• 使用Dockerfile创建ssh服务的镜像02


    使用Dockerfile创建ssh服务的镜像02

    1:创建工作目录---一个镜像的所有文件都放这个目录下

    ubuntu@ubuntu:~$ mkdir sshd_ubuntu
    ubuntu@ubuntu:~/sshd_ubuntu$ touch Dockerfile run.sh   #创建需要的文件
    ubuntu@ubuntu:~/sshd_ubuntu$ ls
    Dockerfile  run.sh
    

    2:编写run.sh脚本和authorized_keys文件

    ubuntu@ubuntu:~/sshd_ubuntu$ cat run.sh 
    #! /bin/bash
    /usr/sbin/sshd -D
    
    ubuntu@ubuntu:~/sshd_ubuntu$ ssh-keygen -trsa    #在宿主主机上生成ssh密钥对
    ubuntu@ubuntu:~/sshd_ubuntu$ cat ~/.ssh/id_rsa.pub > authorized_keys   #生成authorized_keys文件
    

    3:编写Dockerfile

    ubuntu@ubuntu:~/sshd_ubuntu$ cat Dockerfile 
            FROM ubuntu:18.04
    
            #提供一些作者的信息
            MAINTAINER docker_user (user@docker.com)
    
            #下面开始运行命令,此处更改ubuntu的源为国内163的源
            RUN echo  "deb http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse" >  /etc/apt/sources.list
            RUN echo  "deb http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse" >> /etc/apt/sources.list
            RUN echo  "deb http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse" >> /etc/apt/sources.list
            RUN echo  "deb http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse" >> /etc/apt/sources.list
            RUN echo  "deb http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse" >> /etc/apt/sources.list
            RUN echo  "deb-src http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse" >> /etc/apt/sources.list
            RUN echo  "deb-src http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse" >> /etc/apt/sources.list
            RUN echo  "deb-src http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse" >> /etc/apt/sources.list
            RUN echo  "deb-src http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse" >> /etc/apt/sources.list
            RUN echo  "deb-src http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse" >> /etc/apt/sources.list
            RUN apt-get update
    
    
    
            #安装 ssh 服务
            RUN apt-get install -y openssh-server
            RUN mkdir -p /var/run/sshd
            RUN mkdir -p /root/.ssh
            #取消pam限制
            RUN sed  -ri  's/session       required        pam_loginuid.so/#&/g' /etc/pam.d/sshd
    
            ADD authorized_keys /root/.ssh/authorized_keys
            ADD run.sh /run.sh
            RUN chmod 755 /run.sh
    
            #开放端口
            EXPOSE 22
    
            #设置自启动命令
            CMD ["/run.sh"]
    
    

    4:创建镜像

    ubuntu@ubuntu:~/sshd_ubuntu$ docker images    #查看当前镜像
    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
    sshd                ubuntu              3475b858b5b3        22 hours ago        209MB
    mysql               latest              d435eee2caa5        3 days ago          456MB
    ubuntu              18.04               775349758637        3 weeks ago         64.2MB
    training/webapp     latest              6fae60ef3446        4 years ago         349MB
    
    格式:格式:docker build [选项] <上下文路径/URL/->
    ubuntu@ubuntu:~/sshd_ubuntu$ docker build  -f Dockerfile -t sshd:dockerfile  . #注意这个.是指代上下文路劲
    
    ......
    Step 20/20 : CMD ["/run.sh"]
     ---> Running in 5f04be8aac51
    Removing intermediate container 5f04be8aac51
     ---> a5a0ca238063
    Successfully built a5a0ca238063
    Successfully tagged sshd:dockerfile  #表示成功
    
    ubuntu@ubuntu:~/sshd_ubuntu$ docker images
    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
    sshd                dockerfile          a5a0ca238063        25 seconds ago      149MB
    sshd                ubuntu              3475b858b5b3        22 hours ago        209MB
    mysql               latest              d435eee2caa5        3 days ago          456MB
    ubuntu              18.04               775349758637        3 weeks ago         64.2MB
    training/webapp     latest              6fae60ef3446        4 years ago         349MB
    ubuntu@ubuntu:~/sshd_ubuntu$ docker run -d -p 10122:22  sshd:dockerfile 
    0ecd50a7ca0d908b4afcc4f61b2623e28a159d31d2881b017afee0c97f3dad91
    
    
    
    ubuntu@ubuntu:~/sshd_ubuntu$ ssh root@192.168.43.97 -p 10122
    The authenticity of host '[192.168.43.97]:10122 ([192.168.43.97]:10122)' can't be established.
    ECDSA key fingerprint is SHA256:MJcMMQd7LgFTx51fUGDJOl/lLH++6mbrRloeiptPHJQ.
    Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
    Warning: Permanently added '[192.168.43.97]:10122' (ECDSA) to the list of known hosts.
    
    The programs included with the Ubuntu system are free software;
    the exact distribution terms for each program are described in the
    individual files in /usr/share/doc/*/copyright.
    
    Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
    applicable law.
    
    root@0ecd50a7ca0d:~# 
    

    工作原理:docker build

    Docker 在运行时分为 Docker 引擎(也就是服务端守护进程)和客户端工具。Docker 的引擎提供了一组 REST API,被称为 Docker Remote API,而如 docker 命令这样的客户端工具,则是通过这组 API 与 Docker 引擎交互,从而完成各种功能。因此,虽然表面上我们好像是在本机执行各种 docker 功能,但实际上,一切都是使用的远程调用形式在<b>服务端(Docker 引擎)</b>完成。也因为这种 C/S 设计,让我们操作远程服务器的 Docker 引擎变得轻而易举。
    
    当我们进行镜像构建的时候,并非所有定制都会通过 RUN 指令完成,经常会需要将一些本地文件复制进镜像,比如通过 COPY 指令、ADD 指令等。而 docker build 命令构建镜像,其实并非在本地构建,而是在服务端,也就是 Docker 引擎中构建的。那么在这种客户端/服务端的架构中,如何才能让服务端获得本地文件呢?
    
    这就引入了上下文的概念。当构建的时候,用户会指定构建镜像上下文的路径,docker build 命令得知这个路径后,会将路径下的所有内容打包,然后上传给 Docker 引擎。这样 Docker 引擎收到这个上下文包后,展开就会获得构建镜像所需的一切文件
    
  • 相关阅读:
    POST、GET请求中文参数乱码问题
    表的复制——sql语句
    mysql之limit m,n
    nullpointerxception——处理思路
    public-private-protected-默认缺省 的区别
    final关键字的作用
    使用注解来构造IOC容器
    成功的背后!(给所有IT人)
    jQuery对象复制
    键盘录入, if语句
  • 原文地址:https://www.cnblogs.com/zhoujun007/p/11946378.html
Copyright © 2020-2023  润新知