跟我学Docker:手动制作docker镜像(七)

219 阅读5分钟
原文链接: www.sudo.ren

制作docker镜像步骤:
1.启动容器安装软件服务 (以centos6.9为例)
   #下载centos6.9镜像

[root@docker01 ~]# docker pull centos:6.9
6.9: Pulling from library/centos
831490506c47: Pull complete 
Digest: sha256:6fff0a9edc920968351eb357c5b84016000fec6956e6d745f695e5a34f18ecd2
Status: Downloaded newer image for centos:6.9
[root@docker01 ~]# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               latest              98ebf73aba75        7 days ago          109MB
centos              6.8                 82f3b5f3c58f        4 months ago        195MB
centos              6.9                 2199b8eb8390        4 months ago        195MB
[root@docker01 ~]# 

#启动并进入centos6.9容器

[root@docker01 ~]# docker run -it -p 1022:22 --name fxw centos:6.9 
[root@6545598a8326 /]# ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03  
          inet addr:172.17.0.3  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:648 (648.0 b)  TX bytes:0 (0.0 b)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

[root@6545598a8326 /]# curl www.baidu.com
<!DOCTYPE html>
<!--STATUS OK--><html> <head><meta http-equiv=content-type content=text/html;charset=utf-8><meta http-equiv=X-UA-Compatible content=IE=Edge><meta content=always name=referrer><link rel=stylesheet type=text/css href=http://s1.bdstatic.com/r/www/cache/bdorz/baidu.min.css><title>百度一下,你就知道</title></head> <body link=#0000cc> 
...省略部分...
</body> </html>
[root@6545598a8326 /]# 

#通过netstat -lntup查看发现没有任何监听服务,也没有sshd,这是需要手动安装

[root@6545598a8326 /]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
[root@6545598a8326 /]# yum install openssh-server -y

#为了让客户端能交互式连接,这里需要生成ssh密钥对(/etc/init.d/sshd start启动sshd服务,并会生成密钥对),同时也需要为登陆用户root设置密码(echo 123456|passwd --stdin root,该方式后面会讲到,目前先这么用)

[root@6545598a8326 /]# ls /etc/ssh/
moduli  sshd_config
[root@6545598a8326 /]# /etc/init.d/sshd start 
Generating SSH2 RSA host key:                              [  OK  ]
Generating SSH1 RSA host key:                              [  OK  ]
Generating SSH2 DSA host key:                              [  OK  ]
Starting sshd:                                             [  OK  ]
[root@6545598a8326 /]# ls /etc/ssh
moduli  ssh_host_dsa_key  ssh_host_dsa_key.pub  ssh_host_key  ssh_host_key.pub  ssh_host_rsa_key  ssh_host_rsa_key.pub  sshd_config
[root@6545598a8326 /]# echo 123456|passwd --stdin root
Changing password for user root.
passwd: all authentication tokens updated successfully.
[root@6545598a8326 /]# 

#此时容器的22端口也被sshd服务正常监听

root@6545598a8326 /]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      120/sshd            
tcp        0      0 :::22                       :::*                        LISTEN      120/sshd            
[root@6545598a8326 /]# 

#然后重启一个标签,通过1022端口成功连接到宿主机的容器(ssh root@10.0.0.11 -p 1022)

2.将安装好服务的容器commit提交为镜像
#说明该镜像中已经完好配置了sshd服务,然后commit打包。

[root@docker01 ~]# docker commit fxw centos6.9_ssh:v1
sha256:4e2a5ae67ee0d9238e40890ba9fdb051eb655e98e7c5c60eabf45ae9272ad94b
[root@docker01 ~]# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos6.9_ssh       v1                  4e2a5ae67ee0        12 seconds ago      309MB
nginx               latest              98ebf73aba75        7 days ago          109MB
centos              6.8                 82f3b5f3c58f        4 months ago        195MB
centos              6.9                 2199b8eb8390        4 months ago        195MB
[root@docker01 ~]#

 3.启动新容器来测试新提交的镜

[root@docker01 ~]# docker run -d -p 2022:22 centos6.9_ssh:v1 /usr/sbin/sshd -D
b8e7fcd195f28afc0e7d962c1a6c6f85c6c6404dc91a79744370b98e93ed2ae5
[root@docker01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
b8e7fcd195f2        centos6.9_ssh:v1    "/usr/sbin/sshd -D"      10 seconds ago      Up 8 seconds        0.0.0.0:2022->22/tcp   tender_hertz
6545598a8326        centos:6.9          "/bin/bash"              About an hour ago   Up About an hour    0.0.0.0:1022->22/tcp   fxw
52bfde2cbef6        nginx:latest        "nginx -g 'daemon of…"   20 hours ago        Up 20 hours         0.0.0.0:90->80/tcp     gifted_brahmagupta
[root@docker01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
b8e7fcd195f2        centos6.9_ssh:v1    "/usr/sbin/sshd -D"      14 seconds ago      Up 12 seconds       0.0.0.0:2022->22/tcp   tender_hertz
6545598a8326        centos:6.9          "/bin/bash"              About an hour ago   Up About an hour    0.0.0.0:1022->22/tcp   fxw
52bfde2cbef6        nginx:latest        "nginx -g 'daemon of…"   20 hours ago        Up 20 hours         0.0.0.0:90->80/tcp     gifted_brahmagupta
[root@docker01 ~]# 

正常情况下可以采用/etc/init.d/sshd start 启动sshd服务,但是为了启动镜像的同时还能将镜像中的sshd服务启动这里我们采用了/usr/sbin/sshd -D,夯住系统。
#测试手动制作的docker镜像

[root@docker01 ~]# ssh root@10.0.0.11 -p 2022
The authenticity of host '[10.0.0.11]:2022 ([10.0.0.11]:2022)' can't be established.
RSA key fingerprint is SHA256:hKK3qKZ0QPpjRg0P4rHyszBWAQxQqPu2FsSNKNG+5GQ.
RSA key fingerprint is MD5:73:de:35:86:8a:9e:2e:30:35:fc:b3:c4:83:13:c7:8b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[10.0.0.11]:2022' (RSA) to the list of known hosts.
root@10.0.0.11's password: 
Last login: Thu Jul 25 02:04:19 2019 from 10.0.0.11
[root@b8e7fcd195f2 ~]# 

#扩展:如果配置的服务较多,启动容的时候需要将这些服务(httpd,sshd,tomcat,nginx等)都启动,那该如何做呢?
办法只有一个:自定义脚本start.sh,比如说我们需要同时启动apache,sshd,nginx这三个服务:

vi /usr/init.d/start.sh
#!/bin/bash
/etc/init.d/httpd start
/usr/share/nginx/sbin/nginx
/usr/sbin/sshd -D

(注意:将/usr/sbin/sshd -D写在最后,它能夯住整个容器)然后启动容器:

docker run -d -p 8080:80 -p 1122:22 centos6-ssh-httpd:v1 /bin/bash /ect/init.d/start.sh