1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
| ===
【】安装
[iyunv@server200-21 ~]# yum install docker-io
[iyunv@server200-21 ~]# docker -v
Docker version 1.4.1, build 5bc2ff8/1.4.1
【】启动服务
[iyunv@server200-21 ~]# service docker start
【】查看状态
[iyunv@server200-21 ~]# docker info
【】将某个用户加入到docker组,以便已非root用户来运行docker命令。
[iyunv@server200-21 ~]# usermod -a -G docker Jack
切换到用户目录
【】从国内的仓库docker.cn上pull一个image到本地
[Jack@server200-21 ~]$ docker pull docker.cn/docker/centos
【】查看images
[Jack@server200-21 ~]$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker.cn/docker/centos latest 8efe422e6104 4 weeks ago 224 MB
docker.cn/docker/centos 7 8efe422e6104 4 weeks ago 224 MB
docker.cn/docker/centos centos7 8efe422e6104 4 weeks ago 224 MB
【】Dockerfile
[Jack@server200-21 ~]$ mkdir repository
[Jack@server200-21 ~]$ cd repository/
】编辑启动脚本
[Jack@server200-21 repository]$ vim start.sh
[Jack@server200-21 repository]$ cat start.sh
#!/bin/bash
__create_user() {
# Create a user to SSH into as.
useradd admin
SSH_USERPASS=admin
echo -e "$SSH_USERPASS\n$SSH_USERPASS" | (passwd --stdin admin)
echo ssh user password: $SSH_USERPASS
}
# Call all functions
__create_user
】编辑Dockerfile
[Jack@server200-21 repository]$ vim Dockerfile
[Jack@server200-21 repository]$ cat Dockerfile
FROM docker.cn/docker/centos:7
MAINTAINER pcnk
RUN yum -y update; yum clean all
RUN yum -y install openssh-server passwd; yum clean all
ADD ./start.sh /root/start.sh
RUN mkdir /var/run/sshd
RUN /bin/sed -i 's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g' /etc/pam.d/sshd
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
RUN chmod 755 /root/start.sh
# EXPOSE 22
RUN ./root/start.sh
ENTRYPOINT ["/usr/sbin/sshd", "-D"]
】查看images:
[Jack@server200-21 repository]$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker.cn/docker/centos centos7 8efe422e6104 4 weeks ago 224 MB
docker.cn/docker/centos latest 8efe422e6104 4 weeks ago 224 MB
docker.cn/docker/centos 7 8efe422e6104 4 weeks ago 224 MB
】build一个image:
[Jack@server200-21 repository]$ docker build --rm -t develop/ssh:v1 .
Sending build context to Docker daemon 3.072 kB
Sending build context to Docker daemon
Step 0 : FROM docker.cn/docker/centos:7
---> 8efe422e6104
Step 1 : MAINTAINER pcnk
---> Running in 77605343a277
---> 26a7e9d91296
Removing intermediate container 77605343a277
Step 2 : RUN yum -y update; yum clean all
---> Running in 43889045a3ed
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.cug.edu.cn
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package glibc.x86_64 0:2.17-55.el7_0.3 will be updated
---> Package glibc.x86_64 0:2.17-55.el7_0.5 will be an update
---> Package glibc-common.x86_64 0:2.17-55.el7_0.3 will be updated
---> Package glibc-common.x86_64 0:2.17-55.el7_0.5 will be an update
---> Package openssl-libs.x86_64 1:1.0.1e-34.el7_0.6 will be updated
---> Package openssl-libs.x86_64 1:1.0.1e-34.el7_0.7 will be an update
---> Package systemd-libs.x86_64 0:208-11.el7_0.5 will be updated
---> Package systemd-libs.x86_64 0:208-11.el7_0.6 will be an update
---> Package tzdata.noarch 0:2014j-1.el7_0 will be updated
---> Package tzdata.noarch 0:2015a-1.el7_0 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Updating:
glibc x86_64 2.17-55.el7_0.5 updates 3.6 M
glibc-common x86_64 2.17-55.el7_0.5 updates 11 M
openssl-libs x86_64 1:1.0.1e-34.el7_0.7 updates 942 k
systemd-libs x86_64 208-11.el7_0.6 updates 154 k
tzdata noarch 2015a-1.el7_0 updates 432 k
Transaction Summary
================================================================================
Upgrade 5 Packages
Total download size: 16 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
warning: /var/cache/yum/x86_64/7/updates/packages/openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total 2.0 MB/s | 16 MB 00:08
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-0.1406.el7.centos.2.5.x86_64 (@Updates/$releasever)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : tzdata-2015a-1.el7_0.noarch 1/10
Updating : glibc-common-2.17-55.el7_0.5.x86_64 2/10
Updating : glibc-2.17-55.el7_0.5.x86_64 3/10
Updating : 1:openssl-libs-1.0.1e-34.el7_0.7.x86_64 4/10
Updating : systemd-libs-208-11.el7_0.6.x86_64 5/10
Cleanup : systemd-libs-208-11.el7_0.5.x86_64 6/10
Cleanup : 1:openssl-libs-1.0.1e-34.el7_0.6.x86_64 7/10
Cleanup : glibc-common-2.17-55.el7_0.3.x86_64 8/10
Cleanup : glibc-2.17-55.el7_0.3.x86_64 9/10
Cleanup : tzdata-2014j-1.el7_0.noarch 10/10
Verifying : glibc-2.17-55.el7_0.5.x86_64 1/10
Verifying : tzdata-2015a-1.el7_0.noarch 2/10
Verifying : glibc-common-2.17-55.el7_0.5.x86_64 3/10
Verifying : 1:openssl-libs-1.0.1e-34.el7_0.7.x86_64 4/10
Verifying : systemd-libs-208-11.el7_0.6.x86_64 5/10
Verifying : glibc-common-2.17-55.el7_0.3.x86_64 6/10
Verifying : systemd-libs-208-11.el7_0.5.x86_64 7/10
Verifying : tzdata-2014j-1.el7_0.noarch 8/10
Verifying : glibc-2.17-55.el7_0.3.x86_64 9/10
Verifying : 1:openssl-libs-1.0.1e-34.el7_0.6.x86_64 10/10
Updated:
glibc.x86_64 0:2.17-55.el7_0.5 glibc-common.x86_64 0:2.17-55.el7_0.5
openssl-libs.x86_64 1:1.0.1e-34.el7_0.7 systemd-libs.x86_64 0:208-11.el7_0.6
tzdata.noarch 0:2015a-1.el7_0
Complete!
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Cleaning up list of fastest mirrors
---> 65693f134694
Removing intermediate container 43889045a3ed
Step 3 : RUN yum -y install openssh-server passwd; yum clean all
---> Running in a96d6492c1c1
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: centos.ustc.edu.cn
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:6.4p1-8.el7 will be installed
--> Processing Dependency: openssh = 6.4p1-8.el7 for package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-6.4p1-8.el7.x86_64
---> Package passwd.x86_64 0:0.79-4.el7 will be installed
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64
---> Package openssh.x86_64 0:6.4p1-8.el7 will be installed
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssh-server x86_64 6.4p1-8.el7 base 367 k
passwd x86_64 0.79-4.el7 base 105 k
Installing for dependencies:
fipscheck x86_64 1.4.1-5.el7 base 21 k
fipscheck-lib x86_64 1.4.1-5.el7 base 11 k
openssh x86_64 6.4p1-8.el7 base 341 k
tcp_wrappers-libs x86_64 7.6-77.el7 base 66 k
Transaction Summary
================================================================================
Install 2 Packages (+4 Dependent packages)
Total download size: 911 k
Installed size: 2.4 M
Downloading packages:
--------------------------------------------------------------------------------
Total 1.1 MB/s | 911 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : fipscheck-1.4.1-5.el7.x86_64 1/6
Installing : fipscheck-lib-1.4.1-5.el7.x86_64 2/6
Installing : openssh-6.4p1-8.el7.x86_64 3/6
Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 4/6
Installing : openssh-server-6.4p1-8.el7.x86_64 5/6
Installing : passwd-0.79-4.el7.x86_64 6/6
Verifying : openssh-server-6.4p1-8.el7.x86_64 1/6
Verifying : openssh-6.4p1-8.el7.x86_64 2/6
Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 3/6
Verifying : fipscheck-lib-1.4.1-5.el7.x86_64 4/6
Verifying : fipscheck-1.4.1-5.el7.x86_64 5/6
Verifying : passwd-0.79-4.el7.x86_64 6/6
Installed:
openssh-server.x86_64 0:6.4p1-8.el7 passwd.x86_64 0:0.79-4.el7
Dependency Installed:
fipscheck.x86_64 0:1.4.1-5.el7 fipscheck-lib.x86_64 0:1.4.1-5.el7
openssh.x86_64 0:6.4p1-8.el7 tcp_wrappers-libs.x86_64 0:7.6-77.el7
Complete!
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Cleaning up list of fastest mirrors
---> d6d5d26a325a
Removing intermediate container a96d6492c1c1
Step 4 : ADD ./start.sh /root/start.sh
---> 06ff76970b4a
Removing intermediate container fc185c16dec7
Step 5 : RUN mkdir /var/run/sshd
---> Running in 4670dcd82f93
---> 904ed7d476e9
Removing intermediate container 4670dcd82f93
Step 6 : RUN /bin/sed -i 's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g' /etc/pam.d/sshd
---> Running in 5996bf6a5a23
---> e48a480c7498
Removing intermediate container 5996bf6a5a23
Step 7 : RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
---> Running in 2c24cb002c4d
Generating public/private rsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
48:fc:06:c2:12:e9:b8:6d:1f:91:e5:68:d4:0a:54:4c root@1e15b50fb185
The key's randomart image is:
+--[ RSA 2048]----+
| .o=E. |
| ooo.o |
| o.oo*+ |
|. ..*o.+ |
| o . .. S |
|. o . . |
| . . . |
| . |
| |
+-----------------+
---> 4463e6885b2e
Removing intermediate container 2c24cb002c4d
Step 8 : RUN chmod 755 /root/start.sh
---> Running in e806ed020a8d
---> 1cc76b428192
Removing intermediate container e806ed020a8d
Step 9 : RUN ./root/start.sh
---> Running in 9b2ba94d80c0
Changing password for user admin.
passwd: all authentication tokens updated successfully.
ssh user password: admin
---> 61d83e0403a8
Removing intermediate container 9b2ba94d80c0
Step 10 : ENTRYPOINT /usr/sbin/sshd -D
---> Running in abdd6049a1a8
---> 42d8e120be8f
Removing intermediate container abdd6049a1a8
Successfully built 42d8e120be8f
】再次查看images:
[Jack@server200-21 repository]$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
develop/ssh v1 42d8e120be8f About a minute ago 387.8 MB
docker.cn/docker/centos 7 8efe422e6104 4 weeks ago 224 MB
docker.cn/docker/centos centos7 8efe422e6104 4 weeks ago 224 MB
docker.cn/docker/centos latest 8efe422e6104 4 weeks ago 224 MB
】启动
[Jack@server200-21 repository]$ docker run -d --name test1 -p 127.0.0.1:10822:22 develop/ssh:v1
0a9e8be52d9e1ee979de02e5afa5ae572d616a30589d265c3f575cb8f69f3e9c
(也可以使用本机的随机端口来映射到容器的22端口:)
[Jack@server200-21 repository]$ docker run -d --name test1 -p 22 develop/ssh:v1
】查看ssh的端口
[Jack@server200-21 repository]$ docker port test1
22/tcp -> 0.0.0.0:49155
(也可以这样查看:)
[Jack@server200-21 repository]$ docker top test1
[Jack@server200-21 repository]$ docker ps test1
】测试ssh连接
[Jack@server200-21 repository]$ ssh -p 10822 admin@127.0.0.1
The authenticity of host '[127.0.0.1]:10822 ([127.0.0.1]:10822)' can't be established.
RSA key fingerprint is 48:fc:06:c2:12:e9:b8:6d:1f:91:e5:68:d4:0a:54:4c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:10822' (RSA) to the list of known hosts.
admin@127.0.0.1's password:
[admin@0a9e8be52d9e ~]$ exit
logout
Connection to 127.0.0.1 closed.
】删除镜像
[Jack@server200-21 repository]$ docker rmi `docker images |grep develop |grep v1 |awk '{print $3}'`
Error response from daemon: Conflict, cannot delete 42d8e120be8f because the running container 0a9e8be52d9e is using it, stop it and use -f to force
FATA[0000] Error: failed to remove one or more images
这个image被使用,先stop再rm对应的container的id
[Jack@server200-21 repository]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0a9e8be52d9e develop/ssh:v1 "/usr/sbin/sshd -D" 2 minutes ago Up 2 minutes 127.0.0.1:10822->22/tcp test1
[Jack@server200-21 repository]$ docker stop 0a9e8be52d9e
0a9e8be52d9e
[Jack@server200-21 repository]$ docker rm 0a9e8be52d9e
0a9e8be52d9e
删除image
[Jack@server200-21 repository]$ docker rmi `docker images |grep develop |grep v1 |awk '{print $3}'`
Untagged: develop/ssh:v1
Deleted: 42d8e120be8f70c5085d142f575e0b755d86ee41b5b1d842a19966d4fcfaa96b
Deleted: 61d83e0403a8e61c82a5348d54e3efb982176ffcaa6a2e7c42adf5d654fe7b33
Deleted: 1cc76b42819251ddf5fec90b2dd39a847808538a450a3589594000059f13a991
Deleted: 4463e6885b2ee45f22241c511a0d73660dd892560fa6da2f0d96c139cec25c0b
Deleted: e48a480c74980331c980b32a6d969380363a0e80aebe07ef90396359d317c3e3
Deleted: 904ed7d476e962601cbbf71885d02d58f44446a9fedfaf1ff76660e33a19be26
Deleted: 06ff76970b4ac0cc853402073b1a2a6599c0785749e49d16c151a4cd1ab65609
Deleted: d6d5d26a325aec67158e59b81517345e23790b50494cbdf34155e214ce708456
Deleted: 65693f134694aa2ab51315f439d15afb02775c9a72fcb8c3e856b6cb63ce7954
Deleted: 26a7e9d912969e1a21c0532121344b8cac232e060ffc0edb237073a9543b852e
|
QQ群⑧:
窥视卡
雷达卡
发表于 2015-2-10 07:39:03
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡