为镜像添加SSH服务---Dockerfile创建

测试机器：

[root@localhost ~]# cat /etc/redhat-release 
CentOS Linux release 7.3.1611 (Core)

本地测试服务器地址：192.168.100.21

1.创建工作目录

[root@localhost ~]# mkdir sshd_centos
[root@localhost ~]# cd sshd_centos/
[root@localhost sshd_centos]# touch Dockerfile run.sh

2.编写run.sh脚本和authorized_keys文件

[root@localhost sshd_centos]# vim run.sh

#!/bin/bash
/usr/sbin/sshd -D

[root@localhost sshd_centos]# rm -rf ~/.ssh/
[root@localhost sshd_centos]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
b0:88:ee:40:84:bd:80:1d:e6:df:b2:fb:6e:2b:d1:9e root@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
|  o              |
|o= .             |
|+.+   .          |
|.. + o o         |
| .o +.o S        |
|..  .o.          |
|. . .o .         |
| o  ..E          |
|  . .=+.         |
+-----------------+
[root@localhost sshd_centos]# cat ~/.ssh/id_rsa.pub > /root/sshd_centos/authorized_keys
[root@localhost sshd_centos]# ls
authorized_keys  Dockerfile  run.sh

3.编写Dockerfile

FROM centos:latest
MAINTAINER docker_user (user@docker.com)
RUN yum install -y update
RUN yum install -y openssh-server
RUN mkdir -p /var/run/sshd
RUN mkdir -p /root/.ssh
RUN sed -ri 's/session     required    pam_loginuid.so/#session    required    pam_loginuid.so/g'  /etc/pam.d/sshd


ADD authorized_keys /root/.ssh/authorized_keys
ADD run.sh /run.sh
RUN chmod 755 /run.sh


EXPOSE 22


CMD ["/run.sh"]

4.创建镜像

[root@localhost sshd_centos]# docker build -t centos:dockerfile .

[root@localhost sshd_centos]# docker images
REPOSITORY                                TAG                 IMAGE ID            CREATED             SIZE
centos                                    dockerfile          95ca80eeaec6        9 seconds ago       302MB

5.测试镜像，运行容器

[root@localhost sshd_centos]# systemctl start firewall.service^C
[root@localhost sshd_centos]# docker run -d -p 10322:22 centos:dockerfile
f80597af8efc486ff965b6d601f1696e39b1cf34fa51c7607bec73baeaae2f5c
[root@localhost sshd_centos]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                   NAMES
f80597af8efc        centos:dockerfile   "/run.sh"                12 seconds ago      Up 11 seconds       0.0.0.0:10322->22/tcp   sleepy_goldstine

[root@localhost .ssh]# ssh 192.168.100.21 -p 10322
The authenticity of host '[192.168.100.21]:10322 ([192.168.100.21]:10322)' can't be established.
RSA key fingerprint is 95:ce:77:98:03:93:78:f3:55:61:cd:67:f3:e0:27:ca.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.100.21]:10322' (RSA) to the list of known hosts.
[root@f80597af8efc ~]# ls
anaconda-ks.cfg  original-ks.cfg
[root@f80597af8efc ~]#