个人网站创建,企业彩页设计模板,百度指数是干嘛的,免费推广引流怎么做需求
由于在测试环境中使用了docker官网的centos 镜像#xff0c;但是该镜像里面默认没有安装ssh服务#xff0c;在做测试时又需要开启ssh。所以上网也查了查资料。下面详细的纪录下。在centos 容器内安装ssh后#xff0c;转成新的镜像用于后期测试使用。
镜像定制
第一种…需求
由于在测试环境中使用了docker官网的centos 镜像但是该镜像里面默认没有安装ssh服务在做测试时又需要开启ssh。所以上网也查了查资料。下面详细的纪录下。在centos 容器内安装ssh后转成新的镜像用于后期测试使用。
镜像定制
第一种方式手动修改容器镜像
1.先下载centos镜像
[rootdocker ~]# docker pull centos:72.启动容器并进行配置
启动容器
[rootdocker ~]# docker run -it -d --name test-centos1 centos:7
d72250ecaa5e3e36226a1edd749f494d9f00eddc4143c81ac3565aa4e551791a命令注释-it : 进行交互式操作
-d : 等同于 -dtrue,容器将会在后台运行不然执行一次命令后退出后便是exit状态了。
–name : 容器启动后的名字默认不指定将会随机产生一个名字。或者使用 -name“containers_name”
centos使用的镜像名称
进入容器安装ssh server以及配置开机启动
[rootdocker ~]# docker exec -it test-centos1 /bin/bash
[rootd72250ecaa5e /]# ifconfig
bash: ifconfig: command not found注命令最后参数 /bin/bash 指进入容器时执行的命令command 我们检查了下容器暂时安装以下必用的软件吧 net-toolsopenssh-server
[rootd72250ecaa5e /]# yum install openssh-server net-tools -y创建ssh 所需的目录并在根目录创建sshd 启动脚本输入/usr/sbin/sshd -D
[rootd72250ecaa5e /]# mkdir -pv /var/run/sshd
mkdir: created directory /var/run/sshd
[rootd72250ecaa5e /]# cat /auto_sshd.sh
#!/bin/bash
/usr/sbin/sshd -D
[rootd72250ecaa5e /]# chmod x /auto_sshd.sh修改容器内root 的账户密码
[rootd72250ecaa5e /]# echo root:iloveworld | chpasswd 生成ssh 主机dsa 密钥不然ssh 该容器时会出现错误。
[rootd72250ecaa5e /]# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
[rootd72250ecaa5e /]# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key我们加一个history记录的时间功能吧这样方便后期查看
echo export HISTTIMEFORMAT%F %T whoami /etc/profileOK配置基本完毕咯。清理命令历史纪录之后退出容器。现在可以生成一个新的docker 镜像了。 3.配置完成后进行打包成新的镜像
[rootdocker ~]# docker commit test-centos1 centos_sshd:7.0
sha256:6e3330b30dfff5f029f102874e54cfffffbc37dcf2a4eb7304c817148fbc944d
[rootdocker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_sshd 7.0 6e3330b30dff 8 seconds ago 310.1 MB
docker.io/ubuntu latest e4415b714b62 12 days ago 128.1 MB命令注释commit 提交一个具有新配置的容器成为镜像后面跟容器的name 或者容器Id 最后是生成新镜像的名字
更新这条命令更方便以后启动如下
[rootdocker ~]# docker commit --changeCMD [/auto_sshd.sh] -c EXPOSE 22 test-centos1 centos_sshd:7.0
sha256:7bb4efd82c4ff1f241cbc57ee45aab1b05d214b1e9fcd51196696c67d480e70b命令注释 --change : 将后期使用此镜像运行容器时的命令参数、开放的容器端口提前设置好。
4.验证
查看镜像并启动新的容器
[rootdocker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_sshd 7.0 7bb4efd82c4f 4 minutes ago 310.1 MB
docker.io/ubuntu latest e4415b714b62 12 days ago 128.1 MB[rootdocker ~]# docker run -d -it --name centos_7.0-1 centos_sshd:7.0
ec17e553d5c4c60865afeb99df8dfd1f4e7d4ba6e1b0d5516f9127f09d1d6356
[rootdocker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ec17e553d5c4 centos_sshd:7.0 /auto_sshd.sh 6 seconds ago Up 5 seconds 22/tcp centos_7.0-1进行ssh测试先查看一下该容器的ip之后ssh。ok密码使用前面设置的iloveworld
[rootdocker ~]# docker exec centos_7.0-1 hostname -i
172.17.0.4[rootdocker ~]# ssh root172.17.0.4
The authenticity of host 172.17.0.4 (172.17.0.4) cant be established.
RSA key fingerprint is 87:88:07:12:ac:0a:90:28:10:e1:9e:eb:1f:d6:c9:9d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 172.17.0.4 (RSA) to the list of known hosts.
root172.17.0.4s password:
Last login: Tue Nov 29 16:00:49 2016 from gateway[rootec17e553d5c4 ~]# w 16:34:17 up 63 days, 7:49, 1 user, load average: 0.00, 0.02, 0.05
USER TTY FROM LOGIN IDLE JCPU PCPU WHAT
root pts/0 gateway 16:34 1.00s 0.00s 0.00s w
[rootec17e553d5c4 ~]# ping gateway
PING gateway (172.17.0.1) 56(84) bytes of data.
64 bytes from gateway (172.17.0.1): icmp_seq1 ttl64 time0.048 ms第二种方式推荐利用Dockerfile文件
Dockerfile包含创建镜像所需要的全部指令。基于在Dockerfile中的指令我们可以使用Docker build命令来创建镜像。通过减少镜像和容器的创建过程来简化部署。
1.创建Dockerfile文件
新建一个目录在里面新建一个dockerfile文件新建一个的目录主要是为了和以防和其它dockerfile混乱
[rootdocker ~]# mkdir centos7-dockerfile[rootdocker centos7-dockerfile]# cat Dockerfile
# The dockerfile has Change add sshd services on Centos7.0
#centos7:latest image
FROM centos:7MAINTAINER Yifeng,http://www.cnblogs.com/hanyifeng#Install sshd net-tools
RUN yum install openssh-server net-tools -y
RUN mkdir /var/run/sshd#Set password for root
RUN echo root:iloveworld | chpasswd
RUN sed -i s/PermitRootLogin prohibit-password/PermitRootLogin yes/ /etc/ssh/sshd_config#Set history record
ENV HISTTIMEFORMAT %F %T #Fix sshd service:Read from socket failed: Connection reset by peer?
RUN ssh-keygen -A#Change timezone CST
RUN \cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime#Open 22 port
EXPOSE 22#Auto running sshd service
CMD [/usr/sbin/sshd,-D]上述文件内容就是一个dockerfile 常见的命令组合。开头带号的为注释
文件解释
FROM 必不可少的命令从某个镜像作为基。如 FROM image_name 或者 FROM image_name:. 如果不加tag默认为latest。先从本地镜像仓库去搜索基镜像如过本地没有在去网上docker registry去寻找。
MAINTAINER标明该Dockerfile作者及联系方式可忽略不写
RUN建立新的镜像时可以执行在系统里的命令如安装特定的软件以及设置环境变量。
ENV设置系统环境变量注意写在/etc/profile里的命令在dockerfile这里会不生效所以为改成ENV的方式
EXPOSE开放容器内的端口但不和宿主机进行映射。方便在宿主机上进行开发测试。如需映射到宿主机端口可在运行容器时使用 -p host_port:container_port
CMD设置执行的命令经常用于容器启动时指定的某个操作。如执行自定义脚本服务或者是执行系统命令。CMD 只能存在一条如在Dockerfile中有多条CMD的话只有最后一条CMD生效
2.执行build 创建镜像
使用docker build命令来创建镜像
[rootdocker centos7-dockerfile]# docker build -t centos_sshd_1 .-t 选项来docker build新的镜像以便于标记构建的镜像. 表示当前目录也可以指定dockerfile 文件所在目录。
下面缩略的内容是构建镜像时的输出可以看下。
[rootdocker centos7-dockerfile]# docker build -t centos_sshd_1 .
Sending build context to Docker daemon 4.096 kB
Step 1 : FROM centos:latest--- 0584b3d2cf6d
Step 2 : MAINTAINER Yifeng,http://www.cnblogs.com/hanyifeng--- Running in da643b55dc77--- 1087074d44e4
Removing intermediate container da643b55dc77
Step 3 : RUN yum install openssh-server net-tools -y--- Running in 5626d8f0f892
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors* base: mirrors.btte.net* extras: mirrors.tuna.tsinghua.edu.cn* updates: mirrors.btte.net
Resolving Dependencies
-- Running transaction check
--- Package net-tools.x86_64 0:2.0-0.17.20131004git.el7 will be installed
--- Package openssh-server.x86_64 0:6.6.1p1-25.el7_2 will be installed
-- Processing Dependency: openssh 6.6.1p1-25.el7_2 for package: openssh-server-6.6.1p1-25.el7_2.x86_64
-- Processing Dependency: fipscheck-lib(x86-64) 1.3.0 for package: openssh-server-6.6.1p1-25.el7_2.x86_64
-- Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.6.1p1-25.el7_2.x86_64
-- Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-6.6.1p1-25.el7_2.x86_64
-- Running transaction check
--- Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
-- Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64
--- Package openssh.x86_64 0:6.6.1p1-25.el7_2 will be installed
--- Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
-- Running transaction check
--- Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
-- Finished Dependency ResolutionDependencies ResolvedPackage Arch Version Repository SizeInstalling:net-tools x86_64 2.0-0.17.20131004git.el7 base 304 kopenssh-server x86_64 6.6.1p1-25.el7_2 updates 436 k
Installing for dependencies:fipscheck x86_64 1.4.1-5.el7 base 21 kfipscheck-lib x86_64 1.4.1-5.el7 base 11 kopenssh x86_64 6.6.1p1-25.el7_2 updates 435 ktcp_wrappers-libs x86_64 7.6-77.el7 base 66 kTransaction SummaryInstall 2 Packages (4 Dependent packages)Total download size: 1.2 M
Installed size: 3.4 M
Downloading packages:
Public key for fipscheck-lib-1.4.1-5.el7.x86_64.rpm is not installed
warning: /var/cache/yum/x86_64/7/base/packages/fipscheck-lib-1.4.1-5.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for openssh-6.6.1p1-25.el7_2.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total 593 kB/s | 1.2 MB 00:02
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:Userid : CentOS-7 Key (CentOS 7 Official Signing Key) securitycentos.orgFingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (CentOS)From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transactionInstalling : fipscheck-1.4.1-5.el7.x86_64 1/6 Installing : fipscheck-lib-1.4.1-5.el7.x86_64 2/6 Installing : openssh-6.6.1p1-25.el7_2.x86_64 3/6 Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 4/6 Installing : openssh-server-6.6.1p1-25.el7_2.x86_64 5/6 Installing : net-tools-2.0-0.17.20131004git.el7.x86_64 6/6 Verifying : openssh-6.6.1p1-25.el7_2.x86_64 1/6 Verifying : openssh-server-6.6.1p1-25.el7_2.x86_64 2/6 Verifying : net-tools-2.0-0.17.20131004git.el7.x86_64 3/6 Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 4/6 Verifying : fipscheck-lib-1.4.1-5.el7.x86_64 5/6 Verifying : fipscheck-1.4.1-5.el7.x86_64 6/6 Installed:net-tools.x86_64 0:2.0-0.17.20131004git.el7 openssh-server.x86_64 0:6.6.1p1-25.el7_2 Dependency Installed:fipscheck.x86_64 0:1.4.1-5.el7 fipscheck-lib.x86_64 0:1.4.1-5.el7 openssh.x86_64 0:6.6.1p1-25.el7_2 tcp_wrappers-libs.x86_64 0:7.6-77.el7 Complete!--- 7b249ed8cb54
Removing intermediate container 5626d8f0f892
Step 4 : RUN mkdir /var/run/sshd--- Running in fc94a139d438--- ea2826eccc91
Removing intermediate container fc94a139d438
Step 5 : RUN echo root:iloveworld | chpasswd--- Running in ba53283081a7--- 7ce1ddb5d9c0
Removing intermediate container ba53283081a7
Step 6 : RUN sed -i s/PermitRootLogin prohibit-password/PermitRootLogin yes/ /etc/ssh/sshd_config--- Running in 4112281a5bf0--- be21fb6b5b1e
Removing intermediate container 4112281a5bf0
Step 7 : ENV HISTTIMEFORMAT %F %T --- Running in f2081726e403--- f3fafca42170
Removing intermediate container f2081726e403
Step 8 : RUN ssh-keygen -A--- Running in 2ca9e743dee7
ssh-keygen: generating new host keys: RSA1 RSA DSA ECDSA ED25519 --- 1a927943bee7
Removing intermediate container 2ca9e743dee7
Step 9 : RUN \cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime--- Running in afd43cc6d4d6--- 4a0cacf6cd72
Removing intermediate container afd43cc6d4d6
Step 10 : EXPOSE 22--- Running in a03551bc3bcb--- 3af544106bf4
Removing intermediate container a03551bc3bcb
Step 11 : CMD /usr/sbin/sshd -D--- Running in f45fe5eb5561--- d4620c9949b8
Removing intermediate container f45fe5eb5561
Successfully built d4620c9949b8
docker build stdout3.查看镜像列表并创建容器
[rootdocker centos7-dockerfile]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_sshd_1 latest d4620c9949b8 4 minutes ago 308.4 MB
centos_sshd 7.0 7bb4efd82c4f 2 days ago 310.1 MB我们刚刚新建的容器已经存在了现在用它来创建容器
[rootdocker centos7-dockerfile]# docker run -d -it --name centos-two centos_sshd_1
7ae51091c138d249b5e97f6957073e748db278c0f1cf856e968ca78a4aec1a5b查看容器
[rootdocker centos7-dockerfile]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7ae51091c138 centos_sshd_1 /usr/sbin/sshd -D 16 seconds ago Up 15 seconds 22/tcp centos-two可以看到容器的command 就是我们之前定义启动ssh 服务的并且开放了22端口。
现在我们在宿主机上查看下该容器的ip然后用ssh 链接进去。
[rootdocker ~]# docker exec centos-two hostname -I
172.17.0.7[rootdocker ~]# ssh root172.17.0.7
The authenticity of host 172.17.0.7 (172.17.0.7) cant be established.
ECDSA key fingerprint is 7a:38:69:d7:5e:f4:db:e8:3c:ea:92:a4:1a:a1:7b:9a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 172.17.0.7 (ECDSA) to the list of known hosts.
root172.17.0.7s password:
[root7ae51091c138 ~]# w11:19:34 up 65 days, 18:34, 1 user, load average: 0.01, 0.04, 0.05
USER TTY FROM LOGIN IDLE JCPU PCPU WHAT
root pts/0 gateway 11:19 6.00s 0.00s 0.00s wOK。
