手动将容器保存为镜像
1):基于容器制作镜像
#启动一个centos镜像
docker run -it -p222:22 centos (默认执行了: /bin/bash)
#安装软件
yum install openssh-server
yum install -y net-tools
yum install -y passwd
#使用ssh-keygen命令来手动生成
ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''
ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
sed -i "s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config
[root@3f9c11d7d208 /]#/usr/sbin/sshd -D & #后台启动ssh
#查看22端口有没有起来
[root@3f9c11d7d208 /]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 102/sshd
tcp6 0 0 :::22 :::* LISTEN 102/sshd
[root@3f9c11d7d208 /]# passwd root #设置密码123456
#另外一台服务器ssh 连接容器
[root@k8s128 ~]# ssh -p 222 root@192.168.6.129
The authenticity of host '[192.168.6.129]:222 ([192.168.6.129]:222)' can't be established.
ECDSA key fingerprint is SHA256:Mfr9HmP8GoiGtQ8vuPqTmgwjFowUPxcBAwpcl8RDBwM.
ECDSA key fingerprint is MD5:b9:62:2a:0d:38:05:c0:a3:ed:84:e6:3f:00:cc:f3:fe.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.6.129]:222' (ECDSA) to the list of known hosts.
root@192.168.6.129's password:
[root@3f9c11d7d208 ~]# ls
anaconda-ks.cfg anaconda-post.log original-ks.cfg
2)将容器提交为镜像
docker commit 容器id或者容器的名字 新的镜像名字[:版本号可选]
[root@k8s129 ~]# docker commit 3f9c11d7d208 centos_ssh:v1.1
sha256:185aecfa154d5fd5828307e228366d1ab12af5f1feae3a72e0ae62aab8a81da7
[root@k8s129 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_ssh v1.1 185aecfa154d 41 seconds ago 265MB
nginx latest 5a9061639d0a 3 days ago 126MB
centos latest 0f3e07c0138f 2 weeks ago 220MB
busybox latest 19485c79a9bb 6 weeks ago 1.22MB
3)测试镜像功能是否可用
[root@k8s129 ~]# docker run -d -p223:22 centos_ssh:v1.1 (docker run -d -p223:22 centos_ssh:v1.1 /bin/bash)
03d0bec5d173768ce851673d7fdd7e47a1eaece342e6dc9b87e5a2ff23b99836
[root@k8s129 ~]# docker ps -a -l #容器根本没起来
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d43b8f37053d centos_ssh:v1.1 "/bin/bash" 37 seconds ago Exited (0) 36 seconds ago relaxed_knuth
# 应该执行这个命令:
[root@k8s129 ~]# docker run -d -p223:22 centos_ssh:v1.1 /usr/sbin/sshd -D
[root@k8s129 ~]# docker ps -a -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
84749f91b92e centos_ssh:v1.1 "/usr/sbin/sshd -D" 20 seconds ago Up 19 seconds 0.0.0.0:223->22/tcp zealous_moser
[root@k8s128 ~]# ssh -p 223 root@192.168.6.129
The authenticity of host '[192.168.6.129]:223 ([192.168.6.129]:223)' can't be established.
ECDSA key fingerprint is SHA256:Mfr9HmP8GoiGtQ8vuPqTmgwjFowUPxcBAwpcl8RDBwM.
ECDSA key fingerprint is MD5:b9:62:2a:0d:38:05:c0:a3:ed:84:e6:3f:00:cc:f3:fe.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.6.129]:223' (ECDSA) to the list of known hosts.
root@192.168.6.129's password:
Last login: Sun Oct 20 11:47:14 2019 from 192.168.6.128
[root@84749f91b92e ~]#
-------------------------------------------------------------------
所以我们应该在刚才的容器里面写一个脚本:
[root@84749f91b92e ~]# vi /init.sh #如果要启动多个进程,都可以写在这个服务器里面。
#!/bin/bash
/usr/sbin/sshd -D
给执行权限:
[root@84749f91b92e ~]# chmod +x /init.sh
在导出镜像:
[root@k8s129 ~]# docker commit 21ad1ba5c36f centos_ssh:v1.2
之后再:
docker run -d -p223:22 centos_ssh:v1.2 /bin/bash /init.sh