Dockerfile学习(二)
2024-09-01 09:43:36
这节学习制作一个ssh镜像服务。
创建sshtest目录,进入到该目录中。
假如允许主机B上的root用户可以通过SSH登录到容器内部,那么首先要在B主机上通过ssh-keygen -t rsa命令生成root用户的公钥。(默认就行,一直按回车)
~/.ssh目录下的id_rsa.pub文件即为该主机上root用户的公钥,写到文件中
[root@miyan sshtest]# cat ~/.ssh/id_rsa.pub > authorized_keys
编写Dockerfile文件
[root@miyan sshtest]# cat Dockerfile
FROM ubuntu:14.04
MAINTAINER miyan XYJK1002@.com
RUN echo "deb http://mirrors.163.com/ubuntu precise main universe" > /etc/apt/sources.list
RUN apt-get update
RUN apt-get install -y openssh-server
RUN mkdir -p /var/run/sshd
RUN mkdir -p /root/.ssh
RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
ADD authorized_keys /root/.ssh/authorized_keys
RUN echo "#!/bin/bash" >/root/run.sh
RUN echo "/usr/sbin/sshd -D" >>/root/run.sh
RUN chmod u+x /root/run.sh
EXPOSE
CMD ["/root/run.sh"]
注释:
1.
RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
默认情况下,pam认证程序会对SSH登录进行限制,修改配置文件,注释掉session required pam_loginuid.so
2.脚本的命令中不能添加&。例如,如果脚本是/usr/sbin/sshd -D & ,则当容器以脚本启动时,会立马执行完毕,相应的容器也就退出了,但我们需要将SSH服务一直监听着,此处-D参数噶偶SSH服务不以守护进程进行,而是和运行终端关联,有了关联终端,容器不会退出
构建
[root@miyan sshtest]# docker build -t ssh_ubuntu:14.04 .
中间过程:
Sending build context to Docker daemon 3.584 kB
Step : FROM ubuntu:14.04
---> ab035c88d533
Step : MAINTAINER miyan XYJK1002@.com
---> Running in 0be9d1fd9270
---> c5a7ea1f66ee
Removing intermediate container 0be9d1fd9270
Step : RUN echo "deb http://mirrors.163.com/ubuntu precise main universe" > /etc/apt/sources.list
---> Running in c48a5aae931d
---> ff36bb1e558e
Removing intermediate container c48a5aae931d
Step : RUN apt-get update
---> Running in aa33b10ade80
Ign http://mirrors.163.com precise InRelease
Get: http://mirrors.163.com precise Release.gpg [198 B]
Get: http://mirrors.163.com precise Release [49.6 kB]
Get: http://mirrors.163.com precise/main amd64 Packages [1640 kB]
Get: http://mirrors.163.com precise/universe amd64 Packages [6167 kB]
Fetched kB in 3s ( kB/s)
Reading package lists...
---> fd60fcc8697c
Removing intermediate container aa33b10ade80
Step : RUN apt-get install -y openssh-server
---> Running in bed6bd156290
Reading package lists...
Building dependency tree...
Reading state information...
The following extra packages will be installed:
ca-certificates krb5-locales libedit2 libgssapi-krb5- libidn11 libk5crypto3
libkeyutils1 libkrb5- libkrb5support0 libwrap0 libx11- libx11-data libxau6
libxcb1 libxdmcp6 libxext6 libxmuu1 openssh-client openssl ssh-import-id
tcpd wget xauth
Suggested packages:
krb5-doc krb5-user ssh-askpass libpam-ssh keychain monkeysphere
openssh-blacklist openssh-blacklist-extra rssh molly-guard ufw
The following NEW packages will be installed:
ca-certificates krb5-locales libedit2 libgssapi-krb5- libidn11 libk5crypto3
libkeyutils1 libkrb5- libkrb5support0 libwrap0 libx11- libx11-data libxau6
libxcb1 libxdmcp6 libxext6 libxmuu1 openssh-client openssh-server openssl
ssh-import-id tcpd wget xauth
upgraded, newly installed, to remove and not upgraded.
Need to get kB of archives.
After this operation, 12.9 MB of additional disk space will be used.
Get: http://mirrors.163.com/ubuntu/ precise/main libedit2 amd64 2.11-20080614-3ubuntu2 [70.3 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libkrb5support0 amd64 1.10+dfsg~beta1-2 [23.5 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libk5crypto3 amd64 1.10+dfsg~beta1-2 [79.9 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libkeyutils1 amd64 1.5.2-2 [7862 B]
Get: http://mirrors.163.com/ubuntu/ precise/main libkrb5-3 amd64 1.10+dfsg~beta1-2 [354 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libgssapi-krb5-2 amd64 1.10+dfsg~beta1-2 [118 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libidn11 amd64 1.23-2 [112 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libxau6 amd64 1:1.0.6-4 [8392 B]
Get: http://mirrors.163.com/ubuntu/ precise/main libxdmcp6 amd64 1:1.1.0-4 [12.7 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libxcb1 amd64 1.8.1-1 [44.7 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libx11-data all 2:1.4.99.1-0ubuntu2 [168 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libx11-6 amd64 2:1.4.99.1-0ubuntu2 [762 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libxext6 amd64 2:1.3.0-3build1 [33.2 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libxmuu1 amd64 2:1.1.0-3 [11.0 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main libwrap0 amd64 7.6.q-21 [49.9 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main openssl amd64 1.0.1-4ubuntu3 [523 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main ca-certificates all 20111211 [169 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main krb5-locales all 1.10+dfsg~beta1-2 [8886 B]
Get: http://mirrors.163.com/ubuntu/ precise/main openssh-client amd64 1:5.9p1-5ubuntu1 [943 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main wget amd64 1.13.4-2ubuntu1 [277 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main xauth amd64 1:1.0.6-1 [26.2 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main openssh-server amd64 1:5.9p1-5ubuntu1 [339 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main tcpd amd64 7.6.q-21 [29.4 kB]
Get: http://mirrors.163.com/ubuntu/ precise/main ssh-import-id all 2.10-0ubuntu1 [6598 B]
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
dpkg-preconfigure: unable to re-open stdin:
Fetched kB in 6s ( kB/s)
Selecting previously unselected package libedit2:amd64.
(Reading database ... files and directories currently installed.)
Preparing to unpack .../libedit2_2.--3ubuntu2_amd64.deb ...
Unpacking libedit2:amd64 (2.11--3ubuntu2) ...
Selecting previously unselected package libkrb5support0:amd64.
Preparing to unpack .../libkrb5support0_1.+dfsg~beta1-2_amd64.deb ...
Unpacking libkrb5support0:amd64 (1.10+dfsg~beta1-) ...
Selecting previously unselected package libk5crypto3:amd64.
Preparing to unpack .../libk5crypto3_1.+dfsg~beta1-2_amd64.deb ...
Unpacking libk5crypto3:amd64 (1.10+dfsg~beta1-) ...
Selecting previously unselected package libkeyutils1:amd64.
Preparing to unpack .../libkeyutils1_1.5.2-2_amd64.deb ...
Unpacking libkeyutils1:amd64 (1.5.-) ...
Selecting previously unselected package libkrb5-:amd64.
Preparing to unpack .../libkrb5-3_1.+dfsg~beta1-2_amd64.deb ...
Unpacking libkrb5-:amd64 (1.10+dfsg~beta1-) ...
Selecting previously unselected package libgssapi-krb5-:amd64.
Preparing to unpack .../libgssapi-krb5-2_1.+dfsg~beta1-2_amd64.deb ...
Unpacking libgssapi-krb5-:amd64 (1.10+dfsg~beta1-) ...
Selecting previously unselected package libidn11:amd64.
Preparing to unpack .../libidn11_1.-2_amd64.deb ...
Unpacking libidn11:amd64 (1.23-) ...
Selecting previously unselected package libxau6:amd64.
Preparing to unpack .../libxau6_1%3a1.0.6-4_amd64.deb ...
Unpacking libxau6:amd64 (:1.0.-) ...
Selecting previously unselected package libxdmcp6:amd64.
Preparing to unpack .../libxdmcp6_1%3a1.1.0-4_amd64.deb ...
Unpacking libxdmcp6:amd64 (:1.1.-) ...
Selecting previously unselected package libxcb1:amd64.
Preparing to unpack .../libxcb1_1.8.1-1_amd64.deb ...
Unpacking libxcb1:amd64 (1.8.-) ...
Selecting previously unselected package libx11-data.
Preparing to unpack .../libx11-data_2%3a1.4.99.-0ubuntu2_all.deb ...
Unpacking libx11-data (:1.4.99.1-0ubuntu2) ...
Selecting previously unselected package libx11-:amd64.
Preparing to unpack .../libx11-6_2%3a1.4.99.-0ubuntu2_amd64.deb ...
Unpacking libx11-:amd64 (:1.4.99.1-0ubuntu2) ...
Selecting previously unselected package libxext6:amd64.
Preparing to unpack .../libxext6_2%3a1.3.0-3build1_amd64.deb ...
Unpacking libxext6:amd64 (:1.3.-3build1) ...
Selecting previously unselected package libxmuu1:amd64.
Preparing to unpack .../libxmuu1_2%3a1.1.0-3_amd64.deb ...
Unpacking libxmuu1:amd64 (:1.1.-) ...
Selecting previously unselected package libwrap0:amd64.
Preparing to unpack .../libwrap0_7..q-21_amd64.deb ...
Unpacking libwrap0:amd64 (7.6.q-) ...
Selecting previously unselected package openssl.
Preparing to unpack .../openssl_1.0.1-4ubuntu3_amd64.deb ...
Unpacking openssl (1.0.-4ubuntu3) ...
Selecting previously unselected package ca-certificates.
Preparing to unpack .../ca-certificates_20111211_all.deb ...
Unpacking ca-certificates () ...
Selecting previously unselected package krb5-locales.
Preparing to unpack .../krb5-locales_1.+dfsg~beta1-2_all.deb ...
Unpacking krb5-locales (1.10+dfsg~beta1-) ...
Selecting previously unselected package openssh-client.
Preparing to unpack .../openssh-client_1%3a5.9p1-5ubuntu1_amd64.deb ...
Unpacking openssh-client (:.9p1-5ubuntu1) ...
Selecting previously unselected package wget.
Preparing to unpack .../wget_1.13.4-2ubuntu1_amd64.deb ...
Unpacking wget (1.13.-2ubuntu1) ...
Selecting previously unselected package xauth.
Preparing to unpack .../xauth_1%3a1.0.6-1_amd64.deb ...
Unpacking xauth (:1.0.-) ...
Selecting previously unselected package openssh-server.
Preparing to unpack .../openssh-server_1%3a5.9p1-5ubuntu1_amd64.deb ...
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
Unpacking openssh-server (:.9p1-5ubuntu1) ...
Selecting previously unselected package tcpd.
Preparing to unpack .../tcpd_7..q-21_amd64.deb ...
Unpacking tcpd (7.6.q-) ...
Selecting previously unselected package ssh-import-id.
Preparing to unpack .../ssh-import-id_2.-0ubuntu1_all.deb ...
Unpacking ssh-import-id (2.10-0ubuntu1) ...
Processing triggers for ureadahead (0.100.-) ...
Setting up libedit2:amd64 (2.11--3ubuntu2) ...
Setting up libkrb5support0:amd64 (1.10+dfsg~beta1-) ...
Setting up libk5crypto3:amd64 (1.10+dfsg~beta1-) ...
Setting up libkeyutils1:amd64 (1.5.-) ...
Setting up libkrb5-:amd64 (1.10+dfsg~beta1-) ...
Setting up libgssapi-krb5-:amd64 (1.10+dfsg~beta1-) ...
Setting up libidn11:amd64 (1.23-) ...
Setting up libxau6:amd64 (:1.0.-) ...
Setting up libxdmcp6:amd64 (:1.1.-) ...
Setting up libxcb1:amd64 (1.8.-) ...
Setting up libx11-data (:1.4.99.1-0ubuntu2) ...
Setting up libx11-:amd64 (:1.4.99.1-0ubuntu2) ...
Setting up libxext6:amd64 (:1.3.-3build1) ...
Setting up libxmuu1:amd64 (:1.1.-) ...
Setting up libwrap0:amd64 (7.6.q-) ...
Setting up openssl (1.0.-4ubuntu3) ...
Setting up ca-certificates () ...
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
Updating certificates in /etc/ssl/certs... added, removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
Setting up krb5-locales (1.10+dfsg~beta1-) ...
Setting up openssh-client (:.9p1-5ubuntu1) ...
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
Setting up wget (1.13.-2ubuntu1) ...
Setting up xauth (:1.0.-) ...
Setting up openssh-server (:.9p1-5ubuntu1) ...
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Creating SSH2 ECDSA key; this may take some time ...
invoke-rc.d: policy-rc.d denied execution of stop.
Setting up tcpd (7.6.q-) ...
Setting up ssh-import-id (2.10-0ubuntu1) ...
Processing triggers for libc-bin (2.19-0ubuntu6.) ...
Processing triggers for ureadahead (0.100.-) ...
---> d586e6941c24
Removing intermediate container bed6bd156290
Step : RUN mkdir -p /var/run/sshd
---> Running in d16d593c8252
---> 39526127d62f
Removing intermediate container d16d593c8252
Step : RUN mkdir -p /root/.ssh
---> Running in 6c117ffaec39
---> 181ba5e8a90d
Removing intermediate container 6c117ffaec39
Step : RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
---> Running in 4f20ea132054
---> 6ebde2837cd4
Removing intermediate container 4f20ea132054
Step : ADD authorized_keys /root/.ssh/authorized_keys
---> 45809864aec6
Removing intermediate container ac3aacac0658
Step : RUN echo "#!/bin/bash" >/root/run.sh
---> Running in 5fe0512fc13b
---> 1fbb88283c14
Removing intermediate container 5fe0512fc13b
Step : RUN echo "/usr/sbin/sshd -D" >>/root/run.sh
---> Running in 61753a22b6d4
---> 04ef9cf7916c
Removing intermediate container 61753a22b6d4
Step : RUN chmod u+x /root/run.sh
---> Running in 0b7e8d82eb5c
---> aba2fcb00bdd
Removing intermediate container 0b7e8d82eb5c
Step : EXPOSE
---> Running in 7b55119a0040
---> cb241747b77c
Removing intermediate container 7b55119a0040
Step : CMD /root/run.sh
---> Running in 97ee5a0e8cbd
---> 3ac4daf2d7a3
Removing intermediate container 97ee5a0e8cbd
Successfully built 3ac4daf2d7a3
查看镜像是否生成:
[root@miyan sshtest]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
ssh_ubuntu 14.04 3ac4daf2d7a3 About a minute ago 209.6 MB
创建容器:
[root@miyan sshtest]# docker run -d -p : ssh_ubuntu:14.04 /root/run.sh
8fe2d6f4f90a4b60460eee960ebfe47a1b640678e7bd46593406fcaaba612a84
通过访问容器的宿主机的2023端口登录容器。
[root@miyan sshtest]# ssh 10.165.48.219 -p
The authenticity of host '[10.165.48.219]:2023 ([10.165.48.219]:2023)' can't be established.
ECDSA key fingerprint is :::8b:7d:a3:e7:cd:::de:e1:3c::f2:.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[10.165.48.219]:2023' (ECDSA) to the list of known hosts. The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law. root@8fe2d6f4f90a:~#
最新文章
- 【转】C++之父:C++ 的五个普遍误解
- .gitignore失效问题解决
- C语言strdup函数
- NotificationObject.cs
- ps一般常用的快捷键
- FusionCharts简单教程---建立第一个FusionCharts图形
- [ios] Xcode使用设置相关-快捷键【转】
- SBT使用阿里云Maven仓库,解决SBT下载依赖慢。
- Heritrix工具实现网络爬虫
- Python + Appium 【已解决】driver(session)在多个class之间复用,执行完一个类的用例,再次执行下个类的用例时不需要初始化
- 数据库:MySQL实战;左链接;查询WordPress数据库中的文章内容
- 为什么 web 开发人员需要迁移到. NET Core, 并使用 ASP.NET Core MVC 构建 web 和 webservice/API
- 递归加载Treeview
- Java_01初识
- java_30对文件的操作
- Oracle NVL空值处理函数
- BN讲解(转载)
- HashSet和LinkedHashSet解析
- 关于Code Review
- 脚本:定时释放 Linux/CentOS 缓存【转载自:杭州山不高】