基本概念
Follow me
根据debian镜像,创建一个sshd服务。本地使用的环境是windows11 docker desktop + WSL2。
docker commit 创建镜像
1
2
|
# pull debian image and enter bash
docker run -it debian bash
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
# get debian version
root@c8edec741b80:/$ cat /etc/debian_version
# add a user and set password
root@c8edec741b80:/$ adduser fish
# replace debian apt source
root@c8edec741b80:/etc/apt/sources.list.d$ sed -i 's/deb.debian.org/mirrors.ustc.edu.cn/g' debian.sources
# install and run openssh-server
root@c8edec741b80:~$ apt install openssh-server
root@c8edec741b80:~$ mkdir /run/sshd
root@c8edec741b80:~$ /usr/sbin/sshd -D &
[1] 144006 20:47:00
# cancel pam access // # session required pam_loginuid.so
root@c8edec741b80:~$ vim /etc/pam.d/sshd
# create run.sh
#! /bin/bash
/usr/sbin/sshd -D
root@c8edec741b80:~$ exit
|
创建镜像sshd:debian并执行,在终端ssh进行登录
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
docker ps -a
c8edec741b80 debian "bash" 16 hours ago Exited (0) 16 hours ago great_galois
docker commit great_galois sshd:debian
docker images
REPOSITORY TAG
IMAGE ID CREATED SIZE
sshd debian
7caa99dd2f1d 16 hours ago 226MB
docker run -p 10022:22 -d sshd:debian /root/run.sh
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8eb23c28e68d sshd:debian "/root/run.sh" 7 seconds ago Up 6 seconds 0.0.0.0:10022->22/tcp stoic_carver
ssh fish@localhost -p 10022
fish@localhost's password:
Linux 8eb23c28e68d 5.4.72-microsoft-standard-WSL2 #1 SMP Wed Oct 28 23:40:43 UTC 2020 x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
fish@8eb23c28e68d:~$
|
Dockerfile创建镜像
在新文件夹下,新建如下文件
1
2
3
|
~/docker-practice/sshd_debian
$ ls
Dockerfile authorized_keys run.sh
|
Dockerfile内容如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
FROM debian
MAINTAINER lclei (lichanglei@ustc,edu)
RUN sed -i 's/deb.debian.org/mirrors.ustc.edu.cn/g' /etc/apt/sources.list.d/debian.sources
RUN apt update
RUN apt install -y openssh-server
RUN mkdir -p /run/sshd
RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
ADD authorized_keys /root/.ssh/authorized_keys
ADD run.sh /run.sh
RUN chmod 755 /run.sh
EXPOSE 22
CMD ["/run.sh"]
|
authorized_keys内容则是宿主机使用ssh生成的~/.ssh/id_rsa.pub的内容。
run.sh
1
2
3
|
#! /bin/bash
/usr/sbin/sshd -D
|
准备工作已完成,使用docker创建image,在之前的文件夹sshd_debian下
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
$ docker build -t sshd:dockerfile .
[+] Building 0.1s (14/14) FINISHED
$ docker run -d -p 10122:22 sshd:dockerfile
ce272ad7d685610eede4a7f4fe618e2303da4c9e645df392b0e5dba001c2b9b7
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ce272ad7d685 sshd:dockerfile "/run.sh" 15 minutes ago Up 15 minutes 0.0.0.0:10122->22/tcp hungry_saha
8eb23c28e68d sshd:debian "/root/run.sh" 2 hours ago Up 2 hours 0.0.0.0:10022->22/tcp stoic_carver
$ ssh root@localhost -p 10122
Linux ce272ad7d685 5.4.72-microsoft-standard-WSL2 #1 SMP Wed Oct 28 23:40:43 UTC 2020 x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
root@ce272ad7d685:~#
|
与docker commit创建的镜像相同。但是使用Dockerfile明显更方便分发部署。