Docker创建可ssh的 centos容器

  1. 获取最新的 centOS

    ## 如果不指定标签,默认是 latest;当本机没有的时候会自动下载
    docker pull centos

    Using default tag: latest
    latest: Pulling from library/centos
    47d44cb6f252: Pull complete
    168a69b62202: Pull complete
    812e9d9d677f: Pull complete
    4234bfdd88f8: Pull complete
    ce20c473cd8a: Pull complete
    library/centos:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
    Digest: sha256:3aaab9f1297db9b013063c781cfe901e2aa6e7e334c1d1f4df12f25ce356f2e5
    Status: Downloaded newer image for centos:latest

  2. 查看本地 images

    docker images

    下载完成后就有一个本地镜像了

    REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
    centos latest ce20c473cd8a 3 weeks ago 172.3 MB

  3. 进去查看 centos版本

    docker run -t -i centos:latest /bin/bash

    [root@4901a93e948f /]# cat /etc/redhat-release
    CentOS Linux release 7.1.1503 (Core)

  4. 创建一个新的 Image

    ## 创建一个目录,通过 DockerFile 的方法来创建一个新的镜像
    vi Dockerfile

    内容如下:

    ROM        centos
    MAINTAINER  wangjc0801
    
    #Install Packages
    
    #RUN yum update -y
    RUN yum install -y passwd openssh openssh-server openssh-clients sudo
    RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
    RUN ssh-keygen -A -t dsa -f /etc/ssh/ssh_host_dsa_key
    
    ## Create user
    RUN useradd docker
    RUN passwd -f -u docker
    
    ## Set up SSH
    RUN mkdir -p /home/docker/.ssh; chown docker /home/docker/.ssh; chmod 700 /home/docker/.ssh
    ADD  authorized_keys /home/docker/.ssh/authorized_keys
    RUN chown docker /home/docker/.ssh/authorized_keys
    RUN chmod 700 /home/docker/.ssh/authorized_keys
    
    ## setup sudoers
    RUN echo "docker    ALL=(ALL)       ALL" >> /etc/sudoers.d/docker
    
    ## Set up SSHD config
    
    RUN sed -ri 's/#PermitRootLogin yes/PermitRootLogin yes/g' /etc/ssh/sshd_config
    RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config
    RUN sed -ri 's/#UsePAM no/UsePAM no/g' /etc/ssh/sshd_config
    
    ## Init SSHD
    EXPOSE 22
    
    #RUN /etc/init.d/sshd start
    #RUN /etc/init.d/sshd stop
    #RUN /usr/sbin/sshd -D
  5. 创建本机的 authorized_keys,和 Dockerfile 放到同一目录下。(ADD authorized_keys /home/docker/.ssh/authorized_keys 决定的)。 DockeFile 语法参考这里

    ## 构建镜像,指定名称和标签
    docker build -t wangjc0801/centos7.1:sshd .
  6. 查看

    docker images

    创建成功后,可以看到多了一个镜像 ffbdcb18602b

    REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
    wangjc0801/centos7.1 sshd ffbdcb18602b 56 seconds ago 256.8 MB
    centos latest ce20c473cd8a 3 weeks ago 172.3 MB

  7. 运行容器,启动 sshd

    docker run -i -t -p 22 ffbdcb18602b
    [root@f98c3fb7ae43 /]# /usr/sbin/sshd

    启动这个容器,当然也可以通过-d 后台启动,并自动启动sshd

    docker run -d -p 22 ffbdcb18602b /usr/sbin/sshd -D
  8. 查看容器22端口映射的外部端口

    ## 首先查看正在运行的容器,获取容器 ID
    docker ps

    正在运行的容器 ID 为 f98c3fb7ae43

    CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
    f98c3fb7ae43 ffbdcb18602b "/bin/bash" 2 minutes ago Up 2 minutes 0.0.0.0:32770->22/tcp jolly_mestorf

    ## 查看端口
    docker port f98c3fb7ae43

    22/tcp -> 0.0.0.0:32770

  9. 查看虚拟机 IP

    docker-machine ls

    NAME ACTIVE DRIVER STATE URL SWARM
    default virtualbox Running tcp://192.168.99.100:2376

  10. 免密码进入

    ssh docker@192.168.99.100 -p 32770

    The authenticity of host '[192.168.99.100]:32770 ([192.168.99.100]:32770)' can't be established.
    ECDSA key fingerprint is SHA256:kNMkYdXWN61gXrDoSAFlPhNksbs1tjQCwr7jyTZk24A.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '[192.168.99.100]:32770' (ECDSA) to the list of known hosts.
    [docker@f98c3fb7ae43 ~]$

2015-11-06 00:41224