一、需求
由于在测试环境中使用了docker官网的centos 镜像,但是该镜像里面默认没有安装ssh服务,在做测试时又需要开启ssh。所以上网也查了查资料。下面详细的纪录下。在centos 容器内安装ssh后,转成新的镜像用于后期测试使用。
二、镜像定制
第一种方式(手动修改容器镜像)
1.先下载centos镜像
[root@docker ~]# docker pull centos
2.启动容器并进行配置
启动容器,
[root@docker ~]# docker run -it -d --name test-centos1 centos d72250ecaa5e3e36226a1edd749f494d9f00eddc4143c81ac3565aa4e551791a
命令注释:-it : 进行交互式操作
-d : 等同于 -d=true,容器将会在后台运行,不然执行一次命令后,退出后,便是exit状态了。
--name : 容器启动后的名字,默认不指定,将会随机产生一个名字。或者使用 -name="containers_name"
centos:使用的镜像名称
进入容器,安装ssh server,以及配置开机启动
[root@docker ~]# docker exec -it test-centos1 /bin/bash [root@d72250ecaa5e /]# ifconfig bash: ifconfig: command not found
注:命令最后参数 /bin/bash: 指进入容器时执行的命令(command)
我们检查了下容器,暂时安装以下必用的软件吧 net-tools,openssh-server
[root@d72250ecaa5e /]# yum install openssh-server net-tools -y
创建ssh 所需的目录,并在根目录创建sshd 启动脚本
[root@d72250ecaa5e /]# mkdir -pv /var/run/sshd mkdir: created directory '/var/run/sshd' [root@d72250ecaa5e /]# cat /auto_sshd.sh #!/bin/bash /usr/sbin/sshd -D [root@d72250ecaa5e /]# chmod +x /auto_sshd.sh
修改容器内root 的账户密码
[root@d72250ecaa5e /]# echo "root:iloveworld" | chpasswd
生成ssh 主机dsa 密钥(不然ssh 该容器时,会出现错误。)
[root@d72250ecaa5e /]# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key [root@d72250ecaa5e /]# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
我们加一个history记录的时间功能吧,这样方便后期查看
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' /etc/profile
OK,配置基本完毕咯。清理命令历史纪录,之后退出容器。现在可以生成一个新的docker 镜像了。
3.配置完成后,进行打包成新的镜像
[root@docker ~]# docker commit test-centos1 centos_sshd:7.0 sha256:6e3330b30dfff5f029f102874e54cfffffbc37dcf2a4eb7304c817148fbc944d [root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos_sshd 7.0 6e3330b30dff 8 seconds ago 310.1 MB docker.io/ubuntu latest e4415b714b62 12 days ago 128.1 MB
命令注释:commit: 提交一个具有新配置的容器成为镜像,后面跟容器的name 或者容器Id ,最后是生成新镜像的名字
更新:这条命令更方便以后启动,如下:
[root@docker ~]# docker commit --change='CMD ["/auto_sshd.sh"]' -c "EXPOSE 22" test-centos1 centos_sshd:7.0 sha256:7bb4efd82c4ff1f241cbc57ee45aab1b05d214b1e9fcd51196696c67d480e70b
命令注释: --change : 将后期使用此镜像运行容器时的命令参数、开放的容器端口提前设置好。
4.验证
查看镜像,并启动新的容器
[root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos_sshd 7.0 7bb4efd82c4f 4 minutes ago 310.1 MB docker.io/ubuntu latest e4415b714b62 12 days ago 128.1 MB [root@docker ~]# docker run -d -it --name centos_7.0-1 centos_sshd:7.0 ec17e553d5c4c60865afeb99df8dfd1f4e7d4ba6e1b0d5516f9127f09d1d6356 [root@docker ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ec17e553d5c4 centos_sshd:7.0 "/auto_sshd.sh" 6 seconds ago Up 5 seconds 22/tcp centos_7.0-1
进行ssh测试,先查看一下该容器的ip,之后ssh。ok
[root@docker ~]# docker exec centos_7.0-1 hostname -i 172.17.0.4 [root@docker ~]# ssh root@172.17.0.4 The authenticity of host '172.17.0.4 (172.17.0.4)' can't be established. RSA key fingerprint is 87:88:07:12:ac:0a:90:28:10:e1:9e:eb:1f:d6:c9:9d. Are you sure you want to continue connecting (yes/no)"htmlcode">[root@docker ~]# mkdir centos7-dockerfile [root@docker centos7-dockerfile]# cat Dockerfile # The dockerfile has Change add sshd services on Centos7.0 #centos7:latest image FROM centos:latest MAINTAINER Yifeng,http://www.cnblogs.com/hanyifeng #Install sshd net-tools RUN yum install openssh-server net-tools -y RUN mkdir /var/run/sshd #Set password for root RUN echo 'root:iloveworld' | chpasswd RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config #Set history record ENV HISTTIMEFORMAT "%F %T " #Fix sshd service:Read from socket failed: Connection reset by peer"/usr/sbin/sshd","-D"]上述文件内容就是一个dockerfile 常见的命令组合。开头带#号的为注释
文件解释:
FROM: 必不可少的命令,从某个镜像作为基。如 FROM <image_name> ,或者 FROM <image_name>:<tag>. 如果不加tag,默认为latest。先从本地镜像仓库去搜索基镜像,如过本地没有,在去网上docker registry去寻找。
MAINTAINER:标明该Dockerfile作者及联系方式,可忽略不写
RUN:建立新的镜像时,可以执行在系统里的命令,如安装特定的软件以及设置环境变量。
ENV:设置系统环境变量(注意:写在/etc/profile里的命令在dockerfile这里会不生效,所以为改成ENV的方式)
EXPOSE:开放容器内的端口,但不和宿主机进行映射。方便在宿主机上进行开发测试。(如需映射到宿主机端口,可在运行容器时使用 -p host_port:container_port)
CMD:设置执行的命令,经常用于容器启动时指定的某个操作。如执行自定义脚本服务,或者是执行系统命令。CMD 只能存在一条,如在Dockerfile中有多条CMD的话,只有最后一条CMD生效!
2.执行build 创建镜像
使用docker build命令来创建镜像
[root@docker centos7-dockerfile]# docker build -t centos_sshd_1 .-t 选项来docker build新的镜像以便于标记构建的镜像,. 表示当前目录,也可以指定dockerfile 文件所在目录。
下面缩略的内容是构建镜像时的输出,可以看下。
[root@docker centos7-dockerfile]# docker build -t centos_sshd_1 . Sending build context to Docker daemon 4.096 kB Step 1 : FROM centos:latest ---> 0584b3d2cf6d Step 2 : MAINTAINER Yifeng,http://www.cnblogs.com/hanyifeng ---> Running in da643b55dc77 ---> 1087074d44e4 Removing intermediate container da643b55dc77 Step 3 : RUN yum install openssh-server net-tools -y ---> Running in 5626d8f0f892 Loaded plugins: fastestmirror, ovl Determining fastest mirrors * base: mirrors.btte.net * extras: mirrors.tuna.tsinghua.edu.cn * updates: mirrors.btte.net Resolving Dependencies --> Running transaction check ---> Package net-tools.x86_64 0:2.0-0.17.20131004git.el7 will be installed ---> Package openssh-server.x86_64 0:6.6.1p1-25.el7_2 will be installed --> Processing Dependency: openssh = 6.6.1p1-25.el7_2 for package: openssh-server-6.6.1p1-25.el7_2.x86_64 --> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-6.6.1p1-25.el7_2.x86_64 --> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.6.1p1-25.el7_2.x86_64 --> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-6.6.1p1-25.el7_2.x86_64 --> Running transaction check ---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed --> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64 ---> Package openssh.x86_64 0:6.6.1p1-25.el7_2 will be installed ---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed --> Running transaction check ---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: net-tools x86_64 2.0-0.17.20131004git.el7 base 304 k openssh-server x86_64 6.6.1p1-25.el7_2 updates 436 k Installing for dependencies: fipscheck x86_64 1.4.1-5.el7 base 21 k fipscheck-lib x86_64 1.4.1-5.el7 base 11 k openssh x86_64 6.6.1p1-25.el7_2 updates 435 k tcp_wrappers-libs x86_64 7.6-77.el7 base 66 k Transaction Summary ================================================================================ Install 2 Packages (+4 Dependent packages) Total download size: 1.2 M Installed size: 3.4 M Downloading packages: Public key for fipscheck-lib-1.4.1-5.el7.x86_64.rpm is not installed warning: /var/cache/yum/x86_64/7/base/packages/fipscheck-lib-1.4.1-5.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY Public key for openssh-6.6.1p1-25.el7_2.x86_64.rpm is not installed -------------------------------------------------------------------------------- Total 593 kB/s | 1.2 MB 00:02 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Importing GPG key 0xF4A80EB5: Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>" Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5 Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@CentOS) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : fipscheck-1.4.1-5.el7.x86_64 1/6 Installing : fipscheck-lib-1.4.1-5.el7.x86_64 2/6 Installing : openssh-6.6.1p1-25.el7_2.x86_64 3/6 Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 4/6 Installing : openssh-server-6.6.1p1-25.el7_2.x86_64 5/6 Installing : net-tools-2.0-0.17.20131004git.el7.x86_64 6/6 Verifying : openssh-6.6.1p1-25.el7_2.x86_64 1/6 Verifying : openssh-server-6.6.1p1-25.el7_2.x86_64 2/6 Verifying : net-tools-2.0-0.17.20131004git.el7.x86_64 3/6 Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 4/6 Verifying : fipscheck-lib-1.4.1-5.el7.x86_64 5/6 Verifying : fipscheck-1.4.1-5.el7.x86_64 6/6 Installed: net-tools.x86_64 0:2.0-0.17.20131004git.el7 openssh-server.x86_64 0:6.6.1p1-25.el7_2 Dependency Installed: fipscheck.x86_64 0:1.4.1-5.el7 fipscheck-lib.x86_64 0:1.4.1-5.el7 openssh.x86_64 0:6.6.1p1-25.el7_2 tcp_wrappers-libs.x86_64 0:7.6-77.el7 Complete! ---> 7b249ed8cb54 Removing intermediate container 5626d8f0f892 Step 4 : RUN mkdir /var/run/sshd ---> Running in fc94a139d438 ---> ea2826eccc91 Removing intermediate container fc94a139d438 Step 5 : RUN echo 'root:iloveworld' | chpasswd ---> Running in ba53283081a7 ---> 7ce1ddb5d9c0 Removing intermediate container ba53283081a7 Step 6 : RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config ---> Running in 4112281a5bf0 ---> be21fb6b5b1e Removing intermediate container 4112281a5bf0 Step 7 : ENV HISTTIMEFORMAT "%F %T " ---> Running in f2081726e403 ---> f3fafca42170 Removing intermediate container f2081726e403 Step 8 : RUN ssh-keygen -A ---> Running in 2ca9e743dee7 ssh-keygen: generating new host keys: RSA1 RSA DSA ECDSA ED25519 ---> 1a927943bee7 Removing intermediate container 2ca9e743dee7 Step 9 : RUN \cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime ---> Running in afd43cc6d4d6 ---> 4a0cacf6cd72 Removing intermediate container afd43cc6d4d6 Step 10 : EXPOSE 22 ---> Running in a03551bc3bcb ---> 3af544106bf4 Removing intermediate container a03551bc3bcb Step 11 : CMD /usr/sbin/sshd -D ---> Running in f45fe5eb5561 ---> d4620c9949b8 Removing intermediate container f45fe5eb5561 Successfully built d4620c9949b83.查看镜像列表,并创建容器
[root@docker centos7-dockerfile]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos_sshd_1 latest d4620c9949b8 4 minutes ago 308.4 MB centos_sshd 7.0 7bb4efd82c4f 2 days ago 310.1 MB我们刚刚新建的容器已经存在了,现在用它来创建容器
[root@docker centos7-dockerfile]# docker run -d -it --name centos-two centos_sshd_1 7ae51091c138d249b5e97f6957073e748db278c0f1cf856e968ca78a4aec1a5b查看容器
[root@docker centos7-dockerfile]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7ae51091c138 centos_sshd_1 "/usr/sbin/sshd -D" 16 seconds ago Up 15 seconds 22/tcp centos-two可以看到容器的command 就是我们之前定义启动ssh 服务的,并且开放了22端口。
现在我们在宿主机上查看下该容器的ip,然后用ssh 链接进去。
[root@docker ~]# docker exec centos-two hostname -I 172.17.0.7 [root@docker ~]# ssh root@172.17.0.7 The authenticity of host '172.17.0.7 (172.17.0.7)' can't be established. ECDSA key fingerprint is 7a:38:69:d7:5e:f4:db:e8:3c:ea:92:a4:1a:a1:7b:9a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '172.17.0.7' (ECDSA) to the list of known hosts. root@172.17.0.7's password: [root@7ae51091c138 ~]# w 11:19:34 up 65 days, 18:34, 1 user, load average: 0.01, 0.04, 0.05 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root pts/0 gateway 11:19 6.00s 0.00s 0.00s wOK。上述就是定义镜像的两种方式,如果还有其它更为方便的还望不吝赐教哈。
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。
免责声明:本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除!
稳了!魔兽国服回归的3条重磅消息!官宣时间再确认!
昨天有一位朋友在大神群里分享,自己亚服账号被封号之后居然弹出了国服的封号信息对话框。
这里面让他访问的是一个国服的战网网址,com.cn和后面的zh都非常明白地表明这就是国服战网。
而他在复制这个网址并且进行登录之后,确实是网易的网址,也就是我们熟悉的停服之后国服发布的暴雪游戏产品运营到期开放退款的说明。这是一件比较奇怪的事情,因为以前都没有出现这样的情况,现在突然提示跳转到国服战网的网址,是不是说明了简体中文客户端已经开始进行更新了呢?
更新日志
- 好薇2024《兵哥哥》1:124K黄金母盘[WAV+CUE]
- 胡歌.2006-珍惜(EP)【步升大风】【FLAC分轨】
- 洪荣宏.2014-拼乎自己看【华特】【WAV+CUE】
- 伊能静.1999-从脆弱到勇敢1987-1996精选2CD【华纳】【WAV+CUE】
- 刘亮鹭《汽车DJ玩主》[WAV+CUE][1.1G]
- 张杰《最接近天堂的地方》天娱传媒[WAV+CUE][1.1G]
- 群星《2022年度发烧天碟》无损黑胶碟 2CD[WAV+CUE][1.4G]
- 罗文1983-罗文甄妮-射雕英雄传(纯银AMCD)[WAV+CUE]
- 群星《亚洲故事香港纯弦》雨果UPMAGCD2024[低速原抓WAV+CUE]
- 群星《经典咏流传》限量1:1母盘直刻[低速原抓WAV+CUE]
- 庾澄庆1993《老实情歌》福茂唱片[WAV+CUE][1G]
- 许巍《在别处》美卡首版[WAV+CUE][1G]
- 林子祥《单手拍掌》华纳香港版[WAV+CUE][1G]
- 郑秀文.1997-我们的主题曲【华纳】【WAV+CUE】
- 群星.2001-生命因爱动听电影原创音乐AVCD【MEDIA】【WAV+CUE】