1、启动一个基于centos镜像的容器
# docker run –p 10022:22 -ti centos bash
[root@f743588bbeef /]#-p: 本地端口映射容器22端口,是为了后面启动ssh后测试能否正常登陆
2、在容器中安装openssh-server、java等
[root@f743588bbeef /]# yum install -y -q openssh-server java-1.7.0-openjdk net-tools
3、修改sshd_config配置文件
[root@f743588bbeef /]# ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
[root@f743588bbeef /]# ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
[root@f743588bbeef /]# ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
[root@f743588bbeef /]# sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
[root@f743588bbeef /]# sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config
4、修改root密码
[root@f743588bbeef /]# echo 'root:root' |chpasswd
5、启动openssh服务
[root@f743588bbeef /]# /usr/sbin/sshd
[root@f743588bbeef /]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1/sshd
tcp6 0 0 :::22
6、测试是否能登陆容器
# ssh -p 10022 192.168.62.200
The authenticity of host '[192.168.62.200]:10022 ([192.168.62.200]:10022)' can't be established.
ECDSA key fingerprint is 7d:d5:8a:ea:5a:92:9e:3d:92:fe:dd:78:56:c2:d9:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.62.200]:10022' (ECDSA) to the list of known hosts.
root@192.168.62.200's password:
[root@f743588bbeef ~]#
7、使用commit提交刚刚在容器内的所有操作
# docker commit f743588bbeef docker-ssh
sha256:4d8d27a47d3fd2750cde8f5d0ead3af6f90dd972969a3dca369b52d1e6130085
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker-ssh latest 4d8d27a47d3f 7 seconds ago 192 MB
8、可以看到镜像列表中存在一个docker-ssh的镜像
# docker run -d --name docker-ssh -p 10022:22 docker-ssh
d986e0bdc2b1072b39248a691ba73f6b297842373ca7a55457f3cd8d7fa5c435
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d986e0bdc2b1 docker-ssh "/usr/sbin/sshd -D" 3 seconds ago Up 3 seconds 0.0.0.0:10022->22/tcp docker-ssh
# ssh -p 10022 192.168.62.200
The authenticity of host '[192.168.62.200]:10022 ([192.168.62.200]:10022)' can't be established.
ECDSA key fingerprint is 7d:d5:8a:ea:5a:92:9e:3d:92:fe:dd:78:56:c2:d9:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.62.200]:10022' (ECDSA) to the list of known hosts.
root@192.168.62.200's password:
[root@d986e0bdc2b1 ~]#
二、用Dockerfile来定制
mkdir ssh-java ##创建一个空目录
cd ssh-java && vim Dockerfile
FROM centos
MAINTAINER <Email:kbsonlong@gmail.com Blog:www.along.party>
RUN yum install -y -q openssh-server java-1.7.0-openjdk net-tools
RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
RUN sed -i "s/UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
RUN sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config
RUN echo 'root:change' |chpasswd
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]
FROM、RUN、EXPOSE、CMD、MAINTAINER 都是Dockerfile的指令,Dockerfile指令更多详细介绍
FROM:指定基于哪个基础镜像
MAINTAINER : 维护者的信息
RUN: 在shell终端执行的命令
EXPOSE: 对外提供的端口
CMD: 启动容器是执行的命令,每个Dockerfile只能有一条CMD指令,如果存在多条,则执行最后一条。
构建镜像
#docker build -t ssh-java:1.7.1 .
查看构建的镜像
docker images|grep ssh-java
ssh-java 1.7.1 71fc498380f5 25 minutes ago 282 MB
使用镜像启动
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
26b4dcc00246 ssh-java:1.7.1 "/usr/sbin/sshd -D" 3 seconds ago Up 2 seconds 0.0.0.0:32778->22/tcp ssh-java# ssh -p 32778 192.168.62.200
The authenticity of host '[192.168.62.200]:32778 ([192.168.62.200]:32778)' can't be established.
ECDSA key fingerprint is 7d:d5:8a:ea:5a:92:9e:3d:92:fe:dd:78:56:c2:d9:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.62.200]:32778' (ECDSA) to the list of known hosts.
root@192.168.62.200's password:
[root@26b4dcc00246 ~]#来源:oschina
链接:https://my.oschina.net/u/4264305/blog/4346238