• DOCKER学习_011:使用Dockerfile制作docker镜像


    前面使用commit的方式,制作一个docker镜像,本次介绍使用Dockerfile制作一个dockers镜像

    [root@docker-server3 ~]# mkdir /openssh

    [root@docker-server3 ~]# cd /openssh

    [root@docker-server3 openssh]# cp /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_rsa_key .

    [root@docker-server3 openssh]# ll

    -rw-r----- 1 root root  227 Dec 31 13:13 ssh_host_ecdsa_key
    -rw-r----- 1 root root  387 Dec 31 13:13 ssh_host_ed25519_key
    -rw-r----- 1 root root 1679 Dec 31 13:13 ssh_host_rsa_key

    1 编辑Dockerfile文件

    [root@docker-server3 openssh]# vim Dockerfile

    FROM centos:7
    LABEL  darren darren@gmail.com
    
    RUN yum -y install openssh-server 
      && useradd natash 
      && echo "redhat"|passwd --stdin natash 
      && echo "redhat"|passwd --stdin root   
      && ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
      && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' 
      && ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
    
    ADD ssh_host_ecdsa_key   /tmp/ssh_host_ecdsa_key
    ADD ssh_host_ed25519_key /tmp/ssh_host_ed25519_key
    ADD ssh_host_rsa_key     /tmp/ssh_host_rsa_key
    
    CMD  ["/usr/sbin/sshd", "-D"]

    FROM表示下载基本镜像

    LABEL作者信息

    RUN 表示要执行的动作,相当于执行脚本,执行的是/bin/sh -c ***的动作

    ADD表示复制文件

    CMD表示执行一个命令

    2 使用docker build构建镜像

    [root@docker-server3 openssh]# docker build -t openssh:v1.3 .

    Sending build context to Docker daemon  7.168kB
    Step 1/7 : FROM centos:7
     ---> 5e35e350aded
    Step 2/7 : LABEL  darren darren@gmail.com
     ---> Running in e4326a6f6000
    Removing intermediate container e4326a6f6000
     ---> eb19f72c1afd
    Step 3/7 : RUN yum -y install openssh-server   && useradd natash   && echo "redhat"|passwd --stdin natash   && echo "redhat"|passwd --stdin root     && ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''  && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''   && ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
     ---> Running in 41b40d14da2d
    Loaded plugins: fastestmirror, ovl
    Determining fastest mirrors
     * base: mirror.pregi.net
     * extras: mirror.pregi.net
     * updates: mirror.pregi.net
    Resolving Dependencies
    --> Running transaction check
    ---> Package openssh-server.x86_64 0:7.4p1-21.el7 will be installed
    --> Processing Dependency: openssh = 7.4p1-21.el7 for package: openssh-server-7.4p1-21.el7.x86_64
    --> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-7.4p1-21.el7.x86_64
    --> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-7.4p1-21.el7.x86_64
    --> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-7.4p1-21.el7.x86_64
    --> Running transaction check
    ---> Package fipscheck-lib.x86_64 0:1.4.1-6.el7 will be installed
    --> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-6.el7.x86_64
    ---> Package openssh.x86_64 0:7.4p1-21.el7 will be installed
    ---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
    --> Running transaction check
    ---> Package fipscheck.x86_64 0:1.4.1-6.el7 will be installed
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ================================================================================
     Package                  Arch          Version               Repository   Size
    ================================================================================
    Installing:
     openssh-server           x86_64        7.4p1-21.el7          base        459 k
    Installing for dependencies:
     fipscheck                x86_64        1.4.1-6.el7           base         21 k
     fipscheck-lib            x86_64        1.4.1-6.el7           base         11 k
     openssh                  x86_64        7.4p1-21.el7          base        510 k
     tcp_wrappers-libs        x86_64        7.6-77.el7            base         66 k
    
    Transaction Summary
    ================================================================================
    Install  1 Package (+4 Dependent packages)
    
    Total download size: 1.0 M
    Installed size: 3.0 M
    Downloading packages:
    warning: /var/cache/yum/x86_64/7/base/packages/fipscheck-1.4.1-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
    Public key for fipscheck-1.4.1-6.el7.x86_64.rpm is not installed
    --------------------------------------------------------------------------------
    Total                                              446 kB/s | 1.0 MB  00:02     
    Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
    Importing GPG key 0xF4A80EB5:
     Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
     Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
     Package    : centos-release-7-7.1908.0.el7.centos.x86_64 (@CentOS)
     From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
      Installing : fipscheck-1.4.1-6.el7.x86_64                                 1/5 
      Installing : fipscheck-lib-1.4.1-6.el7.x86_64                             2/5 
      Installing : openssh-7.4p1-21.el7.x86_64                                  3/5 
      Installing : tcp_wrappers-libs-7.6-77.el7.x86_64                          4/5 
      Installing : openssh-server-7.4p1-21.el7.x86_64                           5/5 
      Verifying  : fipscheck-lib-1.4.1-6.el7.x86_64                             1/5 
      Verifying  : tcp_wrappers-libs-7.6-77.el7.x86_64                          2/5 
      Verifying  : fipscheck-1.4.1-6.el7.x86_64                                 3/5 
      Verifying  : openssh-7.4p1-21.el7.x86_64                                  4/5 
      Verifying  : openssh-server-7.4p1-21.el7.x86_64                           5/5 
    
    Installed:
      openssh-server.x86_64 0:7.4p1-21.el7                                          
    
    Dependency Installed:
      fipscheck.x86_64 0:1.4.1-6.el7      fipscheck-lib.x86_64 0:1.4.1-6.el7        
      openssh.x86_64 0:7.4p1-21.el7       tcp_wrappers-libs.x86_64 0:7.6-77.el7     
    
    Complete!
    Changing password for user natash.
    passwd: all authentication tokens updated successfully.
    Changing password for user root.
    passwd: all authentication tokens updated successfully.
    Generating public/private dsa key pair.
    Your identification has been saved in /etc/ssh/ssh_host_ed25519_key.
    Your public key has been saved in /etc/ssh/ssh_host_ed25519_key.pub.
    The key fingerprint is:
    SHA256:7LIsGt0osRc9JoEYjake8YD1pTcynqoUbep/IK7T2Xs root@41b40d14da2d
    The key's randomart image is:
    +---[DSA 1024]----+
    |o=.   .          |
    |+=.o o           |
    |o = * o          |
    |...o B o         |
    |..oo= + S        |
    | o+* * o         |
    |.+*o= o .        |
    |+oo+ooEo         |
    |+oooo+o          |
    +----[SHA256]-----+
    Removing intermediate container 41b40d14da2d
     ---> 2be613021085
    Step 4/7 : ADD ssh_host_ecdsa_key   /tmp/ssh_host_ecdsa_key
     ---> c64f7dcda4c1
    Step 5/7 : ADD ssh_host_ed25519_key /tmp/ssh_host_ed25519_key
     ---> 86e57a7a4313
    Step 6/7 : ADD ssh_host_rsa_key     /tmp/ssh_host_rsa_key
     ---> 2412a6e26b9c
    Step 7/7 : CMD  ["/usr/sbin/sshd", "-D"]
     ---> Running in e3e2df3ee1c8
    Removing intermediate container e3e2df3ee1c8
     ---> 0244c59bf444
    Successfully built 0244c59bf444
    Successfully tagged openssh:v1.3

    每一个step都会生成一个镜像层

    在生成镜像层后,docker会自动识别,看是否有必要存在这个镜像层,如果没有必要,就会删除这个镜像层,如第二步:

    Step 2/7 : LABEL  darren darren@gmail.com
     ---> Running in e4326a6f6000
    Removing intermediate container e4326a6f6000

    3 查看镜像

    发现新的镜像openssh:v1.3

    [root@docker-server3 openssh]# docker image ls

    REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
    openssh                         v1.3                0244c59bf444        42 seconds ago      306MB
    openssh                         v1.2                c399a750ed03        2 hours ago         361MB
    openssh                         v1.0                d98ba06569f3        2 hours ago         361MB
    nginx                           latest              f7bb5701a33c        3 days ago          126MB
    busybox                         latest              6d5fcfe5ff17        4 days ago          1.22MB
    hub.darren.com/library/alpine   3.7                 cc0abc535e36        7 days ago          5.59MB
    centos                          7                   5e35e350aded        7 weeks ago         203MB

    4 运行一个容器

    [root@docker-server3 openssh]# docker run -d openssh:v1.3

    fd2c629a2b3c067ecfa6ff601bf5a158f16087d40b16487e514688a125ab8f70

    [root@docker-server3 openssh]# docker ps -a

    CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS               NAMES
    fd2c629a2b3c        openssh:v1.3        "/usr/sbin/sshd -D"   13 seconds ago      Up 13 seconds 

    5 测试容器,检查镜像是否达到要求

    [root@docker-server3 openssh]# docker inspect fd2c629a2b3c |grep IP

    "LinkLocalIPv6Address": "",
                "LinkLocalIPv6PrefixLen": 0,
                "SecondaryIPAddresses": null,
                "SecondaryIPv6Addresses": null,
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "IPAddress": "192.168.0.2",
                "IPPrefixLen": 24,
                "IPv6Gateway": "",
                        "IPAMConfig": null,
                        "IPAddress": "192.168.0.2",
                        "IPPrefixLen": 24,
                        "IPv6Gateway": "",
                        "GlobalIPv6Address": "",
                        "GlobalIPv6PrefixLen": 0,

    ssh连接,测试openssh,并查看copy的文件

    [root@docker-server3 openssh]# ssh root@192.168.0.2

    The authenticity of host '192.168.0.2 (192.168.0.2)' can't be established.
    ECDSA key fingerprint is SHA256:j3tvwS9TpQzJVj3QN+SLescO3vpSiiT18bA1e12ZR+M.
    ECDSA key fingerprint is MD5:5c:cc:e9:cf:3d:b7:9c:d3:fe:93:50:b6:0f:f6:27:40.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '192.168.0.2' (ECDSA) to the list of known hosts.
    root@192.168.0.2's password: 
    [root@fd2c629a2b3c ~]# ll /tmp/ssh*
    -rw-r----- 1 root root  227 Dec 31 18:13 /tmp/ssh_host_ecdsa_key
    -rw-r----- 1 root root  387 Dec 31 18:13 /tmp/ssh_host_ed25519_key
    -rw-r----- 1 root root 1679 Dec 31 18:13 /tmp/ssh_host_rsa_key
    [root@fd2c629a2b3c ~]# exit
    logout
    Connection to 192.168.0.2 closed.

    [root@docker-server3 openssh]# ssh natash@192.168.0.2

    natash@192.168.0.2's password: 
    [natash@fd2c629a2b3c ~]$ exit
    logout
    Connection to 192.168.0.2 closed.

    说明镜像制作完成,后续在研究学习关于Dockerfile的语法


    博主声明:本文的内容来源主要来自誉天教育晏威老师,由本人实验完成操作验证,需要的博友请联系誉天教育(http://www.yutianedu.com/),获得官方同意或者晏老师(https://www.cnblogs.com/breezey/)本人同意即可转载,谢谢!

  • 相关阅读:
    Libvirt错误总结
    linux学习
    HMC 命令行登陆设置
    AIX扩VG和扩文件系统
    Bootstrap CSS2
    Bootstrap CSS
    JQuery的实例集合
    JQuery的noConflict()方法
    android的intent实现页面的跳转
    android的activity
  • 原文地址:https://www.cnblogs.com/zyxnhr/p/12142754.html
Copyright © 2020-2023  润新知