一、基于commit命令创建
docker commit CONTAINER [REPOSITORY [:TAG]]
1、使用ubuntu镜像创建一个容器
docker run -it ubuntu /bin/bash
2、配置软件源
root@8bfbf48c59f8:/# cp /etc/apt/sources.list /etc/apt/sources.list.bak root@8bfbf48c59f8:/# apt-get update root@8bfbf48c59f8:/# apt-get install vim root@8bfbf48c59f8:/# vim /etc/apt/sources.list //配置阿里云软件源 # deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties deb http://mirrors.aliyun.com/ubuntu/ xenial universe deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties deb http://archive.canonical.com/ubuntu xenial partner deb-src http://archive.canonical.com/ubuntu xenial partner deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse root@8bfbf48c59f8:/# apt-get update
3、安装和配置SSH服务
root@8bfbf48c59f8:/# apt-get install openssh-server root@8bfbf48c59f8:/# mkdir -p /var/run/sshd root@8bfbf48c59f8:/# /usr/sbin/sshd -D & [1] 4003 root@8bfbf48c59f8:/# jobs [1]+ Running /usr/sbin/sshd -D & root@8bfbf48c59f8:/# apt-get install net-tools root@8bfbf48c59f8:/# netstat -tlnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4003/sshd tcp6 0 0 :::22 :::* LISTEN 4003/sshd root@8bfbf48c59f8:/# sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd root@8bfbf48c59f8:/# mkdir root/.ssh root@8bfbf48c59f8:/# vim root/.ssh/authorized_keys root@8bfbf48c59f8:/# vim /run.sh #!/bin/bash /usr/sbin/sshd -D root@8bfbf48c59f8:/# chmod +x /run.sh root@8bfbf48c59f8:/# exit
4、保存镜像
[root@CentOS702 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8bfbf48c59f8 ubuntu "/bin/bash" 51 minutes ago Exited (0) 4 seconds ago reverent_lumiere 05c71189c30e ubuntu "/bin/bash" 4 hours ago Exited (0) 4 hours ago wonderful_wright 387d42ee191b busybox "sh" 5 hours ago Exited (2) 5 hours ago priceless_wing d91b7c33a198 training/webapp "python app.py" 17 hours ago Up 17 hours 0.0.0.0:32785->5000/tcp web 7e17a1d0cb21 training/postgres "su postgres -c '/..." 17 hours ago Up 17 hours 5432/tcp db [root@CentOS702 ~]# docker commit 8bfb sshd:ubuntu sha256:34aafa7f58cae9f55bab2183f0c14dcc065dcfd3cc772115808e9c30d1680889 [root@CentOS702 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE sshd ubuntu 34aafa7f58ca 6 seconds ago 263 MB busybox latest c75bebcdd211 2 weeks ago 1.11 MB haproxy latest c481d2544260 3 weeks ago 136 MB liuyongsheng614/test latest c400af73564b 2 months ago 130 MB test latest c400af73564b 2 months ago 130 MB ubuntu latest 0ef2e08ed3fa 3 months ago 130 MB training/webapp latest 6fae60ef3446 2 years ago 349 MB training/postgres latest 6fa973bb3c26 2 years ago 365 MB
5、使用镜像
[root@CentOS702 ~]# docker run -d -p 10022:22 sshd:ubuntu /run.sh d4ad0fcf769edf268854e7b5f1b0e62ed78a52b836cf3b2f4f1a97630835696e [root@CentOS702 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d4ad0fcf769e sshd:ubuntu "/run.sh" 5 seconds ago Up 3 seconds 0.0.0.0:10022->22/tcp cranky_stonebraker d91b7c33a198 training/webapp "python app.py" 17 hours ago Up 17 hours 0.0.0.0:32785->5000/tcp web 7e17a1d0cb21 training/postgres "su postgres -c '/..." 17 hours ago Up 17 hours 5432/tcp db [root@CentOS702 ~]# netstat -tlnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1416/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2037/master tcp6 0 0 :::32785 :::* LISTEN 10359/docker-proxy tcp6 0 0 :::22 :::* LISTEN 1416/sshd tcp6 0 0 :::10022 :::* LISTEN 20173/docker-proxy [root@CentOS702 ~]# ssh 192.168.20.107 -p 10022 The authenticity of host '[192.168.20.107]:10022 ([192.168.20.107]:10022)' can't be established. ECDSA key fingerprint is c4:7d:d1:44:79:a2:7a:18:27:16:f7:55:47:ed:7c:e7. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.20.107]:10022' (ECDSA) to the list of known hosts. Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 3.10.0-514.10.2.el7.x86_64 x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. root@d4ad0fcf769e:~# ifconfig eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:04 inet addr:172.17.0.4 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: fe80::42:acff:fe11:4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:47 errors:0 dropped:0 overruns:0 frame:0 TX packets:38 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:7349 (7.3 KB) TX bytes:6493 (6.4 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
二、使用Dockerfile创建
1、创建工作目录
[root@CentOS702 ~]# mkdir sshd_ubuntu [root@CentOS702 ~]# cd sshd_ubuntu/ [root@CentOS702 sshd_ubuntu]# touch Dockerfile run.sh [root@CentOS702 sshd_ubuntu]# ls Dockerfile run.sh
2、编写run.sh脚本和authorized_keys文件
[root@CentOS702 sshd_ubuntu]# vim run.sh #!/bin/bash /usr/sbin/sshd -D [root@CentOS702 sshd_ubuntu]# cat ~/.ssh/id_rsa.pub > authorized_keys
3、编写Dockerfile
[root@CentOS702 sshd_ubuntu]# vim Dockerfile # 设置继承镜像 FROM ubuntu:latest # 提供一些作者的信息 MAINTAINER from www.speedlinux.cn by Release (317021910@qq.com) # 下面开始运行命令,此处更改ubuntu的源为国内阿里云的源 RUN echo "# deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted" > /etc/apt/sources.list RUN echo "deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted" >>/etc/apt/sources.list RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted" >>/etc/apt/sources.list RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial universe" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse" >>/etc/apt/sources.list RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties" >>/etc/apt/sources.list RUN echo "deb http://archive.canonical.com/ubuntu xenial partner" >>/etc/apt/sources.list RUN echo "deb-src http://archive.canonical.com/ubuntu xenial partner" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted" >>/etc/apt/sources.list RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe" >>/etc/apt/sources.list RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse" >>/etc/apt/sources.list RUN apt-get update # 安装ssh服务 RUN apt-get install -y openssh-server RUN mkdir -p /var/run/sshd RUN mkdir -p /root/.ssh # 取消pam限制 RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd # 复制配置文件到相应位置,并赋予脚本可执行权限 ADD authorized_keys /root/.ssh/authorized_keys ADD run.sh /run.sh RUN chmod 755 /run.sh # 开放端口 EXPOSE 22 # 设置自启动命令 CMD ["/run.sh"]
4、创建镜像
[root@CentOS702 sshd_ubuntu]# ls authorized_keys Dockerfile run.sh [root@CentOS702 sshd_ubuntu]# docker build -t sshd:dockerfile . Sending build context to Docker daemon 6.656 kB Step 1/30 : FROM ubuntu:latest ---> 0ef2e08ed3fa Step 2/30 : MAINTAINER from www.speedlinux.cn by Release (317021910@qq.com) ---> Running in 44882909365e ---> 8d50ef4f2875 Removing intermediate container 44882909365e Step 3/30 : RUN echo "# deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted" > /etc/apt/sources.list ---> Running in 0a3152990479 ---> 1d3c31769bc0 Removing intermediate container 0a3152990479 Step 4/30 : RUN echo "deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties" >>/etc/apt/sources.list ---> Running in 8e19f8639f38 ---> 4cc6a24ec929 Removing intermediate container 8e19f8639f38 Step 5/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted" >>/etc/apt/sources.list ---> Running in 070e4db1acc1 ---> 502c87d04907 Removing intermediate container 070e4db1acc1 Step 6/30 : RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties" >>/etc/apt/sources.list ---> Running in 6238dee9c025 ---> 72b44efd5a2f Removing intermediate container 6238dee9c025 Step 7/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted" >>/etc/apt/sources.list ---> Running in 68523ca3d40a ---> 96e2b55b2e4a Removing intermediate container 68523ca3d40a Step 8/30 : RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties" >>/etc/apt/sources.list ---> Running in 0df0eb2c8e23 ---> 266ecc8525ed Removing intermediate container 0df0eb2c8e23 Step 9/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial universe" >>/etc/apt/sources.list ---> Running in 325f1e6b1a1f ---> c9c8a4f2f79f Removing intermediate container 325f1e6b1a1f Step 10/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe" >>/etc/apt/sources.list ---> Running in 087d9cadadf9 ---> 4036f74f16d0 Removing intermediate container 087d9cadadf9 Step 11/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse" >>/etc/apt/sources.list ---> Running in 28484ebf4379 ---> 75f1731366c9 Removing intermediate container 28484ebf4379 Step 12/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse" >>/etc/apt/sources.list ---> Running in 66a67ef0b576 ---> ccc1b7f56d23 Removing intermediate container 66a67ef0b576 Step 13/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse" >>/etc/apt/sources.list ---> Running in d29d31d63c6c ---> 16c956be72ba Removing intermediate container d29d31d63c6c Step 14/30 : RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties" >>/etc/apt/sources.list ---> Running in 87381cbe9dca ---> 3c9264c6b39f Removing intermediate container 87381cbe9dca Step 15/30 : RUN echo "deb http://archive.canonical.com/ubuntu xenial partner" >>/etc/apt/sources.list ---> Running in 398b91ef3ae5 ---> e4f0621f0ef2 Removing intermediate container 398b91ef3ae5 Step 16/30 : RUN echo "deb-src http://archive.canonical.com/ubuntu xenial partner" >>/etc/apt/sources.list ---> Running in 461523f06aa0 ---> 960544031c3c Removing intermediate container 461523f06aa0 Step 17/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted" >>/etc/apt/sources.list ---> Running in 8f8a3969969f ---> 1d2c9628b2a2 Removing intermediate container 8f8a3969969f Step 18/30 : RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties" >>/etc/apt/sources.list ---> Running in eb72116f4998 ---> 1ac2cb45d8b2 Removing intermediate container eb72116f4998 Step 19/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe" >>/etc/apt/sources.list ---> Running in 1e5a3301eda9 ---> c8925f180f39 Removing intermediate container 1e5a3301eda9 Step 20/30 : RUN echo "deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse" >>/etc/apt/sources.list ---> Running in c50e237ab54d ---> 4fe433abdb4c Removing intermediate container c50e237ab54d Step 21/30 : RUN apt-get update --------此处省略部分内容--------- Step 23/30 : RUN mkdir -p /var/run/sshd ---> Running in 6317fd28784f ---> db6e02247a36 Removing intermediate container 6317fd28784f Step 24/30 : RUN mkdir -p /root/.ssh ---> Running in a9c8f95ea325 ---> 116fcfbb12fe Removing intermediate container a9c8f95ea325 Step 25/30 : RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd ---> Running in 4639a1286359 ---> 1ba44701c688 Removing intermediate container 4639a1286359 Step 26/30 : ADD authorized_keys /root/.ssh/authorized_keys ---> 49b26370e4e1 Removing intermediate container 80eb3c62eb53 Step 27/30 : ADD run.sh /run.sh ---> e8bb99bff877 Removing intermediate container fffd66d00982 Step 28/30 : RUN chmod 755 /run.sh ---> Running in 16ab718f15a3 ---> 7ba5ff9e62a1 Removing intermediate container 16ab718f15a3 Step 29/30 : EXPOSE 22 ---> Running in 025cb23da1eb ---> dc4d028afb5d Removing intermediate container 025cb23da1eb Step 30/30 : CMD /run.sh ---> Running in e744919eb6c9 ---> 29b43626dfdc Removing intermediate container e744919eb6c9 Successfully built 29b43626dfdc [root@CentOS702 sshd_ubuntu]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE sshd dockerfile 29b43626dfdc 2 minutes ago 228 MB sshd ubuntu 34aafa7f58ca 2 days ago 263 MB busybox latest c75bebcdd211 2 weeks ago 1.11 MB haproxy latest c481d2544260 3 weeks ago 136 MB liuyongsheng614/test latest c400af73564b 2 months ago 130 MB test latest c400af73564b 2 months ago 130 MB ubuntu latest 0ef2e08ed3fa 3 months ago 130 MB training/webapp latest 6fae60ef3446 2 years ago 349 MB training/postgres latest 6fa973bb3c26 3 years ago 365 MB
5、测试镜像,运行容器
[root@CentOS702 sshd_ubuntu]# docker run -d -p 10022:22 sshd:dockerfile [root@CentOS702 sshd_ubuntu]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 618bff49cfc4 sshd:dockerfile "/run.sh" 10 seconds ago Up 8 seconds 0.0.0.0:10022->22/tcp reverent_ride [root@CentOS702 sshd_ubuntu]# netstat -tlnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 947/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1513/master tcp6 0 0 :::22 :::* LISTEN 947/sshd tcp6 0 0 :::10022 :::* LISTEN 10608/docker-proxy [root@CentOS702 sshd_ubuntu]# ssh 192.168.20.107 -p 10022 The authenticity of host '[192.168.20.107]:10022 ([192.168.20.107]:10022)' can't be established. ECDSA key fingerprint is 19:8e:26:80:1b:1a:a8:b6:16:4c:2a:8d:0b:70:16:36. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.20.107]:10022' (ECDSA) to the list of known hosts. Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 3.10.0-514.10.2.el7.x86_64 x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. root@618bff49cfc4:~# ifconfig eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:02 inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:152 errors:0 dropped:0 overruns:0 frame:0 TX packets:136 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:197733 (197.7 KB) TX bytes:18202 (18.2 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)