鉴于:
- 基于 ubuntu:13.10 的容器
- 已安装 ssh(通过
apt-get install ssh)
问题:每次启动容器时,我都必须手动运行 sshdservice ssh start
试过:update-rc.d ssh defaults,但它没有帮助。
问题:如何设置容器在容器启动时自动启动 sshd 服务?
问问题
83188 次
9 回答
37
试试看嘛:
ENTRYPOINT service ssh restart && bash
在您的 dockerfile 中,它对我来说很有趣!
更多细节在这里:如何在运行 docker 容器时自动启动服务?
于 2015-08-24T09:36:25.903 回答
13
这是一个Dockerfile安装 ssh 服务器并运行它:
# Build Ubuntu image with base functionality.
FROM ubuntu:focal AS ubuntu-base
ENV DEBIAN_FRONTEND noninteractive
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Setup the default user.
RUN useradd -rm -d /home/ubuntu -s /bin/bash -g root -G sudo ubuntu
RUN echo 'ubuntu:ubuntu' | chpasswd
USER ubuntu
WORKDIR /home/ubuntu
# Build image with Python and SSHD.
FROM ubuntu-base AS ubuntu-with-sshd
USER root
# Install required tools.
RUN apt-get -qq update \
&& apt-get -qq --no-install-recommends install vim-tiny=2:8.1.* \
&& apt-get -qq --no-install-recommends install sudo=1.8.* \
&& apt-get -qq --no-install-recommends install python3-pip=20.0.* \
&& apt-get -qq --no-install-recommends install openssh-server=1:8.* \
&& apt-get -qq clean \
&& rm -rf /var/lib/apt/lists/*
# Configure SSHD.
# SSH login fix. Otherwise user is kicked off after login
RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
RUN mkdir /var/run/sshd
RUN bash -c 'install -m755 <(printf "#!/bin/sh\nexit 0") /usr/sbin/policy-rc.d'
RUN ex +'%s/^#\zeListenAddress/\1/g' -scwq /etc/ssh/sshd_config
RUN ex +'%s/^#\zeHostKey .*ssh_host_.*_key/\1/g' -scwq /etc/ssh/sshd_config
RUN RUNLEVEL=1 dpkg-reconfigure openssh-server
RUN ssh-keygen -A -v
RUN update-rc.d ssh defaults
# Configure sudo.
RUN ex +"%s/^%sudo.*$/%sudo ALL=(ALL:ALL) NOPASSWD:ALL/g" -scwq! /etc/sudoers
# Generate and configure user keys.
USER ubuntu
RUN ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519
#COPY --chown=ubuntu:root "./files/authorized_keys" /home/ubuntu/.ssh/authorized_keys
# Setup default command and/or parameters.
EXPOSE 22
CMD ["/usr/bin/sudo", "/usr/sbin/sshd", "-D", "-o", "ListenAddress=0.0.0.0"]
使用以下命令构建:
docker build --target ubuntu-with-sshd -t ubuntu-with-sshd .
然后运行:
docker run -p 2222:22 ubuntu-with-sshd
要通过本地端口连接到容器,请运行ssh -v localhost -p 2222:
要检查容器 IP 地址,请使用docker ps和docker inspect。
以下是docker-compose.yml文件示例:
---
version: '3.4'
services:
ubuntu-with-sshd:
image: "ubuntu-with-sshd:latest"
build:
context: "."
target: "ubuntu-with-sshd"
networks:
mynet:
ipv4_address: 172.16.128.2
ports:
- "2222:22"
privileged: true # Required for /usr/sbin/init
networks:
mynet:
ipam:
config:
- subnet: 172.16.128.0/24
要运行,请键入:
docker-compose up --build
于 2020-05-11T20:36:40.460 回答
5
我认为正确的方法是按照 docker 的说明对 ssh 服务进行 docker 化。
并且与具体问题相关,在 dockerfile 末尾添加的以下行将实现您正在寻找的内容:
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]
于 2020-01-21T16:23:50.247 回答
2
于 2014-04-06T10:08:30.187 回答
2
这就是我所做的:
FROM nginx
# install gosu
# seealso:
# https://docs.docker.com/develop/develop-images/dockerfile_best-practices/
# https://github.com/tianon/gosu/blob/master/INSTALL.md
# https://github.com/tianon/gosu
RUN set -eux; \
apt-get update; \
apt-get install -y gosu; \
rm -rf /var/lib/apt/lists/*; \
# verify that the binary works
gosu nobody true
ENV myenv='default'
RUN apt-get update && apt-get install -y openssh-server
RUN mkdir /var/run/sshd
COPY entrypoint.sh /entrypoint.sh
ENV AIRFLOW_HOME=/usr/local/airflow
RUN mkdir $AIRFLOW_HOME
RUN groupadd --gid 8080 airflow
RUN useradd --uid 8080 --gid 8080 -ms /bin/bash -d $AIRFLOW_HOME airflow
RUN echo 'airflow:mypass' | chpasswd
EXPOSE 22
CMD ["/entrypoint.sh"]
在 entrypoint.sh 中:
echo "starting ssh as root"
gosu root service ssh start &
#gosu root /usr/sbin/sshd -D &
echo "starting tail user"
exec gosu airflow tail -f /dev/null
于 2020-08-06T15:20:23.343 回答
2
我创建了 dockerfiler 来在里面运行 ssh。我认为它不安全,但对于 DMZ 中的测试/开发来说可能没问题:
FROM ubuntu:20.04
USER root
# change root password to `ubuntu`
RUN echo 'root:ubuntu' | chpasswd
ENV DEBIAN_FRONTEND noninteractive
# install ssh server
RUN apt-get update && apt-get install -y \
openssh-server sudo \
&& rm -rf /var/lib/apt/lists/*
# workdir for ssh
RUN mkdir -p /run/sshd
# generate server keys
RUN ssh-keygen -A
# allow root to login
RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
EXPOSE 22
# run ssh server
CMD ["/usr/sbin/sshd", "-D", "-o", "ListenAddress=0.0.0.0"]
于 2021-10-18T12:06:34.383 回答
1
好吧,我使用以下命令来解决这个问题
docker run -i -t mycentos6 /bin/bash -c '/etc/init.d/sshd start && /bin/bash'
于 2017-10-18T23:35:25.233 回答
-1
首先登录到您的容器并编写如下初始化脚本/bin/init:
# execute in the container
cat <<EOT >> /bin/init
#!/bin/bash
service ssh start
while true; do sleep 1; done
EOT
然后让root用户被允许通过 ssh 登录:
# execute in the container
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
退出容器后将容器提交到新镜像:
# execute in the server
docker commit <YOUR_CONTAINER> <ANY_REPO>:<ANY_TAG>
从现在开始,只要你用下面的命令运行你的容器,ssh 服务就会自动启动。
# execute in the server
docker run -it -d --name <NAME> <REPO>:<TAG> /bin/init
docker exec -it <NAME> /bin/bash
完毕。
于 2021-05-31T04:53:03.440 回答
-17
您可以使用 phusion/baseimage-docker 尝试一种更优雅的方法
于 2014-04-10T00:04:19.373 回答