Docker构建CentOS私有云主机
- 前言
- 从Docker仓库中下载CentOS镜像;
- 查看已下载CentOS镜像文件和列表信息;
- 基于CentOS镜像启动一台CentOS云主机;
- 查看CentOS云主机运行状态和IP地址;
- 进入容器
- 默认CentOS8镜像软件包不完整,需要手工添加、安装SSH服务、Net-tools工具、修改默认root密码,最后启动SSH服务方可远程。
- 启动 /usr/sbin/sshd排错
- 基于该容器提交新的镜像
- 全新运行新镜像
- 开放宿主机的访问规则
- xshell工具连接成功如图
- 快速启动多台私有云主机
前言
- Docker虚拟化技术主要是为了解决企业轻量级服务器操作系统和应用容器而诞生的,Docker虚拟化在企业中主要有两种应用方式: 启动应用服务;
启动Guest OS;
- 开放宿主机的访问规则基于Docker虚拟化平台,创建一台CentOS云主机(Guest OS),要求CentOS云主机操作系统版本:7.x(Linux内核:3.10+),同时对外启动并且监听22端口,用户通过远程工具CRT、XSHELL能够远程访问。操作的步骤和方法如下: #在Docker仓库中搜索CentOS镜像; docker search centos
[root@hecs-x-medium-2-linux-20200611091300 ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 6063 [OK]
ansible/centos7-ansible Ansible on Centos7 130 [OK]
consol/centos-xfce-vnc Centos container with "headless" VNC session… 116 [OK]
jdeathe/centos-ssh OpenSSH / Supervisor / EPEL/IUS/SCL Repos - … 114 [OK]
centos/systemd systemd enabled base container. 84 [OK]
centos/mysql-57-centos7 MySQL 5.7 SQL database server 77
imagine10255/centos6-lnmp-php56 centos6-lnmp-php56 58 [OK]
tutum/centos Simple CentOS docker image with SSH access 47
centos/postgresql-96-centos7 PostgreSQL is an advanced Object-Relational … 46从Docker仓库中下载CentOS镜像;
docker pull centos
如果要安装centos7下载,这里我们下载centos最新版CentOS Linux release 8.1.1911 (Core)
docker pull ansible/centos7-ansible
查看已下载CentOS镜像文件和列表信息;
ls -l /var/lib/docker/image/overlay2/
docker images
docker images|grep -aiE centos
[root@hecs-x-medium-2-linux-20200611091300 ~]# docker images|grep -aiE centos
centos latest 470671670cac 5 months ago 237MB基于CentOS镜像启动一台CentOS云主机;
docker run -itd --privileged --name=xqy_centos01 centos:latest
Run,全新创建并且启动新容器;
-i,interactive交互模式;
-t,tty打开登陆终端;
-d,detach后台运行;
-p,publish发布端口,将宿主机6022映射至容器22端口;
--name,指定或者自定义容器的名称;
--privileged,开启超级特权,支持更多的指令操作。查看CentOS云主机运行状态和IP地址;
docker ps
docker inspect xqy_centos01|grep -ai ipaddr|tail -1
[root@hecs-x-medium-2-linux-20200611091300 ~]# docker inspect xqy_centos01|grep -ai ipaddr|tail -1
"IPAddress": "172.17.0.4",进入容器
docker exec -it 0e18294d2044 /bin/bash
检查容器网络,从容器内ping外网和宿主机
[root@0e18294d2044 /]# ping 192.168.0.166
PING 192.168.0.166 (192.168.0.166) 56(84) bytes of data.
64 bytes from 192.168.0.166: icmp_seq=1 ttl=64 time=0.045 ms
[root@0e18294d2044 /]# ping www.baidu.com
PING www.a.shifen.com (182.61.200.7) 56(84) bytes of data.
64 bytes from 182.61.200.7 (182.61.200.7): icmp_seq=1 ttl=48 time=30.7 ms从宿主机ping容器
[root@hecs-x-medium-2-linux-20200611091300 ~]# ping 172.17.0.4
PING 172.17.0.4 (172.17.0.4) 56(84) bytes of data.
64 bytes from 172.17.0.4: icmp_seq=1 ttl=64 time=0.046 ms默认CentOS8镜像软件包不完整,需要手工添加、安装SSH服务、Net-tools工具、修改默认root密码,最后启动SSH服务方可远程。
安装Net-tools工具
[root@0e18294d2044 /]# yum -y install net-tools
Failed to set locale, defaulting to C.UTF-8
CentOS-8 - AppStream 594 kB/s | 5.8 MB 00:09
CentOS-8 - Base 160 kB/s | 2.2 MB 00:14
CentOS-8 - Extras 6.9 kB/s | 6.7 kB 00:00
Dependencies resolved.
===============================================================================================================================================================================================
Package Architecture Version Repository Size
===============================================================================================================================================================================================
Installing:
net-tools x86_64 2.0-0.51.20160912git.el8 BaseOS 323 k
Transaction Summary安装SSH服务
[root@0e18294d2044 /]# yum -y install openssh-server
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:07:30 ago on Sun Jun 28 02:00:13 2020.
Dependencies resolved.
===============================================================================================================================================================================================
Package Architecture Version Repository Size
===============================================================================================================================================================================================
Installing:
openssh-server x86_64 8.0p1-4.el8_1 BaseOS 485 k
Installing dependencies:启动 /usr/sbin/sshd排错
报错如图
[root@0e18294d2044 /]# /usr/sbin/sshd
Unable to load host key: /etc/ssh/ssh_host_rsa_key
Unable to load host key: /etc/ssh/ssh_host_ecdsa_key
Unable to load host key: /etc/ssh/ssh_host_ed25519_key
sshd: no hostkeys available -- exiting.
[root@0e18294d2044 /]# docker ps
bash: docker: command not found处理办法:
1、可以从宿主机拷贝对应的文件到容器
docker cp /etc/ssh/ssh_host_rsa_key 0e18294d2044:/etc/ssh/
三个文件都要拷贝
[root@hecs-x-medium-2-linux-20200611091300 ~]# docker cp /etc/ssh/ssh_host_rsa_key 0e18294d2044:/etc/ssh/ssh_host_rsa_key
[root@hecs-x-medium-2-linux-20200611091300 ~]# docker cp /etc/ssh/ssh_host_ecdsa_key 0e18294d2044:/etc/ssh/ssh_host_ecdsa_key
[root@hecs-x-medium-2-linux-20200611091300 ~]# docker cp /etc/ssh/ssh_host_ed25519_key 0e18294d2044:/etc/ssh/ssh_host_ed25519_key启动sshd服务
[root@0e18294d2044 /]# /usr/sbin/sshd
[root@0e18294d2044 /]# ps -ef|grep ssh
root 147 0 0 02:55 ? 00:00:00 /usr/sbin/sshd
root 154 19 0 03:01 pts/1 00:00:00 grep --color=auto ssh基于该容器提交新的镜像
docker commit 0e18294d2044 xqy_centos8.1:ssh
[root@hecs-x-medium-2-linux-20200611091300 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ba06e60f6e65 xqy_centos8.1:ssh "/bin/bash" 4 hours ago Up 4 hours 0.0.0.0:6000->22/tcp xqy_centos8全新运行新镜像
docker run -itd --privileged --name=xqy_centos8 -p 6000:22 xqy_centos8.1:ssh进入新容器
docker exec -it ba06e60f6e65 /bin/bash
修改root密码
yum -y install passwd cracklib-dicts #安装passwd和依赖包
passwd root #密码修改为1
启动ssh 一定要去启动不然默认不会启动ssh
[root@ba06e60f6e65 /]# ps -ef|grep ssh
root 96 63 0 07:18 pts/1 00:00:00 grep --color=auto ssh
[root@ba06e60f6e65 /]# /usr/sbin/sshd
[root@ba06e60f6e65 /]# ps -ef|grep ssh
root 98 0 0 07:18 ? 00:00:00 /usr/sbin/sshd
root 100 63 0 07:18 pts/1 00:00:00 grep --color=auto ssh开放宿主机的访问规则
xshell工具连接成功如图
Connecting to 124.70.180.XXX:6000...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
WARNING! The remote SSH server rejected X11 forwarding request.
"System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)."
[root@ba06e60f6e65 ~]#快速启动多台私有云主机
for i in (seq 0 9);do docker run -itd --privileged --name=xuqy_cent0$i -p 600$i:22 xqy_centos8.1:latest ;done
#启动每一台的sshd
for i in $(docker ps -aq);do docker exec $i /usr/sbin/sshd ;done
#查看容器的IP地址
for i in $(docker ps -aq);do docker inspect $i|grep -ai ipaddr|tail -1|grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done
# 查看容器ID和容器对应的IP地址
for i in $(docker ps -aq);do echo $i; docker inspect $i|grep -ai ipaddr|tail -1|grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done后续会增加dockerfile的制作直接将ssh服务加入到新镜像中默认启动
另外构建私有云还有很多参数可以指定比如cpu 内存 磁盘 网络等等,后续更新
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
