docker ssh秘钥免密登录
2024-08-25 03:12:01
一、概述
有一台跳板机,已经实现了免密登录后端服务器。但是我写了一个django项目,它是运行在容器中的,也需要免密登录后端服务器。
虽然可以在容器中手动做一下免密登录,但是容器重启之后,之前做的设置都消失了。
是否可以在生成新的django镜像时,也能免密登录后端服务器呢?答案是可以的!
二、实现过程
环境说明
跳板机
操作系统:centos 7.6
ip地址:192.168.28.229
后端主机
操作系统:centos 7.6
ip地址:192.168.28.218
制作docker镜像
django_base目录结构如下:
./
├── dockerfile
├── id_rsa
│ ├── id_rsa
│ └── id_rsa.pub
├── pip.conf
├── requirements.txt
├── run.sh
└── sources.list
dockerfile
FROM ubuntu:16.04
# 修改更新源为阿里云
ADD sources.list /etc/apt/sources.list
ADD . /
# 时区为上海
ENV TZ Asia/Shanghai # 设置时区,设置utf-8编码,安装django,添加任务计划
RUN apt-get update && apt-get install -y tzdata locales python3-pip cron openssh-server && apt-get clean all && \
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && \
locale-gen en_US.UTF-8 && \
mkdir ~/.pip && cp /pip.conf ~/.pip && pip3 install --upgrade pip && \
pip3 install -r /requirements.txt && \
mkdir ~/.ssh && cp -r /id_rsa/* ~/.ssh # 解决中文乱码问题
#RUN locale-gen en_US.UTF-8
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8 # 添加启动脚本
ADD run.sh .
RUN chmod 755 run.sh
ENTRYPOINT [ "/run.sh"]
id_rsa文件夹里面的2个文件,就是跳板机的ssh秘钥,copy进来即可。
pip.conf
[global]
index-url = http://pypi.douban.com/simple
trusted-host = pypi.douban.com
requirements.txt
Django==2.1.8
paramiko==2.7.1
run.sh
#!/bin/bash # 收集主机公钥,写入known_hosts,避免出现Are you sure you want to continue connecting (yes/no)?
ssh-keyscan -H -t ecdsa -p 22 192.168.28.218 >> ~/.ssh/known_hosts
sources.list
# deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted
deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties
deb http://archive.canonical.com/ubuntu xenial partner
deb-src http://archive.canonical.com/ubuntu xenial partner
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse
生成镜像
cd django_base
docker build -t django_base:v1 .
运行镜像
docker run -it django_base:v1 /bin/bash
测试ssh免密
ssh 192.168.28.218
不需要输入密码,就表示成功了。
最新文章
- [spring源码学习]二、IOC源码——配置文件读取
- C语言的内存分配
- javascript 提取表单元素生成用于提交的对象(序列化 html 表单)
- 定时关闭AWS上的EC2机器实例
- 【HDU 1007】Quoit Design
- 严重: Exception starting filter struts2解决方法!
- CListCtrl中删除多个不连续的行
- 1445 送Q币
- 浅入ARP
- Android ADB命令大全(通过ADB命令查看wifi密码、MAC地址、设备信息、操作文件、查看文件、日志信息、卸载、启动和安装APK等)
- Team Homework #2 Decide the roles of each team member ——IloveSE
- Linux下简易蜂鸣器驱动代码及测试实例
- chrome性能测试框架webpagereplay
- Caffe安装过程错误处理方法
- Python 实现排序算法
- bat复制文件夹下所有文件到另一个目录
- 10. linux输入子系统/input 设备【转】
- js 闭包,作用域,this 终结篇(转)
- 关于PHP5.6连接SqlServer
- Docker网络的基本功能操作示例