這是一個愚蠢的學習過程,但是因為覺得過程還是值得記錄的,還是寫了下來
2》driver = generic
1)在這個過程中使用的都是本地的mac系統,然后嘗試在mac本地create -d generic
一直不成功,出現下面的錯誤:
Error creating machine: Error waiting for machine to be running: Maximum number of retries (60) exceeded
原因是:
1.--generic-ip-address標志后面跟着的是本機的IP地址,如果需要為其他遠程docker主機安裝可以改為其他docker主機ip(這里是本地創建docker-machine)
2.docker-machine為本機創建machine時也需要進行ssh認證:
首先:
userdeMacBook-Pro:~ user$ ssh-keygen
Generating public/private rsa key pair. Enter file in which to save the key (/Users/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: //輸入密碼后就生成了下面的兩個文件 Your identification has been saved in /Users/user/.ssh/id_rsa. //身份證明存儲的地方 Your public key has been saved in /Users/user/.ssh/id_rsa.pub. //公鑰存儲的地方 The key fingerprint is: SHA256:LuENCV9NZ3V9UimQA... user@userdeMacBook-Pro.local The key's randomart image is: +---[RSA 2048]----+ | ..EB.=*=...=| | o.=o Bo*=..oo| | o.o+.o ++o o..| | .+ + ..o o | | . * S o . | | o * o | | o o . | | . | | | +----[SHA256]-----+
然后在/Users/user/.ssh路徑下生成了兩個文件:
然后:
userdeMacBook-Pro:~ user$ ssh-copy-id root@10.240.203.84 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/user/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: ERROR: ssh: connect to host 10.240.203.84 port 22: Connection refused
出錯
問題解決辦法:在系統偏好-共享中如下圖所示打開遠程登錄的服務設置:
但是再次運行又有錯:
userdeMacBook-Pro:~ user$ ssh-copy-id root@10.240.203.84 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/user/.ssh/id_rsa.pub" The authenticity of host '10.240.203.84 (10.240.203.84)' can't be established. ECDSA key fingerprint is SHA256:lxCneM/Qbhue5WAitBgdHe5sMP1+HLYyItAR9OwSdcs.
解決辦法——參考https://www.cnblogs.com/gauze/p/5554840.html
這是因為ssh會把你每個你訪問過計算機的公鑰(public key)都記錄在~/.ssh/known_hosts。當下次訪問相同計算機時,OpenSSH會核對公鑰。如果公鑰不同,OpenSSH會發出警告,避免你受到DNS Hijack之類的攻擊
SSH對主機的public_key的檢查等級是根據StrictHostKeyChecking變量來配置的。
默認情況下,StrictHostKeyChecking=ask。簡單所下它的三種配置值:
1.StrictHostKeyChecking=no #最不安全的級別,當然也沒有那么多煩人的提示了,相對安全的內網測試時建議使用。如果連接server的key在本地不存在,那么就自動添加到文件中(默認是known_hosts),並且給出一個警告。 2.StrictHostKeyChecking=ask #默認的級別,就是出現剛才的提示了。如果連接和key不匹配,給出提示,並拒絕登錄。 3.StrictHostKeyChecking=yes #最安全的級別,如果連接與key不匹配,就拒絕連接,不會提示詳細信息。
在內網的進行的一些測試,為了方便,選擇最低的安全級別。
在.ssh/config(或者/etc/ssh/ssh_config)中配置:
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
修改好配置后,重新啟動sshd服務即可,命令為:/etc/init.d/sshd restart (或 service sshd restart )
(注:這里為了簡便,將knownhostfile設為/dev/null,就不保存在known_hosts中了)
再運行還是有問題:
userdeMacBook-Pro:~ user$ ssh-copy-id root@10.240.203.84 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/user/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Warning: Permanently added '10.240.203.84' (ECDSA) to the list of known hosts. Password: Password: Password: root@10.240.203.84's password: Permission denied, please try again. root@10.240.203.84's password: Received disconnect from 10.240.203.84 port 22:2: Too many authentication failures Disconnected from 10.240.203.84 port 22
這是因為我的用戶名設置的不是root,而是user,所以輸入的密碼一直不正確,然后導致返回驗證次數過多而失敗的錯誤
該過來后再運行就成功了
下面的ssh-copy-id命令是復制SSH密鑰到目標主機,開啟無密碼SSH登錄
userdeMacBook-Pro:~ user$ ssh-copy-id user@10.240.203.84 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/user/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'user@10.240.203.84'" and check to make sure that only the key(s) you wanted were added.
登錄測試:
userdeMacBook-Pro:~ user$ ssh 'user@10.240.203.84' Enter passphrase for key '/Users/user/.ssh/id_rsa': Last login: Wed Jan 2 19:13:20 2019 from 10.240.203.84
然后發現可以從虛擬機遠程登錄本地主機:
vagrant@precise64:~$ ssh user@10.240.203.84 The authenticity of host '10.240.203.84 (10.240.203.84)' can't be established. ECDSA key fingerprint is d9:ee:d9:d8:1e:9e:b1:a3:df:bd:c1:b9:1c:13:f2:c4. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.240.203.84' (ECDSA) to the list of known hosts. Password: Last login: Wed Jan 2 19:17:27 2019 from 10.240.203.84
但是還是出錯了:
userdeMacBook-Pro:~ user$ docker-machine create --engine-registry-mirror=https://hes89po0.mirror.aliyuncs.com --driver generic --generic-ip-address=10.240.203.84 --generic-ssh-key /Users/user/.ssh/id_rsa --generic-ssh-user=user vm Running pre-create checks... Creating machine... (vm) Importing SSH key... Waiting for machine to be running, this may take a few minutes... Detecting operating system of created instance... Waiting for SSH to be available... Enter passphrase for key '/Users/user/.docker/machine/machines/vm/id_rsa': Detecting the provisioner... Enter passphrase for key '/Users/user/.docker/machine/machines/vm/id_rsa': Error creating machine: Error detecting OS: Error getting SSH command: ssh command error: command : cat /etc/os-release err : exit status 1 output : cat: /etc/os-release: No such file or directory
上面的這個錯誤是ubuntu的docker版本與本機的mac版本不兼容的原因,所以它找不到相應的文件
2)所以后面就打算換成一個ubuntu系統,但是中間理解錯了,以為能夠在本地的mac系統ssh連接虛擬機上的ubuntu12.04來create,所以在糾結ping通的問題
然后就打算換成使用本地虛擬機之前安裝的一個ubuntu機器,有一個問題,就是虛擬機能夠ping通主機
本地主機ping不通虛擬機:
解決辦法:
將網卡1改成橋接模式
⚠️要將虛擬機重啟,否則是成功不了的(重要)
然后就成功ping通了
然后就跟上面的步驟一樣重新來一遍,ssh-copy-id命令是復制SSH密鑰到目標主機:
userdeMBP:~ user$ ssh-copy-id vagrant@10.240.203.48 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/user/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys vagrant@10.240.203.48's password: //輸入的是你目標主機的密碼 Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'vagrant@10.240.203.48'" and check to make sure that only the key(s) you wanted were added.
測試:
userdeMBP:~ user$ ssh 'vagrant@10.240.203.48' Enter passphrase for key '/Users/user/.ssh/id_rsa': //輸入你本機私鑰的密碼 Welcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-23-generic x86_64) * Documentation: https://help.ubuntu.com/ New release '14.04.5 LTS' available. Run 'do-release-upgrade' to upgrade to it. Welcome to your Vagrant-built virtual machine. Last login: Thu Jan 3 03:56:04 2019 vagrant@precise64:~$ //可見成功遠程連接了
然后先查看,確定目標主機本身是沒有安裝docker的,然后調用create為其安裝:
userdeMBP:~ user$ docker-machine create --engine-registry-mirror=https://hes89po0.mirror.aliyuncs.com --driver generic --generic-ip-address=10.240.203.48 --generic-ssh-key /Users/user/.ssh/id_rsa --generic-ssh-user=user vm Running pre-create checks... Creating machine... (vm) Importing SSH key... Waiting for machine to be running, this may take a few minutes... Detecting operating system of created instance... Waiting for SSH to be available... Error creating machine: Error detecting OS: Too many retries waiting for SSH to be available. Last error: Maximum number of retries (60) exceeded
但是仍然沒有成功,后面才突然恍然大悟,我應該到ubuntu虛擬機上去執行這些步驟才對,而不是在本機上,以為是通過ssh來幫助其安裝
3)打算直接在ubuntu12.04上運行docker-machine create
所以所有步驟從頭走一遍,先生成密鑰:
然后復制密鑰給本機:
上圖的問題和之前的一樣,這里就不管了,直接yes先
然后后面突然想起自己沒有在該ubuntu12.04上安裝docker-machine呢,然后網上大多是16.04版本的安裝教程,所以換了個虛擬機
4)換成了16.04的ubuntu虛擬機
然后后面就安裝了一個ubuntu16.04的版本,然后直接運行下面的命令,直接安裝doocker-machine:
vagrant@ubuntu-xenial:~$ curl -L https://github.com/docker/machine/releases/download/v0.13.0/docker-machine-`uname -s`-`uname -m` >/tmp/docker-machine && chmod +x /tmp/docker-machine && sudo cp /tmp/docker-machine /usr/local/bin/docker-machine % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 617 0 617 0 0 394 0 --:--:-- 0:00:01 --:--:-- 394 100 25.3M 100 25.3M 0 0 51350 0 0:08:37 0:08:37 --:--:-- 55686
查看版本:
vagrant@ubuntu-xenial:~$ docker-machine --version docker-machine version 0.13.0, build 9ba6da9
生成密鑰:
vagrant@ubuntu-xenial:~$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/vagrant/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/vagrant/.ssh/id_rsa. Your public key has been saved in /home/vagrant/.ssh/id_rsa.pub. The key fingerprint is: SHA256:B5GcbYmYFTNfZkNQQt6w0qEvY7MSPnRSHdGqQxtOoHo vagrant@ubuntu-xenial The key's randomart image is: +---[RSA 2048]----+ | =*BOBB | | + =X+@.. | | . .=.*.. | | . .++. | | . ++S+o | | . Eo ==* | | . + .. | | o | | | +----[SHA256]-----+
然后復制:
vagrant@ubuntu-xenial:~$ ssh-copy-id vagrant@10.0.2.15 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/vagrant/.ssh/id_rsa.pub" The authenticity of host '10.0.2.15 (10.0.2.15)' can't be established. ECDSA key fingerprint is SHA256:Y27AyXNovFytuIHlGpcpX2G0CZlHbgUE4WREk65rp40. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Permission denied (publickey).
但是上面的又沒有成功
解決辦法:
先查看ssh是否真的打開:
vagrant@ubuntu-xenial:~$ ps -e |grep ssh 1582 ? 00:00:00 sshd 1623 ? 00:00:02 sshd 2561 ? 00:00:00 sshd
看到sshd即打開
然后后面找到可能是因為vagrant用戶之前沒有設置密碼,導致在識別用戶時無密碼作為權限標識,所以提示無權限,所以為其設置密碼:
vagrant@ubuntu-xenial:~$ sudo passwd vagrant Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
但是還是沒有解決,然后說是還需要更改一些配置,運行:
sudo vim /etc/ssh/sshd_config
然后將下面的值都更改成yes:
RSAAuthentication yes
PubkeyAuthentication yes
RhostsRSAAuthentication yes
PasswordAuthentication yes
然后保存退出,然后運行sudo service ssh restart重啟ssh,然后再運行一遍就成功了:
vagrant@ubuntu-xenial:~$ ssh-copy-id vagrant@10.0.2.15 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/vagrant/.ssh/id_rsa.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys vagrant@10.0.2.15's password: //輸入的就是你上面設置的密碼 Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'vagrant@10.0.2.15'" and check to make sure that only the key(s) you wanted were added.
然后create:
vagrant@ubuntu-xenial:~$ docker-machine create --engine-registry-mirror=https://hes89po0.mirror.aliyuncs.com -d generic --generic-ip-address=10.0.2.15 --generic-ssh-key=/home/vagrant/.ssh/id_rsa --generic-ssh-user=vagrant vm Running pre-create checks... Creating machine... (vm) Importing SSH key... Waiting for machine to be running, this may take a few minutes... Detecting operating system of created instance... Waiting for SSH to be available... Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Detecting the provisioner... Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Provisioning with ubuntu(systemd)... Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Installing Docker... Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Copying certs to the local machine directory... Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Copying certs to the remote machine... Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Setting Docker configuration on the remote daemon... Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Enter passphrase for key '/home/vagrant/.docker/machine/machines/vm/id_rsa': Checking connection to Docker... Docker is up and running! To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env vm
然后終於成功了,中間的部分都是要求輸入密碼的地方,不要因為它要求你輸入密碼過多而以為是失敗了,查看:
vagrant@ubuntu-xenial:~$ docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS vm - generic Running tcp://10.0.2.15:2376 v18.09.0
但是我看別人的例子也沒有需要輸入這么多的密碼啊?可能是還需要什么設置但是我錯過了,小伙伴們有知道的可以告訴一下我
然后試着不指明密鑰和用戶看能不能生成機器,--generic-ssh-user如果不指明,使用的是root用戶,覺得應該是不會成功的:
vagrant@ubuntu-xenial:~$ docker-machine create --engine-registry-mirror=https://hes89po0.mirror.aliyuncs.com -d generic --generic-ip-address=10.0.2.15 vm2 Running pre-create checks... Creating machine... (vm2) No SSH key specified. Assuming an existing key at the default location. Waiting for machine to be running, this may take a few minutes... Detecting operating system of created instance... Waiting for SSH to be available... Error creating machine: Error detecting OS: Too many retries waiting for SSH to be available. Last error: Maximum number of retries (60) exceeded vagrant@ubuntu-xenial:~$ docker-machine ls NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS vm - generic Running tcp://10.0.2.15:2376 v18.09.0 vm2 - generic Running tcp://10.0.2.15:2376 v18.09.0
果然發現失敗了,但是還是顯示生成了vm2機器,生成的機器兩個的URL是相同的,因此在一個環境上只能生成一個docker machine,因此一般都會使用virtualbox
如果想要使用的是root用戶,可以轉到/home/ubuntu目錄下,再生成ssh-keygen等步驟
記得將沒有成功的vm2移除:
vagrant@ubuntu-xenial:~$ docker-machine rm vm2 About to remove vm2 WARNING: This action will delete both local reference and remote instance. Are you sure? (y/n): y Successfully removed vm2