文章目录
构建容器服务
构建sshd容器服务步骤
sshd为secure shell的简称,可以通过网络在主机中开
机shell的服务
操作步骤
- 下载基础镜像
- 建立工作目录
- 创建并编写Dockerfile文件
- 生成镜像
- 启动容器
构建systemctl容器服务步骤
systemctl是管制服务的主要工具,它整合了chkconfig与
service功能于一体
操作步骤
- 建立工作目录
- 创建并编写Dockerfile文件
- 生成镜像
- 启动容器
- 验证systemctl
容器开启ssh
创建一个目录
[root@localhost ~]# mkdir sshd
[root@localhost ~]# cd sshd/
编写docker的镜像文件
[root@localhost sshd]# vim Dockerfile
FROM centos:7
MAINTAINER The CentOS projest <cloud-centos>
RUN yum -y update
RUN yum -y install openssh* net-tools lsof telnet passwd
RUN echo '123456' | passwd --stdin root
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd
RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
EXPOSE 22
CMD ["/usr/sbin/sshd","-D" ]
执行脚本生成镜像
[root@localhost sshd]# docker build -t sshd:new .
开启容器
[root@localhost sshd]# docker run -d -P sshd:new
查看端口
[root@localhost sshd]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ecd8495ace38 sshd:new "/usr/sbin/sshd -D" 17 seconds ago Up 15 seconds 0.0.0.0:32768->22/tcp affectionate_roentgen
启动容器并修改root密码
[root@localhost sshd]# ssh localhost -p 32768
Are you sure you want to continue connecting (yes/no)? yes
root@localhost's password: 123456
[root@ecd8495ace38 ~]# 进入容器
安装已经完成
配置systmctl
因为我们开启关闭服务很麻烦所应需要systemctl来管理
[root@ecd8495ace38 /]# systemctl status sshd
Failed to get D-Bus connection: Operation not permitted
编写docker的镜像文件
[root@localhost systemctl]# vim Dockerfile
FROM sshd:new
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/;for i in *;do [ $i == \
systemctl-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*; \
rm -f /etc/systemd/system/*.wants/*; \
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*; \
rm -f /lib/systemd/system/anacoda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]
执行脚本生成镜像
docker build -t systemd:new .
root用户设置(不降级操作)
docker run --privileged -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro systemd:new /sbin/init &
//privateged container内的root 拥有真正的权限。否则,container内的root只是外部的一个普通用户权限。
开启服务
查看端口号
[root@localhost systemctl]# docker ps -a
ecd8495ace38 sshd:new "/usr/sbin/sshd -D" 25 minutes ago Up 25 minutes 0.0.0.0:32768->22/tcp affectionate_roentgen
开启服务
[root@localhost systemctl]# docker exec -it 9d8bd74da0e5 bash
已经可以管理sshd服务了
docker容器中配置nginx
创建文件
mkdir nginx
cd nginx
编写docker的镜像文件
FROM centos:7
MAINTAINER this is nginx
RUN yum -y update
RUN yum -y install pcre-devel zlib-devel gcc gcc-c++ make
RUN useradd -M -s /sbin/nologin nginx
ADD nginx-1.12.0.tar.gz /usr/local/src
WORKDIR /usr/local/src
WORKDIR nginx-1.12.0
RUN ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module && make && make install
ENV PATH /usr/local/nginx/sbin:$PATH
EXPOSE 80
EXPOSE 443
RUN echo "daemon off;">>/usr/local/nginx/conf/nginx.conf
ADD run.sh /run.sh
RUN chmod 755 /run.sh
CMD ["/run.sh"]
解释:
[root@localhost nginx]# vim Dockerfile
#基于基础镜像
FROM centos:7
#用户信息
MAINTAINER this is nginx image
#添加环境包
RUN yum -y update
RUN yum -y install pcre-devel zlib-devel gcc gcc-c++ make
RUN useradd -M -s /sbin/nologin nginx
#下载nginx软件包
ADD nginx-1.12.0.tar.gz /usr/local/src
WORKDIR /usr/local/src
#指定工作目录
WORKDIR nginx-1.12.0
RUN ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module && make && make install
ENV PATH /usr/local/nginx/sbin:$PATH
#指定httphehttpd端口
EXPOSE 80
EXPOSE 443
RUN echo "daemon off;" >>/usr/local/nginx/conf/nginx.conf
#添加宿主中run.sh到容器中
ADD run.sh /run.sh
RUN chmod 755 /run.sh
CMD ["/run.sh"]
[root@localhost nginx]# vim run.sh
#!/bin/bash
/usr/local/nginx/sbin/nginx
执行脚本生成镜像
[root@localhost nginx]# docker build -t nginx:new .
开启容器
[root@localhost nginx]# docker run -d -P nginx:new
查是否允许
[root@localhost nginx]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
92ddc2ac4dd3 nginx:new "/run.sh" 5 seconds ago Up 3 seconds 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp distracted_wright
在游览器查看容器中的nginx
docker容器中配置tomcat
mkdir tomcat
cd tomcat
[root@localhost tomcat]# vim Dockerfile
FROM centos:7
MAINTAINER tomcat image <zhangxue>
ADD jdk-8u91-linux-x64.tar.gz /usr/local/
WORKDIR /usr/local/
RUN mv jdk1.8.0_91 /usr/local/java
ENV JAVA_HOME /usr/local/java
ENV JAVA_BIN /usr/local/java/bin
ENV JRE_HOME /usr/local/java/jre
ENV PATH $PATH:/usr/local/java/bin:/usr/local/java/jre/bin
ENV CLASSPATH /usr/local/java/jre/bin:/usr/local/java/lib:/usr/local/java/jre/lib/charsets.jar
ADD apache-tomcat-8.5.16.tar.gz /usr/local/
WORKDIR /usr/local/
RUN mv apache-tomcat-8.5.16 /usr/local/tomcat8
EXPOSE 8080
#CMD ["/usr/local/tomcat8/bin/catalina.sh","run"]
ENTRYPOINT ["/usr/local/tomcat8/bin/catalina.sh","run"]
启动脚本
[root@localhost tomcat]# docker build -t tomcat:centos .
开启服务
[root@localhost tomcat]#docker run -d --name tomcat01 -p 1234:8080 tomcat:centos
查看端口
[root@localhost tomcat]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b52eeb75f64a tomcat:centos "/usr/local/tomcat8/…" 7 seconds ago Up 5 seconds 0.0.0.0:1234->8080/tcp tomcat01
在游览器中查看端口是否开启tomcat
docker容器中配置mysql
配置脚本
[root@localhost mysql]# mkdir mysql
[root@localhost mysql]# cd mysql/
[root@localhost mysql]# vim Dockerfile
FROM centos:7
ADD mysql-5.7.17.tar.gz /opt/
ADD boost_1_59_0.tar.gz /usr/local/
WORKDIR /usr/local/
RUN mv boost_1_59_0 boost
RUN yum -y update
RUN yum -y install ncurses ncurses-devel bison cmake gcc gcc-c++ make
RUN useradd -s /sbin/nologin mysql
WORKDIR /opt/mysql-5.7.17/
RUN cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
-DSYSCONFDIR=/etc \
-DSYSTEMD_PID_DIR=/usr/local/mysql \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
-DMYSQL_DATADIR=/usr/local/mysql/data \
-DWITH_BOOST=/usr/local/boost \
-DWITH_SYSTEMD=1
RUN make && make install
RUN chown -R mysql.mysql /usr/local/mysql
ADD my.cnf /etc/
ENV PATH /usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
WORKDIR /usr/local/mysql/
RUN bin/mysqld \
--initialize-insecure \
--user=mysql \
--basedir=/usr/local/mysql \
--datadir=/usr/local/mysql/data
RUN cp usr/lib/systemd/system/mysqld.service /lib/systemd/system/
EXPOSE 3306
ADD run.sh /run.sh
RUN chmod +x /run.sh
CMD ["/run.sh"]
[root@localhost mysql]# vim my.cnf
[client]
port = 3306
default-character-set=utf8
socket = /usr/local/mysql/mysql.sock
[mysql]
port = 3306
default-character-set=utf8
socket=/usr/local/mysql/mysql.sock
[mysqld]
user = mysql
basedir = /usr/local/mysql
datadir=/usr/local/mysql/data
port = 3306
character_set_server=utf8
pid-file = /usr/local/mysql/mysqld.pid
socket = /usr/local/mysql/mysql.sock
server-id = 1
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES
[root@localhost mysql]# vim run.sh
#!/bin/bash
/usr/local/mysql/bin/mysqld
启动脚本
[root@localhost mysql]# docker build -t mysql:centos .
进入mysql服务器
[root@localhost mysql]# docker exec -it f0e5fb4b2493 /bin/bash
设置远程连接
mysql> grant all privileges on *.* to 'root'@'%' identified by 'abc123';
mysql> grant all privileges on *.* to 'root'@'localhost' identified by 'abc123';
mysql> flush privileges
开一台另终端192.168.136.81连接这台docker中的mysql
安装mysql客户端
[root@localhost tools]# yum install mariadb* -y
连接对方mysql
[root@localhost tools]# mysql -h 192.168.136.90 -u root -P 32768 -p
这里的32768是对面的mysql端口号