使用Dockfile创建带ssh服务的Ubuntu容器

• 环境信息
• OS：CentOS 7 64位
• docker版本

• Clientversion: 1.3.2

  ClientAPI version: 1.15

  Goversion (client): go1.3.3

  Gitcommit (client): 39fa2fa/1.3.2

  OS/Arch(client): linux/amd64

  Serverversion: 1.3.2

  ServerAPI version: 1.15

  Goversion (server): go1.3.3

  Gitcommit (server): 39fa2fa/1.3.2

• 
  
• 
  

具体过程如下：

1. 编辑Dockfile
   

   点击(此处)折叠或打开

   1. FROM ubuntu:14.04
      
   2. MAINTAINER yuj <yuj@cn.fujitsu.com>
      
   3. 
      
   4. ENV http_proxy http://IP:Port
      
   5. ENV https_proxy http://IP:Port
      
   6. 
      
   7. RUN apt-get update && apt-get install -y openssh-server
      
   8. RUN mkdir /var/run/sshd
      
   9. RUN echo 'root:fnst1234' | chpasswd
      
   10. RUN sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config
       
   11. 
       
   12. # SSH login fix. Otherwise user is kicked off after login
       
   13. RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
       
   14. 
       
   15. ENV NOTVISIBLE "in users profile"
       
   16. RUN echo "export VISIBLE=now" >> /etc/profile
       
   17. 
       
   18. EXPOSE 22
       
   19. CMD ["/usr/sbin/sshd", "-D"]
2. 执行安装
   
   

   点击(此处)折叠或打开

   1. vi Dockerfile
      
   2. docker build -t ubuntu/ssh .
      
   3. docker run -d ubuntu/ssh /usr/sbin/sshd -D
      
   4. docker ps
      
   5. docker exec 0fd3722ea2a0 ifconfig
      
   6. ping 172.17.0.13
      
   7. ssh root@172.17.0.13
3. 绑定主机端口
   
   

   点击(此处)折叠或打开

   1. [root@localhost dockertest]# docker ps
      
   2. CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
      
   3. 0fd3722ea2a0 ubuntu/ssh:latest "/usr/sbin/sshd -D" About an hour ago Up About an hour 22/tcp sharp_pare
      
   4. [root@localhost dockertest]# docker kill 0fd3722ea2a0
      
   5. 0fd3722ea2a0
      
   6. [root@localhost dockertest]# docker run -p 2222:22 -d ubuntu/ssh /usr/sbin/sshd -D
      
   7. 2364be793b5ac8369c7695c0706a90bd6222dae8545c8a3944f6f1526d08c640
      
   8. [root@localhost dockertest]# docker ps
      
   9. CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
      
   10. 2364be793b5a ubuntu/ssh:latest "/usr/sbin/sshd -D" 3 seconds ago Up 1 seconds 0.0.0.0:2222->22/tcp cranky_wilson
       
   11. [root@localhost dockertest]# ssh root@localhost -p 2222
       
   12. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
       
   13. @ WARNING: REMOTE HOST IDENTIFICATION HAS @
       
   14. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
       
   15. IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING
       
   16. Someone could be eavesdropping on you right now (man-in-the-middle attack)!
       
   17. It is also possible that a host key has just been changed.
       
   18. The fingerprint for the ECDSA key sent by the remote host is
       
   19. 85:14:5a:b5:c5:f8:7a:a3:6c:19:f0:13:6e:91:82:94.
       
   20. Please contact your system administrator.
       
   21. Add correct host key in /root/.ssh/known_hosts to get rid of this message.
       
   22. Offending ECDSA key in /root/.ssh/known_hosts:2
       
   23. ECDSA host key for [localhost]:2222 has changed and you have requested strict checking.
       
   24. Host key verification failed.
       
   25. [root@localhost dockertest]# rm /root/.ssh/known_hosts
       
   26. rm：是否?除普通文件 "/root/.ssh/known_hosts"？y
       
   27. [root@localhost dockertest]# ssh root@localhost -p 2222
       
   28. The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
       
   29. ECDSA key fingerprint is 85:14:5a:b5:c5:f8:7a:a3:6c:19:f0:13:6e:91:82:94.
       
   30. Are you sure you want to continue connecting (yes/no)? yes
       
   31. Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of known hosts.
       
   32. root@localhost's password:
       
   33. Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.2.0-61-generic x86_64)
       
   34. 
       
   35.  * Documentation: https://help.ubuntu.com/
       
   36. 
       
   37. The programs included with the Ubuntu system are free software;
       
   38. the exact distribution terms for each program are described in the
       
   39. individual files in /usr/share/doc/*/copyright.
       
   40. 
       
   41. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
       
   42. applicable law.
   
   
4. 其他：从容器导出tar文件并导入到新的Server上
   
   

   点击(此处)折叠或打开

   1. # 导出服务器（from container）
      
   2. # root@localhost dockertest]# docker export 2364be793b5a > ubuntu_ssh
      
   3. 
      
   4. # 导入服务器（from container）
      
   5. # scp root@10.167.133.136:/root/dockertest/ubuntu_ssh.tar /root/dockertest/
      
   6. # cat ubuntu_ssh.tar | docker import - aaaaa:11111
      
   7. # docker images
      
   8. # docker run -d aaaaa /usr/sbin/sshd -D
      
   9. # docker rm $(docker ps -q -a)
      
   10. # docker run -d aaaaa:11111 /usr/sbin/sshd -D
       
   11. # docker exec a77a5b51578a ifconfig
       
   12. # ping 172.17.0.64
       
   13. # ssh root@172.17.0.64
   
   
5.