Dealing with Ambiguity

Docker ( 4 ) ~ SSH サーバーの作成 ~

November 02, 2017
Docker

SSH サーバーを起動するカスタムイメージの作成

SSH サーバーの稼働とログイン

ubuntu:16.04 からコンテナを起動し、openssl-server をインストール

$ sudo docker run -it ubuntu:16.04 /bin/bash

root@654ce674fac6:/# apt-get install openssh-server -y
root@654ce674fac6:/# mkdir /var/run/sshd
root@654ce674fac6:/# /usr/sbin/sshd
root@654ce674fac6:/# ps ax    
  PID TTY      STAT   TIME COMMAND
    1 ?        Ss     0:00 /bin/bash
 5996 ?        Ss     0:00 /usr/sbin/sshd
 6014 ?        R+     0:00 ps ax

ユーザーを追加し、ログインしてみる。

root@654ce674fac6:/# adduser docker
Adding user `docker' ...
Adding new group `docker' (1000) ...
Adding new user `docker' (1000) with group `docker' ...
Creating home directory `/home/docker' ...
Copying files from `/etc/skel' ...
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
Changing the user information for docker
Enter the new value, or press ENTER for the default
	Full Name []: 
	Room Number []: 
	Work Phone []: 
	Home Phone []: 
	Other []: 
Is the information correct? [Y/n] Y

root@081308af8af2:/# slogin docker@localhost
docker@localhost's password: 
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.9.51-10.52.amzn1.x86_64 x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
Last login: Wed Nov  1 17:07:33 2017 from ::1
Connection to localhost closed.

カスタマイズしたコンテナからイメージを作成

$ sudo docker commit -c "EXPOSE 22" -c "CMD /usr/sbin/sshd -D" 081308af8af2 docker/sshd
sha256:f97b8db88f79d396a2556a07dc93bea663a0e6032e937d18f1fbf58d65c4d096
  • -c オプションでイメージの設定を調整している。
  • EXPOSE 22 は接続を TCP 22 番で待ち受ける設定、CMD /usr/sbin/sshd -D はコンテナ実行時に SSH サーバーを起動するための設定。
$ sudo docker images
REPOSITORY          TAG                       IMAGE ID            CREATED              SIZE
docker/sshd         latest                    f97b8db88f79        About a minute ago   594 MB
ubuntu              16.04-ssh                 79bdfa4d5921        7 minutes ago        594 MB
centos              centos7-emacs-installed   fb048d27b696        27 hours ago         557 MB
httpd               2.4.29                    a8bdc7fdaa4f        8 days ago           177 MB
ubuntu              16.04                     747cb2d60bbe        3 weeks ago          122 MB
centos              centos7                   196e0ce0c9fb        6 weeks ago          197 MB

カスタムイメージの動作確認

$ sudo docker run -d -p 10022:22 docker/sshd
bb3ba7b6a5a74e239bc301078ab009630b032ec2a746f20fd62d22370ffa3a7e

$ sudo docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                   NAMES
bb3ba7b6a5a7        docker/sshd         "/bin/sh -c '/usr/..."   28 seconds ago      Up 27 seconds       0.0.0.0:10022->22/tcp   kickass_bhabha

$ slogin -p 10022 docker@localhost
The authenticity of host '[localhost]:10022 ([127.0.0.1]:10022)' can't be established.
ECDSA key fingerprint is SHA256:AZO+QDmQrZNYhxP/Yr1sA5lbUl+XuXzuLep1P8OyB04.
ECDSA key fingerprint is MD5:98:f5:a2:92:b5:fe:85:49:6c:28:8b:e3:b2:0d:69:51.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:10022' (ECDSA) to the list of known hosts.
docker@localhost's password: 
Welcome to Ubuntu 16.04.3 LTS (GNU/Linux 4.9.51-10.52.amzn1.x86_64 x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
Last login: Wed Nov  1 17:12:06 2017 from ::1
Connection to localhost closed.
 © 2023, Dealing with Ambiguity