一、SSH镜像的制作
[root@docker ~]# mkdir sshd
[root@docker ~]# cd sshd/
[root@docker sshd]# vi Dockerfile
FROM centos:7
MAINTAINER sshd <chu>
RUN yum -y update
RUN yum -y install openssh* net-tools lsof telnet passwd
RUN echo '654321' | passwd --stdin root
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config # 修改PAM验证模块
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd
RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"] # 以非后台守护进程的方式运行服务器,即随着容器启动而启动
[root@docker sshd]# docker build -t sshd:new .
[root@docker sshd]# docker run -d -P sshd:new
3f1dbeced99ab3bf6dae3e62a518b167996e6b6eeb8a4eb5e25d4621f4199384
[root@docker sshd]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3f1dbeced99a sshd:new "/usr/sbin/sshd -D" 7 seconds ago Up 6 seconds 0.0.0.0:32777->22/tcp goofy_mcnulty
二、Systemctl镜像的制作
基于上一步sshd镜像搭建,让其能使用systemctl这个模块(centos7内核里并没有集成)
[root@docker ~]# cd systemctl/
[root@docker systemctl]# vi Dockerfile
FROM sshd:new
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
systemd-tmpfiles-setup.service ] || rm -f $i; done); \ # 不匹配"||"之前的则删除
rm -f /lib/systemd/system/multi-user.target.wants/*; \
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*; \
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME ["/sys/fs/cgroup"]
CMD ["/usr/sbin/init"]
[root@docker systemctl]# docker run --privileged -it -v /sys/fs/cgroup:/sys/fs/cgroup:ro systemd:new /sbin/init & # privileged 使container内的root拥有真正的root权限。否则,container内的root只是外部的一个普通用户权限。
[root@docker systemctl]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d8e16a30ef4c systemd:new "/sbin/init" 4 seconds ago Up 4 seconds 22/tcp sleepy_mirzakhani
[root@docker systemctl]# docker exec -it sleepy_mirzakhani bash
[root@d8e16a30ef4c /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:sshd(8)
man:sshd_config(5)
[root@d8e16a30ef4c /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; disabled; vendor preset: enabled)
Active: active (running) since Sun 2020-11-29 07:09:46 UTC; 2s ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 51 (sshd)
三、Nginx镜像的制作
[root@docker ~]# cd nginx/
[root@docker nginx]# ll
total 968
-rw-r--r-- 1 root root 550 Nov 27 11:40 Dockerfile
-rw-r--r-- 1 root root 981687 Nov 27 11:07 nginx-1.12.2.tar.gz
-rw-r--r-- 1 root root 18 Nov 27 11:28 run.sh
[root@docker nginx]# vi Dockerfile
From centos:7
MAINTAINER this nginx image <chu>
RUN yum -y update
RUN yum -y install gcc gcc-c++ zlib-devel pcre-devel make
RUN useradd -M -s /sbin/nologin nginx
ADD nginx-1.12.2.tar.gz /usr/local/src
WORKDIR /usr/local/src
WORKDIR nginx-1.12.2
RUN ./configure --prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module && make && make install
ENV PATH /usr/local/nginx/sbin:$PATH
EXPOSE 80
EXPOSE 443
RUN echo "daemon off;" >> /usr/local/nginx/conf/nginx.conf # 关闭守护进程
ADD run.sh /run.sh
RUN chmod 755 /run.sh
CMD ["/run.sh"]
[root@docker nginx]# vi run.sh
#!/bin/bash
nginx # 已提前制作过软连接
[root@docker nginx]# docker build -t nginx:new .
[root@docker nginx]# docker run -d -P --name nginx-1 nginx:new
baed33ed3f8a003a219a473be9ad29e729081f4082d8883de43a69fdfa5663d0
[root@docker nginx]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
baed33ed3f8a nginx:new "/run.sh" 3 seconds ago Up 3 seconds 0.0.0.0:32779->80/tcp, 0.0.0.0:32778->443/tcp nginx-1
四、Tomcat镜像的制作
[root@docker ~]# cd tomcat/
[root@docker tomcat]# ll
total 186328
-rw-r--r-- 1 root root 9417469 Nov 27 11:42 apache-tomcat-8.5.16.tar.gz
-rw-r--r-- 1 root root 415 Nov 27 17:35 Dockerfile
-rw-r--r-- 1 root root 181367942 Nov 27 11:56 jdk-8u91-linux-x64.tar.gz
[root@docker tomcat]# vi Dockerfile
From centos:7
MAINTAINER this tomcat image <chu>
ADD jdk-8u91-linux-x64.tar.gz /opt/
RUN mv /opt/jdk1.8.0_91/ /usr/local/java
ENV JAVA_HOME /usr/local/java
ENV CLASSPATH $JAVA_HOME/lib/tools.jar:$JAVA_HOME/lib/dt.jar
ENV PATH $JAVA_HOME/bin:$PATH
ADD apache-tomcat-8.5.16.tar.gz /usr/local/src
RUN mv /usr/local/src/apache-tomcat-8.5.16 /usr/local/tomcat
EXPOSE 8080
CMD ["/usr/local/tomcat/bin/catalina.sh","run"] # 用run参数让tomcat一直后台运行
[root@docker tomcat]# docker build -t tomcat:new .
[root@docker tomcat]# docker run -d -P --name tomcat-1 tomcat:new
12b0814bf42079f7ee39bc872f4fa3ba479c4d7268a241777110b03dc7520e02
[root@docker tomcat]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
12b0814bf420 tomcat:new "/usr/local/tomcat/b…" 3 seconds ago Up 2 seconds 0.0.0.0:32780->8080/tcp tomcat-1