说明:创建一个含有sshd服务的基础镜像,再在这个基础镜像中创建其它中间件镜像,再利用中间件镜像创建应用容器。通过Dockerfile可以创建任意自定义容器,配合supervisord服务完美搭配。
1. 编写Dockerfile
[root@docker1 ~]# vi /root/base_ssh/Dockerfile
-----------------DockerFile-----------------
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
# This is Dockerfile
# Author: koumm
# Base image docker.io/centos
FROM docker.io
/centos
MAINTAINER KOUMM XXX@126.com
RUN rpm -ivh http:
//dl
.fedoraproject.org
/pub/epel/7/x86_64/e/epel-release-7-9
.noarch.rpm && \
yum
install
-y curl wget
tar
bzip2
unzip net-tools
rsync
man
openssl openssl-devel && \
yum
install
-y gcc gcc-c++ git
make
automake cmake patch logrotate python-devel && \
yum -y
install
openssh-server
passwd
python-pip && \
yum clean all && \
/usr/bin/pip
install
supervisor
ADD supervisord.conf
/etc/supervisord
.conf
RUN
mkdir
-p
/etc/supervisor
.conf.d
ADD sshd.ini
/etc/supervisor
.d
/sshd
.ini
RUN
echo
'QWER#123456'
|
passwd
--stdin root
RUN
ssh
-keygen -q -t rsa -b 2048 -f
/etc/ssh/ssh_host_rsa_key
-N
''
RUN
ssh
-keygen -q -t ecdsa -f
/etc/ssh/ssh_host_ecdsa_key
-N
''
RUN
ssh
-keygen -t dsa -f
/etc/ssh/ssh_host_ed25519_key
-N
''
RUN
sed
-i
"s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g"
/etc/ssh/sshd_config
RUN
sed
-i
"s/UsePAM.*/UsePAM no/g"
/etc/ssh/sshd_config
EXPOSE 22
ENTRYPOINT [
"/usr/bin/supervisord"
]
|
--------------------------------------------
2. 创建supervisord.conf配置文件
#创建supervisord主配置文件,事先将再成的配置文件复制一份出来即可。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
# vi /root/base_ssh/supervisord.conf
[unix_http_server]
file
=
/tmp/supervisor
.sock ; (the path to the socket
file
)
[supervisord]
logfile=
/tmp/supervisord
.log ; (main log
file
;default $CWD
/supervisord
.log)
logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)
logfile_backups=10 ; (num of main logfile rotation backups;default 10)
loglevel=info ; (log level;default info; others: debug,warn,trace)
pidfile=
/tmp/supervisord
.pid ; (supervisord pidfile;default supervisord.pid)
nodaemon=
true
; (start
in
foreground
if
true
;default
false
)
minfds=1024 ; (min. avail startup
file
descriptors;default 1024)
minprocs=200 ; (min. avail process descriptors;default 200)
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:
///tmp/supervisor
.sock ; use a unix:
//
URL
for
a unix socket
[include]
files=
/etc/supervisor
.d/*.ini
|
# 创建sshd服务启动文件
1
2
|
# vi /root/base_ssh/sshd.ini[program:sshd]
command
=
/usr/sbin/sshd
-D
|
3. 通过Dockerfile创建镜像
[root@docker1 ~]# docker build -t centos:ssh_v2 /root/base_ssh/
过程略..
base_ssh为准备相关资源的目录,包括Dockerfile文件的位置。
[root@docker1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos ssh_v2 71fb8b60cf9f 6 minutes ago 407.1 MB
docker.io/centos latest 8140d0c64310 2 weeks ago 192.5 MB
4. 通过镜像创建容器
[root@docker1 ~]# docker run -d -p 2223:22 --name sshtest1 centos:ssh_v2
说明: -p 2223:22 映射要机2223端口到容器22端口
然后可以通过ssh登录主机的2223端口访问容器ssh服务。
本文转自 koumm 51CTO博客,原文链接:http://blog.51cto.com/koumm/1936534,如需转载请自行联系原作者