docker深入1-创建一个自己的docker image

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
===
参考资料:
 
[业务架构实践]应该如何使用阿里云?高级篇  http://bbs.aliyun.com/read/182036.html?spm=5176.7189909.0.0.R1MNwz&displayMode=1
利用Docker构建开发环境  http://tech.uc.cn/?p=2726
Docker:利用Linux容器实现可移植的应用部署  http://www.infoq.com/cn/articles/docker-containers
cnetos7安装docker V1.0  http://www.51ou.com/browse/centos/57797.html
笔记- api管理docker Container的lnmp操作  http://www.tuicool.com/articles/3QJFRzI
CentOS 6.5下使用docker 容器  http://www.21ops.com/linux/7324.html
构建一个高可用及自动发现的Docker基础架构-HECD[原创]  http://blog.liuts.com/post/242/
Dockerfile Reference  https://docs.docker.com/reference/builder/
Docker使用Dockerfile创建支持ssh服务自启动的容器镜像  http://blog.csdn.net/kongxx/article/details/38412119
Docker之配置Centos_ssh   http://blog.chinaunix.net/uid-10915175-id-4442800.html
CentOS 6.5 制作可以ssh登录的Docker镜像  http://www.21ops.com/linux/26334.html/comment-page-1
===
 
【】安装
[root@server200-21 ~]# yum install docker-io
[root@server200-21 ~]# docker -v
Docker version 1.4.1, build 5bc2ff8/1.4.1
 
【】启动服务
[root@server200-21 ~]# service docker start
 
【】查看状态
[root@server200-21 ~]# docker info
 
【】将某个用户加入到docker组,以便已非root用户来运行docker命令。
[root@server200-21 ~]# usermod -a -G docker Jack
切换到用户目录
 
【】从国内的仓库docker.cn上pull一个image到本地
[Jack@server200-21 ~]$ docker pull docker.cn/docker/centos
 
【】查看images
[Jack@server200-21 ~]$ docker images
REPOSITORY                TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
docker.cn/docker/centos   latest              8efe422e6104        4 weeks ago         224 MB
docker.cn/docker/centos   7                   8efe422e6104        4 weeks ago         224 MB
docker.cn/docker/centos   centos7             8efe422e6104        4 weeks ago         224 MB
 
 
【】Dockerfile
 
[Jack@server200-21 ~]$ mkdir repository
[Jack@server200-21 ~]$ cd repository/
】编辑启动脚本
[Jack@server200-21 repository]$ vim start.sh
[Jack@server200-21 repository]$ cat start.sh 
#!/bin/bash
 
__create_user() {
# Create a user to SSH into as.
useradd admin
SSH_USERPASS=admin
echo -e "$SSH_USERPASS\n$SSH_USERPASS" | (passwd --stdin admin)
echo ssh user password: $SSH_USERPASS
}
 
# Call all functions
__create_user
 
】编辑Dockerfile
[Jack@server200-21 repository]$ vim Dockerfile
[Jack@server200-21 repository]$ cat Dockerfile 
FROM docker.cn/docker/centos:7
MAINTAINER pcnk
 
RUN yum -y update; yum clean all
RUN yum -y install openssh-server passwd; yum clean all
ADD ./start.sh /root/start.sh
RUN mkdir /var/run/sshd
RUN /bin/sed -i 's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g' /etc/pam.d/sshd
 
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
 
RUN chmod 755 /root/start.sh
# EXPOSE 22
RUN ./root/start.sh
ENTRYPOINT ["/usr/sbin/sshd""-D"]
 
】查看images:
[Jack@server200-21 repository]$ docker images
REPOSITORY                TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
docker.cn/docker/centos   centos7             8efe422e6104        4 weeks ago         224 MB
docker.cn/docker/centos   latest              8efe422e6104        4 weeks ago         224 MB
docker.cn/docker/centos   7                   8efe422e6104        4 weeks ago         224 MB
 
】build一个image:
[Jack@server200-21 repository]$ docker build --rm -t develop/ssh:v1 .          
Sending build context to Docker daemon 3.072 kB
Sending build context to Docker daemon 
Step 0 : FROM docker.cn/docker/centos:7
 ---> 8efe422e6104
Step 1 : MAINTAINER pcnk
 ---> Running in 77605343a277
 ---> 26a7e9d91296
Removing intermediate container 77605343a277
Step 2 : RUN yum -y update; yum clean all
 ---> Running in 43889045a3ed
Loaded plugins: fastestmirror
Determining fastest mirrors
 * base: mirrors.cug.edu.cn
 * extras: centos.ustc.edu.cn
 * updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package glibc.x86_64 0:2.17-55.el7_0.3 will be updated
---> Package glibc.x86_64 0:2.17-55.el7_0.5 will be an update
---> Package glibc-common.x86_64 0:2.17-55.el7_0.3 will be updated
---> Package glibc-common.x86_64 0:2.17-55.el7_0.5 will be an update
---> Package openssl-libs.x86_64 1:1.0.1e-34.el7_0.6 will be updated
---> Package openssl-libs.x86_64 1:1.0.1e-34.el7_0.7 will be an update
---> Package systemd-libs.x86_64 0:208-11.el7_0.5 will be updated
---> Package systemd-libs.x86_64 0:208-11.el7_0.6 will be an update
---> Package tzdata.noarch 0:2014j-1.el7_0 will be updated
---> Package tzdata.noarch 0:2015a-1.el7_0 will be an update
--> Finished Dependency Resolution
 
Dependencies Resolved
 
================================================================================
 Package            Arch         Version                    Repository     Size
================================================================================
Updating:
 glibc              x86_64       2.17-55.el7_0.5            updates       3.6 M
 glibc-common       x86_64       2.17-55.el7_0.5            updates        11 M
 openssl-libs       x86_64       1:1.0.1e-34.el7_0.7        updates       942 k
 systemd-libs       x86_64       208-11.el7_0.6             updates       154 k
 tzdata             noarch       2015a-1.el7_0              updates       432 k
 
Transaction Summary
================================================================================
Upgrade  5 Packages
 
Total download size: 16 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
warning: /var/cache/yum/x86_64/7/updates/packages/openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for openssl-libs-1.0.1e-34.el7_0.7.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total                                              2.0 MB/s |  16 MB  00:08     
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
 Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
 Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
 Package    : centos-release-7-0.1406.el7.centos.2.5.x86_64 (@Updates/$releasever)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : tzdata-2015a-1.el7_0.noarch                                 1/10 
  Updating   : glibc-common-2.17-55.el7_0.5.x86_64                         2/10 
  Updating   : glibc-2.17-55.el7_0.5.x86_64                                3/10 
  Updating   : 1:openssl-libs-1.0.1e-34.el7_0.7.x86_64                     4/10 
  Updating   : systemd-libs-208-11.el7_0.6.x86_64                          5/10 
  Cleanup    : systemd-libs-208-11.el7_0.5.x86_64                          6/10 
  Cleanup    : 1:openssl-libs-1.0.1e-34.el7_0.6.x86_64                     7/10 
  Cleanup    : glibc-common-2.17-55.el7_0.3.x86_64                         8/10 
  Cleanup    : glibc-2.17-55.el7_0.3.x86_64                                9/10 
  Cleanup    : tzdata-2014j-1.el7_0.noarch                                10/10 
  Verifying  : glibc-2.17-55.el7_0.5.x86_64                                1/10 
  Verifying  : tzdata-2015a-1.el7_0.noarch                                 2/10 
  Verifying  : glibc-common-2.17-55.el7_0.5.x86_64                         3/10 
  Verifying  : 1:openssl-libs-1.0.1e-34.el7_0.7.x86_64                     4/10 
  Verifying  : systemd-libs-208-11.el7_0.6.x86_64                          5/10 
  Verifying  : glibc-common-2.17-55.el7_0.3.x86_64                         6/10 
  Verifying  : systemd-libs-208-11.el7_0.5.x86_64                          7/10 
  Verifying  : tzdata-2014j-1.el7_0.noarch                                 8/10 
  Verifying  : glibc-2.17-55.el7_0.3.x86_64                                9/10 
  Verifying  : 1:openssl-libs-1.0.1e-34.el7_0.6.x86_64                    10/10 
 
Updated:
  glibc.x86_64 0:2.17-55.el7_0.5          glibc-common.x86_64 0:2.17-55.el7_0.5
  openssl-libs.x86_64 1:1.0.1e-34.el7_0.7 systemd-libs.x86_64 0:208-11.el7_0.6 
  tzdata.noarch 0:2015a-1.el7_0          
 
Complete!
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Cleaning up list of fastest mirrors
 ---> 65693f134694
Removing intermediate container 43889045a3ed
Step 3 : RUN yum -y install openssh-server passwd; yum clean all
 ---> Running in a96d6492c1c1
Loaded plugins: fastestmirror
Determining fastest mirrors
 * base: centos.ustc.edu.cn
 * extras: centos.ustc.edu.cn
 * updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:6.4p1-8.el7 will be installed
--> Processing Dependency: openssh = 6.4p1-8.el7 for package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.4p1-8.el7.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-6.4p1-8.el7.x86_64
---> Package passwd.x86_64 0:0.79-4.el7 will be installed
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64
---> Package openssh.x86_64 0:6.4p1-8.el7 will be installed
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
--> Finished Dependency Resolution
 
Dependencies Resolved
 
================================================================================
 Package                  Arch          Version               Repository   Size
================================================================================
Installing:
 openssh-server           x86_64        6.4p1-8.el7           base        367 k
 passwd                   x86_64        0.79-4.el7            base        105 k
Installing for dependencies:
 fipscheck                x86_64        1.4.1-5.el7           base         21 k
 fipscheck-lib            x86_64        1.4.1-5.el7           base         11 k
 openssh                  x86_64        6.4p1-8.el7           base        341 k
 tcp_wrappers-libs        x86_64        7.6-77.el7            base         66 k
 
Transaction Summary
================================================================================
Install  2 Packages (+4 Dependent packages)
 
Total download size: 911 k
Installed size: 2.4 M
Downloading packages:
--------------------------------------------------------------------------------
Total                                              1.1 MB/s | 911 kB  00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : fipscheck-1.4.1-5.el7.x86_64                                 1/6 
  Installing : fipscheck-lib-1.4.1-5.el7.x86_64                             2/6 
  Installing : openssh-6.4p1-8.el7.x86_64                                   3/6 
  Installing : tcp_wrappers-libs-7.6-77.el7.x86_64                          4/6 
  Installing : openssh-server-6.4p1-8.el7.x86_64                            5/6 
  Installing : passwd-0.79-4.el7.x86_64                                     6/6 
  Verifying  : openssh-server-6.4p1-8.el7.x86_64                            1/6 
  Verifying  : openssh-6.4p1-8.el7.x86_64                                   2/6 
  Verifying  : tcp_wrappers-libs-7.6-77.el7.x86_64                          3/6 
  Verifying  : fipscheck-lib-1.4.1-5.el7.x86_64                             4/6 
  Verifying  : fipscheck-1.4.1-5.el7.x86_64                                 5/6 
  Verifying  : passwd-0.79-4.el7.x86_64                                     6/6 
 
Installed:
  openssh-server.x86_64 0:6.4p1-8.el7         passwd.x86_64 0:0.79-4.el7        
 
Dependency Installed:
  fipscheck.x86_64 0:1.4.1-5.el7      fipscheck-lib.x86_64 0:1.4.1-5.el7        
  openssh.x86_64 0:6.4p1-8.el7        tcp_wrappers-libs.x86_64 0:7.6-77.el7     
 
Complete!
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Cleaning up list of fastest mirrors
 ---> d6d5d26a325a
Removing intermediate container a96d6492c1c1
Step 4 : ADD ./start.sh /root/start.sh
 ---> 06ff76970b4a
Removing intermediate container fc185c16dec7
Step 5 : RUN mkdir /var/run/sshd
 ---> Running in 4670dcd82f93
 ---> 904ed7d476e9
Removing intermediate container 4670dcd82f93
Step 6 : RUN /bin/sed -i 's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g' /etc/pam.d/sshd
 ---> Running in 5996bf6a5a23
 ---> e48a480c7498
Removing intermediate container 5996bf6a5a23
Step 7 : RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
 ---> Running in 2c24cb002c4d
Generating public/private rsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
48:fc:06:c2:12:e9:b8:6d:1f:91:e5:68:d4:0a:54:4c root@1e15b50fb185
The key's randomart image is:
+--[ RSA 2048]----+
| .o=E.           |
|  ooo.o          |
| o.oo*+          |
|. ..*o.+         |
| o . .. S        |
|. o .  .         |
| . . .           |
|    .            |
|                 |
+-----------------+
 ---> 4463e6885b2e
Removing intermediate container 2c24cb002c4d
Step 8 : RUN chmod 755 /root/start.sh
 ---> Running in e806ed020a8d
 ---> 1cc76b428192
Removing intermediate container e806ed020a8d
Step 9 : RUN ./root/start.sh
 ---> Running in 9b2ba94d80c0
Changing password for user admin.
passwd: all authentication tokens updated successfully.
ssh user password: admin
 ---> 61d83e0403a8
Removing intermediate container 9b2ba94d80c0
Step 10 : ENTRYPOINT /usr/sbin/sshd -D
 ---> Running in abdd6049a1a8
 ---> 42d8e120be8f
Removing intermediate container abdd6049a1a8
Successfully built 42d8e120be8f
 
 
 
】再次查看images:
[Jack@server200-21 repository]$ docker images                         
REPOSITORY                TAG                 IMAGE ID            CREATED              VIRTUAL SIZE
develop/ssh               v1                  42d8e120be8f        About a minute ago   387.8 MB
docker.cn/docker/centos   7                   8efe422e6104        4 weeks ago          224 MB
docker.cn/docker/centos   centos7             8efe422e6104        4 weeks ago          224 MB
docker.cn/docker/centos   latest              8efe422e6104        4 weeks ago          224 MB
 
 
 
】启动
[Jack@server200-21 repository]$ docker run -d --name test1 -p 127.0.0.1:10822:22 develop/ssh:v1
0a9e8be52d9e1ee979de02e5afa5ae572d616a30589d265c3f575cb8f69f3e9c
 
 
(也可以使用本机的随机端口来映射到容器的22端口:)
[Jack@server200-21 repository]$ docker run -d --name test1 -p 22 develop/ssh:v1
 
 
 
】查看ssh的端口
[Jack@server200-21 repository]$ docker port test1   
22/tcp -> 0.0.0.0:49155    
 
(也可以这样查看:)
[Jack@server200-21 repository]$ docker top test1
[Jack@server200-21 repository]$ docker ps test1
 
 
】测试ssh连接
[Jack@server200-21 repository]$ ssh -p 10822 admin@127.0.0.1
The authenticity of host '[127.0.0.1]:10822 ([127.0.0.1]:10822)' can't be established.
RSA key fingerprint is 48:fc:06:c2:12:e9:b8:6d:1f:91:e5:68:d4:0a:54:4c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:10822' (RSA) to the list of known hosts.
admin@127.0.0.1's password: 
[admin@0a9e8be52d9e ~]$ exit
logout
Connection to 127.0.0.1 closed.
 
 
 
】删除镜像
[Jack@server200-21 repository]$ docker rmi `docker images |grep develop |grep v1 |awk '{print $3}'`
Error response from daemon: Conflict, cannot delete 42d8e120be8f because the running container 0a9e8be52d9e is using it, stop it and use -f to force
FATA[0000] Error: failed to remove one or more images   
 
这个image被使用,先stop再rm对应的container的id
[Jack@server200-21 repository]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS                     NAMES
0a9e8be52d9e        develop/ssh:v1      "/usr/sbin/sshd -D"   2 minutes ago       Up 2 minutes        127.0.0.1:10822->22/tcp   test1  
              
[Jack@server200-21 repository]$ docker stop 0a9e8be52d9e
0a9e8be52d9e
 
[Jack@server200-21 repository]$ docker rm 0a9e8be52d9e  
0a9e8be52d9e
 
删除image
[Jack@server200-21 repository]$ docker rmi `docker images |grep develop |grep v1 |awk '{print $3}'`
Untagged: develop/ssh:v1
Deleted: 42d8e120be8f70c5085d142f575e0b755d86ee41b5b1d842a19966d4fcfaa96b
Deleted: 61d83e0403a8e61c82a5348d54e3efb982176ffcaa6a2e7c42adf5d654fe7b33
Deleted: 1cc76b42819251ddf5fec90b2dd39a847808538a450a3589594000059f13a991
Deleted: 4463e6885b2ee45f22241c511a0d73660dd892560fa6da2f0d96c139cec25c0b
Deleted: e48a480c74980331c980b32a6d969380363a0e80aebe07ef90396359d317c3e3
Deleted: 904ed7d476e962601cbbf71885d02d58f44446a9fedfaf1ff76660e33a19be26
Deleted: 06ff76970b4ac0cc853402073b1a2a6599c0785749e49d16c151a4cd1ab65609
Deleted: d6d5d26a325aec67158e59b81517345e23790b50494cbdf34155e214ce708456
Deleted: 65693f134694aa2ab51315f439d15afb02775c9a72fcb8c3e856b6cb63ce7954
Deleted: 26a7e9d912969e1a21c0532121344b8cac232e060ffc0edb237073a9543b852e