Docker新建centos镜像并配置远程访问的方法(亲自实践)
作者:伊成
本文介绍了通过Docker创建多个CentOS容器模拟服务器环境的方法,涵盖镜像下载、网络配置、自启动设置及解决systemd问题,需添加privileged=true参数并安装sshd以实现远程访问和固定IP分配,本文给大家介绍的非常详细,感兴趣的朋友一起看看吧
写在前面
我们可能遇到过这种情况 , 为我们用于练习 , 需要好几台服务器 , 但是我们又没有 , 但是也想用 , 怎么办呢?
Docker可以帮助我们解决 , 我们知道Docker镜像中有一个centos镜像 , 他就相当于一个小型的虚拟机 , 服务器 , 我们可以启动多次centos镜像容器来达到多个服务器的效果 。
下面我来带大家配置Docker创建centos镜像 , 并配置远程访问
- 查找官方centos镜像
[root@wangliuchuang ~]# docker search centos NAME DESCRIPTION STARS OFFICIAL AUTOMATED centos The official build of CentOS. 6823 [OK] ansible/centos7-ansible Ansible on Centos7 135 [OK] consol/centos-xfce-vnc Centos container with "headless" VNC session… 132 [OK] jdeathe/centos-ssh OpenSSH / Supervisor / EPEL/IUS/SCL Repos - … 121 [OK] centos/systemd systemd enabled base container. 104 [OK] imagine10255/centos6-lnmp-php56 centos6-lnmp-php56 58 [OK] tutum/centos Simple CentOS docker image with SSH access 48 centos/postgresql-96-centos7 PostgreSQL is an advanced Object-Relational … 45 centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 40 ....... starlabio/centos-native-build Our CentOS image for native builds 0 [OK] smartentry/centos centos with smartentry 0 [OK]
- 下载镜像(不选择版本 , 默认下载的是最新的版本)
[root@hrkj-video ~]# docker pull centos Using default tag: latest latest: Pulling from library/centos a1d0c7532777: Pull complete Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177 Status: Downloaded newer image for centos:latest [root@hrkj-video ~]#
- Docker启动镜像
[root@wangliuchuang ~]# docker run -it -d --name centos-latest --privileged=true centos /sbin/init 3f04ab1a71dc67a41dcf69bc81fcd9d16ead89457be09f7f1593c7518daa4ab6 [root@wangliuchuang ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c3053259c69c centos "/sbin/init" 7 seconds ago Up 7 seconds centos-latest [root@wangliuchuang ~]#
注意 : 在Linux Docker 中无法使用 systemd(systemctl) 相关命令的原因是1号进程不是init , 而是其他例如 /bin/bash ,
所以导致相关文件无法进行 (System has not been booted with systemd as init system (PID 1). Can’t operat)
解决方案 : /sbin/init并且--privilaged=true一定要加上的。
- Docker查看centos容器的启动情况
[root@wangliuchuang ~]# docker ps | grep centos c3053259c69c centos "/sbin/init" 2 minutes ago Up 2 minutes centos-latest [root@wangliuchuang ~]#
- Docker进入到centos容器
[root@wangliuchuang ~]# docker exec -it c3053259c69c /bin/bash [root@c3053259c69c /]# ifconfig bash: ifconfig: command not found [root@c3053259c69c /]#
- 安装centos基础环境 (安装网络环境,完成后使用ifconfig查看ip等信息)
yum -y install net-tools.x86_64 yum -y install openssh-server yum install vim yum install passwd
命令演示 :
[root@c3053259c69c /]# yum -y install net-tools.x86_64 Failed to set locale, defaulting to C.UTF-8 CentOS Linux 8 - AppStream 9.7 MB/s | 9.5 MB 00:00 CentOS Linux 8 - BaseOS 592 kB/s | 7.5 MB 00:13 CentOS Linux 8 - Extras 13 kB/s | 10 kB 00:00 Dependencies resolved. ===================================================================================================================================================================== Package Architecture Version Repository Size ===================================================================================================================================================================== Installing: net-tools x86_64 2.0-0.52.20160912git.el8 baseos 322 k ....... Installed: net-tools-2.0-0.52.20160912git.el8.x86_64 Complete! [root@c3053259c69c /]# # 安装 sshd [root@c3053259c69c /]# yum -y install openssh-server Failed to set locale, defaulting to C.UTF-8 Last metadata expiration check: 0:01:31 ago on Thu Oct 28 10:24:23 2021. Dependencies resolved. ===================================================================================================================================================================== Package Architecture Version Repository Size ===================================================================================================================================================================== ..... Complete! [root@c3053259c69c /]# # 安装 vim [root@c3053259c69c /]# yum install vim Failed to set locale, defaulting to C.UTF-8 Last metadata expiration check: 0:02:01 ago on Wed Nov 3 03:03:33 2021. Dependencies resolved. =================================================================================================================================================================== Package Architecture Version Repository Size =================================================================================================================================================================== .... Installed: gpm-libs-1.20.7-17.el8.x86_64 vim-common-2:8.0.1763-15.el8.x86_64 vim-enhanced-2:8.0.1763-15.el8.x86_64 vim-filesystem-2:8.0.1763-15.el8.noarch which-2.21-12.el8.x86_64 Complete! [root@c3053259c69c /]# # 安装 passwd [root@c3053259c69c /]# yum install passwd Failed to set locale, defaulting to C.UTF-8 Last metadata expiration check: 0:03:31 ago on Wed Nov 3 03:03:33 2021. Dependencies resolved. =================================================================================================================================================================== Package Architecture Version Repository Size =================================================================================================================================================================== Installing: .... libuser-0.62-23.el8.x86_64 passwd-0.80-3.el8.x86_64 Complete! [root@c3053259c69c /]#
- 修改root密码 , 服务器的登录密码
[root@c3053259c69c /]# passwd Changing password for user root. New password: # 输入新密码 Retype new password: # 再次输入密码 passwd: all authentication tokens updated successfully. [root@c3053259c69c /]#
- 启动容器sshd服务
[root@c3053259c69c /]# /usr/sbin/sshd (此命令可以会出现问题 , 下面有对应的解决方案) [root@c3053259c69c /]# netstat -antp | grep sshd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 233/sshd tcp6 0 0 :::22 :::* LISTEN 233/sshd [root@c3053259c69c /]#
问题 :
[root@c3053259c69c /]# /usr/sbin/sshd Unable to load host key: /etc/ssh/ssh_host_rsa_key Unable to load host key: /etc/ssh/ssh_host_ecdsa_key Unable to load host key: /etc/ssh/ssh_host_ed25519_key sshd: no hostkeys available -- exiting. [root@c3053259c69c /]#
解决方案 : 执行以下命令
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
- 提交镜像
[root@c3053259c69c /]# [root@c3053259c69c /]# (使用 Ctrl + p + q) 来不停止退出容器 [root@wangliuchuang ~]# [root@wangliuchuang ~]# # 提交镜像 [root@wangliuchuang ~]# docker commit -a="lep" -m "this is a ssh_centos" c3053259c69c ssh_centos sha256:0c6d3118787dc04f0da1851f6a2c24f8f5ec8cb9026ac799d86a11e875986399 [root@wangliuchuang ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE ssh_centos latest 0c6d3118787d 4 seconds ago 310MB centos latest 5d0da3dc9764 6 weeks ago 231MB [root@wangliuchuang ~]#
运行测试
- 指定端口来启动新的镜像
[root@wangliuchuang ~]# docker run -it -d --name k8s-master -p 7010:22 --privileged=true ssh_centos /sbin/init b07adedf27ff22f1e37aff9943c79bfeb740cedc51c71538c48fa526d1b5bb1b [root@wangliuchuang ~]# [root@wangliuchuang ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b07adedf27ff ssh_centos "/sbin/init" 34 seconds ago Up 33 seconds 0.0.0.0:7010->22/tcp k8s-master
- 测试访问(外网访问)
C:\Users\lep>ssh root@wangliuchuang.top -p 7010 The authenticity of host '[wangliuchuang.top]:7010 ([39.105.56.212]:7010)' can't be established. ECDSA key fingerprint is SHA256:e2NfNXC+RLLrW9rwfwInjtRW2hGTMwbYwnlUOIF4iaQ. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[wangliuchuang.top]:7010,[39.105.56.212]:7010' (ECDSA) to the list of known hosts. root@wangliuchuang.top's password: Last login: Wed Nov 3 03:47:22 2021 from 103.208.12.5 [root@b07adedf27ff ~]#
配置容器自启动
当我们重启服务器时 , 容器也会跟着停止 , 这样是很危险的 , 所以下面配置了容器自启动
设置容器参数 docker update --restart=always 容器id
[root@wangliuchuang ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c3053259c69c centos "/sbin/init" 18 minutes ago Up 18 minutes centos-latest [root@wangliuchuang ~]# docker update --restart=always c3053259c69c c3053259c69c [root@wangliuchuang ~]#
还可以在使用on - failure策略时,指定Docker将尝试重新启动容器的最大次数
docker run --restart=on-failure:10 容器id
Docker启动时 , 指定容器的ip
Docker创建容器时默认采用bridge网络 , 自行分配ip , 不允许自己指定
在实际的部署中 , 我们需要指定容器的ip , 不允许其自行分配ip , 尤其是搭建集群时 , 固定的ip是必须的
我们可以创建自己的bridge网络 : mynet , 创建容器时指定网络mynet并指定ip即可
- 查看网络模式
[root@wangliuchuang /]# docker network ls NETWORK ID NAME DRIVER SCOPE 11565a6f8478 bridge bridge local 43b7c730c59d host host local d6f31afd8e07 none null local [root@wangliuchuang /]#
- 创建一个新的bridge网络
[root@wangliuchuang ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 k8s-mynet 7402804f99b8096b231b85066eb90d303061f2504c3d8ff9d6d425e8a5d00324 [root@wangliuchuang ~]# docker network ls NETWORK ID NAME DRIVER SCOPE 11565a6f8478 bridge bridge local 43b7c730c59d host host local 7402804f99b8 k8s-mynet bridge local d6f31afd8e07 none null local [root@wangliuchuang ~]#
- 查看创建的网络的信息
[root@wangliuchuang ~]# docker network inspect 7402804f99b8
[
{
"Name": "k8s-mynet",
"Id": "7402804f99b8096b231b85066eb90d303061f2504c3d8ff9d6d425e8a5d00324",
"Created": "2021-11-03T15:11:20.019208537+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[root@wangliuchuang ~]# - 指定端口 , 指定网络 , 指定ip 来启动一个容器(注意 ; 分配内网ip时 , 设置大点 , 不至于被占用)
[root@wangliuchuang /]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE ssh_centos latest 0c6d3118787d 6 hours ago 310MB centos latest 5d0da3dc9764 6 weeks ago 231MB [root@wangliuchuang /]# docker run -e TZ="Asia/Shanghai" -p 7010:22 --privileged -itd -h k8s-master --name k8s-master --network=k8s-mynet --ip 192.168.2.1 ssh_centos /usr/sbin/init fac0f09991af0ca4902b3e7fbbb9b8e26eca30c957caded77ff96be755fc1f17 [root@wangliuchuang /]# [root@wangliuchuang /]# ssh root@192.168.2.1 The authenticity of host '192.168.2.1 (192.168.2.1)' can't be established. ECDSA key fingerprint is SHA256:e2NfNXC+RLLrW9rwfwInjtRW2hGTMwbYwnlUOIF4iaQ. ECDSA key fingerprint is MD5:8f:b9:57:8a:b2:5c:d9:d9:25:7f:ac:ce:57:c5:81:be. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.2.1' (ECDSA) to the list of known hosts. root@192.168.2.1's password: # 可惜只能内网访问 , 外网就不行了 , 想要需要外网访问 , 还需要修改一些其他的配置 Permission denied, please try again. root@192.168.2.1's password: Last failed login: Wed Nov 3 09:41:42 UTC 2021 from 192.168.0.1 on ssh:notty There was 1 failed login attempt since the last successful login. [root@k8s-master ~]# [root@k8s-master ~]#
如果你想在容器中使用docker命令 , 有下面两种方式
- 在docker容器中下载 docker , 但是
- -v /var/run/:/var/run/ -v /usr/bin/docker:/usr/bin/docker
到此这篇关于Docker新建centos镜像并配置远程访问的方法(亲自实践)的文章就介绍到这了,更多相关Docker新建centos镜像内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!