docker拉取centos镜像并配置远程访问
docker拉取centos镜像并配置远程访问
参考:
Docker容器里的centos、unbuntu无法使用 systemctl 命令的解决方案
一、docker镜像安装及容器启动
1. docker拉取centos镜像
[root@localhost ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
7a0437f04f83: Pull complete
Digest: sha256:5528e8b1b1719d34604c87e11dcd1c0a20bedf46e83b5632cdeac91b8c04efc1
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest
[root@localhost ~]#
2.docker启动centos容器
可启动时直接设置好映射端口,后续无需调整端口映射docker run -it -d --name centos-latest -p 50022:22 --privileged=true centos /sbin/init
[root@localhost ~]# docker run -it -d --name centos-latest -p 50022:22 --privileged=true centos /sbin/init
79a70e3d26cd080d32680bdbad10a78b012187bc68b30b9b61165648fa29d080
[root@localhost ~]#
注意
在 Linux Docker中无法使用 systemd(systemctl) 相关命令的原因是 1号进程不是 init ,而是其他例如 /bin/bash ,所以导致缺少相关文件无法运行。(System has not been booted with systemd as init system (PID 1). Can't operat)
解决方案:/sbin/init并且--privilaged=true一定要加上的。
3.docker 查看centos容器启动情况
[root@localhost ~]# docker ps | grep centos
79a70e3d26cd centos "/bin/bash" 3 seconds ago Up 2 seconds centos-latest
[root@localhost ~]#
4.docker进入centos容器
[root@localhost ~]# docker exec -it 79a70e3d26cd /bin/bash
[root@79a70e3d26cd /]# ifconfig
bash: ifconfig: command not found
[root@79a70e3d26cd /]#
二、安装centos基础环境
1. 安装网络环境
yum -y install net-tools.x86_64
yum -y install openssh-server
[root@79a70e3d26cd /]# yum -y install net-tools.x86_64
Failed to set locale, defaulting to C.UTF-8
CentOS Linux 8 - AppStream 3.8 MB/s | 6.3 MB 00:01
CentOS Linux 8 - BaseOS 2.7 MB/s | 2.3 MB 00:00
CentOS Linux 8 - Extras 10 kB/s | 8.6 kB 00:00
Dependencies resolved.
==========================================================================================================================================================
Package Architecture Version Repository Size
==========================================================================================================================================================
Installing:
net-tools x86_64 2.0-0.52.20160912git.el8 baseos 322 k
Transaction Summary
==========================================================================================================================================================
Install 1 Package
Total download size: 322 k
Installed size: 942 k
Downloading Packages:
net-tools-2.0-0.52.20160912git.el8.x86_64.rpm 1.3 MB/s | 322 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------
Total 390 kB/s | 322 kB 00:00
warning: /var/cache/dnf/baseos-f6a80ba95cf937f2/packages/net-tools-2.0-0.52.20160912git.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
CentOS Linux 8 - BaseOS 1.6 MB/s | 1.6 kB 00:00
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) <security@centos.org>"
Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : net-tools-2.0-0.52.20160912git.el8.x86_64 1/1
Running scriptlet: net-tools-2.0-0.52.20160912git.el8.x86_64 1/1
Verifying : net-tools-2.0-0.52.20160912git.el8.x86_64 1/1
Installed:
net-tools-2.0-0.52.20160912git.el8.x86_64
Complete!
[root@79a70e3d26cd /]# yum -y install openssh-server
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:00:09 ago on Wed Feb 3 09:36:45 2021.
Dependencies resolved.
==========================================================================================================================================================
Package Architecture Version Repository Size
==========================================================================================================================================================
Installing:
openssh-server x86_64 8.0p1-5.el8 baseos 484 k
Installing dependencies:
openssh x86_64 8.0p1-5.el8 baseos 520 k
Transaction Summary
==========================================================================================================================================================
Install 2 Packages
Total download size: 1.0 M
Installed size: 2.8 M
Downloading Packages:
(1/2): openssh-8.0p1-5.el8.x86_64.rpm 4.2 MB/s | 520 kB 00:00
(2/2): openssh-server-8.0p1-5.el8.x86_64.rpm 2.7 MB/s | 484 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------
Total 1.5 MB/s | 1.0 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: openssh-8.0p1-5.el8.x86_64 1/2
Installing : openssh-8.0p1-5.el8.x86_64 1/2
Running scriptlet: openssh-server-8.0p1-5.el8.x86_64 2/2
Installing : openssh-server-8.0p1-5.el8.x86_64 2/2
Running scriptlet: openssh-server-8.0p1-5.el8.x86_64 2/2
Verifying : openssh-8.0p1-5.el8.x86_64 1/2
Verifying : openssh-server-8.0p1-5.el8.x86_64 2/2
Installed:
openssh-8.0p1-5.el8.x86_64 openssh-server-8.0p1-5.el8.x86_64
Complete!
[root@79a70e3d26cd /]#
2. 安装vim
yum install vim
[root@79a70e3d26cd /]# yum install vim
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:02:35 ago on Wed Feb 3 09:36:45 2021.
Dependencies resolved.
==========================================================================================================================================================
Package Architecture Version Repository Size
==========================================================================================================================================================
Installing:
vim-enhanced x86_64 2:8.0.1763-15.el8 appstream 1.4 M
Installing dependencies:
gpm-libs x86_64 1.20.7-15.el8 appstream 39 k
vim-common x86_64 2:8.0.1763-15.el8 appstream 6.3 M
vim-filesystem noarch 2:8.0.1763-15.el8 appstream 48 k
which x86_64 2.21-12.el8 baseos 49 k
Transaction Summary
==========================================================================================================================================================
Install 5 Packages
Total download size: 7.8 M
Installed size: 30 M
Is this ok [y/N]: y
Downloading Packages:
(1/5): gpm-libs-1.20.7-15.el8.x86_64.rpm 192 kB/s | 39 kB 00:00
(2/5): vim-filesystem-8.0.1763-15.el8.noarch.rpm 509 kB/s | 48 kB 00:00
(3/5): which-2.21-12.el8.x86_64.rpm 253 kB/s | 49 kB 00:00
(4/5): vim-enhanced-8.0.1763-15.el8.x86_64.rpm 2.4 MB/s | 1.4 MB 00:00
(5/5): vim-common-8.0.1763-15.el8.x86_64.rpm 6.4 MB/s | 6.3 MB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------
Total 2.7 MB/s | 7.8 MB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : which-2.21-12.el8.x86_64 1/5
Installing : vim-filesystem-2:8.0.1763-15.el8.noarch 2/5
Installing : vim-common-2:8.0.1763-15.el8.x86_64 3/5
Installing : gpm-libs-1.20.7-15.el8.x86_64 4/5
Running scriptlet: gpm-libs-1.20.7-15.el8.x86_64 4/5
Installing : vim-enhanced-2:8.0.1763-15.el8.x86_64 5/5
Running scriptlet: vim-enhanced-2:8.0.1763-15.el8.x86_64 5/5
Running scriptlet: vim-common-2:8.0.1763-15.el8.x86_64 5/5
Verifying : gpm-libs-1.20.7-15.el8.x86_64 1/5
Verifying : vim-common-2:8.0.1763-15.el8.x86_64 2/5
Verifying : vim-enhanced-2:8.0.1763-15.el8.x86_64 3/5
Verifying : vim-filesystem-2:8.0.1763-15.el8.noarch 4/5
Verifying : which-2.21-12.el8.x86_64 5/5
Installed:
gpm-libs-1.20.7-15.el8.x86_64 vim-common-2:8.0.1763-15.el8.x86_64 vim-enhanced-2:8.0.1763-15.el8.x86_64 vim-filesystem-2:8.0.1763-15.el8.noarch
which-2.21-12.el8.x86_64
Complete!
[root@79a70e3d26cd /]#
3. 安装passwd
yum install passwd
[root@79a70e3d26cd /]# yum install passwd
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:06:00 ago on Wed Feb 3 09:36:45 2021.
Dependencies resolved.
==========================================================================================================================================================
Package Architecture Version Repository Size
==========================================================================================================================================================
Installing:
passwd x86_64 0.80-3.el8 baseos 115 k
Installing dependencies:
libuser x86_64 0.62-23.el8 baseos 417 k
Transaction Summary
==========================================================================================================================================================
Install 2 Packages
Total download size: 531 k
Installed size: 2.4 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): passwd-0.80-3.el8.x86_64.rpm 986 kB/s | 115 kB 00:00
(2/2): libuser-0.62-23.el8.x86_64.rpm 1.4 MB/s | 417 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------
Total 359 kB/s | 531 kB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libuser-0.62-23.el8.x86_64 1/2
Running scriptlet: libuser-0.62-23.el8.x86_64 1/2
Installing : passwd-0.80-3.el8.x86_64 2/2
Running scriptlet: passwd-0.80-3.el8.x86_64 2/2
Verifying : libuser-0.62-23.el8.x86_64 1/2
Verifying : passwd-0.80-3.el8.x86_64 2/2
Installed:
libuser-0.62-23.el8.x86_64 passwd-0.80-3.el8.x86_64
Complete!
[root@79a70e3d26cd /]#
3. 修改root密码
[root@79a70e3d26cd /]# passwd
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@79a70e3d26cd /]#
三、开放容器映射端口(手动调整配置文件)
1. 查找要修改容器的容器Id
[root@localhost ~]# docker run -it -d --name centos-latest centos /bin/bash
79a70e3d26cd080d32680bdbad10a78b012187bc68b30b9b61165648fa29d080
[root@localhost ~]#
[root@localhost ~]# docker inspect 79a70e3d26cd | grep Id
"Id": "79a70e3d26cd080d32680bdbad10a78b012187bc68b30b9b61165648fa29d080",
[root@localhost ~]#
2. 进到/var/lib/docker/containers 目录下找到与 Id 相同的目录
3. 修改 hostconfig.json 文件
PortBindings中增加"22/tcp": [{"HostIp": "","HostPort": "50022"}]
原始内容
"PortBindings":{}
修改后内容
"PortBindings":{"22/tcp": [{"HostIp": "","HostPort": "50022"}]}
4. 修改 config.v2.json文件
在ExposedPorts中增加要暴露的端口"22/tcp":{},若不存在ExposedPorts该属性,则可手动增加
ExposedPorts属性一般在AttachStderr属性后,Tty属性前
"AttachStderr":false,"ExposedPorts":{"22/tcp":{}},"Tty":true
注意:若需要修改映射端口,需要修改文件以下映射信息
"Ports":{"22/tcp":[{"HostIp":"0.0.0.0","HostPort":"50022"}]}
5. 改完之后保存重启docker
[root@localhost ~]# systemctl stop docker
[root@localhost ~]# systemctl start docker
5. 查看容器是否正常,若容器消失,可能配置修改异常,需确定修改内容是否存在疏漏,之后再重启docker
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
79a70e3d26cd centos "/bin/bash" 34 minutes ago Up 2 seconds 0.0.0.0:50022->22/tcp centos-latest
6. 启动centos容器,发现端口映射已开放
[root@localhost ~]# docker start 79a70e3d26cd
79a70e3d26cd
[root@localhost ~]# docker ps | grep centos
79a70e3d26cd centos "/bin/bash" 45 minutes ago Up 10 minutes 0.0.0.0:50022->22/tcp centos-latest
[root@localhost ~]#
7. 开放宿主机防火墙端口
[root@localhost ~]# firewall-cmd --add-port=50022/tcp --permanent
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# firewall-cmd --list-port
四、启动容器sshd服务
1. 手动启动sshd(PS:systemctl命令正常运行时sshd会自启动)
root@79a70e3d26cd /]# /usr/sbin/sshd
[root@79a70e3d26cd /]# netstat -antp | grep sshd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 46/sshd
tcp6 0 0 :::22 :::* LISTEN 46/sshd
[root@79a70e3d26cd /]#
若发生以下问题
问题
[root@79a70e3d26cd /]# /usr/sbin/sshd
Unable to load host key: /etc/ssh/ssh_host_rsa_key
Unable to load host key: /etc/ssh/ssh_host_ecdsa_key
Unable to load host key: /etc/ssh/ssh_host_ed25519_key
sshd: no hostkeys available -- exiting.
[root@79a70e3d26cd /]#
解决方案
执行:
# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
# ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ""
# ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
2. 通过宿主机ip和端口远程连接容器
[root@localhost ~]# ssh root@localhost -p 50022
The authenticity of host '[localhost]:50022 ([::1]:50022)' can't be established.
ECDSA key fingerprint is SHA256:ZpJDImavGJZVOWEl4AFNIcBPehUnkxnEFXfHXGWu9rQ.
ECDSA key fingerprint is MD5:06:7c:79:dc:d3:e0:0c:1a:dd:ee:06:9a:13:11:5d:13.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '[localhost]:50022' (ECDSA) to the list of known hosts.
root@localhost's password:
[root@79a70e3d26cd ~]#
3. 查看容器中自启项内容
[root@79a70e3d26cd ~]# systemctl list-unit-files|grep enabled
autovt@.service enabled
getty@.service enabled
kdump.service enabled
nis-domainname.service enabled
sshd.service enabled
remote-fs.target enabled
dnf-makecache.timer enabled
[root@62435d2d7fd2 ~]#
五、容器自启动
1.设置容器参数:docker update --restart=always xxx
[root@localhost ~]# docker update --restart=always 79a70e3d26cd
79a70e3d26cd
[root@localhost ~]#
还可以在使用on - failure策略时,指定Docker将尝试重新启动容器的最大次数
docker run --restart=on-failure:10 xxx
2.重启测试
[root@localhost ~]# reboot
