制作docker镜像步骤:
启动容器安装软件服务 (以centos6.9为例)
下载centos6.9镜像
[root@docker01 ~]# docker pull centos:6.9
6.9: Pulling from library/centos
831490506c47: Pull complete
Digest: sha256:6fff0a9edc920968351eb357c5b84016000fec6956e6d745f695e5a34f18ecd2
Status: Downloaded newer image for centos:6.9
[root@docker01 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 98ebf73aba75 7 days ago 109MB
centos 6.8 82f3b5f3c58f 4 months ago 195MB
centos 6.9 2199b8eb8390 4 months ago 195MB
[root@docker01 ~]#
启动并进入centos6.9容器
[root@docker01 ~]# docker run -it -p 1022:22 --name fxw centos:6.9
[root@6545598a8326 /]# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 b) TX bytes:0 (0.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@6545598a8326 /]# curl www.baidu.com
<!DOCTYPE html>
<!--STATUS OK--><html> <head><meta http-equiv=content-type content=text/html;charset=utf-8><meta http-equiv=X-UA-Compatible content=IE=Edge><meta content=always name=referrer><link rel=stylesheet type=text/css href=http://s1.bdstatic.com/r/www/cache/bdorz/baidu.min.css><title>百度一下,你就知道</title></head> <body link=#0000cc>
...省略部分...
</body> </html>
[root@6545598a8326 /]#
通过netstat -lntup查看发现没有任何监听服务,也没有sshd,需要手动安装
[root@6545598a8326 /]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
[root@6545598a8326 /]# yum install openssh-server -y
为了让客户端能交互式连接,这里需要生成ssh密钥对(/etc/init.d/sshd start启动sshd服务,并会生成密钥对),同时也需要为登陆用户root设置密码(echo 123456|passwd --stdin root,该方式后面会讲到,目前先这么用)
[root@6545598a8326 /]# ls /etc/ssh/
moduli sshd_config
[root@6545598a8326 /]# /etc/init.d/sshd start
Generating SSH2 RSA host key: [ OK ]
Generating SSH1 RSA host key: [ OK ]
Generating SSH2 DSA host key: [ OK ]
Starting sshd: [ OK ]
[root@6545598a8326 /]# ls /etc/ssh
moduli ssh_host_dsa_key ssh_host_dsa_key.pub ssh_host_key ssh_host_key.pub ssh_host_rsa_key ssh_host_rsa_key.pub sshd_config
[root@6545598a8326 /]# echo 123456|passwd --stdin root
Changing password for user root.
passwd: all authentication tokens updated successfully.
[root@6545598a8326 /]#
此时容器的22端口也被sshd服务正常监听
root@6545598a8326 /]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 120/sshd
tcp 0 0 :::22 :::* LISTEN 120/sshd
[root@6545598a8326 /]#
然后重启一个标签,通过1022端口成功连接到宿主机的容器(ssh root@10.0.0.11 -p 1022)
image.png
将安装好服务的容器commit提交为镜像
说明该镜像中已经完好配置了sshd服务,然后commit打包。
[root@docker01 ~]# docker commit fxw centos6.9_ssh:v1
sha256:4e2a5ae67ee0d9238e40890ba9fdb051eb655e98e7c5c60eabf45ae9272ad94b
[root@docker01 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
centos6.9_ssh v1 4e2a5ae67ee0 12 seconds ago 309MB
nginx latest 98ebf73aba75 7 days ago 109MB
centos 6.8 82f3b5f3c58f 4 months ago 195MB
centos 6.9 2199b8eb8390 4 months ago 195MB
[root@docker01 ~]#
启动新容器来测试新提交的镜
[root@docker01 ~]# docker run -d -p 2022:22 centos6.9_ssh:v1 /usr/sbin/sshd -D
b8e7fcd195f28afc0e7d962c1a6c6f85c6c6404dc91a79744370b98e93ed2ae5
[root@docker01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b8e7fcd195f2 centos6.9_ssh:v1 "/usr/sbin/sshd -D" 10 seconds ago Up 8 seconds 0.0.0.0:2022->22/tcp tender_hertz
6545598a8326 centos:6.9 "/bin/bash" About an hour ago Up About an hour 0.0.0.0:1022->22/tcp fxw
52bfde2cbef6 nginx:latest "nginx -g 'daemon of…" 20 hours ago Up 20 hours 0.0.0.0:90->80/tcp gifted_brahmagupta
[root@docker01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b8e7fcd195f2 centos6.9_ssh:v1 "/usr/sbin/sshd -D" 14 seconds ago Up 12 seconds 0.0.0.0:2022->22/tcp tender_hertz
6545598a8326 centos:6.9 "/bin/bash" About an hour ago Up About an hour 0.0.0.0:1022->22/tcp fxw
52bfde2cbef6 nginx:latest "nginx -g 'daemon of…" 20 hours ago Up 20 hours 0.0.0.0:90->80/tcp gifted_brahmagupta
[root@docker01 ~]#
正常情况下可以采用/etc/init.d/sshd start 启动sshd服务,但是为了启动镜像的同时还能将镜像中的sshd服务启动这里我们采用了/usr/sbin/sshd -D,夯住系统。
测试手动制作的docker镜像
[root@docker01 ~]# ssh root@10.0.0.11 -p 2022
The authenticity of host '[10.0.0.11]:2022 ([10.0.0.11]:2022)' can't be established.
RSA key fingerprint is SHA256:hKK3qKZ0QPpjRg0P4rHyszBWAQxQqPu2FsSNKNG+5GQ.
RSA key fingerprint is MD5:73:de:35:86:8a:9e:2e:30:35:fc:b3:c4:83:13:c7:8b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[10.0.0.11]:2022' (RSA) to the list of known hosts.
root@10.0.0.11's password:
Last login: Thu Jul 25 02:04:19 2019 from 10.0.0.11
[root@b8e7fcd195f2 ~]#
扩展:如果配置的服务较多,启动容的时候需要将这些服务(httpd,sshd,tomcat,nginx等)都启动,那该如何做呢?
办法只有一个:自定义脚本start.sh,比如说我们需要同时启动apache,sshd,nginx这三个服务:
vi /usr/init.d/start.sh
#!/bin/bash
/etc/init.d/httpd start
/usr/share/nginx/sbin/nginx
/usr/sbin/sshd -D
(注意:将/usr/sbin/sshd -D写在最后,它能夯住整个容器)然后启动容器:
docker run -d -p 8080:80 -p 1122:22 centos6-ssh-httpd:v1 /bin/bash /ect/init.d/start.sh
