首页 > 代码库 > coreos 创建使用密钥登陆的ubuntu 基础镜像

coreos 创建使用密钥登陆的ubuntu 基础镜像

下载官方镜像

core@localhost ~ $ docker pull ubuntu:14.04
#假设官方下载较慢,可到www.dockerpool.com下载标准镜像
core@localhost ~ $ docker pull dl.dockerpool.com:5000/ubuntu:14.04
core@localhost ~ $ docker tag dl.dockerpool.com:5000/ubuntu:14.04 ubuntu:14.04
core@localhost ~ $ docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
dl.dockerpool.com:5000/ubuntu   14.04               1357f421be38        3 days ago          192.7 MB
ubuntu                          14.04               1357f421be38        3 days ago          192.7 MB

创建dockerfile目录

core@localhost ~ $ mkdir base
core@localhost ~ $ cd base
core@localhost ~/base $~ $ ssh-keygen
#生成訪问密钥
core@localhost ~/base $ cat ~/.ssh/id_rsa.pub >authorized_keys

dockerfile内容:

#设置母镜像
FROM ubuntu:14.04
#提供一些作者的信息
MAINTAINER dwj_zz@163.com
#以下開始执行命令,此处更改ubuntu的源为国内163的源
RUN echo "deb http://mirrors.163.com/ubuntu/ trusty main restricted universe multiverse" > /etc/apt/sources.list
RUN echo "deb http://mirrors.163.com/ubuntu/ trusty-security main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.163.com/ubuntu/ trusty-updates main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.163.com/ubuntu/ trusty-proposed main restricted universe multiverse" >> /etc/apt/sources.list
RUN echo "deb http://mirrors.163.com/ubuntu/ trusty-backports main restricted universe multiverse" >> /etc/apt/sources.list
RUN apt-get update
RUN apt-get upgrade -y

#安装ssh 和supervisor
RUN apt-get install -y openssh-server  supervisor
RUN mkdir -p /var/run/sshd
RUN mkdir -p /var/log/supervisor
RUN mkdir -p /root/.ssh
#取消pam限制
RUN sed -ri ‘s/session    required     pam_loginuid.so/#session    required     pam_loginuid.so/g‘ /etc/pam.d/sshd

#复制配置文件到对应位置
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
COPY authorized_keys /root/.ssh/authorized_keys

#开放端口
EXPOSE 22
CMD ["/usr/bin/supervisord"]

创建supervisor.conf文件:

core@localhost ~/base $ vi supervisord.conf
#文件内容例如以下
[supervisord]
nodaemon=true
[program:sshd]
command=/usr/sbin/sshd -D

验证一下目录内容

core@localhost ~/base $ ls
Dockerfile  authorized_keys  supervisord.conf
core@localhost ~/base $ pwd
/home/core/base

创建image方法

core@localhost ~/base $ docker build -t base/163 .

启动容器命令

core@localhost ~/base $ docker run -p 100:22 -d base/163

使用密钥登陆容器

core@localhost ~/base $ ssh root@127.0.0.1 -p 100

coreos 创建使用密钥登陆的ubuntu 基础镜像