创建支持SSH服务的镜像

Posted 2020-09-20

一、基于commit命令创建

docker commit CONTAINER [REPOSITORY [:TAG]]

1、使用ubuntu镜像创建一个容器

docker run -it ubuntu /bin/bash

2、配置软件源

[email protected]:/# cp /etc/apt/sources.list /etc/apt/sources.list.bak
[email protected]:/# apt-get update
[email protected]:/# apt-get install vim
[email protected]:/# vim /etc/apt/sources.list //配置阿里云软件源
# deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted
deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties
deb http://archive.canonical.com/ubuntu xenial partner
deb-src http://archive.canonical.com/ubuntu xenial partner
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse
[email protected]:/# apt-get update

3、安装和配置SSH服务

[email protected]:/# apt-get install openssh-server
[email protected]:/# mkdir -p /var/run/sshd
[email protected]:/# /usr/sbin/sshd -D &
[1] 4003
[email protected]:/# jobs
[1]+  Running                 /usr/sbin/sshd -D &
[email protected]:/# apt-get install net-tools
[email protected]:/# netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      4003/sshd       
tcp6       0      0 :::22                   :::*                    LISTEN      4003/sshd 
[email protected]:/# sed -ri ‘s/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g‘ /etc/pam.d/sshd
[email protected]:/# mkdir root/.ssh
[email protected]:/# vim root/.ssh/authorized_keys
[email protected]:/# vim /run.sh
#!/bin/bash
/usr/sbin/sshd -D
[email protected]:/# chmod +x /run.sh
[email protected]:/# exit

4、保存镜像

[[email protected] ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS                     NAMES
8bfbf48c59f8        ubuntu              "/bin/bash"              51 minutes ago      Exited (0) 4 seconds ago                             reverent_lumiere
05c71189c30e        ubuntu              "/bin/bash"              4 hours ago         Exited (0) 4 hours ago                               wonderful_wright
387d42ee191b        busybox             "sh"                     5 hours ago         Exited (2) 5 hours ago                               priceless_wing
d91b7c33a198        training/webapp     "python app.py"          17 hours ago        Up 17 hours                0.0.0.0:32785->5000/tcp   web
7e17a1d0cb21        training/postgres   "su postgres -c ‘/..."   17 hours ago        Up 17 hours                5432/tcp                  db
[[email protected] ~]# docker commit 8bfb sshd:ubuntu
sha256:34aafa7f58cae9f55bab2183f0c14dcc065dcfd3cc772115808e9c30d1680889
[[email protected] ~]# docker images
REPOSITORY             TAG                 IMAGE ID            CREATED             SIZE
sshd                   ubuntu              34aafa7f58ca        6 seconds ago       263 MB
busybox                latest              c75bebcdd211        2 weeks ago         1.11 MB
haproxy                latest              c481d2544260        3 weeks ago         136 MB
liuyongsheng614/test   latest              c400af73564b        2 months ago        130 MB
test                   latest              c400af73564b        2 months ago        130 MB
ubuntu                 latest              0ef2e08ed3fa        3 months ago        130 MB
training/webapp        latest              6fae60ef3446        2 years ago         349 MB
training/postgres      latest              6fa973bb3c26        2 years ago         365 MB

5、使用镜像

[[email protected] ~]# docker run -d -p 10022:22 sshd:ubuntu /run.sh
d4ad0fcf769edf268854e7b5f1b0e62ed78a52b836cf3b2f4f1a97630835696e
[[email protected] ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                     NAMES
d4ad0fcf769e        sshd:ubuntu         "/run.sh"                5 seconds ago       Up 3 seconds        0.0.0.0:10022->22/tcp     cranky_stonebraker
d91b7c33a198        training/webapp     "python app.py"          17 hours ago        Up 17 hours         0.0.0.0:32785->5000/tcp   web
7e17a1d0cb21        training/postgres   "su postgres -c ‘/..."   17 hours ago        Up 17 hours         5432/tcp                  db
[[email protected] ~]# netstat -tlnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1416/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      2037/master         
tcp6       0      0 :::32785                :::*                    LISTEN      10359/docker-proxy  
tcp6       0      0 :::22                   :::*                    LISTEN      1416/sshd           
tcp6       0      0 :::10022                :::*                    LISTEN      20173/docker-proxy  
[[email protected] ~]# ssh 192.168.20.107 -p 10022
The authenticity of host ‘[192.168.20.107]:10022 ([192.168.20.107]:10022)‘ can‘t be established.
ECDSA key fingerprint is c4:7d:d1:44:79:a2:7a:18:27:16:f7:55:47:ed:7c:e7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘[192.168.20.107]:10022‘ (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 3.10.0-514.10.2.el7.x86_64 x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

[email protected]:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:ac:11:00:04  
          inet addr:172.17.0.4  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::42:acff:fe11:4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:47 errors:0 dropped:0 overruns:0 frame:0
          TX packets:38 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:7349 (7.3 KB)  TX bytes:6493 (6.4 KB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

二、使用Dockerfile创建

1、