1.基于容器的镜像制作Aliyun ECS(Centos6.9_sshd )
1.1 启动基础镜像容器
[root@localhost ~]# docker container run -it --name cent6_server centos:6.9
1.2 安装所需要的软件包 ,并且启动测试
[root@ab1e78b0847e /]# yum -y install openssh-server
第一次启动ssh服务时会生成秘钥对
[root@ab1e78b0847e /]# /etc/init.d/sshd start
Generating SSH2 RSA host key: [ OK ]
Generating SSH1 RSA host key: [ OK ]
Generating SSH2 DSA host key: [ OK ]
Starting sshd: [ OK ]
给root用户设置密码,密码为:123456
[root@ab1e78b0847e /]# passwd root
New password:
BAD PASSWORD: it is too simplistic/systematic
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.
在宿主机连接测试成功
[root@localhost ~]# ssh 172.17.0.2
root@172.17.0.2's password:
[root@ab1e78b0847e ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24566 errors:0 dropped:0 overruns:0 frame:0
TX packets:18592 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:76043189 (72.5 MiB) TX bytes:1019303 (995.4 KiB)
在宿主机查看容器已经开启sshd服务
[root@localhost ~]# docker container top cent6_server
UID PID PPID C STIME TTY TIME CMD
root 6275 6257 0 09:35 pts/0 00:00:00 /bin/bash
root 6950 6275 0 09:47 ? 00:00:00 /sbin/udevd -d
root 7072 6275 0 09:48 ? 00:00:00 /usr/sbin/sshd
1.3 镜像的制作
基于容器当前状态制作镜像,制作之后查看已生成镜像
[root@localhost ~]# docker commit cent6_server frank/centos6.9_sshd:v1
sha256:a1fa2a89a0013e3dafba2b6b546c0c1ea2c05d1ce5f9148bd0df15c007455a3b
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
frank/centos6.9_sshd v1 a1fa2a89a001 About a minute ago 348MB
nginx latest daee903b4e43 8 days ago 133MB
hello-world latest bf756fb1ae65 10 months ago 13.3kB
centos 6.9 2199b8eb8390 20 months ago 195MB
centos 7.5.1804 cf49811e3cdb 20 months ago 200MB
[root@localhost ~]#
1.4 基于新镜像启动容器实现,centos6.9+sshd的功能
例1:基于新镜像启动容器在宿主机连接测试
让容器以后台方式运行,开启sshd服务并夯在前台(加 -D 参数)
[root@localhost ~]# docker container run -d --name cent6_sshd frank/centos6.9_sshd:v1 /usr/sbin/sshd -D
b413d37ab0e5fd254deefd4f4007b7900933f0e1e2c28256f12a56ff16ba4e75
在宿主机查看容器cent6_sshd 的详细信息并过滤出IP地址,找到该容器的IP地址
[root@localhost ~]# docker container inspect cent6_sshd |grep -w IPAddress
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",
在宿主机连接测试
[root@localhost ~]# ssh 172.17.0.3
The authenticity of host '172.17.0.3 (172.17.0.3)' can't be established.
RSA key fingerprint is SHA256:er2WvASfGCj6/yEIjUU1gXouy/iggCWuZl/Bp1G4yOk.
RSA key fingerprint is MD5:0d:b1:96:93:70:6f:8e:a4:bf:6a:77:c5:ad:2e:d6:de.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.3' (RSA) to the list of known hosts.
root@172.17.0.3's password:
Last login: Fri Nov 27 01:53:04 2020 from 172.17.0.1
[root@b413d37ab0e5 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:172.17.255.255 Mask:255.255.0.0
例2:基于新镜像启动容器在客户端用xshell连接测试
基于新镜像启动容器
[root@localhost ~]# docker container run -d --name cent6_ssh_server -p 2222:22 frank/centos6.9_sshd:v1 /usr/sbin/sshd -D
ebfd222da98eb874097f9a6cd97d5f074084207ee0e997a5d9294e16285f8c4f
[root@localhost ~]#
在客户端用xshell连接
输入用户名和密码之后连接成功
2.构建企业网站定制镜(Centos6.9_SSHD_LAMP_BBS)
2.1 启动基础镜像容器
在宿主机上创建数据卷
[root@localhost ~]# mkdir -p /opt/vol/{mysql,html}
[root@localhost ~]# ls /opt/vol/
html mysql
[root@localhost ~]#
启动基础镜像容器
[root@localhost ~]# docker container run -it --name lamp_bbs -v /opt/vol/html/:/var/www/html -v /opt/vol/mysql/:/var/lib/mysql centos:6.9
2.2 安装软件
安装ssh服务端和LAMP环境所需软件
[root@d8b6ed02ecae /]# yum -y install openssh-server httpd mysql mysql-server php php-gd php-mysql
2.3 软件初始化
sshd 初始化
启动ssh服务
[root@d8b6ed02ecae /]# /etc/init.d/sshd start
Generating SSH2 RSA host key: [ OK ]
Generating SSH1 RSA host key: [ OK ]
Generating SSH2 DSA host key: [ OK ]
Starting sshd: [ OK ]
停掉ssh服务
[root@d8b6ed02ecae /]# /etc/init.d/sshd stop
Stopping sshd: [ OK ]
给root用户设置密码
[root@d8b6ed02ecae /]# echo "123456" | passwd root --stdin
Changing password for user root.
passwd: all authentication tokens updated successfully.
[root@d8b6ed02ecae /]#
mysqld 初始化
开启mysql服务
[root@d8b6ed02ecae /]# /etc/init.d/mysqld start
登录mysql
[root@d8b6ed02ecae /]# mysql
创建tinyshop数据库
mysql> create database tinyshop charset utf8;
Query OK, 1 row affected (0.00 sec)
给用户tinyshop授权远程登录,密码为123
mysql> grant all on tinyshop.* to tinyshop@'%' identified by '123';
Query OK, 0 rows affected (0.00 sec)
mysql>
apache初始化
开启Apache服务
[root@d8b6ed02ecae /]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2 for ServerName
[ OK ]
在宿主机用curl命令测试成功
[root@localhost ~]# curl 172.17.0.2
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xht
<head>
......
2.4 制作LAMP第一版基础镜像
[root@localhost ~]# docker commit lamp_bbs frank/cent6_lamp:v1
sha256:3a437d42ad2f23024d74be1409ee758a146a23e46447158c0cc312053ace078d
2.5 根据第一版镜像,启动新容器
**启动镜像**
[root@localhost ~]# docker run -it --name lamp_bbs2 -v /opt/vol/html/:/var/www/html -v /opt/vol/mysql/:/var/lib/mysql -p 8080:80 3a437d42ad2f
**开启Apache服务**
[root@ff0b70ef0fed /]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3 for ServerName
[ OK ]
**开启MySQL服务**
[root@ff0b70ef0fed /]# /etc/init.d/mysqld start
Starting mysqld: [ OK ]
[root@ff0b70ef0fed /]#
浏览器测试
2.6 测试php功能
在宿主机编写PHP测试页面
[root@localhost ~]# vim /opt/vol/html/index.php
[root@localhost ~]# cat /opt/vol/html/index.php
<?php
phpinfo();
?>
[root@localhost ~]#
浏览器测试成功
2.7 安装电商
上传电商压缩包到宿主机/opt/vol/html并解压安装。
[root@localhost html]# unzip tinyshopV2.5_data.zip
安装
注册用户并登录
2.8 制作 LAMP+tinyshop 第二版镜像
[root@localhost html]# docker commit lamp_bbs2 frank/cent6_lamp:v2
sha256:2aa5e9a144ec813cdc0ff726911efabec6578babe4af45ca43380af2c98f6fdf
2.9 创建启动脚本
root@localhost ~]# cd /opt/vol/html/
[root@localhost html]# vim init.sh
[root@localhost html]# cat init.sh
#!/bin/bash
/etc/init.d/mysqld start
/etc/init.d/httpd start
/usr/sbin/sshd -D
[root@localhost html]#
2.10 启动容器,映射端口,挂载数据卷,自动启动服务
2.11 测试
xshell连接测试
测试成功
MySQL测试
测试成功
Apache测试
3.centos:7.5.1804_sshd
3.1启动基础镜像容器
[root@localhost ~]# docker run -it --name cent7_1 cf49811e3cdb
3.2 安装所需要的软件包并进行初始化设置
安装openssh-server
[root@90497f1f8cae /]# yum -y install openssh-server
初始化设置
[root@90497f1f8cae /]# mkdir /var/run/sshd
[root@90497f1f8cae /]# echo 'UseDNS no' >> /etc/ssh/sshd_config
[root@90497f1f8cae /]# sed -i -e '/pam_loginuid.so/d' /etc/pam.d/sshd
[root@90497f1f8cae /]# echo 'root:123456' | chpasswd
[root@90497f1f8cae /]# /usr/bin/ssh-keygen -A
ssh-keygen: generating new host keys: RSA1 RSA DSA ECDSA ED25519
[root@90497f1f8cae /]#
3.3 镜像的制作
[root@localhost ~]# docker commit cent7_1 cent7.5.1804_sshd
3.4 基于新镜像启动容器实现,centos7.5.1804+sshd的功能
[root@localhost ~]# docker run -d --name test_cent7_sshd -p 77:22 46bc7dfe716d /usr/sbin/sshd -D
107923f1380e3ca562d624963a55ebcc78aa5c1e004851a2767a6cba7011c69d
在宿主机测试
查看容器test_cent7_sshd的IP
[root@localhost ~]# docker inspect test_cent7_sshd | grep -i ipaddr
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.5",
"IPAddress": "172.17.0.5",
密码为初始化设置的123456
[root@localhost ~]# ssh 172.17.0.5
The authenticity of host '172.17.0.5 (172.17.0.5)' can't be established.
ECDSA key fingerprint is SHA256:57LUBGZtSCeuckSujdFkgbcfzkwxL3AI6/NRHKNbmEI.
ECDSA key fingerprint is MD5:0a:d6:99:fa:a0:7c:02:a2:0a:9b:8c:56:6b:ba:4e:91.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.5' (ECDSA) to the list of known hosts.
root@172.17.0.5's password:
[root@107923f1380e ~]#
xshell测试