• 基于docker commit和Dockerfile为镜像添加ssh服务

    系统管理员可以通过SSH服务来远程登录管理服务器

    本文介绍基于docker commit和Dockerfile为镜像添加ssh服务

    docker commit

    该命令支持用户对容器自定义

    1.获取镜像ubuntu:18.04,并创建一个容器

    1. [root@node2 db]docker pull ubuntu:18.04
    2. [root@node2 db]docker run -it ubuntu:18.04 bash

    2.配置软件源 

    root@cc346f9c4d00:/#apt-get update 更新软件源

    建议使用国内的镜像源,速度快,这里使用的是阿里的

    1. root@cc346f9c4d00:/#cat >> /etc/apt/sources.list.d/aliyun.list << EOF
    2. deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
    3. deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
    4. deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
    5. deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
    6. deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
    7. deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
    8. deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
    9. deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
    10. deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
    11. deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
    12. EOF
    13.  
    14. root@cc346f9c4d00:/#apt-get update

    3.安装和配置ssh服务

    选择主流的openssh-server作为服务端

    1. root@cc346f9c4d00:/#apt install openssh-server
    2. root@cc346f9c4d00:/#  ps -ef | grep ssh
    3. root          34      20  0 05:19 pts/1    00:00:00 grep --color=auto ssh

    取消ssh服务的安全登录配置,取消pam登录限制

    1. root@cc346f9c4d00:/#cat /etc/pam.d/sshd 
    2. root@cc346f9c4d00:/#sed -ri 's/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g' /etc/pam.d/sshd

    在root目录下创建.ssh目录,并复制公钥信息(在本地主机.ssh/id_rsa.pub 由ssh-keygen -t rsa生成)到authorized_keys

    root@cc346f9c4d00:/#echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDkoEz96/kEL7BIkulUNVEqxK0imrlq7bHdtbOiZWpjkQMQH33j1ODNPjvHHXK6NjaQdAW0VptoLHpDaiiHhNku4wDy3WLWCU746zzbqDamgSz5foUlfCLeykdvCeyAyNLCht+pN2D+LLOYC/7f6Jgijb42OwPzZDcJLd4KF64/PmWWJfBIUTzyM4xmdy160t34phqCKX2noKaiCi+Dxnv2tQVT9DJq0LzGHMVDtZgC6Na1eFNnunMtjQ/fSYuJ87OLmaXufUEKgMb5foLgAhVX1My2zzNr8gRmohThaecKbejUou+LEkrtBVyLZkU7ZHRCSRsFVjZ3ZKyMQxWKQUueddLZOhJmiVsom55eAy2J+PJdXOw4rg6QDeHr2Urk/9vNEi3P0scsCwVsgjGdhdY10cHGh1YDpl6/EtSGduYLUprIbeVGpbyU5LPwFAYFt7EFMMRvFX6uYLc+OcLoG50DaG+EnZ1s0Q0VyfKVWZg5HPIvNeR3EvWdfOGxOXZwVHc= root@node2" > /root/.ssh/authorized_keys

    创建自动启动的ssh服务的可执行文件run.sh,并添加可执行文件

    1. root@cc346f9c4d00:/#cat > /run.sh << EOF
    2. #!/bin/bash
    3. /usr/sbin/sshd -D
    4. EOF
    5.  
    6. root@cc346f9c4d00:/# chmod +x /run.sh

    4.提交镜像

    1. [root@node2 db]# docker commit cc346f9c4d00 sshd:ubuntu_v1
    2. [root@node2 db]# docker images
    3. REPOSITORY                       TAG                 IMAGE ID            CREATED             SIZE
    4. sshd                             ubuntu_v1           85594beba8ae        9 seconds ago       295MB
    5. web                              v2                  4899ed6fa217        35 minutes ago      4.26MB
    6. web                              v3                  4899ed6fa217        35 minutes ago      4.26MB
    7. web                              v1                  bfa797a20cd9        About an hour ago   4.26MB
    8. ubuntu                           latest              ca2b0f26964c        2 weeks ago         77.9MB
    9. ubuntu                           18.04               f9a80a55f492        9 months ago        63.2MB
    10. busybox                          latest              ba5dc23f65d4        10 months ago       4.26MB
    11. reg.openlab.cn/openlab/busybox   v1                  ba5dc23f65d4        10 months ago       4.26MB
    12. training/webapp                  latest              1b15d7898f68        8 years ago         349MB
    13. training/postgres                latest              3da46b8c5ff4        9 years ago         365MB

    5.使用镜像并测试

    启动容器,添加端口映射,10022是宿主主机端口,22是容器ssh服务监听端口

    1. [root@node2 db]# docker run -p 10222:22 -d ssh:ubuntu_v1 /run.sh
    2. [root@node2 db]# ssh 192.168.37.22 -p 10222

    Dockerfile 

    1.创建一个工作目录

    1. [root@node2 ~]mkdir /sshd_ubuntu
    2. [root@node2 sshd_ubuntu]cd /sshd_ubuntu

    2.添加Dockerfile run.sh aliyun.list authorized_keys并编写

    1. [root@node2 sshd_ubuntu]#touch Dockerfile run.sh aliyun.list authorized_keys
    2. [root@node2 sshd_ubuntu]# cat Dockerfile
    3. FROM ubuntu:18.04
    4. MAINTAINER zhuhy<zhuhy@111.com>
    5. COPY aliyun.list /etc/apt/sources.list.d/aliyun.list
    6. RUN apt update && \
    7.     apt install -y openssh-server && \
    8.     mkdir /var/run/sshd && \
    9.     sed -ri 's/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g' /etc/pam.d/sshd && \ #取消pam限制
    10.     mkdir /root/.ssh
    11. COPY authorized_keys /root/.ssh/
    12. COPY run.sh /run.sh
    13. RUN chmod 755 /run.sh
    14. EXPOSE 22
    15. CMD ["/run.sh"]  #设置自启动
    16.  
    17.  
    18. [root@node2 sshd_ubuntu]# cat run.sh 
    19. #!/bin/bash
    20. /usr/sbin/sshd -D
    21. [root@node2 sshd_ubuntu]# cat aliyun.list 
    22. deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
    23. deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
    24. deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
    25. deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
    26. deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
    27. deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
    28. deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
    29. deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
    30. deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
    31. deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
    32.  
    33. [root@node2 sshd_ubuntu]# cat authorized_keys 
    34. ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDkoEz96/kEL7BIkulUNVEqxK0imrlq7bHdtbOiZWpjkQMQH33j1ODNPjvHHXK6NjaQdAW0VptoLHpDaiiHhNku4wDy3WLWCU746zzbqDamgSz5foUlfCLeykdvCeyAyNLCht+pN2D+LLOYC/7f6Jgijb42OwPzZDcJLd4KF64/PmWWJfBIUTzyM4xmdy160t34phqCKX2noKaiCi+Dxnv2tQVT9DJq0LzGHMVDtZgC6Na1eFNnunMtjQ/fSYuJ87OLmaXufUEKgMb5foLgAhVX1My2zzNr8gRmohThaecKbejUou+LEkrtBVyLZkU7ZHRCSRsFVjZ3ZKyMQxWKQUueddLZOhJmiVsom55eAy2J+PJdXOw4rg6QDeHr2Urk/9vNEi3P0scsCwVsgjGdhdY10cHGh1YDpl6/EtSGduYLUprIbeVGpbyU5LPwFAYFt7EFMMRvFX6uYLc+OcLoG50DaG+EnZ1s0Q0VyfKVWZg5HPIvNeR3EvWdfOGxOXZwVHc= root@node2
    35.

    3.创建镜像

    [root@node2 sshd_ubuntu]#docker build -t sshd:ubuntu_v2 ./

    4.测试运行容器

    1. [root@node2 sshd_ubuntu]#docker run -d -P sshd:ubuntu_v2
    2. [root@node2 sshd_ubuntu]#ssh 192.168.37.22 -p 32770

  • 相关阅读:
    状态机练习(饮料贩卖机程序设计)8/9
    配置远程jupyter
    zookeeper
    AJAX学习
    【ant-design-vue】ant-design-vue在uniapp使用时,auto-import失败报错
    git创建与合并分支
    git -- 清除本地分支以及删除远程分支
    Java回顾-Collection-List-ArratList/LinkedList/Vector的对比
    【Spring boot 文件上传】
    23、匿名类的排序、Lambda 表达式、方法引用
  • 原文地址:https://blog.csdn.net/qq_63652578/article/details/136706924