前面使用commit的方式,制作一个docker镜像,本次介绍使用Dockerfile制作一个dockers镜像
[root@docker-server3 ~]# mkdir /openssh
[root@docker-server3 ~]# cd /openssh
[root@docker-server3 openssh]# cp /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_rsa_key .
[root@docker-server3 openssh]# ll
-rw-r----- 1 root root 227 Dec 31 13:13 ssh_host_ecdsa_key
-rw-r----- 1 root root 387 Dec 31 13:13 ssh_host_ed25519_key
-rw-r----- 1 root root 1679 Dec 31 13:13 ssh_host_rsa_key
1 编辑Dockerfile文件
[root@docker-server3 openssh]# vim Dockerfile
FROM centos:7
LABEL darren darren@gmail.com RUN yum -y install openssh-server \
&& useradd natash \
&& echo "redhat"|passwd --stdin natash \
&& echo "redhat"|passwd --stdin root \
&& ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''\
&& ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' \
&& ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N '' ADD ssh_host_ecdsa_key /tmp/ssh_host_ecdsa_key
ADD ssh_host_ed25519_key /tmp/ssh_host_ed25519_key
ADD ssh_host_rsa_key /tmp/ssh_host_rsa_key CMD ["/usr/sbin/sshd", "-D"]
FROM表示下载基本镜像
LABEL作者信息
RUN 表示要执行的动作,相当于执行脚本,执行的是/bin/sh -c ***的动作
ADD表示复制文件
CMD表示执行一个命令
2 使用docker build构建镜像
[root@docker-server3 openssh]# docker build -t openssh:v1.3 .
Sending build context to Docker daemon 7.168kB
Step 1/7 : FROM centos:7
---> 5e35e350aded
Step 2/7 : LABEL darren darren@gmail.com
---> Running in e4326a6f6000
Removing intermediate container e4326a6f6000
---> eb19f72c1afd
Step 3/7 : RUN yum -y install openssh-server && useradd natash && echo "redhat"|passwd --stdin natash && echo "redhat"|passwd --stdin root && ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' && ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
---> Running in 41b40d14da2d
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirror.pregi.net
* extras: mirror.pregi.net
* updates: mirror.pregi.net
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:7.4p1-21.el7 will be installed
--> Processing Dependency: openssh = 7.4p1-21.el7 for package: openssh-server-7.4p1-21.el7.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-7.4p1-21.el7.x86_64
--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-7.4p1-21.el7.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-7.4p1-21.el7.x86_64
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-6.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-6.el7.x86_64
---> Package openssh.x86_64 0:7.4p1-21.el7 will be installed
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-6.el7 will be installed
--> Finished Dependency Resolution Dependencies Resolved ================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssh-server x86_64 7.4p1-21.el7 base 459 k
Installing for dependencies:
fipscheck x86_64 1.4.1-6.el7 base 21 k
fipscheck-lib x86_64 1.4.1-6.el7 base 11 k
openssh x86_64 7.4p1-21.el7 base 510 k
tcp_wrappers-libs x86_64 7.6-77.el7 base 66 k Transaction Summary
================================================================================
Install 1 Package (+4 Dependent packages) Total download size: 1.0 M
Installed size: 3.0 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/fipscheck-1.4.1-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for fipscheck-1.4.1-6.el7.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total 446 kB/s | 1.0 MB 00:02
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-7.1908.0.el7.centos.x86_64 (@CentOS)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : fipscheck-1.4.1-6.el7.x86_64 1/5
Installing : fipscheck-lib-1.4.1-6.el7.x86_64 2/5
Installing : openssh-7.4p1-21.el7.x86_64 3/5
Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 4/5
Installing : openssh-server-7.4p1-21.el7.x86_64 5/5
Verifying : fipscheck-lib-1.4.1-6.el7.x86_64 1/5
Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 2/5
Verifying : fipscheck-1.4.1-6.el7.x86_64 3/5
Verifying : openssh-7.4p1-21.el7.x86_64 4/5
Verifying : openssh-server-7.4p1-21.el7.x86_64 5/5 Installed:
openssh-server.x86_64 0:7.4p1-21.el7 Dependency Installed:
fipscheck.x86_64 0:1.4.1-6.el7 fipscheck-lib.x86_64 0:1.4.1-6.el7
openssh.x86_64 0:7.4p1-21.el7 tcp_wrappers-libs.x86_64 0:7.6-77.el7 Complete!
Changing password for user natash.
passwd: all authentication tokens updated successfully.
Changing password for user root.
passwd: all authentication tokens updated successfully.
Generating public/private dsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_ed25519_key.
Your public key has been saved in /etc/ssh/ssh_host_ed25519_key.pub.
The key fingerprint is:
SHA256:7LIsGt0osRc9JoEYjake8YD1pTcynqoUbep/IK7T2Xs root@41b40d14da2d
The key's randomart image is:
+---[DSA 1024]----+
|o=. . |
|+=.o o |
|o = * o |
|...o B o |
|..oo= + S |
| o+* * o |
|.+*o= o . |
|+oo+ooEo |
|+oooo+o |
+----[SHA256]-----+
Removing intermediate container 41b40d14da2d
---> 2be613021085
Step 4/7 : ADD ssh_host_ecdsa_key /tmp/ssh_host_ecdsa_key
---> c64f7dcda4c1
Step 5/7 : ADD ssh_host_ed25519_key /tmp/ssh_host_ed25519_key
---> 86e57a7a4313
Step 6/7 : ADD ssh_host_rsa_key /tmp/ssh_host_rsa_key
---> 2412a6e26b9c
Step 7/7 : CMD ["/usr/sbin/sshd", "-D"]
---> Running in e3e2df3ee1c8
Removing intermediate container e3e2df3ee1c8
---> 0244c59bf444
Successfully built 0244c59bf444
Successfully tagged openssh:v1.3
每一个step都会生成一个镜像层
在生成镜像层后,docker会自动识别,看是否有必要存在这个镜像层,如果没有必要,就会删除这个镜像层,如第二步:
Step 2/7 : LABEL darren darren@gmail.com
---> Running in e4326a6f6000
Removing intermediate container e4326a6f6000
3 查看镜像
发现新的镜像openssh:v1.3
[root@docker-server3 openssh]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
openssh v1.3 0244c59bf444 42 seconds ago 306MB
openssh v1.2 c399a750ed03 2 hours ago 361MB
openssh v1.0 d98ba06569f3 2 hours ago 361MB
nginx latest f7bb5701a33c 3 days ago 126MB
busybox latest 6d5fcfe5ff17 4 days ago 1.22MB
hub.darren.com/library/alpine 3.7 cc0abc535e36 7 days ago 5.59MB
centos 7 5e35e350aded 7 weeks ago 203MB
4 运行一个容器
[root@docker-server3 openssh]# docker run -d openssh:v1.3
fd2c629a2b3c067ecfa6ff601bf5a158f16087d40b16487e514688a125ab8f70
[root@docker-server3 openssh]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fd2c629a2b3c openssh:v1.3 "/usr/sbin/sshd -D" 13 seconds ago Up 13 seconds
5 测试容器,检查镜像是否达到要求
[root@docker-server3 openssh]# docker inspect fd2c629a2b3c |grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "192.168.0.2",
"IPPrefixLen": 24,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.2",
"IPPrefixLen": 24,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
ssh连接,测试openssh,并查看copy的文件
[root@docker-server3 openssh]# ssh root@192.168.0.2
The authenticity of host '192.168.0.2 (192.168.0.2)' can't be established.
ECDSA key fingerprint is SHA256:j3tvwS9TpQzJVj3QN+SLescO3vpSiiT18bA1e12ZR+M.
ECDSA key fingerprint is MD5:5c:cc:e9:cf:3d:b7:9c:d3:fe:93:50:b6:0f:f6:27:40.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.2' (ECDSA) to the list of known hosts.
root@192.168.0.2's password:
[root@fd2c629a2b3c ~]# ll /tmp/ssh*
-rw-r----- 1 root root 227 Dec 31 18:13 /tmp/ssh_host_ecdsa_key
-rw-r----- 1 root root 387 Dec 31 18:13 /tmp/ssh_host_ed25519_key
-rw-r----- 1 root root 1679 Dec 31 18:13 /tmp/ssh_host_rsa_key
[root@fd2c629a2b3c ~]# exit
logout
Connection to 192.168.0.2 closed.
[root@docker-server3 openssh]# ssh natash@192.168.0.2
natash@192.168.0.2's password:
[natash@fd2c629a2b3c ~]$ exit
logout
Connection to 192.168.0.2 closed.
说明镜像制作完成,后续在研究学习关于Dockerfile的语法
博主声明:本文的内容来源主要来自誉天教育晏威老师,由本人实验完成操作验证,需要的博友请联系誉天教育(http://www.yutianedu.com/),获得官方同意或者晏老师(https://www.cnblogs.com/breezey/)本人同意即可转载,谢谢!