docker(10):手工制作docker镜像
docker(10):手工制作docker镜像
https://www.cnblogs.com/luoahong/p/10273477.html
1 制作docker镜像的步骤
- 启动基础容器安装软件服务。
- 将安装好服务的容器commit提交为镜像。
- 启动新容器来测试新提交的镜像。
2 制作支持ssh远程登录的docker镜像
2.1 启动容器安装软件服务
2.1.1 启动基础容器
--privileged=true /usr/sbin/init 以特权方式运行,要不systemctl等命令没法使用
[root@docker-136 ~]# docker run --privileged=true -d -p 1022:22 --name centos-7 centos /usr/sbin/init 7c3506971b9d20a63c5b561b95c056ae68af5a39d7f2e145b6755ae781917255
2.1.2 安装软件openssh-server
[root@d68252d28737 /]# yum install openssh-server -y [root@7c3506971b9d /]# systemctl start sshd [root@7c3506971b9d /]# systemctl status sshd ● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2019-08-08 07:32:50 UTC; 6s ago Docs: man:sshd(8) man:sshd_config(5) Main PID: 3503 (sshd) CGroup: /docker/7c3506971b9d20a63c5b561b95c056ae68af5a39d7f2e145b6755ae781917255/system.slice/sshd.service └─3503 /usr/sbin/sshd -D ‣ 3503 /usr/sbin/sshd -D Aug 08 07:32:50 7c3506971b9d systemd[1]: Starting OpenSSH server daemon... Aug 08 07:32:50 7c3506971b9d sshd[3503]: Server listening on 0.0.0.0 port 22. Aug 08 07:32:50 7c3506971b9d sshd[3503]: Server listening on :: port 22. Aug 08 07:32:50 7c3506971b9d systemd[1]: Started OpenSSH server daemon. [root@7c3506971b9d /]# yum install net-tools -y [root@7c3506971b9d /]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3503/sshd tcp6 0 0 :::22 :::* LISTEN 3503/sshd [root@7c3506971b9d /]#
2.1.3 设置远程登录密码
[root@7c3506971b9d ~]# echo 123456|passwd --stdin root Changing password for user root. passwd: all authentication tokens updated successfully. [root@7c3506971b9d ~]#
2.1.4 测试远程连接
[root@docker-137 ~]# ssh 192.168.0.136 -p 1022 The authenticity of host '[192.168.0.136]:1022 ([192.168.0.136]:1022)' can't be established. ECDSA key fingerprint is SHA256:NBG7epRah23e9e7OgIgiFbXf5elVIi8OhTi3KTYbUP8. ECDSA key fingerprint is MD5:2c:e7:9d:e6:58:68:e6:56:d2:7b:82:9f:bd:d8:c0:20. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.0.136]:1022' (ECDSA) to the list of known hosts. root@192.168.0.136's password: [root@7c3506971b9d ~]# ls anaconda-ks.cfg [root@7c3506971b9d ~]#
2.2 将安装好服务的容器commit提交为镜像
[root@docker-136 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7c3506971b9d centos "/usr/sbin/init" 16 minutes ago Up 15 minutes 0.0.0.0:1022->22/tcp centos-7 171b81516940 nginx "nginx -g 'daemon of…" 2 hours ago Up 2 hours 80/tcp web-7 751a38fb4f99 nginx "nginx -g 'daemon of…" 3 hours ago Up 3 hours 0.0.0.0:84->80/tcp web-5 1ffa3f8e1041 nginx "nginx -g 'daemon of…" 3 hours ago Up 3 hours 0.0.0.0:83->80/tcp web-4 a7275fc9ab5c nginx "nginx -g 'daemon of…" 4 hours ago Up 4 hours 0.0.0.0:80-81->80-81/tcp web2 [root@docker-136 ~]# [root@docker-136 ~]# docker commit centos-7 centos7-ssh:v1 sha256:1b4f8be39f52814a63cbeac8d7f7a86a5bb41637e39dcaf152a31a231fb08567 [root@docker-136 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos7-ssh v1 1b4f8be39f52 13 seconds ago 316MB nginx latest e445ab08b2be 2 weeks ago 126MB httpd latest ee39f68eb241 3 weeks ago 154MB centos latest 9f38484d220f 4 months ago 202MB hello-world latest fce289e99eb9 7 months ago 1.84kB httpd 2.2 e06c3dbbfe23 18 months ago 171MB [root@docker-136 ~]#
2.3 启动新容器来测试新提交的镜像
[root@docker-136 ~]# docker run --name centos-7-2022 -d -p 2022:22 centos7-ssh:v1 /usr/sbin/sshd -D c8d8442664e35ec30159edac3c333fa51549725b14ceecf9fd4036ce6b273a16 [root@docker-136 ~]# docker ps -a -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c8d8442664e3 centos7-ssh:v1 "/usr/sbin/sshd -D" 7 seconds ago Up 3 seconds 0.0.0.0:2022->22/tcp centos-7-2022 [root@docker-136 ~]#
注意事项:记得一定要在启动容器的后面加上/usr/sbin/sshd -D
不加默认是/bin/bash
连接测试
[root@docker-137 ~]# ssh 192.168.0.136 -p 2022 The authenticity of host '[192.168.0.136]:2022 ([192.168.0.136]:2022)' can't be established. ECDSA key fingerprint is SHA256:NBG7epRah23e9e7OgIgiFbXf5elVIi8OhTi3KTYbUP8. ECDSA key fingerprint is MD5:2c:e7:9d:e6:58:68:e6:56:d2:7b:82:9f:bd:d8:c0:20. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.0.136]:2022' (ECDSA) to the list of known hosts. root@192.168.0.136's password: Last login: Thu Aug 8 07:38:35 2019 from 192.168.0.137 [root@c8d8442664e3 ~]#
3 基于centos7的ssh+Nginx镜像
3.1 启动容器安装软件服务
3.1.1 启动基础容器
[root@docker-136 ~]# docker run --privileged=true -d -p 80:80 --name centos-7-ssh-nginx centos /usr/sbin/init 31f4d46f259ede060843424f513ec7f44c0bd918ae69600959bd9bf4e998c834 [root@docker-136 ~]#
3.1.2 配置yum源安装Nginx和sshd
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo sed -i 's#$releasever#7#g' /etc/yum.repos.d/CentOS-Base.repo sed -i 's#$basearch#x86_64#g' /etc/yum.repos.d/CentOS-Base.repo curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo yum install net-tools -y yum install nginx -y yum install openssh-server -y echo 123456|passwd --stdin root
3.1.3 启动
[root@646f2ce3c59a /]# systemctl start nginx [root@646f2ce3c59a /]# systemctl start sshd [root@646f2ce3c59a /]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3483/nginx: master tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3562/sshd tcp6 0 0 :::80 :::* LISTEN 3483/nginx: master tcp6 0 0 :::22 :::* LISTEN 3562/sshd [root@646f2ce3c59a /]#
3.2编写容器启动脚本
root@646f2ce3c59a /]# vi init.sh [root@646f2ce3c59a /]# chmod 755 /init.sh [root@c13fb207d056 /]# cat init.sh #!/bin/bash source /etc/profile systemctl start nginx systemctl status nginx >> /tmp/nginx.log systemctl start sshd
3.3 提交成镜像
[root@docker-136 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 646f2ce3c59a centos "/usr/sbin/init" 7 minutes ago Up 7 minutes 0.0.0.0:80->80/tcp centos-7-ssh-nginx c8d8442664e3 centos7-ssh:v1 "/usr/sbin/sshd -D" 35 minutes ago Up 34 minutes 0.0.0.0:2022->22/tcp centos-7-2022 7c3506971b9d centos "/usr/sbin/init" 55 minutes ago Up 55 minutes 0.0.0.0:1022->22/tcp centos-7 [root@docker-136 ~]# docker commit centos-7-ssh-nginx centos-7-ssh-nginx:v1 sha256:2f945e872d625b76f81e5aac40bf8b5927a343448e4b437f09d47eace52212f6 [root@docker-136 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos-7-ssh-nginx v1 2f945e872d62 5 seconds ago 414MB centos7-ssh v1 1b4f8be39f52 50 minutes ago 316MB nginx latest e445ab08b2be 2 weeks ago 126MB httpd latest ee39f68eb241 3 weeks ago 154MB centos latest 9f38484d220f 4 months ago 202MB hello-world latest fce289e99eb9 7 months ago 1.84kB httpd 2.2 e06c3dbbfe23 18 months ago 171MB [root@docker-136 ~]#
3.4 启动新容器来测试新提交的镜像
[root@docker-136 ~]# docker run --privileged=true -d -p 82:80 -p 4022:22 --name web-test-82 centos-7-ssh-nginx:v1 /usr/sbin/init /init.sh c13fb207d056c010de68de8b805c00a044e72db36a0ea0b27252151d9bf250d3 [root@docker-136 ~]# [root@docker-136 ~]# [root@docker-136 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c13fb207d056 centos-7-ssh-nginx:v1 "/usr/sbin/init /ini…" 14 seconds ago Up 12 seconds 0.0.0.0:4022->22/tcp, 0.0.0.0:82->80/tcp web-test-82 59e751248e70 centos-7-ssh-nginx:v1 "/usr/sbin/init /ini…" About a minute ago Up About a minute 0.0.0.0:3022->22/tcp, 0.0.0.0:81->80/tcp web-test-81 646f2ce3c59a centos "/usr/sbin/init" About an hour ago Up 13 minutes 0.0.0.0:80->80/tcp centos-7-ssh-nginx c8d8442664e3 centos7-ssh:v1 "/usr/sbin/sshd -D" 2 hours ago Up 2 hours 0.0.0.0:2022->22/tcp centos-7-2022 7c3506971b9d centos "/usr/sbin/init" 2 hours ago Up 2 hours 0.0.0.0:1022->22/tcp centos-7 [root@docker-136 ~]#
