docker 部署 vsftpd

总结

部署vsftpd只需要看 运行命令 就行了,其他的就是自己在记录一些与ftp有关的知识

运行命令

docker  pull  fauria/vsftpd
docker run -d -v /data/ftp:/home/vsftpd \
-p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
-e FTP_USER=ftp_stu -e FTP_PASS=student  \
-e PASV_ADDRESS=10.36.31.161  -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \
--name vsftpd --restart=always fauria/vsftpd

安装 .7z 解压和压缩文件

sudo apt install p7zip-full
7z x manager.7z -r -o /home/xx
7z a -t7z -r manager.7z /home/manager/*

#解释如下:
x 代表解压缩文件,并且是按原始目录解压(还有个参数 e 也是解压缩文件,但其会将所有文件都解压到根下,而不是自己原有的文件夹下)manager.7z 是压缩文件,这里大家要换成自己的。如果不在当前目录下要带上完整的目录
-r 表示递归所有的子文件夹
-o 是指定解压到的目录,这里大家要注意-o后是没有空格的直
解释如下:
a 代表添加文件/文件夹到压缩包
-t 是指定压缩类型 一般我们定为7z
-r 表示递归所有的子文件夹,manager.7z 是压缩好后的压缩包名,/home/manager/* 是要压缩的目录,*是表示该目录下所有的文件。

下载上传ftp命令

ftp> get readme.txt # 下载 readme.txt 文件
ftp> mget *.txt     # 下载 
ftp> put /path/readme.txt # 上传 readme.txt 文件
ftp> mput *.txt           # 可以上传多个文件

关闭FTP连接

bye
exit
quit

状态码

230 - 登录成功

200 - 命令执行成功

150 - 文件状态正常,开启数据连接端口

250 - 目录切换操作完成

226 - 关闭数据连接端口,请求的文件操作成功

FTP命令

ftp> ascii  # 设定以ASCII方式传送文件(缺省值) 
ftp> bell   # 每完成一次文件传送,报警提示. 
ftp> binary # 设定以二进制方式传送文件. 
ftp> bye    # 终止主机FTP进程,并退出FTP管理方式. 
ftp> case # 当为ON时,用MGET命令拷贝的文件名到本地机器中,全部转换为小写字母. 
ftp> cd     # 同UNIX的CD命令. 
ftp> cdup   # 返回上一级目录. 
ftp> chmod  # 改变远端主机的文件权限. 
ftp> close  # 终止远端的FTP进程,返回到FTP命令状态, 所有的宏定义都被删除. 
ftp> delete # 删除远端主机中的文件. 
ftp> dir [remote-directory] [local-file] # 列出当前远端主机目录中的文件.如果有本地文件,就将结果写至本地文件. 
ftp> get [remote-file] [local-file] # 从远端主机中传送至本地主机中. 
ftp> help [command] # 输出命令的解释. 
ftp> lcd # 改变当前本地主机的工作目录,如果缺省,就转到当前用户的HOME目录. 
ftp> ls [remote-directory] [local-file] # 同DIR. 
ftp> macdef                 # 定义宏命令. 
ftp> mdelete [remote-files] # 删除一批文件. 
ftp> mget [remote-files]    # 从远端主机接收一批文件至本地主机. 
ftp> mkdir directory-name   # 在远端主机中建立目录. 
ftp> mput local-files # 将本地主机中一批文件传送至远端主机. 
ftp> open host [port] # 重新建立一个新的连接. 
ftp> prompt           # 交互提示模式. 
ftp> put local-file [remote-file] # 将本地一个文件传送至远端主机中. 
ftp> pwd  # 列出当前远端主机目录. 
ftp> quit # 同BYE. 
ftp> recv remote-file [local-file] # 同GET. 
ftp> rename [from] [to]     # 改变远端主机中的文件名. 
ftp> rmdir directory-name   # 删除远端主机中的目录. 
ftp> send local-file [remote-file] # 同PUT. 
ftp> status   # 显示当前FTP的状态. 
ftp> system   # 显示远端主机系统类型. 
ftp> user user-name [password] [account] # 重新以别的用户名登录远端主机. 
ftp> ? [command] # 同HELP. [command]指定需要帮助的命令名称。如果没有指定 command,ftp 将显示全部命令的列表。
ftp> ! # 从 ftp 子系统退出到外壳。 

服务运维

 systemctl restart vsftpd.service  # 重启服务
 systemctl start vsftpd.service    # 启动服务
 systemctl status vsftpd.service   # 服务状态查看

整体步骤

[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \
> -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
> -e FTP_USER=ftp_stu -e FTP_PASS=student  \
> -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \
> --name vsftpd --restart=always fauria/vsftpd
ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d
/usr/bin/docker-current: Error response from daemon: driver failed programming external connectivity on endpoint vsftpd (7f753629aae087e3ec1548483bd92ca11dcafb97e7fb8ca07c491361285721e1): Erre.
[root@ieat1 vsftpd]# docker ps
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS               NAMES
abd4d5d89b20        rancher/dns:v0.17.4               "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-metadata-dns-5-3a54b7e3
19289cb5b39b        rancher/healthcheck:v0.3.8        "/.r/r /rancher-en..."   9 hours ago         Up 3 hours                              r-healthcheck-healthcheck-5-bdacdf26
e0606c299ed1        rancher/metadata:v0.10.4          "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-metadata-5-944c46f4
ce1e6f7ee4e4        rancher/network-manager:v0.7.22   "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-network-manager-5-ae860036
7ec9b65e37f1        rancher/net:v0.13.17              "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-ipsec-cni-driver-5-64a39019
d938c0feaae7        rancher/agent:v1.2.11             "/run.sh run"            2 weeks ago         Up 3 hours                              rancher-agent
[root@ieat1 vsftpd]#  netstat -tanlp       #一定要要在root下看,+ sudo ,否则因为权限不够看不到具体的进程。
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/systemd           
tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      2407/dnsmasq        
tcp        0      0 127.0.0.1:5941          0.0.0.0:*               LISTEN      1565/teamviewerd    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1352/sshd           
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      1350/cupsd          
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1637/master         
tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      20508/sshd: root@pt 
tcp        0      0 172.17.0.1:45224        169.254.169.250:80      TIME_WAIT   -                   
tcp        0      0 172.17.0.1:45222        169.254.169.250:80      TIME_WAIT   -                   
tcp        0      0 172.17.0.1:45270        169.254.169.250:80      ESTABLISHED 18164/plugin-manage 
tcp        0      0 172.17.0.1:45242        169.254.169.250:80      ESTABLISHED 18164/plugin-manage 
tcp        0      0 10.36.31.161:44288      10.36.31.164:8080       ESTABLISHED 16874/agent         
tcp        0      0 172.17.0.1:45206        169.254.169.250:80      TIME_WAIT   -                   
tcp        0      0 172.17.0.1:45168        169.254.169.250:80      TIME_WAIT   -                   
tcp        0      0 10.36.31.161:57250      217.146.11.102:80       ESTABLISHED 1565/teamviewerd    
tcp        0      0 172.17.0.1:45160        169.254.169.250:80      TIME_WAIT   -                   
tcp        0      0 172.17.0.1:45240        169.254.169.250:80      ESTABLISHED 18164/plugin-manage 
tcp        0      0 10.36.31.161:44286      10.36.31.164:8080       ESTABLISHED 16874/agent         
tcp        0      0 172.17.0.1:45238        169.254.169.250:80      FIN_WAIT2   -                   
tcp        0      0 172.17.0.1:45234        169.254.169.250:80      TIME_WAIT   -                   
tcp        0    264 10.36.31.161:22         202.196.41.207:8864     ESTABLISHED 20508/sshd: root@pt 
tcp        0      0 172.17.0.1:45278        169.254.169.250:80      ESTABLISHED 18164/plugin-manage 
tcp        0      0 172.17.0.1:45260        169.254.169.250:80      FIN_WAIT2   -                   
tcp        0      0 10.36.31.161:39916      10.36.31.164:8080       ESTABLISHED 16874/agent         
tcp        0      0 172.17.0.1:45236        169.254.169.250:80      TIME_WAIT   -                   
tcp        0      0 10.36.31.161:57252      217.146.11.102:80       ESTABLISHED 1565/teamviewerd    
tcp        0      0 172.17.0.1:45280        169.254.169.250:80      ESTABLISHED 18164/plugin-manage 
tcp        0      0 172.17.0.1:45258        169.254.169.250:80      FIN_WAIT2   -                   
tcp        0      0 172.17.0.1:45244        169.254.169.250:80      TIME_WAIT   -                   
tcp        0      0 172.17.0.1:45246        169.254.169.250:80      FIN_WAIT2   -                   
tcp        0      0 172.17.0.1:45144        169.254.169.250:80      TIME_WAIT   -                   
tcp6       0      0 :::111                  :::*                    LISTEN      1/systemd           
tcp6       0      0 :::21                   :::*                    LISTEN      20665/vsftpd        
tcp6       0      0 :::22                   :::*                    LISTEN      1352/sshd           
tcp6       0      0 ::1:631                 :::*                    LISTEN      1350/cupsd          
tcp6       0      0 ::1:25                  :::*                    LISTEN      1637/master         
tcp6       0      0 ::1:6010                :::*                    LISTEN      20508/sshd: root@pt 
[root@ieat1 vsftpd]# kill 20665
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd -p 20:20 -p 21:21 -p 21100-21110:21100-21110 -e FTP_USER=ftp_stu -e FTP_PASS=student  -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=2
/usr/bin/docker-current: Error response from daemon: Conflict. The container name "/vsftpd" is already in use by container ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d. Yo
See '/usr/bin/docker-current run --help'.
[root@ieat1 vsftpd]# docker ls
docker: 'ls' is not a docker command.
See 'docker --help'
[root@ieat1 vsftpd]# docker ps
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS               NAMES
abd4d5d89b20        rancher/dns:v0.17.4               "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-metadata-dns-5-3a54b7e3
19289cb5b39b        rancher/healthcheck:v0.3.8        "/.r/r /rancher-en..."   9 hours ago         Up 3 hours                              r-healthcheck-healthcheck-5-bdacdf26
e0606c299ed1        rancher/metadata:v0.10.4          "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-metadata-5-944c46f4
ce1e6f7ee4e4        rancher/network-manager:v0.7.22   "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-network-manager-5-ae860036
7ec9b65e37f1        rancher/net:v0.13.17              "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-ipsec-cni-driver-5-64a39019
d938c0feaae7        rancher/agent:v1.2.11             "/run.sh run"            2 weeks ago         Up 3 hours                              rancher-agent
[root@ieat1 vsftpd]# docker remove ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d
docker: 'remove' is not a docker command.
See 'docker --help'
[root@ieat1 vsftpd]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
ae36a80acf21        fauria/vsftpd       "/usr/sbin/run-vsf..."   8 minutes ago       Created                                 vsftpd
[root@ieat1 vsftpd]# docker rm ae36a80acf21
ae36a80acf21
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd -p 20:20 -p 21:21 -p 21100-21110:21100-21110 -e FTP_USER=ftp_stu -e FTP_PASS=student  -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=2
65a2f82d86e83310c8b1117973a1e67dab16f1adcb8ef0473b0db264204e577e
[root@ieat1 vsftpd]# ll
总用量 48
-rw-r--r-- 1 root root    18 8月   3 14:47 chroot_list
-rw------- 1 root root   125 10月 31 2018 ftpusers
-rw------- 1 root root   361 10月 31 2018 user_list
-rw-r--r-- 1 root root   162 8月   3 19:02 vsftpd.conf
-rw------- 1 root root  5116 8月   3 14:39 vsftpd.conf.bak
-rwxr--r-- 1 root root   338 10月 31 2018 vsftpd_conf_migrate.sh
-rw-r--r-- 1 root root   628 8月   3 14:41 vsftpd.conf.rpmsave
drwxr-xr-x 2 root root    38 8月   3 14:51 vuser_conf  
-rw------- 1 root root 12288 8月   3 14:45 vuser_passwd.db
-rw-r--r-- 1 root root    32 8月   3 14:44 vuser_passwd.txt
[root@ieat1 vsftpd]# docker ps
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS                                                            NAMES
65a2f82d86e8        fauria/vsftpd                     "/usr/sbin/run-vsf..."   4 minutes ago       Up 4 minutes        0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp   vsftpd
abd4d5d89b20        rancher/dns:v0.17.4               "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
19289cb5b39b        rancher/healthcheck:v0.3.8        "/.r/r /rancher-en..."   9 hours ago         Up 3 hours                                                                           r-healt
e0606c299ed1        rancher/metadata:v0.10.4          "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
ce1e6f7ee4e4        rancher/network-manager:v0.7.22   "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
7ec9b65e37f1        rancher/net:v0.13.17              "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-ipsec
d938c0feaae7        rancher/agent:v1.2.11             "/run.sh run"            2 weeks ago         Up 3 hours                                                                           rancher
[root@ieat1 vsftpd]# docker exec 65a2f82d86e8 
"docker exec" requires at least 2 argument(s).
See 'docker exec --help'.

Usage:  docker exec [OPTIONS] CONTAINER COMMAND [ARG...]

Run a command in a running container
[root@ieat1 vsftpd]# docker ps
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS                                                            NAMES
65a2f82d86e8        fauria/vsftpd                     "/usr/sbin/run-vsf..."   5 minutes ago       Up 5 minutes        0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp   vsftpd
abd4d5d89b20        rancher/dns:v0.17.4               "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
19289cb5b39b        rancher/healthcheck:v0.3.8        "/.r/r /rancher-en..."   9 hours ago         Up 3 hours                                                                           r-healt
e0606c299ed1        rancher/metadata:v0.10.4          "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
ce1e6f7ee4e4        rancher/network-manager:v0.7.22   "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
7ec9b65e37f1        rancher/net:v0.13.17              "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-ipsec
d938c0feaae7        rancher/agent:v1.2.11             "/run.sh run"            2 weeks ago         Up 3 hours                                                                           rancher
[root@ieat1 vsftpd]# systemclt status firewalld.service
bash: systemclt: 未找到命令...
相似命令是: 'systemctl'
[root@ieat1 vsftpd]# systemctl  status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since 六 2019-08-03 12:41:08 CST; 9h ago
     Docs: man:firewalld(1)
 Main PID: 963 (code=exited, status=0/SUCCESS)

8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables: 
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name.
8月 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8月 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@ieat1 vsftpd]# systemctl  status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since 六 2019-08-03 12:41:08 CST; 9h ago
     Docs: man:firewalld(1)
 Main PID: 963 (code=exited, status=0/SUCCESS)

8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables: 
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name.
8月 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8月 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@ieat1 vsftpd]# systemctl  status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since 六 2019-08-03 12:41:08 CST; 9h ago
     Docs: man:firewalld(1)
 Main PID: 963 (code=exited, status=0/SUCCESS)

8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables: 
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name.
8月 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8月 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@ieat1 vsftpd]# systemctl  status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since 六 2019-08-03 12:41:08 CST; 9h ago
     Docs: man:firewalld(1)
 Main PID: 963 (code=exited, status=0/SUCCESS)

8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables: 
8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name.
8月 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8月 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@ieat1 vsftpd]# docker ps
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS                                                            NAMES
65a2f82d86e8        fauria/vsftpd                     "/usr/sbin/run-vsf..."   13 minutes ago      Up 13 minutes       0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp   vsftpd
abd4d5d89b20        rancher/dns:v0.17.4               "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
19289cb5b39b        rancher/healthcheck:v0.3.8        "/.r/r /rancher-en..."   9 hours ago         Up 3 hours                                                                           r-healt
e0606c299ed1        rancher/metadata:v0.10.4          "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
ce1e6f7ee4e4        rancher/network-manager:v0.7.22   "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-netwo
7ec9b65e37f1        rancher/net:v0.13.17              "/rancher-entrypoi..."   9 hours ago         Up 3 hours                                                                           r-ipsec
d938c0feaae7        rancher/agent:v1.2.11             "/run.sh run"            2 weeks ago         Up 3 hours                                                                           rancher
[root@ieat1 vsftpd]# docker stop 65a2f82d86e8 
65a2f82d86e8
[root@ieat1 vsftpd]# docker ps
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS               NAMES
abd4d5d89b20        rancher/dns:v0.17.4               "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-metadata-dns-5-3a54b7e3
19289cb5b39b        rancher/healthcheck:v0.3.8        "/.r/r /rancher-en..."   9 hours ago         Up 3 hours                              r-healthcheck-healthcheck-5-bdacdf26
e0606c299ed1        rancher/metadata:v0.10.4          "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-metadata-5-944c46f4
ce1e6f7ee4e4        rancher/network-manager:v0.7.22   "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-network-services-network-manager-5-ae860036
7ec9b65e37f1        rancher/net:v0.13.17              "/rancher-entrypoi..."   9 hours ago         Up 3 hours                              r-ipsec-cni-driver-5-64a39019
d938c0feaae7        rancher/agent:v1.2.11             "/run.sh run"            2 weeks ago         Up 3 hours                              rancher-agent
[root@ieat1 vsftpd]# docker images
REPOSITORY                          TAG                 IMAGE ID            CREATED             SIZE
docker.io/nginx                     latest              98ebf73aba75        2 weeks ago         109 MB
docker.io/mysql                     latest              de764ad211de        2 weeks ago         443 MB
docker.io/redis                     latest              598a6f110d01        3 weeks ago         118 MB
docker.io/fauria/vsftpd             latest              4900fef1a627        3 months ago        261 MB
docker.io/rancher/agent             v1.2.11             1cc7591af4f5        12 months ago       243 MB
docker.io/rancher/net               v0.13.17            f170c38e3763        12 months ago       311 MB
docker.io/rancher/dns               v0.17.4             678bde0de4d2        12 months ago       249 MB
docker.io/rancher/healthcheck       v0.3.8              ce78cf69cc0b        13 months ago       391 MB
docker.io/rancher/metadata          v0.10.4             02104eb6e270        13 months ago       251 MB
docker.io/rancher/network-manager   v0.7.22             13381626c510        13 months ago       256 MB
docker.io/rancher/net               holder              665d9f6e8cc1        2 years ago         267 MB
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \
> -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
> -e FTP_USER=ftp_stu -e FTP_PASS=student  \
> -e PASV_ADDRESS=10.36.31.161  -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \
> --name vsftpd --restart=always fauria/vsftpd
/usr/bin/docker-current: Error response from daemon: Conflict. The container name "/vsftpd" is already in use by container 65a2f82d86e83310c8b1117973a1e67dab16f1adcb8ef0473b0db264204e577e. Yo
See '/usr/bin/docker-current run --help'.
[root@ieat1 vsftpd]# docler images ls
bash: docler: 未找到命令...
[root@ieat1 vsftpd]# docker sl
docker: 'sl' is not a docker command.
See 'docker --help'
[root@ieat1 vsftpd]# docker ls
docker: 'ls' is not a docker command.
See 'docker --help'
[root@ieat1 vsftpd]# docker ls -a
unknown shorthand flag: 'a' in -a
See 'docker --help'.

Usage:	docker COMMAND

A self-sufficient runtime for containers

Options:
      --config string      Location of client config files (default "/root/.docker")
  -D, --debug              Enable debug mode
      --help               Print usage
  -H, --host list          Daemon socket(s) to connect to (default [])
  -l, --log-level string   Set the logging level ("debug", "info", "warn", "error", "fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  checkpoint  Manage checkpoints
  container   Manage containers
  image       Manage images
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  volume      Manage volumes

Commands:
  attach      Attach to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  deploy      Deploy a new stack or update an existing stack
  diff        Inspect changes on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker COMMAND --help' for more information on a command.

[root@ieat1 vsftpd]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                       PORTS               NAMES
65a2f82d86e8        fauria/vsftpd       "/usr/sbin/run-vsf..."   18 minutes ago      Exited (137) 3 minutes ago                       vsftpd
[root@ieat1 vsftpd]# docker rm 65a2f82d86e8
65a2f82d86e8
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \
> -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
> -e FTP_USER=ftp_stu -e FTP_PASS=student  \
> -e PASV_ADDRESS=10.36.31.161  -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \
> --name vsftpd --restart=always fauria/vsftpd
3d785f39c0f3ca6002a5e07b9d818d796e5ebc026643ab54bc7af9dddc82f93b
[root@ieat1 vsftpd]# 

创建用户并赋予相应的权限

遇到问题

在vsftp.conf中进行配置,在其中添加如下一行

user_config_dir=/etc/vsftpd/vuser_conf

然后创建 vuser_conf文件夹,在其中以用户名创建用户配置

[root@ieat1 vuser_conf  ]# cat ftp_admin 
ocal_root=/data/ftp   #要注意这个不是宿主的,要改成映射的docker自己的
write_enable=YES
anon_umask=022
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES

然后按照一下操作

[root@3d785f39c0f3 vsftpd]# cat virtual_users.txt 
ftp_stu
student
[root@3d785f39c0f3 vsftpd]# vi virtual_users..txt 
[root@3d785f39c0f3 vsftpd]# vi virtual_users.txt 
[root@3d785f39c0f3 vsftpd]# cat virtual_users.txt 
ftp_stu
student
ftp_admin
admin
[root@3d785f39c0f3 vsftpd]# /usr/bin/db_load -T -t hash -f /etc/vsftpd/virtual_users.txt /etc/vsftpd/virtual_users.db
[root@3d785f39c0f3 vsftpd]# exit 
exit
[root@ieat1 ~]# docker restart vsftpd 
vsftpd
[root@ieat1 ~]# docker ps
CONTAINER ID        IMAGE                             COMMAND                  CREATED             STATUS              PORTS                                                            NAMES
3d785f39c0f3        fauria/vsftpd                     "/usr/sbin/run-vsf..."   13 hours ago        Up 19 seconds       0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp   vsftpd
abd4d5d89b20        rancher/dns:v0.17.4               "/rancher-entrypoi..."   23 hours ago        Up 17 hours                                                                          r-network-services-metadata-dns-5-3a54b7e3
19289cb5b39b        rancher/healthcheck:v0.3.8        "/.r/r /rancher-en..."   23 hours ago        Up 17 hours                                                                          r-healthcheck-healthcheck-5-bdacdf26
e0606c299ed1        rancher/metadata:v0.10.4          "/rancher-entrypoi..."   23 hours ago        Up 17 hours                                                                          r-network-services-metadata-5-944c46f4
ce1e6f7ee4e4        rancher/network-manager:v0.7.22   "/rancher-entrypoi..."   23 hours ago        Up 17 hours                                                                          r-network-services-network-manager-5-ae860036
7ec9b65e37f1        rancher/net:v0.13.17              "/rancher-entrypoi..."   23 hours ago        Up 17 hours                                                                          r-ipsec-cni-driver-5-64a39019
d938c0feaae7        rancher/agent:v1.2.11             "/run.sh run"            2 weeks ago         Up 17 hours                                                                          rancher-agent
[root@ieat1 ~]# docker exec -it 3d785f39c0f3  /bin/bash

reference:https://segmentfault.com/a/1190000008161400#articleHeader14

  • 2
    点赞
  • 2
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

aijava1

请我喝咖啡!

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值