Docker实践(1)—入门

tutorial

centos6.5环境。

# yum install docker-io -y

会依赖安装libcgroup,lxc,lxc-libs

 

启动docker

# service docker start

Starting cgconfig service: [确定]

Starting docker:        [确定]

 

获取最新的docker image

# docker pull centos:latest

NewImage

运行image

# docker run -i -t centos /bin/bash

bash-4.2# ls

bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  selinux  srv  sys  tmp  usr  var

bash-4.2# exit

 

提交更新

# docker commit -m="add net-tools" -a="dbyin" ad6327a8e166 dbyin/testrep

15a31c1fd4dd1a514b8d771e456fd9adfe206a70e4a672057363322c8b918a3a

NewImage

删除镜像

# docker rmi dbyin/sshd

Untagged: dbyin/sshd:latest

Deleted: 3e6ddcc38145770486dbd2fcb5b3a6734fea447ab024c540e83d34acc8113a11

Deleted: ab8ed0aaabab96eaf1656539bb0f7990f1b114197d39308e93ab1160c222d4ff

Deleted: 4ffa765d3fafa308edba9de3e59582451d6658e4c50cf9d107bc18bfe415d2e9

Deleted: 95cc1fd701f6961585196a0b43e06404aa81f4ec65278d2249ad0716a2cf3d87

Deleted: ae21b4f05d98ea18aff9c4ed33343c933f6f11c8adb5342ab7e1ded6af8c5fd8

 

主要参考

[1]https://docs.docker.com/installation/centos/

[2]Working with Docker Images

 

通过docker部署ssh

# cat Dockerfile

FROM centos

MAINTAINER dbyin

RUN yum install -y openssh-server

RUN echo "root:root" | chpasswd

EXPOSE 22

CMD ["/usr/sbin/sshd", "-D"]

 

 

构建镜象

# docker build --rm -t dbyin/sshd .

Sending build context to Docker daemon 74.75 kB

Sending build context to Docker daemon

Step 0 : FROM centos

 ---> 1a7dc42f78ba

Step 1 : MAINTAINER dbyin

 ---> Running in f40dd8c16027

 ---> ae21b4f05d98

Removing intermediate container f40dd8c16027

Step 2 : RUN yum install -y openssh-server

 ---> Running in a298b82f5fc1

Loaded plugins: fastestmirror

Determining fastest mirrors

 * base: mirrors.cug.edu.cn

 * extras: mirrors.cug.edu.cn

 * updates: mirrors.cug.edu.cn

Resolving Dependencies

--> Running transaction check

---> Package openssh-server.x86_64 0:6.4p1-8.el7 will be installed

--> Processing Dependency: openssh = 6.4p1-8.el7 for package: openssh-server-6.4p1-8.el7.x86_64

--> Running transaction check

---> Package openssh.x86_64 0:6.4p1-8.el7 will be installed

--> Finished Dependency Resolution

 

Dependencies Resolved

 

================================================================================

 Package                Arch           Version               Repository    Size

================================================================================

Installing:

 openssh-server         x86_64         6.4p1-8.el7           base         367 k

Installing for dependencies:

 openssh                x86_64         6.4p1-8.el7           base         341 k

 

Transaction Summary

================================================================================

Install  1 Package (+1 Dependent package)

 

Total download size: 708 k

Installed size: 1.8 M

Downloading packages:

warning: /var/cache/yum/x86_64/7/base/packages/openssh-server-6.4p1-8.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY

Public key for openssh-server-6.4p1-8.el7.x86_64.rpm is not installed

--------------------------------------------------------------------------------

Total                                              195 kB/s | 708 kB  00:03    

Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Importing GPG key 0xF4A80EB5:

 Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"

 Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5

 Package    : centos-release-7-0.1406.el7.centos.2.3.x86_64 (@CentOS/$releasever)

 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

  Installing : openssh-6.4p1-8.el7.x86_64                                   1/2

  Installing : openssh-server-6.4p1-8.el7.x86_64                            2/2

  Verifying  : openssh-server-6.4p1-8.el7.x86_64                            1/2

  Verifying  : openssh-6.4p1-8.el7.x86_64                                   2/2

 

Installed:

  openssh-server.x86_64 0:6.4p1-8.el7                                          

 

Dependency Installed:

  openssh.x86_64 0:6.4p1-8.el7                                                 

 

Complete!

 ---> 95cc1fd701f6

Removing intermediate container a298b82f5fc1

Step 3 : RUN echo "root:root" | chpasswd

 ---> Running in 0aad665d3d2a

 ---> 4ffa765d3faf

Removing intermediate container 0aad665d3d2a

Step 4 : EXPOSE 22

 ---> Running in f3e0c11abc3f

 ---> ab8ed0aaabab

Removing intermediate container f3e0c11abc3f

Step 5 : CMD ["/usr/sbin/sshd", "-D"]

 ---> Running in 41d15fb205ff

 ---> 3e6ddcc38145

Removing intermediate container 41d15fb205ff

Successfully built 3e6ddcc38145

 

启动镜像

# docker run -d -P --name test_sshd dbyin/sshd

1348cf06d04b6b558e025e78d13b8f61d64e63301de06c8fc1da5c4d18c9b8f8

NewImage

container的22被映射到host的49153端口。

 

停止container

# docker stop test_sshd

删除container

# docker rm test_sshd

 

错误1

Error: Cannot start container f82d9d3548b4d19cfb4599bb3b27f74b6d605f167456d509df722c749fdf476f: port has already been allocated

重启docker服务,参见https://github.com/dotcloud/docker/issues/6476

 

错误2

# ssh root@172.16.213.129 -p 49153 -v

OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Applying options for *

debug1: Connecting to 172.16.213.129 [172.16.213.129] port 49153.

debug1: Connection established.

debug1: permanently_set_uid: 0/0

debug1: identity file /root/.ssh/identity type -1

debug1: identity file /root/.ssh/identity-cert type -1

debug1: identity file /root/.ssh/id_rsa type -1

debug1: identity file /root/.ssh/id_rsa-cert type -1

debug1: identity file /root/.ssh/id_dsa type -1

debug1: identity file /root/.ssh/id_dsa-cert type -1

debug1: Remote protocol version 2.0, remote software version OpenSSH_6.4

debug1: match: OpenSSH_6.4 pat OpenSSH*

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_5.3

debug1: SSH2_MSG_KEXINIT sent

Read from socket failed: Connection reset by peer

 

增加以下内容重新构建镜像

RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key

 

然后出现

。。。

debug1: Exit status 254

增加以下内容重新构建镜像,参考这里

RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config

RUN sed -ri 's/#UsePAM no/UsePAM no/g' /etc/ssh/sshd_config

 

访问

# ssh root@172.16.213.129 -p 49153

 

主要参考

[1]Dockerizing an SSH Daemon Service

[2]Docker: Using Linux Containers to Support Portable Application Deployment


作者:YY哥 
出处:http://www.cnblogs.com/hustcat/ 
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。

posted @ 2014-07-24 23:07  YY哥  阅读(17522)  评论(0编辑  收藏  举报