两种方式创建支持SSH服务的docker镜像

方法一：基于commit命令创建

1.首先，从docker的源中查看我们需要的镜像，本案例中使用Ubuntu作为基础镜像。

# federico @ linux in ~ [16:57:38]
$ sudo docker search ubuntu
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
ubuntu Ubuntu is a Debian-based Linux operating s... 6044 [OK]
rastasheep/ubuntu-sshd Dockerized SSH service, built on top of of... 87 [OK]
ubuntu-upstart Upstart is an event-based replacement for ... 73 [OK]
ubuntu-debootstrap debootstrap --variant=minbase --components... 30 [OK]
torusware/speedus-ubuntu Always updated official Ubuntu docker imag... 27 [OK]
nuagebec/ubuntu Simple always updated Ubuntu docker images... 20 [OK]
nickistre/ubuntu-lamp LAMP server on Ubuntu 17 [OK]
solita/ubuntu-systemd Ubuntu + systemd 8 [OK]
nimmis/ubuntu This is a docker images different LTS vers... 7 [OK]
darksheer/ubuntu Base Ubuntu Image -- Updated hourly 2 [OK]
vcatechnology/ubuntu A Ubuntu image that is updated daily 1 [OK]
webhippie/ubuntu Docker images for ubuntu 1 [OK]
jordi/ubuntu Ubuntu Base Image 1 [OK]
admiringworm/ubuntu Base ubuntu images based on the official u... 1 [OK]
vcatechnology/ubuntu-ci An Ubuntu image that is used in the VCA Te... 1 [OK]
forumi0721ubuntuarmhf/ubuntu-armhf-dev ubuntu-armhf-dev 0 [OK]
forumi0721ubuntuaarch64/ubuntu-aarch64-dev ubuntu-aarch64-dev 0 [OK]
forumi0721ubuntux64/ubuntu-x64-dev ubuntu-x64-dev 0 [OK]
forumi0721ubuntux64/ubuntu-x64-dev-armbian ubuntu-x64-dev-armbian 0 [OK]
teamrock/ubuntu TeamRock's Ubuntu image configured with AW... 0 [OK]
labengine/ubuntu Images base ubuntu 0 [OK]
datenbetrieb/ubuntu custom flavor of the official ubuntu base ... 0 [OK]
lynxtp/ubuntu https://github.com/lynxtp/docker-ubuntu 0 [OK]
konstruktoid/ubuntu Ubuntu base image 0 [OK]
forumi0721ubuntux64/ubuntu-x64-dev-android ubuntu-x64-dev-android 0 [OK]

2.下载我们所需的基础镜像

# federico @ linux in ~ [17:02:18]
$ sudo docker pull ubuntu

查看当前已有镜像

# federico @ linux in ~ [17:05:16] C:1
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest c75bebcdd211 10 days ago 1.106 MB
ubuntu latest ebcd9d4fca80 10 days ago 117.9 MB
centos latest 8140d0c64310 2 weeks ago 192.6 MB
debian latest 3e83c23dba6a 2 weeks ago 123.5 MB
sebp/elk latest b2ead07ab3f2 2 weeks ago 1.028 GB
imagine10255/centos6-lnmp-php56 latest ecc74d703eca 6 months ago 1.314 GB

3.使用ubuntu镜像创建一个容器

# federico @ linux in ~ [17:05:20]
$ sudo docker run -it ubuntu /bin/bash
root@abd203cd27ba:/#

更新apt-get的源

root@abd203cd27ba:/# apt-get update

root@abd203cd27ba:/# apt-get update
Get:1 http://archive.ubuntu.com/ubuntu xenial InRelease [247 kB]
Get:2 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Get:3 http://security.ubuntu.com/ubuntu xenial-security/universe Sources [31.7 kB]
Get:4 http://archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:5 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages [334 kB]
Get:6 http://security.ubuntu.com/ubuntu xenial-security/restricted amd64 Packages [12.8 kB]
Get:7 http://security.ubuntu.com/ubuntu xenial-security/universe amd64 Packages [142 kB]
Get:8 http://security.ubuntu.com/ubuntu xenial-security/multiverse amd64 Packages [2932 B]
Get:9 http://archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:10 http://archive.ubuntu.com/ubuntu xenial/universe Sources [9802 kB]
Get:11 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages [1558 kB]
Get:12 http://archive.ubuntu.com/ubuntu xenial/restricted amd64 Packages [14.1 kB]
Get:13 http://archive.ubuntu.com/ubuntu xenial/universe amd64 Packages [9827 kB]
Get:14 http://archive.ubuntu.com/ubuntu xenial/multiverse amd64 Packages [176 kB]
Get:15 http://archive.ubuntu.com/ubuntu xenial-updates/universe Sources [193 kB]
Get:16 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages [693 kB]
Get:17 http://archive.ubuntu.com/ubuntu xenial-updates/restricted amd64 Packages [13.2 kB]
Get:18 http://archive.ubuntu.com/ubuntu xenial-updates/universe amd64 Packages [593 kB]
Get:19 http://archive.ubuntu.com/ubuntu xenial-updates/multiverse amd64 Packages [9810 B]
Get:20 http://archive.ubuntu.com/ubuntu xenial-backports/main amd64 Packages [4927 B]
Get:21 http://archive.ubuntu.com/ubuntu xenial-backports/universe amd64 Packages [4801 B]
Fetched 24.0 MB in 15min 6s (26.4 kB/s)
Reading package lists... Done

因为使用默认的官方源速度很慢，所以这里我们使用163的镜像源。

root@abd203cd27ba:/# vi /etc/apt/sources.list

deb http://mirrors.163.com/ubuntu/ jaunty main restricted 
deb-src http://mirrors.163.com/ubuntu/ jaunty main restricted 
deb http://mirrors.163.com/ubuntu/ jaunty-updates main restricted 
deb-src http://mirrors.163.com/ubuntu/ jaunty-updates main restricted 
deb http://mirrors.163.com/ubuntu/ jaunty universe 
deb-src http://mirrors.163.com/ubuntu/ jaunty universe 
deb http://mirrors.163.com/ubuntu/ jaunty-updates universe 
deb-src http://mirrors.163.com/ubuntu/ jaunty-updates universe 
deb http://mirrors.163.com/ubuntu/ jaunty multiverse 
deb-src http://mirrors.163.com/ubuntu/ jaunty multiverse 
deb http://mirrors.163.com/ubuntu/ jaunty-updates multiverse 
deb-src http://mirrors.163.com/ubuntu/ jaunty-updates multiverse

修改完成后重新执行命令更新镜像源

root@abd203cd27ba:/# apt-get update

root@abd203cd27ba:/# apt-get -y install openssh-server net-tools

root@abd203cd27ba:/# /etc/init.d/ssh start
* Starting OpenBSD Secure Shell server sshd [ OK ]
root@abd203cd27ba:/# netstat -antp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4107/sshd
tcp 0 0 172.18.0.2:39694 112.124.140.210:80 TIME_WAIT -
tcp6 0 0 :::22 :::* LISTEN 4107/sshd

root@abd203cd27ba:/# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:H1pAsUEB8MBt6IR/cW74rtA+YOlAfcXCHD9Qh8D7ZIU root@abd203cd27ba
The key's randomart image is:
+---[RSA 2048]----+
| ooB=BB=. |
| . +oO+E+. |
| = ..O=. |
| . + = =o |
| . + *S o |
| . +. o+ . |
| +..... . |
| .o. . |
| oo |
+----[SHA256]-----+

执行此命令最主要的原因是获得/root/.ssh/目录，并将宿主机目录的公钥拷贝至docker容器中

root@abd203cd27ba:/# passwd root
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

为容器的root用户设置一个密码，以便后续将公钥传送至容器中

# federico @ linux in ~ [18:54:57]
$ sudo ssh-copy-id -i .ssh/id_rsa.pub 'root@172.18.0.2'

# federico @ linux in ~ [18:55:00] C:1
$ ssh root@172.18.0.2
The authenticity of host '172.18.0.2 (172.18.0.2)' can't be established.
ECDSA key fingerprint is SHA256:w5oT7ToJ13bcE9Aw4vvTk+8luy0xwjKJSaWhxSoHpdg.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.18.0.2' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-77-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

root@abd203cd27ba:~# exit
logout
Connection to 172.18.0.2 closed.

查看现在全部的容器有哪些

# federico @ linux in ~ [19:10:59]

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
abd203cd27ba ubuntu "/bin/bash" 2 hours ago Exited (0) 16 seconds ago zen_newton

# federico @ linux in ~ [19:11:01]
$ sudo docker commit abd203cd27ba sshd:ubuntu
sha256:9fba48176caa67ca518471adc42bd5a81c197fe1935d2d5e9f87ee4c93e7a42b

# federico @ linux in ~ [19:13:22]
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd ubuntu 9fba48176caa 10 seconds ago 237.7 MB
busybox latest c75bebcdd211 10 days ago 1.106 MB
ubuntu latest ebcd9d4fca80 10 days ago 117.9 MB
centos latest 8140d0c64310 2 weeks ago 192.6 MB
debian latest 3e83c23dba6a 2 weeks ago 123.5 MB
sebp/elk latest b2ead07ab3f2 2 weeks ago 1.028 GB
imagine10255/centos6-lnmp-php56 latest ecc74d703eca 6 months ago 1.314 GB

方法二：使用Dockerfile创建

1.创建一个用于存放文件的目录

# federico @ linux in ~ [19:13:32]
$ mkdir /docker

2.创建秘钥认证文件

/etc/init.d/sshd start

3.编写Dockerfile文件

# federico @ linux in /docker [19:21:28]
$ vim Dockerfile

#设置继承者镜像
FROM ubuntu

#提供作者信息
MAINTAINER power by federico alias Cherry-Linux

#安装ssh服务,创建家目录下的.ssh/目录

RUN apt-get update
RUN apt-get install -y openssh*

RUN mkdir -p /var/run/sshd
RUN mkdir -p /root/.ssh

#复制认证文件到相应位置
ADD authorized_keys /root/.ssh/authorized_keys
ADD run.sh /run.sh
RUN chmod +x /run.sh

#开放端口
EXPOSE 22

#设置自启动命令
CMD ["/run.sh"]

4.使用docker build命令创建镜像

# federico @ linux in /docker [19:33:24]
$ sudo docker build -t sshd2:Dockerfile .
Sending build context to Docker daemon 4.096 kB
Step 1 : FROM ubuntu
---> ebcd9d4fca80
Step 2 : MAINTAINER power by federico alias Cherry-Linux
---> Using cache
---> 2243dba5ba70
Step 3 : RUN apt-get update
---> Running in 6385736ad1c2

Step 4 : RUN apt-get install -y openssh*

---> c5b63d986111
Removing intermediate container b88f987e6fde
Step 5 : RUN mkdir -p /root/.ssh
---> Running in 16ed5ee43a7c
---> 66636edc4fb4
Removing intermediate container 16ed5ee43a7c
Step 6 : ADD authorized_keys /root/.ssh/authorized_keys
---> 681bf8375628
Removing intermediate container 21dd4d37eee0
Step 7 : ADD run.sh /run.sh
---> 42c23400c4a5
Removing intermediate container 09b3bb6c8e9f
Step 8 : RUN chmod +x /run.sh
---> Running in 2cb780d1f14e
---> 21e21eb246cf
Removing intermediate container 2cb780d1f14e
Step 9 : EXPOSE 22
---> Running in 3b32b675a200
---> 1bb5c27e816f
Removing intermediate container 3b32b675a200
Step 10 : CMD /run.sh
---> Running in e44cf1820460
---> fc6b80bd42a6
Removing intermediate container e44cf1820460
Successfully built fc6b80bd42a6

至此我们可以发现镜像创建完成，进入最后测试阶段。

# federico @ linux in /docker [19:39:20]
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd2 Dockerfile fc6b80bd42a6 2 minutes ago 220.7 MB
sshd ubuntu 9fba48176caa 28 minutes ago 237.7 MB
busybox latest c75bebcdd211 10 days ago 1.106 MB
ubuntu latest ebcd9d4fca80 10 days ago 117.9 MB
centos latest 8140d0c64310 2 weeks ago 192.6 MB
debian latest 3e83c23dba6a 2 weeks ago 123.5 MB
sebp/elk latest b2ead07ab3f2 2 weeks ago 1.028 GB
imagine10255/centos6-lnmp-php56 latest ecc74d703eca 6 months ago 1.314 GB

# federico @ linux in /docker [19:42:04] C:125
$ sudo docker run -it fc6b80bd42a6 /bin/bash
root@e588e3b7e945:/#

# federico @ linux in ~ [19:48:47]
$ ssh root@172.18.0.2
The authenticity of host '172.18.0.2 (172.18.0.2)' can't be established.
ECDSA key fingerprint is SHA256:RBYwayfq9WxEGLfOAwS/ze5Gw+4qk6NWQLOjo25jKgc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.18.0.2' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-77-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

root@e588e3b7e945:~#

测试成功

注意：在使用dockerfile创建镜像时，我将第一个docker容器关闭了，致使我的第二个docker容器的ip占用了第一个容器的ip也就是172.18.0.2，但是因为我设置过172.18.0.2的ssh秘钥登录所以会出现另一种报警，报警的原因和解决措施请看笔者的另外一篇博客http://www.cnblogs.com/Cherry-Linux/p/6910081.html

结束语：背景颜色为红色的字体是输入命令，背景颜色为蓝色的字体为输出信息，背景颜色为橘黄色的字体为脚本命令

本人新手，对技术时刻保持着敬畏之心，如有错误望有志之士告知，不胜感激！！！