package glibc.x86_64 0:2.17-55.el7_0.3 will be updated
---> Package glibc.x86_64 0:2.17-55.el7_0.5 will be an update
---> Package glibc-common.x86_64 0:2.17-55.el7_0.3 will be updated
---> Package glibc-common.x86_64 0:2.17-55.el7_0.5 will be an update
---> Package openssl-libs.x86_64 1:1.0.1e-34.el7_0.6 will be updated
---> Package openssl-libs.x86_64 1:1.0.1e-34.el7_0.7 will be an update
---> Package systemd-libs.x86_64 0:208-11.el7_0.5 will be updated
---> Package systemd-libs.x86_64 0:208-11.el7_0.6 will be an update
---> Package tzdata.noarch 0:2014j-1.el7_0 will be updated
---> Package tzdata.noarch 0:2015a-1.el7_0 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Updating:
glibc x86_64 2.17-55.el7_0.5 updates 3.6 M
glibc-common x86_64 2.17-55.el7_0.5 updates 11 M
openssl-libs x86_64 1:1.0.1e-34.el7_0.7 updates 942 k
systemd-libs x86_64 208-11.el7_0.6 updates 154 k
tzdata noarch 2015a-1.el7_0 updates 432 k
Transaction Summary
================================================================================
Upgrade 5 Packages
Total download size: 16 M
Downloading packages:
Delta RPMs disabled because
/usr/bin/applydeltarpm
not installed.
warning:
/var/cache/yum/x86_64/7/updates/packages/openssl-libs-1
.0.1e-34.el7_0.7.x86_64.rpm: Header V3 RSA
/SHA256
Signature, key ID f4a80eb5: NOKEY
Public key
for
openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total 2.0 MB
/s
| 16 MB 00:08
Retrieving key from
file
:
///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid :
"CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-0.1406.el7.centos.2.5.x86_64 (@Updates/$releasever)
From :
/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction
test
Transaction
test
succeeded
Running transaction
Updating : tzdata-2015a-1.el7_0.noarch 1
/10
Updating : glibc-common-2.17-55.el7_0.5.x86_64 2
/10
Updating : glibc-2.17-55.el7_0.5.x86_64 3
/10
Updating : 1:openssl-libs-1.0.1e-34.el7_0.7.x86_64 4
/10
Updating : systemd-libs-208-11.el7_0.6.x86_64 5
/10
Cleanup : systemd-libs-208-11.el7_0.5.x86_64 6
/10
Cleanup : 1:openssl-libs-1.0.1e-34.el7_0.6.x86_64 7
/10
Cleanup : glibc-common-2.17-55.el7_0.3.x86_64 8
/10
Cleanup : glibc-2.17-55.el7_0.3.x86_64 9
/10
Cleanup : tzdata-2014j-1.el7_0.noarch 10
/10
Verifying : glibc-2.17-55.el7_0.5.x86_64 1
/10
Verifying : tzdata-2015a-1.el7_0.noarch 2
/10
Verifying : glibc-common-2.17-55.el7_0.5.x86_64 3
/10
Verifying : 1:openssl-libs-1.0.1e-34.el7_0.7.x86_64 4
/10
Verifying : systemd-libs-208-11.el7_0.6.x86_64 5
/10
Verifying : glibc-common-2.17-55.el7_0.3.x86_64 6
/10
Verifying : systemd-libs-208-11.el7_0.5.x86_64 7
/10
Verifying : tzdata-2014j-1.el7_0.noarch 8
/10
Verifying : glibc-2.17-55.el7_0.3.x86_64 9
/10
Verifying : 1:openssl-libs-1.0.1e-34.el7_0.6.x86_64 10
/10
Updated:
glibc.x86_64 0:2.17-55.el7_0.5 glibc-common.x86_64 0:2.17-55.el7_0.5
openssl-libs.x86_64 1:1.0.1e-34.el7_0.7 systemd-libs.x86_64 0:208-11.el7_0.6
tzdata.noarch 0:2015a-1.el7_0
Complete!
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Cleaning up list of fastest mirrors
---> 65693f134694
Removing intermediate container 43889045a3ed
Step 3 : RUN yum -y
install
openssh-server
passwd
; yum clean all
---> Running
in
a96d6492c1c1
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: centos.ustc.edu.cn
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:6.4p1-8.el7 will be installed
--> Processing Dependency: openssh = 6.4p1-8.el7
for
package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0
for
package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: libwrap.so.0()(64bit)
for
package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit)
for
package: openssh-server-6.4p1-8.el7.x86_64
---> Package
passwd
.x86_64 0:0.79-4.el7 will be installed
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
--> Processing Dependency:
/usr/bin/fipscheck
for
package: fipscheck-lib-1.4.1-5.el7.x86_64
---> Package openssh.x86_64 0:6.4p1-8.el7 will be installed
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssh-server x86_64 6.4p1-8.el7 base 367 k
passwd
x86_64 0.79-4.el7 base 105 k
Installing
for
dependencies:
fipscheck x86_64 1.4.1-5.el7 base 21 k
fipscheck-lib x86_64 1.4.1-5.el7 base 11 k
openssh x86_64 6.4p1-8.el7 base 341 k
tcp_wrappers-libs x86_64 7.6-77.el7 base 66 k
Transaction Summary
================================================================================
Install 2 Packages (+4 Dependent packages)
Total download size: 911 k
Installed size: 2.4 M
Downloading packages:
--------------------------------------------------------------------------------
Total 1.1 MB
/s
| 911 kB 00:00
Running transaction check
Running transaction
test
Transaction
test
succeeded
Running transaction
Installing : fipscheck-1.4.1-5.el7.x86_64 1
/6
Installing : fipscheck-lib-1.4.1-5.el7.x86_64 2
/6
Installing : openssh-6.4p1-8.el7.x86_64 3
/6
Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 4
/6
Installing : openssh-server-6.4p1-8.el7.x86_64 5
/6
Installing :
passwd
-0.79-4.el7.x86_64 6
/6
Verifying : openssh-server-6.4p1-8.el7.x86_64 1
/6
Verifying : openssh-6.4p1-8.el7.x86_64 2
/6
Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 3
/6
Verifying : fipscheck-lib-1.4.1-5.el7.x86_64 4
/6
Verifying : fipscheck-1.4.1-5.el7.x86_64 5
/6
Verifying :
passwd
-0.79-4.el7.x86_64 6
/6
Installed:
openssh-server.x86_64 0:6.4p1-8.el7
passwd
.x86_64 0:0.79-4.el7
Dependency Installed:
fipscheck.x86_64 0:1.4.1-5.el7 fipscheck-lib.x86_64 0:1.4.1-5.el7
openssh.x86_64 0:6.4p1-8.el7 tcp_wrappers-libs.x86_64 0:7.6-77.el7
Complete!
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Cleaning up list of fastest mirrors
---> d6d5d26a325a
Removing intermediate container a96d6492c1c1
Step 4 : ADD .
/start
.sh
/root/start
.sh
---> 06ff76970b4a
Removing intermediate container fc185c16dec7
Step 5 : RUN
mkdir
/var/run/sshd
---> Running
in
4670dcd82f93
---> 904ed7d476e9
Removing intermediate container 4670dcd82f93
Step 6 : RUN
/bin/sed
-i
's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g'
/etc/pam
.d
/sshd
---> Running
in
5996bf6a5a23
---> e48a480c7498
Removing intermediate container 5996bf6a5a23
Step 7 : RUN
ssh
-keygen -t rsa -f
/etc/ssh/ssh_host_rsa_key
-N
''
---> Running
in
2c24cb002c4d
Generating public
/private
rsa key pair.
Your identification has been saved
in
/etc/ssh/ssh_host_rsa_key
.
Your public key has been saved
in
/etc/ssh/ssh_host_rsa_key
.pub.
The key fingerprint is:
48:fc:06:c2:12:e9:b8:6d:1f:91:e5:68:d4:0a:54:4c root@1e15b50fb185
The key's randomart image is:
+--[ RSA 2048]----+
| .o=E. |
| ooo.o |
| o.oo*+ |
|. ..*o.+ |
| o . .. S |
|. o . . |
| . . . |
| . |
| |
+-----------------+
---> 4463e6885b2e
Removing intermediate container 2c24cb002c4d
Step 8 : RUN
chmod
755
/root/start
.sh
---> Running
in
e806ed020a8d
---> 1cc76b428192
Removing intermediate container e806ed020a8d
Step 9 : RUN .
/root/start
.sh
---> Running
in
9b2ba94d80c0
Changing password
for
user admin.
passwd
: all authentication tokens updated successfully.
ssh
user password: admin
---> 61d83e0403a8
Removing intermediate container 9b2ba94d80c0
Step 10 : ENTRYPOINT
/usr/sbin/sshd
-D
---> Running
in
abdd6049a1a8
---> 42d8e120be8f
Removing intermediate container abdd6049a1a8
Successfully built 42d8e120be8f
】再次查看images:
[Jack@server200-21 repository]$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
develop
/ssh
v1 42d8e120be8f About a minute ago 387.8 MB
docker.cn
/docker/centos
7 8efe422e6104 4 weeks ago 224 MB
docker.cn
/docker/centos
centos7 8efe422e6104 4 weeks ago 224 MB
docker.cn
/docker/centos
latest 8efe422e6104 4 weeks ago 224 MB
】启动
[Jack@server200-21 repository]$ docker run -d --name test1 -p 127.0.0.1:10822:22 develop
/ssh
:v1
0a9e8be52d9e1ee979de02e5afa5ae572d616a30589d265c3f575cb8f69f3e9c
(也可以使用本机的随机端口来映射到容器的22端口:)
[Jack@server200-21 repository]$ docker run -d --name test1 -p 22 develop
/ssh
:v1
】查看
ssh
的端口
[Jack@server200-21 repository]$ docker port test1
22
/tcp
-> 0.0.0.0:49155
(也可以这样查看:)
[Jack@server200-21 repository]$ docker
top
test1
[Jack@server200-21 repository]$ docker
ps
test1
】测试
ssh
连接
[Jack@server200-21 repository]$
ssh
-p 10822 admin@127.0.0.1
The authenticity of host
'[127.0.0.1]:10822 ([127.0.0.1]:10822)'
can't be established.
RSA key fingerprint is 48:fc:06:c2:12:e9:b8:6d:1f:91:e5:68:d4:0a:54:4c.
Are you sure you want to
continue
connecting (
yes
/no
)?
yes
Warning: Permanently added
'[127.0.0.1]:10822'
(RSA) to the list of known hosts.
admin@127.0.0.1's password:
[admin@0a9e8be52d9e ~]$
exit
logout
Connection to 127.0.0.1 closed.
】删除镜像
[Jack@server200-21 repository]$ docker rmi `docker images |
grep
develop |
grep
v1 |
awk
'{print $3}'
`
Error response from daemon: Conflict, cannot delete 42d8e120be8f because the running container 0a9e8be52d9e is using it, stop it and use -f to force
FATA[0000] Error: failed to remove one or
more
images
这个image被使用,先stop再
rm
对应的container的
id
[Jack@server200-21 repository]$ docker
ps
-a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0a9e8be52d9e develop
/ssh
:v1
"/usr/sbin/sshd -D"
2 minutes ago Up 2 minutes 127.0.0.1:10822->22
/tcp
test1
[Jack@server200-21 repository]$ docker stop 0a9e8be52d9e
0a9e8be52d9e
[Jack@server200-21 repository]$ docker
rm
0a9e8be52d9e
0a9e8be52d9e
删除image
[Jack@server200-21 repository]$ docker rmi `docker images |
grep
develop |
grep
v1 |
awk
'{print $3}'
`
Untagged: develop
/ssh
:v1
Deleted: 42d8e120be8f70c5085d142f575e0b755d86ee41b5b1d842a19966d4fcfaa96b
Deleted: 61d83e0403a8e61c82a5348d54e3efb982176ffcaa6a2e7c42adf5d654fe7b33
Deleted: 1cc76b42819251ddf5fec90b2dd39a847808538a450a3589594000059f13a991
Deleted: 4463e6885b2ee45f22241c511a0d73660dd892560fa6da2f0d96c139cec25c0b
Deleted: e48a480c74980331c980b32a6d969380363a0e80aebe07ef90396359d317c3e3
Deleted: 904ed7d476e962601cbbf71885d02d58f44446a9fedfaf1ff76660e33a19be26
Deleted: 06ff76970b4ac0cc853402073b1a2a6599c0785749e49d16c151a4cd1ab65609
Deleted: d6d5d26a325aec67158e59b81517345e23790b50494cbdf34155e214ce708456
Deleted: 65693f134694aa2ab51315f439d15afb02775c9a72fcb8c3e856b6cb63ce7954
Deleted: 26a7e9d912969e1a21c0532121344b8cac232e060ffc0edb237073a9543b852e
