标签:html build 上下 调用 second dir 镜像 打包 port
使用Dockerfile创建ssh服务的镜像02
1:创建工作目录---一个镜像的所有文件都放这个目录下
ubuntu@ubuntu:~$ mkdir sshd_ubuntu
ubuntu@ubuntu:~/sshd_ubuntu$ touch Dockerfile run.sh #创建需要的文件
ubuntu@ubuntu:~/sshd_ubuntu$ ls
Dockerfile run.sh
2:编写run.sh脚本和authorized_keys文件
ubuntu@ubuntu:~/sshd_ubuntu$ cat run.sh
#! /bin/bash
/usr/sbin/sshd -D
ubuntu@ubuntu:~/sshd_ubuntu$ ssh-keygen -trsa #在宿主主机上生成ssh密钥对
ubuntu@ubuntu:~/sshd_ubuntu$ cat ~/.ssh/id_rsa.pub > authorized_keys #生成authorized_keys文件
3:编写Dockerfile
ubuntu@ubuntu:~/sshd_ubuntu$ cat Dockerfile
FROM ubuntu:18.04
#提供一些作者的信息
MAINTAINER docker_user (user@docker.com)
#下面开始运行命令,此处更改ubuntu的源为国内163的源
RUN echo "deb http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse" > /etc/apt/sources.list
RUN echo "deb http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb-src http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse" >> /etc/apt/sources.list
RUN apt-get update
#安装 ssh 服务
RUN apt-get install -y openssh-server
RUN mkdir -p /var/run/sshd
RUN mkdir -p /root/.ssh
#取消pam限制
RUN sed -ri 's/session required pam_loginuid.so/#&/g' /etc/pam.d/sshd
ADD authorized_keys /root/.ssh/authorized_keys
ADD run.sh /run.sh
RUN chmod 755 /run.sh
#开放端口
EXPOSE 22
#设置自启动命令
CMD ["/run.sh"]
4:创建镜像
ubuntu@ubuntu:~/sshd_ubuntu$ docker images #查看当前镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd ubuntu 3475b858b5b3 22 hours ago 209MB
mysql latest d435eee2caa5 3 days ago 456MB
ubuntu 18.04 775349758637 3 weeks ago 64.2MB
training/webapp latest 6fae60ef3446 4 years ago 349MB
格式:格式:docker build [选项] <上下文路径/URL/->
ubuntu@ubuntu:~/sshd_ubuntu$ docker build -f Dockerfile -t sshd:dockerfile . #注意这个.是指代上下文路劲
......
Step 20/20 : CMD ["/run.sh"]
---> Running in 5f04be8aac51
Removing intermediate container 5f04be8aac51
---> a5a0ca238063
Successfully built a5a0ca238063
Successfully tagged sshd:dockerfile #表示成功
ubuntu@ubuntu:~/sshd_ubuntu$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd dockerfile a5a0ca238063 25 seconds ago 149MB
sshd ubuntu 3475b858b5b3 22 hours ago 209MB
mysql latest d435eee2caa5 3 days ago 456MB
ubuntu 18.04 775349758637 3 weeks ago 64.2MB
training/webapp latest 6fae60ef3446 4 years ago 349MB
ubuntu@ubuntu:~/sshd_ubuntu$ docker run -d -p 10122:22 sshd:dockerfile
0ecd50a7ca0d908b4afcc4f61b2623e28a159d31d2881b017afee0c97f3dad91
ubuntu@ubuntu:~/sshd_ubuntu$ ssh root@192.168.43.97 -p 10122
The authenticity of host '[192.168.43.97]:10122 ([192.168.43.97]:10122)' can't be established.
ECDSA key fingerprint is SHA256:MJcMMQd7LgFTx51fUGDJOl/lLH++6mbrRloeiptPHJQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.43.97]:10122' (ECDSA) to the list of known hosts.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
root@0ecd50a7ca0d:~#
工作原理:docker build
Docker 在运行时分为 Docker 引擎(也就是服务端守护进程)和客户端工具。Docker 的引擎提供了一组 REST API,被称为 Docker Remote API,而如 docker 命令这样的客户端工具,则是通过这组 API 与 Docker 引擎交互,从而完成各种功能。因此,虽然表面上我们好像是在本机执行各种 docker 功能,但实际上,一切都是使用的远程调用形式在<b>服务端(Docker 引擎)</b>完成。也因为这种 C/S 设计,让我们操作远程服务器的 Docker 引擎变得轻而易举。
当我们进行镜像构建的时候,并非所有定制都会通过 RUN 指令完成,经常会需要将一些本地文件复制进镜像,比如通过 COPY 指令、ADD 指令等。而 docker build 命令构建镜像,其实并非在本地构建,而是在服务端,也就是 Docker 引擎中构建的。那么在这种客户端/服务端的架构中,如何才能让服务端获得本地文件呢?
这就引入了上下文的概念。当构建的时候,用户会指定构建镜像上下文的路径,docker build 命令得知这个路径后,会将路径下的所有内容打包,然后上传给 Docker 引擎。这样 Docker 引擎收到这个上下文包后,展开就会获得构建镜像所需的一切文件
标签:html build 上下 调用 second dir 镜像 打包 port
原文地址:https://www.cnblogs.com/zhoujun007/p/11946378.html