Docker --- Dockerfile创建
2019-03-12 本文已影响0人
李凈海
在之前的部分已经介绍过Dockerfile的基础知识,下面将介绍如何使用Dockerfile来创建一个支持SSH服务的镜像。
创建工作目录
首先应先创建一个sshd_centos工作目录,在其中创建Dockerfile和sshd.sh文件:
--------------------------------------------------------------------
[docker@localhost ~]$ mkdir sshd_centos
[docker@localhost ~]$ cd sshd_centos/
[docker@localhost sshd_centos]$ touch Dockerfile sshd.sh
[docker@localhost sshd_centos]$ ls
Dockerfile sshd.sh
--------------------------------------------------------------------
编写sshd.sh脚本和authorized_keys文件:
--------------------------------------------------------------------
[docker@localhost ~]$ cat sshd_centos/sshd.sh
#!/bin/bash
/usr/sbin/sshd -D
[docker@localhost ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/docker/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /opt/docker/.ssh/id_rsa.
Your public key has been saved in /opt/docker/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:8HzYJxn3yPPOS3Gg1IMs+fq18DiYJezg90TUc/vTM6g docker@localhost.localdomain
...
+----[SHA256]-----+
[docker@localhost ~]$ cat ~/.ssh/id_rsa.pub > ~/.ssh/authorized_keys
--------------------------------------------------------------------
编写Dockerfile
下面是Dockerfile的内容及各部分的注释,可以发现对比上一节中利用【docker commit】命令创建镜像过程,所进行的操作基本一致。
--------------------------------------------------------------------
# 设置继承镜像
FROM centos
# 提供一些作者的信息
MAINTAINER from https://extp.org by alenx(liqinghai058@live.com)
# 下面开始执行命令
RUN yum -y update
RUN yum install -y openssh-server openssh-client
RUN /usr/sbin/sshd-keygen -A
ADD sshd.sh /sshd.sh
RUN chmod 755 /sshd.sh
# 开发端口
EXPOSE 22
# 设置自启命令
CMD ["/sshd.sh"]
--------------------------------------------------------------------
创建镜像
在sshd_centos目录下,使用【docker build】命令来创建镜像。注意下,在最后还有一个'.',表示使用当前目录中的Dockerfile。
--------------------------------------------------------------------
[docker@localhost sshd_centos]$ sudo docker build -t ssh:dockerfile .
Sending build context to Docker daemon 3.584 kB
Step 1/11 : FROM centos
---> 49f7960eb7e4
Step 2/11 : MAINTAINER from https://extp.org by alenx(liqinghai058@live.com)
---> Using cache
---> b47f820c5594
Step 3/11 : RUN yum -y update
---> Running in e781e5379926
...
Step 11/11 : CMD /sshd.sh
---> Running in d14bcab5f53d
---> 062365674942
Removing intermediate container d14bcab5f53d
Successfully built 062365674942
--------------------------------------------------------------------
命令执行完毕后,如果可见"Successfully built xxxxxxx"字样,则说明镜像创建成功。
查看本地ssh:dockerfile镜像是否存在:
--------------------------------------------------------------------
[docker@localhost sshd_centos]$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ssh dockerfile 062365674942 About a minute ago 381 MB
docker.io/centos latest 49f7960eb7e4 4 weeks ago 200 MB
docker.io/busybox latest 8c811b4aec35 6 weeks ago 1.15 MB
--------------------------------------------------------------------
测试镜像,运行容器
使用刚才创建的ssh:dockerfile镜像来运行一个容器。直接启动镜像,映射容器的22端口到本地的10022端口上:
--------------------------------------------------------------------
[docker@localhost ~]$ sudo docker run -d -p 10022:22 ssh:dockerfile
f00c7d21c2588222dab6610ada659f769edd948fb10dce446979256ac5e6721e
[docker@localhost ~]$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f00c7d21c258 ssh:dockerfile "/sshd.sh" 7 seconds ago Up 6 seconds 0.0.0.0:10022->22/tcp suspicious_jones
--------------------------------------------------------------------
在宿主机上连接新建的容器:
--------------------------------------------------------------------
[docker@localhost ~]$ ssh root@172.17.0.1 -p10022
The authenticity of host '[172.17.0.1]:10022 ([172.17.0.1]:10022)' can't be established.
ECDSA key fingerprint is SHA256:maneh7YayXpSZAlvZhYyR1J0y3DYfQHHB3Bi5MI5hWQ.
ECDSA key fingerprint is MD5:13:9d:e3:9b:0e:4c:92:1a:21:ad:29:1e:18:92:7d:36.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[172.17.0.1]:10022' (ECDSA) to the list of known hosts.
root@172.17.0.1's password:
[root@f00c7d21c258 ~]#
--------------------------------------------------------------------
