使用Dockfile创建带ssh服务的Ubuntu容器

  • 环境信息
    • OS:CentOS 7 64位
    • docker版本
      • Clientversion: 1.3.2

        ClientAPI version: 1.15

        Goversion (client): go1.3.3

        Gitcommit (client): 39fa2fa/1.3.2

        OS/Arch(client): linux/amd64

        Serverversion: 1.3.2

        ServerAPI version: 1.15

        Goversion (server): go1.3.3

        Gitcommit (server): 39fa2fa/1.3.2



具体过程如下:

  1. 编辑Dockfile

    点击(此处)折叠或打开

    1. FROM ubuntu:14.04
    2. MAINTAINER yuj <yuj@cn.fujitsu.com>

    3. ENV http_proxy http://IP:Port
    4. ENV https_proxy http://IP:Port

    5. RUN apt-get update && apt-get install -y openssh-server
    6. RUN mkdir /var/run/sshd
    7. RUN echo 'root:fnst1234' | chpasswd
    8. RUN sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config

    9. # SSH login fix. Otherwise user is kicked off after login
    10. RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd

    11. ENV NOTVISIBLE "in users profile"
    12. RUN echo "export VISIBLE=now" >> /etc/profile

    13. EXPOSE 22
    14. CMD ["/usr/sbin/sshd", "-D"]
  2. 执行安装

    点击(此处)折叠或打开

    1. vi Dockerfile
    2. docker build -t ubuntu/ssh .
    3. docker run -d ubuntu/ssh /usr/sbin/sshd -D
    4. docker ps
    5. docker exec 0fd3722ea2a0 ifconfig
    6. ping 172.17.0.13
    7. ssh root@172.17.0.13
  3. 绑定主机端口

    点击(此处)折叠或打开

    1. [root@localhost dockertest]# docker ps
    2. CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
    3. 0fd3722ea2a0 ubuntu/ssh:latest "/usr/sbin/sshd -D" About an hour ago Up About an hour 22/tcp sharp_pare
    4. [root@localhost dockertest]# docker kill 0fd3722ea2a0
    5. 0fd3722ea2a0
    6. [root@localhost dockertest]# docker run -p 2222:22 -d ubuntu/ssh /usr/sbin/sshd -D
    7. 2364be793b5ac8369c7695c0706a90bd6222dae8545c8a3944f6f1526d08c640
    8. [root@localhost dockertest]# docker ps
    9. CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
    10. 2364be793b5a ubuntu/ssh:latest "/usr/sbin/sshd -D" 3 seconds ago Up 1 seconds 0.0.0.0:2222->22/tcp cranky_wilson
    11. [root@localhost dockertest]# ssh root@localhost -p 2222
    12. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    13. @ WARNING: REMOTE HOST IDENTIFICATION HAS @
    14. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    15. IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING
    16. Someone could be eavesdropping on you right now (man-in-the-middle attack)!
    17. It is also possible that a host key has just been changed.
    18. The fingerprint for the ECDSA key sent by the remote host is
    19. 85:14:5a:b5:c5:f8:7a:a3:6c:19:f0:13:6e:91:82:94.
    20. Please contact your system administrator.
    21. Add correct host key in /root/.ssh/known_hosts to get rid of this message.
    22. Offending ECDSA key in /root/.ssh/known_hosts:2
    23. ECDSA host key for [localhost]:2222 has changed and you have requested strict checking.
    24. Host key verification failed.
    25. [root@localhost dockertest]# rm /root/.ssh/known_hosts
    26. rm:是否?除普通文件 "/root/.ssh/known_hosts"?y
    27. [root@localhost dockertest]# ssh root@localhost -p 2222
    28. The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
    29. ECDSA key fingerprint is 85:14:5a:b5:c5:f8:7a:a3:6c:19:f0:13:6e:91:82:94.
    30. Are you sure you want to continue connecting (yes/no)? yes
    31. Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of known hosts.
    32. root@localhost's password:
    33. Welcome to Ubuntu 14.04 LTS (GNU/Linux 3.2.0-61-generic x86_64)

    34.  * Documentation: https://help.ubuntu.com/

    35. The programs included with the Ubuntu system are free software;
    36. the exact distribution terms for each program are described in the
    37. individual files in /usr/share/doc/*/copyright.

    38. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
    39. applicable law.

  4. 其他:从容器导出tar文件并导入到新的Server上

    点击(此处)折叠或打开

    1. # 导出服务器(from container)
    2. # root@localhost dockertest]# docker export 2364be793b5a > ubuntu_ssh

    3. # 导入服务器(from container)
    4. # scp root@10.167.133.136:/root/dockertest/ubuntu_ssh.tar /root/dockertest/
    5. # cat ubuntu_ssh.tar | docker import - aaaaa:11111
    6. # docker images
    7. # docker run -d aaaaa /usr/sbin/sshd -D
    8. # docker rm $(docker ps -q -a)
    9. # docker run -d aaaaa:11111 /usr/sbin/sshd -D
    10. # docker exec a77a5b51578a ifconfig
    11. # ping 172.17.0.64
    12. # ssh root@172.17.0.64


11-24 20:47