基於alpine用dockerfile創建的ssh鏡像

1、下載alpine鏡像

[root@docker43 ~]# docker pull alpine
Using default tag: latest
Trying to pull repository docker.io/library/alpine ... 
latest: Pulling from docker.io/library/alpine
4fe2ade4980c: Pull complete 
Digest: sha256:621c2f39f8133acb8e64023a94dbdf0d5ca81896102b9e57c0dc184cadaf5528
Status: Downloaded newer image for docker.io/alpine:latest
[root@docker43 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
docker.io/alpine    latest              196d12cf6ab1        3 weeks ago         4.41 MB

2、編寫dockerfile

2.1.創建一個工作目錄

[root@docker43 ~]# cd /opt/
[root@docker43 opt]# mkdir alpine_ssh && cd alpine_ssh && touch Dockerfile

[root@docker43 alpine_ssh]# ll
總用量 4
-rw-r--r-- 1 root root 654 10月  3 23:21 Dockerfile

2.2.編寫Dockerfile

# 指定創建的基礎鏡像
FROM alpine

# 作者描述信息
MAINTAINER alpine_sshd (zhujingzhi@123.com)

# 替換阿里雲的源
RUN echo "http://mirrors.aliyun.com/alpine/latest-stable/main/" > /etc/apk/repositories
RUN echo "http://mirrors.aliyun.com/alpine/latest-stable/community/" >> /etc/apk/repositories

# 同步時間

# 更新源、安裝openssh 並修改配置文件和生成key 並且同步時間
RUN apk update && \
    apk add --no-cache openssh-server tzdata && \
    cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
    sed -i "s/#PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config && \
    ssh-keygen -t rsa -P "" -f /etc/ssh/ssh_host_rsa_key && \
    ssh-keygen -t ecdsa -P "" -f /etc/ssh/ssh_host_ecdsa_key && \
    ssh-keygen -t ed25519 -P "" -f /etc/ssh/ssh_host_ed25519_key && \
    echo "root:admin" | chpasswd

# 開放22端口
EXPOSE 22

# 執行ssh啟動命令
CMD ["/usr/sbin/sshd", "-D"]

2.3.創建鏡像

# 在dockerfile所在的目錄下
[root@docker43 alpine_ssh]# pwd
/opt/alpine_ssh
[root@docker43 alpine_ssh]# docker build -t alpine:sshd .

3、創建容器測試

　　創建容器

[root@docker43 alpine_ssh]# docker run -itd -p 10022:22 --name alpine_ssh_v1 alpine:sshd
[root@docker43 alpine_ssh]# docker ps 
CONTAINER ID        IMAGE               COMMAND               CREATED             STATUS              PORTS                   NAMES
b353f5f3b703        alpine:sshd         "/usr/sbin/sshd -D"   17 minutes ago      Up 17 minutes       0.0.0.0:10022->22/tcp   alpine_ssh_v1

　　測試

[root@docker43 alpine_ssh]# ssh root@127.0.0.1 -p10022
root@127.0.0.1's password: 
Welcome to Alpine!

The Alpine Wiki contains a large amount of how-to guides and general
information about administrating Alpine systems.
See <http://wiki.alpinelinux.org>.

You can setup the system with the command: setup-alpine

You may change this message by editing /etc/motd.

b353f5f3b703:~# 

4、問題總結

　　這些都是我在手動測試的時候遇見的，已經在寫Dockerfile的時候加進去了處理方法

1. apk add --no-cache openssh-server   # 安裝openssh的問題

/ # apk add --no-cache openssh-server
fetch http://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.8/community/x86_64/APKINDEX.tar.gz
(1/3) Installing openssh-keygen (7.7_p1-r2)
ERROR: openssh-keygen-7.7_p1-r2: package mentioned in index not found (try 'apk update')
(2/3) Installing openssh-server-common (7.7_p1-r2)
(3/3) Installing openssh-server (7.7_p1-r2)
ERROR: openssh-server-7.7_p1-r2: package mentioned in index not found (try 'apk update')
2 errors; 4 MiB in 14 packages

原因是：提示源沒有這個openssh的包

解決方式：
在dockerfile中改為國內的源
http://mirrors.aliyun.com/alpine/latest-stable/main/
http://mirrors.aliyun.com/alpine/latest-stable/community/

創建容器文件修改
[root@docker43 ~]# docker run -it alpine
/ # vi /etc/apk/repositories 
http://mirrors.aliyun.com/alpine/latest-stable/main/
http://mirrors.aliyun.com/alpine/latest-stable/community/
                                                    
#http://dl-cdn.alpinelinux.org/alpine/v3.8/main     
#http://dl-cdn.alpinelinux.org/alpine/v3.8/community

# 注釋或者刪除原來的默認源，添加阿里雲的源，然后執行apk update，在進行安裝就OK了


2、ssh 啟動問題
/ # /etc/init.d/sshd start
/bin/sh: /etc/init.d/sshd: not found

這樣的方式不能啟動，需要安裝一個alpine的管理工具
apk add --no-cache openrc
/ # /etc/init.d/sshd start
 * WARNING: sshd is already starting
 所以使用 /usr/sbin/sshd -D 方式啟動。但是又出現如下錯誤
 / # /usr/sbin/sshd -D
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key
sshd: no hostkeys available -- exiting.
解決方式：
ssh-keygen -t rsa -P "" -f /etc/ssh/ssh_host_rsa_key
ssh-keygen -t ecdsa -P "" -f /etc/ssh/ssh_host_ecdsa_key
ssh-keygen -t ed25519 -P "" -f /etc/ssh/ssh_host_ed25519_key

再次啟動
/ # /usr/sbin/sshd -D

啟動成功


3、創建容器后的網絡問題
[root@docker43 opt]# docker run -it alpine
WARNING: IPv4 forwarding is disabled. Networking will not work.

解決方式：
[root@docker43 ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward=1    # 添加這一行

[root@docker43 ~]# docker run -it alpine
/ #