这节学习制作一个ssh镜像服务。

创建sshtest目录,进入到该目录中。

假如允许主机B上的root用户可以通过SSH登录到容器内部,那么首先要在B主机上通过ssh-keygen -t rsa命令生成root用户的公钥。(默认就行,一直按回车)

~/.ssh目录下的id_rsa.pub文件即为该主机上root用户的公钥,写到文件中

[root@miyan sshtest]# cat ~/.ssh/id_rsa.pub > authorized_keys

编写Dockerfile文件

[root@miyan sshtest]# cat Dockerfile

FROM ubuntu:14.04

MAINTAINER miyan XYJK1002@.com

RUN echo "deb http://mirrors.163.com/ubuntu precise main universe" > /etc/apt/sources.list

RUN apt-get update

RUN apt-get install -y openssh-server

RUN mkdir -p /var/run/sshd

RUN mkdir -p /root/.ssh

RUN sed -ri 's/session    required    pam_loginuid.so/#session    required    pam_loginuid.so/g' /etc/pam.d/sshd

ADD authorized_keys /root/.ssh/authorized_keys

RUN echo "#!/bin/bash" >/root/run.sh

RUN echo "/usr/sbin/sshd -D" >>/root/run.sh

RUN chmod u+x /root/run.sh

EXPOSE

CMD ["/root/run.sh"]

注释:

1.

RUN sed -ri 's/session    required    pam_loginuid.so/#session    required    pam_loginuid.so/g' /etc/pam.d/sshd

默认情况下,pam认证程序会对SSH登录进行限制,修改配置文件,注释掉session required pam_loginuid.so

2.脚本的命令中不能添加&。例如,如果脚本是/usr/sbin/sshd -D & ,则当容器以脚本启动时,会立马执行完毕,相应的容器也就退出了,但我们需要将SSH服务一直监听着,此处-D参数噶偶SSH服务不以守护进程进行,而是和运行终端关联,有了关联终端,容器不会退出

构建

[root@miyan sshtest]# docker build -t ssh_ubuntu:14.04 .

中间过程:

Sending build context to Docker daemon 3.584 kB

Step  : FROM ubuntu:14.04

 ---> ab035c88d533

Step  : MAINTAINER miyan XYJK1002@.com

 ---> Running in 0be9d1fd9270

 ---> c5a7ea1f66ee

Removing intermediate container 0be9d1fd9270

Step  : RUN echo "deb http://mirrors.163.com/ubuntu precise main universe" > /etc/apt/sources.list

 ---> Running in c48a5aae931d

 ---> ff36bb1e558e

Removing intermediate container c48a5aae931d

Step  : RUN apt-get update

 ---> Running in aa33b10ade80

Ign http://mirrors.163.com precise InRelease

Get: http://mirrors.163.com precise Release.gpg [198 B]

Get: http://mirrors.163.com precise Release [49.6 kB]

Get: http://mirrors.163.com precise/main amd64 Packages [1640 kB]

Get: http://mirrors.163.com precise/universe amd64 Packages [6167 kB]

Fetched  kB in 3s ( kB/s)

Reading package lists...

 ---> fd60fcc8697c

Removing intermediate container aa33b10ade80

Step  : RUN apt-get install -y openssh-server

 ---> Running in bed6bd156290

Reading package lists...

Building dependency tree...

Reading state information...

The following extra packages will be installed:

  ca-certificates krb5-locales libedit2 libgssapi-krb5- libidn11 libk5crypto3

  libkeyutils1 libkrb5- libkrb5support0 libwrap0 libx11- libx11-data libxau6

  libxcb1 libxdmcp6 libxext6 libxmuu1 openssh-client openssl ssh-import-id

  tcpd wget xauth

Suggested packages:

  krb5-doc krb5-user ssh-askpass libpam-ssh keychain monkeysphere

  openssh-blacklist openssh-blacklist-extra rssh molly-guard ufw

The following NEW packages will be installed:

  ca-certificates krb5-locales libedit2 libgssapi-krb5- libidn11 libk5crypto3

  libkeyutils1 libkrb5- libkrb5support0 libwrap0 libx11- libx11-data libxau6

  libxcb1 libxdmcp6 libxext6 libxmuu1 openssh-client openssh-server openssl

  ssh-import-id tcpd wget xauth

 upgraded,  newly installed,  to remove and  not upgraded.

Need to get  kB of archives.

After this operation, 12.9 MB of additional disk space will be used.

Get: http://mirrors.163.com/ubuntu/ precise/main libedit2 amd64 2.11-20080614-3ubuntu2 [70.3 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libkrb5support0 amd64 1.10+dfsg~beta1-2 [23.5 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libk5crypto3 amd64 1.10+dfsg~beta1-2 [79.9 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libkeyutils1 amd64 1.5.2-2 [7862 B]

Get: http://mirrors.163.com/ubuntu/ precise/main libkrb5-3 amd64 1.10+dfsg~beta1-2 [354 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libgssapi-krb5-2 amd64 1.10+dfsg~beta1-2 [118 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libidn11 amd64 1.23-2 [112 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libxau6 amd64 1:1.0.6-4 [8392 B]

Get: http://mirrors.163.com/ubuntu/ precise/main libxdmcp6 amd64 1:1.1.0-4 [12.7 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libxcb1 amd64 1.8.1-1 [44.7 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libx11-data all 2:1.4.99.1-0ubuntu2 [168 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libx11-6 amd64 2:1.4.99.1-0ubuntu2 [762 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libxext6 amd64 2:1.3.0-3build1 [33.2 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libxmuu1 amd64 2:1.1.0-3 [11.0 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main libwrap0 amd64 7.6.q-21 [49.9 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main openssl amd64 1.0.1-4ubuntu3 [523 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main ca-certificates all 20111211 [169 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main krb5-locales all 1.10+dfsg~beta1-2 [8886 B]

Get: http://mirrors.163.com/ubuntu/ precise/main openssh-client amd64 1:5.9p1-5ubuntu1 [943 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main wget amd64 1.13.4-2ubuntu1 [277 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main xauth amd64 1:1.0.6-1 [26.2 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main openssh-server amd64 1:5.9p1-5ubuntu1 [339 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main tcpd amd64 7.6.q-21 [29.4 kB]

Get: http://mirrors.163.com/ubuntu/ precise/main ssh-import-id all 2.10-0ubuntu1 [6598 B]

debconf: unable to initialize frontend: Dialog

debconf: (TERM is not set, so the dialog frontend is not usable.)

debconf: falling back to frontend: Readline

debconf: unable to initialize frontend: Readline

debconf: (This frontend requires a controlling tty.)

debconf: falling back to frontend: Teletype

dpkg-preconfigure: unable to re-open stdin:

Fetched  kB in 6s ( kB/s)

Selecting previously unselected package libedit2:amd64.

(Reading database ...  files and directories currently installed.)

Preparing to unpack .../libedit2_2.--3ubuntu2_amd64.deb ...

Unpacking libedit2:amd64 (2.11--3ubuntu2) ...

Selecting previously unselected package libkrb5support0:amd64.

Preparing to unpack .../libkrb5support0_1.+dfsg~beta1-2_amd64.deb ...

Unpacking libkrb5support0:amd64 (1.10+dfsg~beta1-) ...

Selecting previously unselected package libk5crypto3:amd64.

Preparing to unpack .../libk5crypto3_1.+dfsg~beta1-2_amd64.deb ...

Unpacking libk5crypto3:amd64 (1.10+dfsg~beta1-) ...

Selecting previously unselected package libkeyutils1:amd64.

Preparing to unpack .../libkeyutils1_1.5.2-2_amd64.deb ...

Unpacking libkeyutils1:amd64 (1.5.-) ...

Selecting previously unselected package libkrb5-:amd64.

Preparing to unpack .../libkrb5-3_1.+dfsg~beta1-2_amd64.deb ...

Unpacking libkrb5-:amd64 (1.10+dfsg~beta1-) ...

Selecting previously unselected package libgssapi-krb5-:amd64.

Preparing to unpack .../libgssapi-krb5-2_1.+dfsg~beta1-2_amd64.deb ...

Unpacking libgssapi-krb5-:amd64 (1.10+dfsg~beta1-) ...

Selecting previously unselected package libidn11:amd64.

Preparing to unpack .../libidn11_1.-2_amd64.deb ...

Unpacking libidn11:amd64 (1.23-) ...

Selecting previously unselected package libxau6:amd64.

Preparing to unpack .../libxau6_1%3a1.0.6-4_amd64.deb ...

Unpacking libxau6:amd64 (:1.0.-) ...

Selecting previously unselected package libxdmcp6:amd64.

Preparing to unpack .../libxdmcp6_1%3a1.1.0-4_amd64.deb ...

Unpacking libxdmcp6:amd64 (:1.1.-) ...

Selecting previously unselected package libxcb1:amd64.

Preparing to unpack .../libxcb1_1.8.1-1_amd64.deb ...

Unpacking libxcb1:amd64 (1.8.-) ...

Selecting previously unselected package libx11-data.

Preparing to unpack .../libx11-data_2%3a1.4.99.-0ubuntu2_all.deb ...

Unpacking libx11-data (:1.4.99.1-0ubuntu2) ...

Selecting previously unselected package libx11-:amd64.

Preparing to unpack .../libx11-6_2%3a1.4.99.-0ubuntu2_amd64.deb ...

Unpacking libx11-:amd64 (:1.4.99.1-0ubuntu2) ...

Selecting previously unselected package libxext6:amd64.

Preparing to unpack .../libxext6_2%3a1.3.0-3build1_amd64.deb ...

Unpacking libxext6:amd64 (:1.3.-3build1) ...

Selecting previously unselected package libxmuu1:amd64.

Preparing to unpack .../libxmuu1_2%3a1.1.0-3_amd64.deb ...

Unpacking libxmuu1:amd64 (:1.1.-) ...

Selecting previously unselected package libwrap0:amd64.

Preparing to unpack .../libwrap0_7..q-21_amd64.deb ...

Unpacking libwrap0:amd64 (7.6.q-) ...

Selecting previously unselected package openssl.

Preparing to unpack .../openssl_1.0.1-4ubuntu3_amd64.deb ...

Unpacking openssl (1.0.-4ubuntu3) ...

Selecting previously unselected package ca-certificates.

Preparing to unpack .../ca-certificates_20111211_all.deb ...

Unpacking ca-certificates () ...

Selecting previously unselected package krb5-locales.

Preparing to unpack .../krb5-locales_1.+dfsg~beta1-2_all.deb ...

Unpacking krb5-locales (1.10+dfsg~beta1-) ...

Selecting previously unselected package openssh-client.

Preparing to unpack .../openssh-client_1%3a5.9p1-5ubuntu1_amd64.deb ...

Unpacking openssh-client (:.9p1-5ubuntu1) ...

Selecting previously unselected package wget.

Preparing to unpack .../wget_1.13.4-2ubuntu1_amd64.deb ...

Unpacking wget (1.13.-2ubuntu1) ...

Selecting previously unselected package xauth.

Preparing to unpack .../xauth_1%3a1.0.6-1_amd64.deb ...

Unpacking xauth (:1.0.-) ...

Selecting previously unselected package openssh-server.

Preparing to unpack .../openssh-server_1%3a5.9p1-5ubuntu1_amd64.deb ...

debconf: unable to initialize frontend: Dialog

debconf: (TERM is not set, so the dialog frontend is not usable.)

debconf: falling back to frontend: Readline

debconf: unable to initialize frontend: Readline

debconf: (This frontend requires a controlling tty.)

debconf: falling back to frontend: Teletype

Unpacking openssh-server (:.9p1-5ubuntu1) ...

Selecting previously unselected package tcpd.

Preparing to unpack .../tcpd_7..q-21_amd64.deb ...

Unpacking tcpd (7.6.q-) ...

Selecting previously unselected package ssh-import-id.

Preparing to unpack .../ssh-import-id_2.-0ubuntu1_all.deb ...

Unpacking ssh-import-id (2.10-0ubuntu1) ...

Processing triggers for ureadahead (0.100.-) ...

Setting up libedit2:amd64 (2.11--3ubuntu2) ...

Setting up libkrb5support0:amd64 (1.10+dfsg~beta1-) ...

Setting up libk5crypto3:amd64 (1.10+dfsg~beta1-) ...

Setting up libkeyutils1:amd64 (1.5.-) ...

Setting up libkrb5-:amd64 (1.10+dfsg~beta1-) ...

Setting up libgssapi-krb5-:amd64 (1.10+dfsg~beta1-) ...

Setting up libidn11:amd64 (1.23-) ...

Setting up libxau6:amd64 (:1.0.-) ...

Setting up libxdmcp6:amd64 (:1.1.-) ...

Setting up libxcb1:amd64 (1.8.-) ...

Setting up libx11-data (:1.4.99.1-0ubuntu2) ...

Setting up libx11-:amd64 (:1.4.99.1-0ubuntu2) ...

Setting up libxext6:amd64 (:1.3.-3build1) ...

Setting up libxmuu1:amd64 (:1.1.-) ...

Setting up libwrap0:amd64 (7.6.q-) ...

Setting up openssl (1.0.-4ubuntu3) ...

Setting up ca-certificates () ...

debconf: unable to initialize frontend: Dialog

debconf: (TERM is not set, so the dialog frontend is not usable.)

debconf: falling back to frontend: Readline

debconf: unable to initialize frontend: Readline

debconf: (This frontend requires a controlling tty.)

debconf: falling back to frontend: Teletype

Updating certificates in /etc/ssl/certs...  added,  removed; done.

Running hooks in /etc/ca-certificates/update.d....done.

Setting up krb5-locales (1.10+dfsg~beta1-) ...

Setting up openssh-client (:.9p1-5ubuntu1) ...

debconf: unable to initialize frontend: Dialog

debconf: (TERM is not set, so the dialog frontend is not usable.)

debconf: falling back to frontend: Readline

debconf: unable to initialize frontend: Readline

debconf: (This frontend requires a controlling tty.)

debconf: falling back to frontend: Teletype

Setting up wget (1.13.-2ubuntu1) ...

Setting up xauth (:1.0.-) ...

Setting up openssh-server (:.9p1-5ubuntu1) ...

debconf: unable to initialize frontend: Dialog

debconf: (TERM is not set, so the dialog frontend is not usable.)

debconf: falling back to frontend: Readline

debconf: unable to initialize frontend: Readline

debconf: (This frontend requires a controlling tty.)

debconf: falling back to frontend: Teletype

Creating SSH2 RSA key; this may take some time ...

Creating SSH2 DSA key; this may take some time ...

Creating SSH2 ECDSA key; this may take some time ...

invoke-rc.d: policy-rc.d denied execution of stop.

Setting up tcpd (7.6.q-) ...

Setting up ssh-import-id (2.10-0ubuntu1) ...

Processing triggers for libc-bin (2.19-0ubuntu6.) ...

Processing triggers for ureadahead (0.100.-) ...

 ---> d586e6941c24

Removing intermediate container bed6bd156290

Step  : RUN mkdir -p /var/run/sshd

 ---> Running in d16d593c8252

 ---> 39526127d62f

Removing intermediate container d16d593c8252

Step  : RUN mkdir -p /root/.ssh

 ---> Running in 6c117ffaec39

 ---> 181ba5e8a90d

Removing intermediate container 6c117ffaec39

Step  : RUN sed -ri 's/session    required    pam_loginuid.so/#session    required    pam_loginuid.so/g' /etc/pam.d/sshd

 ---> Running in 4f20ea132054

 ---> 6ebde2837cd4

Removing intermediate container 4f20ea132054

Step  : ADD authorized_keys /root/.ssh/authorized_keys

 ---> 45809864aec6

Removing intermediate container ac3aacac0658

Step  : RUN echo "#!/bin/bash" >/root/run.sh

 ---> Running in 5fe0512fc13b

 ---> 1fbb88283c14

Removing intermediate container 5fe0512fc13b

Step  : RUN echo "/usr/sbin/sshd -D" >>/root/run.sh

 ---> Running in 61753a22b6d4

 ---> 04ef9cf7916c

Removing intermediate container 61753a22b6d4

Step  : RUN chmod u+x /root/run.sh

 ---> Running in 0b7e8d82eb5c

 ---> aba2fcb00bdd

Removing intermediate container 0b7e8d82eb5c

Step  : EXPOSE

 ---> Running in 7b55119a0040

 ---> cb241747b77c

Removing intermediate container 7b55119a0040

Step  : CMD /root/run.sh

 ---> Running in 97ee5a0e8cbd

 ---> 3ac4daf2d7a3

Removing intermediate container 97ee5a0e8cbd

Successfully built 3ac4daf2d7a3

查看镜像是否生成:

[root@miyan sshtest]# docker images
REPOSITORY           TAG                 IMAGE ID            CREATED              VIRTUAL SIZE
ssh_ubuntu           14.04               3ac4daf2d7a3        About a minute ago   209.6 MB

创建容器:

[root@miyan sshtest]# docker run -d -p : ssh_ubuntu:14.04 /root/run.sh

8fe2d6f4f90a4b60460eee960ebfe47a1b640678e7bd46593406fcaaba612a84

通过访问容器的宿主机的2023端口登录容器。

[root@miyan sshtest]# ssh 10.165.48.219 -p

The authenticity of host '[10.165.48.219]:2023 ([10.165.48.219]:2023)' can't be established.

ECDSA key fingerprint is :::8b:7d:a3:e7:cd:::de:e1:3c::f2:.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '[10.165.48.219]:2023' (ECDSA) to the list of known hosts.

The programs included with the Ubuntu system are free software;

the exact distribution terms for each program are described in the

individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by

applicable law.

root@8fe2d6f4f90a:~#

Dockerfile学习(二)的更多相关文章

  1. emberjs学习二(ember-data和localstorage_adapter)

    emberjs学习二(ember-data和localstorage_adapter) 准备工作 首先我们加入ember-data和ember-localstorage-adapter两个依赖项,使用 ...

  2. ReactJS入门学习二

    ReactJS入门学习二 阅读目录 React的背景和基本原理 理解React.render() 什么是JSX? 为什么要使用JSX? JSX的语法 如何在JSX中如何使用事件 如何在JSX中如何使用 ...

  3. TweenMax动画库学习(二)

    目录            TweenMax动画库学习(一)            TweenMax动画库学习(二)            TweenMax动画库学习(三)            Tw ...

  4. Hbase深入学习(二) 安装hbase

    Hbase深入学习(二) 安装hbase This guidedescribes setup of a standalone hbase instance that uses the local fi ...

  5. Struts2框架学习(二) Action

    Struts2框架学习(二) Action Struts2框架中的Action类是一个单独的javabean对象.不像Struts1中还要去继承HttpServlet,耦合度减小了. 1,流程 拦截器 ...

  6. Python学习二:词典基础详解

    作者:NiceCui 本文谢绝转载,如需转载需征得作者本人同意,谢谢. 本文链接:http://www.cnblogs.com/NiceCui/p/7862377.html 邮箱:moyi@moyib ...

  7. Quartz学习--二 Hello Quartz! 和源码分析

    Quartz学习--二  Hello Quartz! 和源码分析 三.  Hello Quartz! 我会跟着 第一章 6.2 的图来 进行同步代码编写 简单入门示例: 创建一个新的java普通工程 ...

  8. SpringCloud学习(二):微服务入门实战项目搭建

    一.开始使用Spring Cloud实战微服务 1.SpringCloud是什么? 云计算的解决方案?不是 SpringCloud是一个在SpringBoot的基础上构建的一个快速构建分布式系统的工具 ...

  9. DjangoRestFramework学习二之序列化组件、视图组件 serializer modelserializer

      DjangoRestFramework学习二之序列化组件.视图组件   本节目录 一 序列化组件 二 视图组件 三 xxx 四 xxx 五 xxx 六 xxx 七 xxx 八 xxx 一 序列化组 ...

  10. SpringMVC入门学习(二)

    SpringMVC入门学习(二) ssm框架 springMVC  在上一篇博客中,我简单介绍了一下SpringMVC的环境配置,和简单的使用,今天我们将进一步的学习下Springmvc的操作. mo ...

随机推荐

  1. Android-注解处理器

    Android-Java注解处理器 基本概念 注解处理器(Annotation Processor)是javac的一个工具.它用来在编译时扫描和处理注解(Annotation).你能够对自己定义注解, ...

  2. Could not calculate build plan

    问题:根据你提供的镜像地址,下载相应的jar包失败 原因: 1.你提供的镜像地址不稳定,把settings.xml文件中的mirror改成稳定的镜像地址 2.网络不稳定,重新下载,或者切换网络.

  3. 巧用批处理cmd快速切换IP地址

    如果你的笔记本经常在不同的地方使用,有些地方需要自动获取IP,而有些地方需要配置固定IP,每换一个地方都需要重新配置一遍,是不是感觉很麻烦呢? 下面介绍一种通过建立批处理文件来快速切换IP的方法: s ...

  4. Hibernate使用注释

    可以使用注释创建hibernate应用程序. 有许多注释可用于创建hibernate应用程序,如@Entity,@Id,@Table等. Hibernate注释基于JPA 2规范,并支持所有功能.所有 ...

  5. Spring MVC Hibernate验证器

    下面的示例演示如何使用Spring Web MVC框架在表单中使用错误处理和验证器. 首先使用Eclipse IDE,并按照以下步骤使用Spring Web Framework开发基于动态表单的Web ...

  6. 编写gulpfile.js文件:压缩合并css、js

    使用gulp一共有四个步骤: 1. 全局安装 gulp: $ npm install --global gulp 2. 作为项目的开发依赖(devDependencies)安装: $ npm inst ...

  7. 这篇文章主要为大家详细介绍了jQuery密码强度验证控件使用详解的相关资料,具有一定的参考价值,感兴趣的小伙伴们可以参考一下

    本文实例为大家分享了jQuery密码强度验证控件,供大家参考,具体内容如下 <html>   <head>     <meta http-equiv="Cont ...

  8. PHPCMS 前台移用地区联动数据

    在PHPCMS中,有时候需要建立模型有地区联动,这个联动数据在这前台调用显示呢?今天清源就给大家介绍一下! 地区联动菜单的缓存文件是  caches\caches_linkage\caches_dat ...

  9. yii2.0 干货

    Yii2 干货集,欢迎提交 Pull Requests.(提交过来的开源项目最好是你用过的,并且觉得好用的) Docs 文档 Yii Framework 2.0 类参考手册 Yii Framework ...

  10. Android无线测试之—Genymotion配置过程中常见问题

    一.前提条件: 已经部署好了Android UiAutomator测试环境. 二.在部署Genymotion时遇到了两类问题: 1.通过eclipse打开一个模拟设备,然后将编译好的jar包push到 ...