1. 拉取ubuntu镜像:这里拉取的是ubuntu:18.04版本。
[root@node1 ~]# docker pull ubuntu:18.04
2. 运行并进入容器:
[root@node1 ~]# docker run -it --name ubuntu ubuntu:18.04 bash
3. 更换容器中原有的镜像源:
root@105542f1c3df:/# mv /etc/apt/sources.list{,.bak}
root@105542f1c3df:/# echo deb http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse > /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb-src http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb-src http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb-src http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb-src http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
root@105542f1c3df:/# echo deb-src http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse >> /etc/apt/sources.list.d/163.list
4. 在容器中安装配置ssh服务:
## 更新镜像源
root@105542f1c3df:/# apt update
## 安装ssh服务
root@105542f1c3df:/# apt install openssh-server
root@105542f1c3df:/# mkdir -p /var/run/sshd
## 后台运行
root@105542f1c3df:/# /usr/sbin/sshd -D &
[1] 3920
5. 取消pam登陆限制:
root@105542f1c3df:/# sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/' /etc/pam.d/sshd
6. 配置免密钥登录:
## 宿主机上生成密钥对:
[root@node1 ~]# ssh-keygen -f ~/.ssh/id_rsa -P '' -q
## 查看公钥文件:
[root@node1 ~]# more ~/.ssh/id_rsa.pub
root@105542f1c3df:/# mkdir /root/.ssh -p
## 复制公钥到容器中:
root@105542f1c3df:/# echo ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC69hIhf6fyb/sVyKgF4hp8xU4dmld4iNNZ5jQxinapTXS5Ax9iKOT/VKz71137zVeqLXxNpavDBiPU841BXDBtUAbFejbAcr7Invpqwmo7Y/dKzNHb1mx0XsawCeWTDcgwroHo0Zu0QiODDtliTekL4YEtshq/4OkOO1fglR07cuwQu9DT7OoQKIQGMlzA/KsgtPge2dWSKJKzXEXPA938wHUdHId6bEyrbBfZyi773zDp0THzy3UGYQCOZ4KA20IK+qrMcNUPC7qzx5OjecytjjnFrNjoRlukAoZz4TwReGt7doqw8j90AmMdrMkU7ptGn26cs0bPW+pMYF4izyz1 root@node1 > ~/.ssh/authorized_keys
7. 配置服务启动脚本:
root@105542f1c3df:/# echo '#!/bin/bash' > /run.sh
root@105542f1c3df:/# echo "/usr/sbin/sshd -D" >> /run.sh
root@105542f1c3df:/# chmod +x /run.sh
8. 提交并推送镜像到Harbor上:
[root@node1 ~]# docker commit ubuntu node2.openlab.com/demo/sshd:ubuntu_v1
[root@node1 ~]# docker push node2.openlab.com/demo/sshd:ubuntu_v1
9. 运行制作的镜像node2.openlab.com/demo/sshd:ubuntu_v1:
[root@node1 ~]# docker run -d -p 10022:22 node2.openlab.com/demo/sshd:ubuntu_v1 /run.sh
10. 验证ssh是否配置成功:
## 查看10022端口是否监听:
[root@node1 ~]# ss -lntup | grep 10022
tcp LISTEN 0 128 *:10022 *:* users:(("docker-proxy",pid=6246,fd=4))
tcp LISTEN 0 128 [::]:10022 [::]:* users:(("docker-proxy",pid=6250,fd=4))
## ssh连接10022号端口,查看免密钥是否配置成功
[root@node1 ~]# ssh 192.168.188.111 -p 10022