宿主机:Centos 7
IP:192.168.14.57
[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
一、安装docker
[root@localhost ~]# yum install -y docker
二、镜像
1、获取centos容器镜像
[root@localhost ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
8ba884070f61: Pull complete
Digest: sha256:b5e66c4651870a1ad435cd75922fe2cb943c9e973a9673822d1414824a1d0475
Status: Downloaded newer image for centos:latest
2、查看docker里面的镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 9f38484d220f 2 months ago 202MB
三、容器
1、启动docker容器
[root@localhost ~]# docker run -tdi --privileged centos init
38b8c5a053df39ef0a92c53cc3b038484c820c998b6e8b9a9ed88a7ddd3b370c
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
38b8c5a053df centos "init" 15 seconds ago Up 11 seconds naughty_euclid
[root@localhost ~]# docker exec -it naughty_euclid /bin/bash
-i:保持标准输入打开,默认为false
-t:是否分配一个伪终端,默认为false
注意:如果不添加--privileged,下面的sshd服务无法正常启动
[root@38b8c5a053df /]# systemctl start sshd
Failed to get D-Bus connection: Operation not permitted
2、修改root用户密码
[root@38b8c5a053df /]# passwd root
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
3、安装Openssh(确保容器能访问互联网)
[root@38b8c5a053df /]# yum install -y openssh-server openssh-clients
4、启动sshd服务
[root@38b8c5a053df /]# systemctl start sshd
[root@38b8c5a053df /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2019-06-12 07:22:29 UTC; 1s ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 2145 (sshd)
CGroup: /docker/38b8c5a053df39ef0a92c53cc3b038484c820c998b6e8b9a9ed88a7ddd3b370c/system.slice/sshd.service
└─2145 /usr/sbin/sshd -D
‣ 2145 /usr/sbin/sshd -D
Jun 12 07:22:29 38b8c5a053df systemd[1]: Starting OpenSSH server daemon...
Jun 12 07:22:29 38b8c5a053df sshd[2145]: Server listening on 0.0.0.0 port 22.
Jun 12 07:22:29 38b8c5a053df sshd[2145]: Server listening on :: port 22.
Jun 12 07:22:29 38b8c5a053df systemd[1]: Started OpenSSH server daemon.
5、安装net-tools,使用netstat -ntlp查看监听端口
[root@38b8c5a053df /]# yum install -y net-tools
[root@38b8c5a053df /]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2145/sshd
tcp6 0 0 :::22 :::* LISTEN 2145/sshd
6、退出容器,记住容器ID:38b8c5a053df
[root@38b8c5a053df /]# exit
四、保存为新镜像
1、因为容器已经被改变,使用docker commit命令保存为一个新的sshd:centos镜像
因为commit是黑箱操作,不建议使用。这里理解其中原理即可
[root@localhost ~]# docker commit -m 'install openss' -a 'Docker Newbee' 38b8c5a053df sshd:centos
2、启动新的容器边添加端口映射10022->22。其中10022是宿主机的端口,22是容器的ssh服务监听端口
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd centos 3c6c67905ece 3 minutes ago 307MB
centos latest 9f38484d220f 2 months ago 202MB
[root@localhost ~]# docker run -d -p 10022:22 sshd:centos /usr/sbin/sshd -D
48437032376b806b2df976ac6cd5b9457a6b7bd7d5d8013fbc24bb2a2a22c0ca
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
48437032376b sshd:centos "/usr/sbin/sshd -D" 9 seconds ago Up 5 seconds 0.0.0.0:10022->22/tcp keen_mirzakhani
38b8c5a053df centos "init" 16 minutes ago Up 16 minutes naughty_euclid
五、远程登录
1、远程PC主机ssh登录到宿主机的10022端口
[C:\Users]$ ssh root@192.168.14.57 10022
Connecting to 192.168.14.57:10022...
Connection established.
To escape to local shell, press Ctrl+Alt+].
WARNING! The remote SSH server rejected X11 forwarding request.
[root@48437032376b ~]#