docker(2)
////////dcoker (2)网络配置/////// [root@foundation95 ~]# docker infoContainers: 1 Running: 0 Paused: 0 Stopped: 1Images: 47Server Version: 1.10.3Storage Driver: devicemapper Pool Name:
dcoker (2)网络配置///
[root@foundation95 ~]# docker info
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 47
Server Version: 1.10.3
Storage Driver: devicemapper
Pool Name: docker-253:0-404887625-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 939.9 MB
Data Space Total: 107.4 GB
Data Space Available: 75.84 GB
Metadata Space Used: 2.044 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.145 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.107-RHEL7 (2015-10-14)
Execution Driver: native-0.2
Logging Driver: json-file
Plugins:
Volume: local
Network: bridge null host
Kernel Version: 3.10.0-327.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.2 (Maipo)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.749 GiB
Name: foundation95.ilt.example.com
ID: KTCN:YCUO:KYWG:6HJR:WW3F:KDSD:3DYW:PFOQ:SI6V:UR5U:RBNG:IU5H
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
[root@foundation95 ~]# docker ps -aq
2faf7feacc7c
[root@foundation95 ~]# docker stop `docker ps -aq` //删除容器之前要先暂停容器,无法删除正在运行的容器
2faf7feacc7c
[root@foundation95 ~]# docker rm `docker ps -aq`
2faf7feacc7c
[root@foundation95 ~]# docker ps -a //此时没有容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@foundation95 ~]# docker run -it --name vm1 ubuntu
root@8e4c2f899fca:/# [root@foundation95 ~]#
[root@foundation95 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0021cc5e7de1 no enp0s25
docker0 8000.0242cf6ff9ab no veth052518d
virbr0 8000.525400f9bd0b yes virbr0-nic
virbr1 8000.525400d307ed yes virbr1-nic
[root@foundation95 ~]# docker run -it --name vm1 ubuntu //建立容器并进入
root@8e4c2f899fca:/# [root@foundation95 ~]#
[root@foundation95 ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0021cc5e7de1 no enp0s25
docker0 8000.0242cf6ff9ab no veth052518d
virbr0 8000.525400f9bd0b yes virbr0-nic
virbr1 8000.525400d307ed yes virbr1-nic
[root@foundation95 ~]# cp /usr/lib/systemd/system/docker.service /etc/systemd/system
cp: overwrite ‘/etc/systemd/system/docker.service’? y
[root@foundation95 ~]# vim /etc/systemd/system
[root@foundation95 ~]# cd /etc/systemd/system
[root@foundation95 system]# ls
basic.target.wants getty.target.wants
bluetooth.target.wants graphical.target.wants
dbus-org.bluez.service multi-user.target.wants
dbus-org.freedesktop.Avahi.service remote-fs.target.wants
dbus-org.freedesktop.NetworkManager.service sockets.target.wants
dbus-org.freedesktop.nm-dispatcher.service spice-vdagentd.target.wants
default.target sysinit.target.wants
default.target.wants system-update.target.wants
display-manager.service timers.target.wants
docker.service
[root@foundation95 system]# vim docker.service
[root@foundation95 system]# cat docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network.target docker.socket
Requires=docker.socket
[Service]
Type=notify
ExecStart=/usr/bin/docker daemon -H fd:// --bip 172.25.10.10/24 //之修改此处
MountFlags=slave
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
[Install]
WantedBy=multi-user.target
[root@foundation95 system]# systemctl daemon-reload
[root@foundation95 system]# systemctl restart docker
[root@foundation95 system]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether a0:88:b4:47:03:30 brd ff:ff:ff:ff:ff:ff
4: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.95/24 brd 172.25.254.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::68d4:40ff:feaa:f24f/64 scope link
valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 500
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
7: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
8: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1 state DOWN qlen 500
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
9: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:cf:6f:f9:ab brd ff:ff:ff:ff:ff:ff
inet 172.25.10.10/24 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:cfff:fe6f:f9ab/64 scope link
valid_lft forever preferred_lft forever
四种网络模式
[root@foundation95 system]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether a0:88:b4:47:03:30 brd ff:ff:ff:ff:ff:ff
4: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.95/24 brd 172.25.254.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::68d4:40ff:feaa:f24f/64 scope link
valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 500
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
7: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
8: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1 state DOWN qlen 500
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
9: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:cf:6f:f9:ab brd ff:ff:ff:ff:ff:ff
inet 172.25.10.10/24 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:cfff:fe6f:f9ab/64 scope link
valid_lft forever preferred_lft forever
[root@foundation95 system]# cd
[root@foundation95 ~]# docker rm `docker ps -aq`
8e4c2f899fca
[root@foundation95 ~]# docker run -it --name vm1 ubuntu //默认为br0模式,ip由主机的br0顺序分配
root@69dc88114407:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:19:0a:01 brd ff:ff:ff:ff:ff:ff
inet 172.25.10.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe19:a01/64 scope link
valid_lft forever preferred_lft forever
[root@foundation95 ~]# ip a s //主机的ip
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN qlen 1000
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether a0:88:b4:47:03:30 brd ff:ff:ff:ff:ff:ff
4: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.95/24 brd 172.25.254.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::68d4:40ff:feaa:f24f/64 scope link
valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 500
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
7: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
8: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1 state DOWN qlen 500
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
9: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:cf:6f:f9:ab brd ff:ff:ff:ff:ff:ff
inet 172.25.10.10/24 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:cfff:fe6f:f9ab/64 scope link
valid_lft forever preferred_lft forever
13: veth57ca272@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP
link/ether 72:03:db:0b:78:53 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::7003:dbff:fe0b:7853/64 scope link
valid_lft forever preferred_lft forever
[root@foundation95 ~]# docker run -it --name vm1 --net host ubuntu
docker: Error response from daemon: Conflict. The name "/vm1" is already in use by container 69dc88114407d85f2dfd17958ebc581ab35e48794fa1736d1527e3316b22b87a. You have to remove (or rename) that container to be able to reuse that name..
See 'docker run --help'. //报错的意思是vm1容器已经存在,
[root@foundation95 ~]# docker stop vm1
vm1
[root@foundation95 ~]# docker rm vm1
vm1
[root@foundation95 ~]# docker run -it --name vm1 --net host ubuntu //指定为host模式
root@foundation95:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN group default qlen 1000
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether a0:88:b4:47:03:30 brd ff:ff:ff:ff:ff:ff
4: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.95/24 brd 172.25.254.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::68d4:40ff:feaa:f24f/64 scope link
valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 500
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
7: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
8: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1 state DOWN group default qlen 500
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
9: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:cf:6f:f9:ab brd ff:ff:ff:ff:ff:ff
inet 172.25.10.10/24 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:cfff:fe6f:f9ab/64 scope link
valid_lft forever preferred_lft forever
//显示的就是现在的主机的ip因为此时容器和主机功用namespace空间,名称和ip都是一样的。
[root@foundation95 ~]# docker run -it --name web --net host nginx
2017/05/10 12:01:50 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2017/05/10 12:01:50 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2017/05/10 12:01:50 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2017/05/10 12:01:50 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2017/05/10 12:01:50 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
2017/05/10 12:01:50 [emerg] 1#1: still could not bind()
nginx: [emerg] still could not bind()
[root@foundation95 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
43ffcf2c163b ubuntu "/bin/bash" 27 minutes ago Up 27 minutes vm1
[root@foundation95 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0385fde2a37 nginx "nginx -g 'daemon off" 31 seconds ago Exited (1) 25 seconds ago web
43ffcf2c163b ubuntu "/bin/bash" 27 minutes ago Up 27 minutes vm1
[root@foundation95 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
43ffcf2c163b ubuntu "/bin/bash" 27 minutes ago Up 27 minutes vm1
[root@foundation95 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0385fde2a37 nginx "nginx -g 'daemon off" 58 seconds ago Exited (1) 52 seconds ago web
43ffcf2c163b ubuntu "/bin/bash" 28 minutes ago Up 28 minutes vm1
[root@foundation95 ~]# systemctl stop httpd.service
[root@foundation95 ~]# docker start web
web
[root@foundation95 ~]# docker attach web
[root@foundation95 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0385fde2a37 nginx "nginx -g 'daemon off" 2 minutes ago Up 44 seconds web
43ffcf2c163b ubuntu "/bin/bash" 29 minutes ago Up 29 minutes vm1
[root@foundation95 ~]# netstat -antlp | grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6695/nginx: master
[root@foundation95 ~]# netstat -antlp | grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6695/nginx: master
[root@foundation95 ~]# docker stop web
web
[root@foundation95 ~]# systemctl start httpd.service
[root@foundation95 ~]# netstat -antlp | grep :80
tcp6 0 0 :::80 :::* LISTEN 6791/httpd
[root@foundation95 ~]# docker run -it --name vm2 --net container:vm1 ubuntu
root@foundation95:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN group default qlen 1000
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
3: wlp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether a0:88:b4:47:03:30 brd ff:ff:ff:ff:ff:ff
4: br0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 00:21:cc:5e:7d:e1 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.95/24 brd 172.25.254.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::68d4:40ff:feaa:f24f/64 scope link
valid_lft forever preferred_lft forever
5: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
6: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 500
link/ether 52:54:00:f9:bd:0b brd ff:ff:ff:ff:ff:ff
7: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
8: virbr1-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr1 state DOWN group default qlen 500
link/ether 52:54:00:d3:07:ed brd ff:ff:ff:ff:ff:ff
9: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:cf:6f:f9:ab brd ff:ff:ff:ff:ff:ff
inet 172.25.10.10/24 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:cfff:fe6f:f9ab/64 scope link
valid_lft forever preferred_lft forever
root@foundation95:/# exit
exit
[root@foundation95 ~]# docker run -it --name vm3 ubuntu
root@d42e897b2914:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:19:0a:01 brd ff:ff:ff:ff:ff:ff
inet 172.25.10.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe19:a01/64 scope link
valid_lft forever preferred_lft forever
root@d42e897b2914:/# exit
exit
[root@foundation95 ~]# docker run -it --name vm4 --net container:vm3 ubuntu
docker: Error response from daemon: cannot join network of a non running container: vm3.
[root@foundation95 ~]# docker start vm3
vm3
[root@foundation95 ~]# docker run -it --name vm4 --net container:vm3 ubuntu
docker: Error response from daemon: Conflict. The name "/vm4" is already in use by container dc13ee691b5d4c2ab80e690906a4d27d19ded2aa5a71387e61f2733e21c12475. You have to remove (or rename) that container to be able to reuse that name..
See 'docker run --help'.
[root@foundation95 ~]# docker stop vm4
vm4
[root@foundation95 ~]# docker rm vm4
vm4
[root@foundation95 ~]# docker run -it --name vm4 --net container:vm3 ubuntu
root@d42e897b2914:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
16: eth0@if17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:19:0a:01 brd ff:ff:ff:ff:ff:ff
inet 172.25.10.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe19:a01/64 scope link
valid_lft forever preferred_lft forever
root@d42e897b2914:/# exit
exit
[root@foundation95 ~]# docker run -it --name vm5 ubuntu
root@6b6e0ec792b9:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
18: eth0@if19: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:19:0a:02 brd ff:ff:ff:ff:ff:ff
inet 172.25.10.2/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe19:a02/64 scope link
valid_lft forever preferred_lft forever
root@6b6e0ec792b9:/# exit
exit
[root@foundation95 ~]# docker run -it --name vm6 --net none ubuntu
root@170206c1f668:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
root@170206c1f668:/# exit
exit
//总结:创建容器时,没有--net 指定网络模式的时候,是默认桥接模式,--net container:容器名称 ,共用冒号后面这个容器的ip。 --net none 当Docker Container 采用了none 网络模式,那么容器内部就只能使用 loopback 网络设备,不会再有其他的网络资源,ip addr show 的时候看不到ip
none模式下给容器分配ip
[root@foundation95 ~]# docker run -it --name vm6 --net none ubuntu
root@170206c1f668:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
root@170206c1f668:/# exit
exit
[root@foundation95 ~]# docker attach vm6
You cannot attach to a stopped container, start it first
[root@foundation95 ~]# docker start vm6
vm6
[root@foundation95 ~]# docker attach vm6
root@170206c1f668:/#
root@170206c1f668:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
root@170206c1f668:/# [root@foundation95 ~]#
[root@foundation95 ~]# docker inspect vm6 |grep Pid
"Pid": 8308,
"PidMode": "",
"PidsLimit": 0,
[root@foundation95 ~]# cd /proc/8308
[root@foundation95 8308]# ls
attr coredump_filter gid_map mountinfo oom_score sessionid syscall
autogroup cpuset io mounts oom_score_adj setgroups task
auxv cwd limits mountstats pagemap smaps timers
cgroup environ loginuid net personality stack uid_map
clear_refs exe map_files ns projid_map stat wchan
cmdline fd maps numa_maps root statm
comm fdinfo mem oom_adj sched status
[root@foundation95 8308]# cd ns/
[root@foundation95 ns]# ls
ipc mnt net pid user uts
[root@foundation95 ns]# pwd
/proc/8308/ns
[root@foundation95 ns]# ln -s /proc/8308/ns/net /var/run/netns/9489
ln: failed to create symbolic link ‘/var/run/netns/9489’: No such file or directory
[root@foundation95 ns]# cd /var/run/
[root@foundation95 run]# ls
abrt docker.pid log rhnsd.pid syslogd.pid
atd.pid docker.sock lsm rhsm systemd
auditd.pid faillock lvm rpcbind tmpfiles.d
avahi-daemon gdm lvmetad.pid rpcbind.sock tuned
blkid gssproxy.pid mdadm samba udev
console gssproxy.sock media sepermit udisks2
crond.pid httpd mount setrans user
cron.reboot initramfs netreport setroubleshoot utmp
dbus ksmtune.pid NetworkManager sm-notify.pid xtables.lock
dmeventd-client libvirt plymouth spice-vdagentd
dmeventd-server libvirtd.pid ppp sshd.pid
docker lock radvd sysconfig
[root@foundation95 run]# mkdir /var/run/netns
[root@foundation95 run]# ln -s /proc/8308/ns/net /var/run/netns/9489
[root@foundation95 run]# cd /var/run/netns
[root@foundation95 netns]# ls
9489
[root@foundation95 netns]# rm -fr /var/run/netns/9489
[root@foundation95 netns]# ln -s /proc/8308/ns/net /var/run/netns/8303
[root@foundation95 netns]# ls
8303
[root@foundation95 netns]# ip link add name veth0 type veth peer name veth1 //产生两个接口
[root@foundation95 netns]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0021cc5e7de1 no enp0s25
docker0 8000.0242cf6ff9ab no vethc0c236d
virbr0 8000.525400f9bd0b yes virbr0-nic
virbr1 8000.525400d307ed yes virbr1-nic
[root@foundation95 netns]# ip link set up dev veth0 //打开两个接口
[root@foundation95 netns]# ip link set up dev veth1
[root@foundation95 netns]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0021cc5e7de1 no enp0s25
docker0 8000.0242cf6ff9ab no vethc0c236d
virbr0 8000.525400f9bd0b yes virbr0-nic
virbr1 8000.525400d307ed yes virbr1-nic
[root@foundation95 netns]# brctl addif docker0 veth0 //将接口接到docker0上
[root@foundation95 netns]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.0021cc5e7de1 no enp0s25
docker0 8000.0242cf6ff9ab no veth0
vethc0c236d
virbr0 8000.525400f9bd0b yes virbr0-nic
virbr1 8000.525400d307ed yes virbr1-nic
[root@foundation95 netns]# ip link set veth1 netns 8303 //将另一个接口接到pid为8303的进程上
[root@foundation95 netns]# docker attach vm6
root@170206c1f668:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
20: veth1@if21: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 92:6c:05:65:a8:91 brd ff:ff:ff:ff:ff:ff
[root@foundation95 netns]# ip netns exec 8303 ip link set veth1 name eth0 //veth1改名称为eth0
[root@foundation95 netns]# ip netns exec 8303 ip link set eth0 up //打开eth0接口
[root@foundation95 netns]# ip netns exec 8303 ip addr add 172.25.10.12/24 dev eth0 //添加ip
[root@foundation95 netns]# ip netns exec 8303 ip route add default via 172.25.10.1 //添加网关
[root@foundation95 netns]# systemctl restart network
[root@foundation95 netns]# docker attach vm6
root@170206c1f668:/# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.25.10.1 0.0.0.0 UG 0 0 0 eth0
172.25.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
root@170206c1f668:/# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
20: eth0@if21: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 92:6c:05:65:a8:91 brd ff:ff:ff:ff:ff:ff
inet 172.25.10.12/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::906c:5ff:fe65:a891/64 scope link
valid_lft forever preferred_lft forever
root@170206c1f668:/# ping 172.25.254.95
PING 172.25.254.95 (172.25.254.95) 56(84) bytes of data.
64 bytes from 172.25.254.95: icmp_seq=1 ttl=64 time=0.135 ms
From 172.25.254.95 icmp_seq=2 Redirect HostFrom 172.25.254.95: icmp_seq=2 Redirect Host(New nexthop: 172.25.254.95)
64 bytes from 172.25.254.95: icmp_seq=2 ttl=64 time=0.098 ms
From 172.25.254.95 icmp_seq=3 Redirect HostFrom 172.25.254.95: icmp_seq=3 Redirect Host(New nexthop: 172.25.254.95)
64 bytes from 172.25.254.95: icmp_seq=3 ttl=64 time=0.093 ms
From 172.25.254.95 icmp_seq=4 Redirect HostFrom 172.25.254.95: icmp_seq=4 Redirect Host(New nexthop: 172.25.254.95)
64 bytes from 172.25.254.95: icmp_seq=4 ttl=64 time=0.082 ms
From 172.25.254.95 icmp_seq=5 Redirect HostFrom 172.25.254.95: icmp_seq=5 Redirect Host(New nexthop: 172.25.254.95)
64 bytes from 172.25.254.95: icmp_seq=5 ttl=64 time=0.083 ms
From 172.25.254.95 icmp_seq=6 Redirect HostFrom 172.25.254.95: icmp_seq=6 Redirect Host(New nexthop: 172.25.254.95)
64 bytes from 172.25.254.95: icmp_seq=6 ttl=64 time=0.091 ms
64 bytes from 172.25.254.95: icmp_seq=7 ttl=64 time=0.072 ms
^C
--- 172.25.254.95 ping statistics ---
7 packets transmitted, 7 received, +5 errors, 0% packet loss, time 5999ms
rtt min/avg/max/mdev = 0.072/0.093/0.135/0.020 ms
制作镜像:
[root@foundation95 netns]# cd
[root@foundation95 ~]# cd /tmp/
[root@foundation95 tmp]# ls
systemd-private-ffcc437b547f4e73882797a5de1966f7-httpd.service-eodPHJ
[root@foundation95 tmp]# mkdir /tmp/docker
[root@foundation95 tmp]# ls
docker systemd-private-ffcc437b547f4e73882797a5de1966f7-httpd.service-eodPHJ
[root@foundation95 tmp]# cd docker/
[root@foundation95 docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
170206c1f668 ubuntu "/bin/bash" 49 minutes ago Up 41 minutes vm6
6b6e0ec792b9 ubuntu "/bin/bash" 51 minutes ago Exited (0) 50 minutes ago vm5
4d8343872ec8 ubuntu "/bin/bash" 51 minutes ago Exited (0) 51 minutes ago vm4
d42e897b2914 ubuntu "/bin/bash" 53 minutes ago Up 52 minutes vm3
a4587822b85e ubuntu "/bin/bash" 53 minutes ago Exited (0) 53 minutes ago vm2
43ffcf2c163b ubuntu "/bin/bash" About an hour ago Up About an hour vm1
[root@foundation95 docker]# docker stop `docker ps -aq`
170206c1f668
6b6e0ec792b9
4d8343872ec8
d42e897b2914
a4587822b85e
43ffcf2c163b
[root@foundation95 docker]# docker rm `docker ps -aq`
170206c1f668
6b6e0ec792b9
4d8343872ec8
d42e897b2914
a4587822b85e
43ffcf2c163b
[root@foundation95 docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@foundation95 apache]# docker attach vm1
bash-4.2# cd /etc/yum.repos.d/
bash-4.2# ls
rhel7.repo
bash-4.2# vi dvd.repo
bash-4.2# cat dvd.repo
[dvd]
name=rhel7
baseurl=http://172.25.254.250/rhel7.2
gpgcheck=0
bash-4.2# yum repolist
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
westos | 4.1 kB 00:00
(1/2): westos/group_gz | 136 kB 00:00
(2/2): westos/primary_db | 3.6 MB 00:00
repo id repo name status
westos rhel7.2 4620
repolist: 4620
bash-4.2# yum install net-tools
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Resolving Dependencies
--> Running transaction check
---> Package net-tools.x86_64 0:2.0-0.17.20131004git.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================
Package Arch Version Repository Size
==========================================================================
Installing:
net-tools x86_64 2.0-0.17.20131004git.el7 westos 304 k
Transaction Summary
==========================================================================
Install 1 Package
Total download size: 304 k
Installed size: 917 k
Is this ok [y/d/N]: y
Downloading packages:
net-tools-2.0-0.17.20131004git.el7.x86_64.rpm | 304 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : net-tools-2.0-0.17.20131004git.el7.x86_64 1/1
Verifying : net-tools-2.0-0.17.20131004git.el7.x86_64 1/1
Installed:
net-tools.x86_64 0:2.0-0.17.20131004git.el7
Complete!
bash-4.2# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.10.1:59688 172.25.254.250:80 TIME_WAIT -
bash-4.2# which ip
bash: which: command not found
bash-4.2# yum install iproute
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Resolving Dependencies
--> Running transaction check
---> Package iproute.x86_64 0:3.10.0-54.el7 will be installed
--> Processing Dependency: libxtables.so.10()(64bit) for package: iproute-3.10.0-54.el7.x86_64
--> Running transaction check
---> Package iptables.x86_64 0:1.4.21-16.el7 will be installed
--> Processing Dependency: libnetfilter_conntrack.so.3()(64bit) for package: iptables-1.4.21-16.el7.x86_64
--> Processing Dependency: libnfnetlink.so.0()(64bit) for package: iptables-1.4.21-16.el7.x86_64
--> Running transaction check
---> Package libnetfilter_conntrack.x86_64 0:1.0.4-2.el7 will be installed
--> Processing Dependency: libmnl.so.0(LIBMNL_1.0)(64bit) for package: libnetfilter_conntrack-1.0.4-2.el7.x86_64
--> Processing Dependency: libmnl.so.0(LIBMNL_1.1)(64bit) for package: libnetfilter_conntrack-1.0.4-2.el7.x86_64
--> Processing Dependency: libmnl.so.0()(64bit) for package: libnetfilter_conntrack-1.0.4-2.el7.x86_64
---> Package libnfnetlink.x86_64 0:1.0.1-4.el7 will be installed
--> Running transaction check
---> Package libmnl.x86_64 0:1.0.3-7.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================
Package Arch Version Repository Size
==========================================================================
Installing:
iproute x86_64 3.10.0-54.el7 westos 527 k
Installing for dependencies:
iptables x86_64 1.4.21-16.el7 westos 424 k
libmnl x86_64 1.0.3-7.el7 westos 23 k
libnetfilter_conntrack x86_64 1.0.4-2.el7 westos 53 k
libnfnetlink x86_64 1.0.1-4.el7 westos 26 k
Transaction Summary
==========================================================================
Install 1 Package (+4 Dependent packages)
Total download size: 1.0 M
Installed size: 3.0 M
Is this ok [y/d/N]: y
Downloading packages:
(1/5): iproute-3.10.0-54.el7.x86_64.rpm | 527 kB 00:00
(2/5): iptables-1.4.21-16.el7.x86_64.rpm | 424 kB 00:00
(3/5): libmnl-1.0.3-7.el7.x86_64.rpm | 23 kB 00:00
(4/5): libnetfilter_conntrack-1.0.4-2.el7.x86_64.rpm | 53 kB 00:00
(5/5): libnfnetlink-1.0.1-4.el7.x86_64.rpm | 26 kB 00:00
--------------------------------------------------------------------------
Total 4.4 MB/s | 1.0 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libnfnetlink-1.0.1-4.el7.x86_64 1/5
Installing : libmnl-1.0.3-7.el7.x86_64 2/5
Installing : libnetfilter_conntrack-1.0.4-2.el7.x86_64 3/5
Installing : iptables-1.4.21-16.el7.x86_64 4/5
Installing : iproute-3.10.0-54.el7.x86_64 5/5
Verifying : iptables-1.4.21-16.el7.x86_64 1/5
Verifying : libnetfilter_conntrack-1.0.4-2.el7.x86_64 2/5
Verifying : libnfnetlink-1.0.1-4.el7.x86_64 3/5
Verifying : iproute-3.10.0-54.el7.x86_64 4/5
Verifying : libmnl-1.0.3-7.el7.x86_64 5/5
Installed:
iproute.x86_64 0:3.10.0-54.el7
Dependency Installed:
iptables.x86_64 0:1.4.21-16.el7
libmnl.x86_64 0:1.0.3-7.el7
libnetfilter_conntrack.x86_64 0:1.0.4-2.el7
libnfnetlink.x86_64 0:1.0.1-4.el7
Complete!
bash-4.2# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
31: eth0@if32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:c0:a8:0a:01 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.25.10.1/24 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:c0ff:fea8:a01/64 scope link
valid_lft forever preferred_lft forever
bash-4.2# exit
[root@foundation95 apache]#docker commit vm1 rhel7:v1
sha256:793a29a641578c628f9c29962c3f3e375eb161c32ee0d7114aa9e66975e08b5e
[root@foundation95 apache]# ls
Dockerfile
[root@foundation95 apache]# vim Dockerfile
[root@foundation95 apache]# cat Dockerfile
FROM rhel7:v1
MAINTAINER XIAOYAO@163.com
ENV HOSTNAME server1
EXPOSE 80
RUN yum install -y httpd &&yum clean all
CMD ["/usr/sbin/httpd","-D","FOREGROUND"]
[root@foundation95 apache]# docker build -t rhel7:v1 .
Sending build context to Docker daemon 2.048 kB
Step 1 : FROM rhel7:v1
---> 6a14b1004d6a
Step 2 : MAINTAINER BOBO@163.com
---> Running in 2b92e41b5245
---> 55e9f6884b08
Removing intermediate container 2b92e41b5245
Step 3 : ENV HOSTNAME server1
---> Running in c0e3dae2ac59
---> ce6298b3d25a
Removing intermediate container c0e3dae2ac59
Step 4 : EXPOSE 80
---> Running in 41ff1183b044
---> 7419f08d2b7b
Removing intermediate container 41ff1183b044
Step 5 : RUN yum install -y httpd &&yum clean all
---> Running in 174249ecd7a7
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-40.el7 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-40.el7 for package: httpd-2.4.6-40.el7.x86_64
--> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-40.el7.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-40.el7.x86_64
--> Processing Dependency: libsystemd-daemon.so.0(LIBSYSTEMD_DAEMON_31)(64bit) for package: httpd-2.4.6-40.el7.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-40.el7.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-40.el7.x86_64
--> Processing Dependency: libsystemd-daemon.so.0()(64bit) for package: httpd-2.4.6-40.el7.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package httpd-tools.x86_64 0:2.4.6-40.el7 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
---> Package redhat-logos.noarch 0:70.0.3-4.el7 will be installed
---> Package systemd-libs.x86_64 0:219-19.el7 will be installed
--> Processing Dependency: libdw.so.1()(64bit) for package: systemd-libs-219-19.el7.x86_64
--> Running transaction check
---> Package elfutils-libs.x86_64 0:0.163-3.el7 will be installed
--> Processing Dependency: elfutils-libelf(x86-64) = 0.163-3.el7 for package: elfutils-libs-0.163-3.el7.x86_64
--> Running transaction check
---> Package elfutils-libelf.x86_64 0:0.158-3.el7 will be updated
---> Package elfutils-libelf.x86_64 0:0.163-3.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
httpd x86_64 2.4.6-40.el7 westos 1.2 M
Installing for dependencies:
apr x86_64 1.4.8-3.el7 westos 103 k
apr-util x86_64 1.5.2-6.el7 westos 92 k
elfutils-libs x86_64 0.163-3.el7 westos 260 k
httpd-tools x86_64 2.4.6-40.el7 westos 82 k
mailcap noarch 2.1.41-2.el7 westos 31 k
redhat-logos noarch 70.0.3-4.el7 westos 13 M
systemd-libs x86_64 219-19.el7 westos 356 k
Updating for dependencies:
elfutils-libelf x86_64 0.163-3.el7 westos 200 k
Transaction Summary
================================================================================
Install 1 Package (+7 Dependent packages)
Upgrade ( 1 Dependent package)
Total download size: 15 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
--------------------------------------------------------------------------------
Total 20 MB/s | 15 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-3.el7.x86_64 1/10
Installing : apr-util-1.5.2-6.el7.x86_64 2/10
Installing : httpd-tools-2.4.6-40.el7.x86_64 3/10
Updating : elfutils-libelf-0.163-3.el7.x86_64 4/10
Installing : elfutils-libs-0.163-3.el7.x86_64 5/10
Installing : systemd-libs-219-19.el7.x86_64 6/10
Installing : mailcap-2.1.41-2.el7.noarch 7/10
Installing : redhat-logos-70.0.3-4.el7.noarch 8/10
Installing : httpd-2.4.6-40.el7.x86_64 9/10
Cleanup : elfutils-libelf-0.158-3.el7.x86_64 10/10
Verifying : elfutils-libs-0.163-3.el7.x86_64 1/10
Verifying : redhat-logos-70.0.3-4.el7.noarch 2/10
Verifying : apr-1.4.8-3.el7.x86_64 3/10
Verifying : mailcap-2.1.41-2.el7.noarch 4/10
Verifying : httpd-tools-2.4.6-40.el7.x86_64 5/10
Verifying : apr-util-1.5.2-6.el7.x86_64 6/10
Verifying : httpd-2.4.6-40.el7.x86_64 7/10
Verifying : elfutils-libelf-0.163-3.el7.x86_64 8/10
Verifying : systemd-libs-219-19.el7.x86_64 9/10
Verifying : elfutils-libelf-0.158-3.el7.x86_64 10/10
Installed:
httpd.x86_64 0:2.4.6-40.el7
Dependency Installed:
apr.x86_64 0:1.4.8-3.el7 apr-util.x86_64 0:1.5.2-6.el7
elfutils-libs.x86_64 0:0.163-3.el7 httpd-tools.x86_64 0:2.4.6-40.el7
mailcap.noarch 0:2.1.41-2.el7 redhat-logos.noarch 0:70.0.3-4.el7
systemd-libs.x86_64 0:219-19.el7
Dependency Updated:
elfutils-libelf.x86_64 0:0.163-3.el7
Complete!
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Cleaning repos: westos
Cleaning up everything
---> eaf5e4ecd116
Removing intermediate container 174249ecd7a7
Step 6 : CMD /usr/sbin/httpd -D FOREGROUND
---> Running in 067526bc3758
---> 8954447a7830
Removing intermediate container 067526bc3758
Successfully built 8954447a7830
[root@foundation95 apache]# docker run -d -p 8000:80 --name apache rhel7:v1
afd21514abfb033c0b11eb68380b2e250c64ea61e9dcc52504375c6c1ba0a479
[root@foundation95 apache]# vim index.html
[root@foundation95 apache]# mv index.html /var/www/html
[root@foundation95 apache]# cat /var/www/html/index.html
<h1> www.westos.org </h1>
[root@foundation95 apache]# systemctl restart httpd
浏览器访问localhost:8000
[root@foundation95 apache]# docker kill apache
apache
[root@foundation95 apache]# docker rm apache
apache
[root@foundation95 apache]# vim Dockerfile
[root@foundation95 apache]# docker run -d -p 8000:80 --name apache -v /tmp/docker/apache:/var/www/html rhel7:v1
2b1bfd1b9970337c25d145c2158cea5d9c9517534c17225e5f654e85e313eb28
[root@foundation95 apache]# docker run -d -p 8000:80 --name apache -v /tmp/docker/apache:/var/www/html rhel7:v2
[root@foundation95 docker]# cp apache/Dockerfile ssh/
[root@foundation95 docker]# cd ssh/
[root@foundation95 ssh]# ls
Dockerfile
[root@foundation95 ssh]# vim Dockerfile
[root@foundation95 ssh]# docker run -it --name vm2 rhel7:v1 bash
bash-4.2# yum install -y openssh-server openssh-clients
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
westos | 4.1 kB 00:00
(1/2): westos/group_gz | 136 kB 00:00
(2/2): westos/primary_db | 3.6 MB 00:00
Resolving Dependencies
--> Running transaction check
---> Package openssh-clients.x86_64 0:6.6.1p1-22.el7 will be installed
--> Processing Dependency: openssh = 6.6.1p1-22.el7 for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: libedit.so.0()(64bit) for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-clients-6.6.1p1-22.el7.x86_64
---> Package openssh-server.x86_64 0:6.6.1p1-22.el7 will be installed
--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.6.1p1-22.el7.x86_64
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64
---> Package libedit.x86_64 0:3.0-12.20121213cvs.el7 will be installed
---> Package openssh.x86_64 0:6.6.1p1-22.el7 will be installed
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================
Package Arch Version Repository
Size
==========================================================================
Installing:
openssh-clients x86_64 6.6.1p1-22.el7 westos 638 k
openssh-server x86_64 6.6.1p1-22.el7 westos 436 k
Installing for dependencies:
fipscheck x86_64 1.4.1-5.el7 westos 21 k
fipscheck-lib x86_64 1.4.1-5.el7 westos 11 k
libedit x86_64 3.0-12.20121213cvs.el7 westos 92 k
openssh x86_64 6.6.1p1-22.el7 westos 435 k
tcp_wrappers-libs x86_64 7.6-77.el7 westos 66 k
Transaction Summary
==========================================================================
Install 2 Packages (+5 Dependent packages)
Total download size: 1.7 M
Installed size: 4.9 M
Downloading packages:
(1/7): fipscheck-1.4.1-5.el7.x86_64.rpm | 21 kB 00:00
(2/7): fipscheck-lib-1.4.1-5.el7.x86_64.rpm | 11 kB 00:00
(3/7): libedit-3.0-12.20121213cvs.el7.x86_64.rpm | 92 kB 00:00
(4/7): openssh-6.6.1p1-22.el7.x86_64.rpm | 435 kB 00:00
(5/7): openssh-clients-6.6.1p1-22.el7.x86_64.rpm | 638 kB 00:00
(6/7): openssh-server-6.6.1p1-22.el7.x86_64.rpm | 436 kB 00:00
(7/7): tcp_wrappers-libs-7.6-77.el7.x86_64.rpm | 66 kB 00:00
--------------------------------------------------------------------------
Total 6.3 MB/s | 1.7 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : fipscheck-1.4.1-5.el7.x86_64 1/7
Installing : fipscheck-lib-1.4.1-5.el7.x86_64 2/7
Installing : openssh-6.6.1p1-22.el7.x86_64 3/7
Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 4/7
Installing : libedit-3.0-12.20121213cvs.el7.x86_64 5/7
Installing : openssh-clients-6.6.1p1-22.el7.x86_64 6/7
Installing : openssh-server-6.6.1p1-22.el7.x86_64 7/7
Verifying : openssh-clients-6.6.1p1-22.el7.x86_64 1/7
Verifying : libedit-3.0-12.20121213cvs.el7.x86_64 2/7
Verifying : openssh-6.6.1p1-22.el7.x86_64 3/7
Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 4/7
Verifying : openssh-server-6.6.1p1-22.el7.x86_64 5/7
Verifying : fipscheck-lib-1.4.1-5.el7.x86_64 6/7
Verifying : fipscheck-1.4.1-5.el7.x86_64 7/7
Installed:
openssh-clients.x86_64 0:6.6.1p1-22.el7
openssh-server.x86_64 0:6.6.1p1-22.el7
Dependency Installed:
fipscheck.x86_64 0:1.4.1-5.el7
fipscheck-lib.x86_64 0:1.4.1-5.el7
libedit.x86_64 0:3.0-12.20121213cvs.el7
openssh.x86_64 0:6.6.1p1-22.el7
tcp_wrappers-libs.x86_64 0:7.6-77.el7
Complete!
bash-4.2# rpm -ql openssh-server
/etc/pam.d/sshd
/etc/ssh/sshd_config
/etc/sysconfig/sshd
/usr/lib/systemd/system/sshd-keygen.service
/usr/lib/systemd/system/sshd.service
/usr/lib/systemd/system/sshd.socket
/usr/lib/systemd/system/sshd@.service
/usr/lib64/fipscheck/sshd.hmac
/usr/libexec/openssh/sftp-server
/usr/sbin/sshd
/usr/sbin/sshd-keygen
/usr/share/man/man5/moduli.5.gz
/usr/share/man/man5/sshd_config.5.gz
/usr/share/man/man8/sftp-server.8.gz
/usr/share/man/man8/sshd.8.gz
/var/empty/sshd
bash-4.2# /usr/sbin/sshd
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key
bash-4.2# cd /etc/ssh/
bash-4.2# ssh keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N ""
ssh: Could not resolve hostname keygen: Name or service not known
bash-4.2# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N ""
bash-4.2# ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -q -N ""
bash-4.2# ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key.pub -q -N ""
bash-4.2# ls
moduli ssh_host_ecdsa_key.pub ssh_host_rsa_key
ssh_config ssh_host_ed25519_key.pub ssh_host_rsa_key.pub
ssh_host_ecdsa_key ssh_host_ed25519_key.pub.pub sshd_config
bash-4.2# ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -q -N ""bash-4.2# /usr/sbin/sshd
bash-4.2# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 38/sshd
tcp6 0 0 :::22 :::* LISTEN 38/sshd
bash-4.2# ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is 8d:1e:df:6c:b4:15:2b:a4:39:69:4f:b1:a4:a5:d5:d4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
root@localhost's password:
Permission denied, please try again.
root@localhost's password:
bash-4.2# echo root:westos | chpasswd
bash-4.2# /usr/sbin/sshd
bash-4.2# ssh localhost
root@localhost's password:
-bash-4.2# history
1 ls
2 mkdir apache/
3 cd apache/
4 cd /etc/yum.repos.d/
5 vi dvd.repo
6 yum repolist
7 yum install net-tools
8 netstat -antlp
9 which ip
10 yum install iproute
11 ip addr show
12 history
-bash-4.2# logout
Connection to localhost closed.
bash-4.2# history
1 ls
2 mkdir apache/
3 cd apache/
4 cd /etc/yum.repos.d/
5 vi dvd.repo
6 yum repolist
7 yum install net-tools
8 netstat -antlp
9 which ip
10 yum install iproute
11 ip addr show
12 yum install -y openssh-server openssh-clients
13 rpm -ql openssh-server
14 /usr/sbin/sshd
15 cd /etc/ssh/
16 ssh keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N ""
17 ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N ""
18 ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -q -N ""
19 ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key.pub -q -N ""
20 ls
21 ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -q -N ""
22 /usr/sbin/sshd
23 netstat -antlp
24 ssh localhost
25 echo root:westos | chpasswd
26 /usr/sbin/sshd
27 ssh localhost
28 history
bash-4.2# [root@foundation95 ssh]#
[root@foundation95 ssh]# vim Dockerfile
[root@foundation95 ssh]# docker build -t rhel7:v4 .
Sending build context to Docker daemon 2.048 kB
Step 1 : FROM rhel7:v1
---> 8954447a7830
Step 2 : MAINTAINER BOBO@163.com
---> Using cache
---> 84b8227a22bc
Step 3 : ENV HOSTNAME server2
---> Running in 407d25ec7050
---> 1cd168277de4
Removing intermediate container 407d25ec7050
Step 4 : EXPOSE 22
---> Running in 2d1cb50a6e92
---> 72231199ea80
Removing intermediate container 2d1cb50a6e92
Step 5 : RUN yum install -y openssh-server openssh-clients && yum clean all
---> Running in 1d41e78321f6
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Resolving Dependencies
--> Running transaction check
---> Package openssh-clients.x86_64 0:6.6.1p1-22.el7 will be installed
--> Processing Dependency: openssh = 6.6.1p1-22.el7 for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: libedit.so.0()(64bit) for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-clients-6.6.1p1-22.el7.x86_64
---> Package openssh-server.x86_64 0:6.6.1p1-22.el7 will be installed
--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.6.1p1-22.el7.x86_64
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64
---> Package libedit.x86_64 0:3.0-12.20121213cvs.el7 will be installed
---> Package openssh.x86_64 0:6.6.1p1-22.el7 will be installed
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssh-clients x86_64 6.6.1p1-22.el7 westos 638 k
openssh-server x86_64 6.6.1p1-22.el7 westos 436 k
Installing for dependencies:
fipscheck x86_64 1.4.1-5.el7 westos 21 k
fipscheck-lib x86_64 1.4.1-5.el7 westos 11 k
libedit x86_64 3.0-12.20121213cvs.el7 westos 92 k
openssh x86_64 6.6.1p1-22.el7 westos 435 k
tcp_wrappers-libs x86_64 7.6-77.el7 westos 66 k
Transaction Summary
================================================================================
Install 2 Packages (+5 Dependent packages)
Total download size: 1.7 M
Installed size: 4.9 M
Downloading packages:
--------------------------------------------------------------------------------
Total 6.5 MB/s | 1.7 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : fipscheck-1.4.1-5.el7.x86_64 1/7
Installing : fipscheck-lib-1.4.1-5.el7.x86_64 2/7
Installing : openssh-6.6.1p1-22.el7.x86_64 3/7
Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 4/7
Installing : libedit-3.0-12.20121213cvs.el7.x86_64 5/7
Installing : openssh-clients-6.6.1p1-22.el7.x86_64 6/7
Installing : openssh-server-6.6.1p1-22.el7.x86_64 7/7
Verifying : openssh-clients-6.6.1p1-22.el7.x86_64 1/7
Verifying : libedit-3.0-12.20121213cvs.el7.x86_64 2/7
Verifying : openssh-6.6.1p1-22.el7.x86_64 3/7
Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 4/7
Verifying : openssh-server-6.6.1p1-22.el7.x86_64 5/7
Verifying : fipscheck-lib-1.4.1-5.el7.x86_64 6/7
Verifying : fipscheck-1.4.1-5.el7.x86_64 7/7
Installed:
openssh-clients.x86_64 0:6.6.1p1-22.el7
openssh-server.x86_64 0:6.6.1p1-22.el7
Dependency Installed:
fipscheck.x86_64 0:1.4.1-5.el7 fipscheck-lib.x86_64 0:1.4.1-5.el7
libedit.x86_64 0:3.0-12.20121213cvs.el7 openssh.x86_64 0:6.6.1p1-22.el7
tcp_wrappers-libs.x86_64 0:7.6-77.el7
Complete!
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Cleaning repos: westos
Cleaning up everything
---> 07c1dfd5153d
Removing intermediate container 1d41e78321f6
Step 6 : RUN ssh-keygen -trsa -f /etc/ssh/ssh_host_rsa_key -q -N ""&&ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -q -N ""&&ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -q -N ""
---> Running in 9a1f3c418aea
---> 30f3f388dea2
Removing intermediate container 9a1f3c418aea
Step 7 : CMD /usr/sbin/sshd -D
---> Running in c2cf5d1791aa
---> 923854ed560d
Removing intermediate container c2cf5d1791aa
Successfully built 923854ed560d
[root@foundation95 ssh]# docker images rhel7:v4
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v4 923854ed560d 41 seconds ago 217.8 MB
[root@foundation95 ssh]# docker history rhel7:v4
IMAGE CREATED CREATED BY SIZE COMMENT
923854ed560d 57 seconds ago /bin/sh -c #(nop) CMD ["/usr/sbin/sshd" "-D"] 0 B
30f3f388dea2 About a minute ago /bin/sh -c ssh-keygen -trsa -f /etc/ssh/ssh_h 2.967 kB
07c1dfd5153d About a minute ago /bin/sh -c yum install -y openssh-server open 14.11 MB
72231199ea80 About a minute ago /bin/sh -c #(nop) EXPOSE 22/tcp 0 B
1cd168277de4 2 minutes ago /bin/sh -c #(nop) ENV HOSTNAME=server2 0 B
84b8227a22bc 37 minutes ago /bin/sh -c #(nop) MAINTAINER BOBO@163.com 0 B
8954447a7830 About an hour ago /bin/sh -c #(nop) CMD ["/usr/sbin/httpd" "-D" 0 B
eaf5e4ecd116 About an hour ago /bin/sh -c yum install -y httpd &&yum clean a 29.27 MB
7419f08d2b7b About an hour ago /bin/sh -c #(nop) EXPOSE 80/tcp 0 B
ce6298b3d25a About an hour ago /bin/sh -c #(nop) ENV HOSTNAME=server1 0 B
55e9f6884b08 About an hour ago /bin/sh -c #(nop) MAINTAINER BOBO@163.com 0 B
6a14b1004d6a About an hour ago bash 34.16 MB
0a3eb3fde7fd 2 years ago 140.2 MB Imported from -
[root@foundation95 ssh]# docker run -d --name ssh -p 2222:22 rhel7:v4
cff3ac17ecfac15f3d089ad1fa210e2199b80a0e3efa420c587ce454b6101b61
[root@foundation95 ssh]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cff3ac17ecfa rhel7:v4 "/usr/sbin/sshd -D" 12 seconds ago Up 9 seconds 80/tcp, 0.0.0.0:2222->22/tcp ssh
05e9fed20ee2 rhel7:v1 "bash" 19 minutes ago Up 19 minutes 80/tcp vm2
2b1bfd1b9970 rhel7:v1 "/usr/sbin/httpd -D F" 54 minutes ago Up 54 minutes 0.0.0.0:8000->80/tcp apache
[root@foundation95 ssh]# ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is d2:72:79:89:2c:5a:2e:9c:c5:1e:b9:63:5f:0a:19:24.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
root@localhost's password:
Last login: Wed May 10 08:44:21 2017
[root@foundation95 ~]# ssh localhost -p 2222 -l root
[root@foundation95 ssh]# ssh localhost -p 2222
The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
ECDSA key fingerprint is 7d:4b:d0:3e:50:74:c6:d9:11:eb:8c:0c:e3:1c:ff:03.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of known hosts.
root@localhost's password:
-bash-4.2#
多任务执行
lftp 172.25.254.250:/pub/docker> get supervisor-3.1.3-3.el7.noarch.rpm
455308 bytes transferred
lftp 172.25.254.250:/pub/docker> quit
You have new mail in /var/spool/mail/root
[root@foundation95 ssh]# cd ..
[root@foundation95 docker]# mkdir super/
[root@foundation95 docker]# cd super/
[root@foundation95 super]# ls
[root@foundation95 super]# cp /tmp/docker/ssh/Dockerfile .
[root@foundation95 super]# ls
Dockerfile
[root@foundation95 super]# vim update.repo
[root@foundation95 super]# vim Dockerfile
[root@foundation95 super]# vim supervisord.conf
[root@foundation95 super]# vim Dockerfile
[root@foundation95 super]# docker stop `docker ps -aq`
cb34b9d04c49
[root@foundation95 super]# docker rm `docker ps -aq`
cb34b9d04c49
[root@foundation95 super]# docker build -t rhel7:v5 .
Sending build context to Docker daemon 4.096 kB
Step 1 : FROM rhel7:v1
---> 8954447a7830
Step 2 : MAINTAINER BOBO@163.com
---> Using cache
---> 84b8227a22bc
Step 3 : ENV HOSTNAME server2
---> Using cache
---> 1cd168277de4
Step 4 : EXPOSE 22 80
---> Running in 9d9aab6b906c
---> 4dce920a63c6
Removing intermediate container 9d9aab6b906c
Step 5 : COPY update.repo /etc/yum.repos.d
---> 540eada0a50f
Removing intermediate container 86e0786521d5
Step 6 : RUN yum install -y openssh-server openssh-clients httpd supervisor && yum clean all
---> Running in 1e227bb18a06
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Package httpd-2.4.6-40.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package openssh-clients.x86_64 0:6.6.1p1-22.el7 will be installed
--> Processing Dependency: openssh = 6.6.1p1-22.el7 for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: libedit.so.0()(64bit) for package: openssh-clients-6.6.1p1-22.el7.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-clients-6.6.1p1-22.el7.x86_64
---> Package openssh-server.x86_64 0:6.6.1p1-22.el7 will be installed
--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.6.1p1-22.el7.x86_64
---> Package supervisor.noarch 0:3.1.3-3.el7 will be installed
--> Processing Dependency: python-meld3 >= 0.6.5 for package: supervisor-3.1.3-3.el7.noarch
--> Processing Dependency: python-setuptools for package: supervisor-3.1.3-3.el7.noarch
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64
---> Package libedit.x86_64 0:3.0-12.20121213cvs.el7 will be installed
---> Package openssh.x86_64 0:6.6.1p1-22.el7 will be installed
---> Package python-meld3.x86_64 0:0.6.10-1.el7 will be installed
---> Package python-setuptools.noarch 0:0.9.8-4.el7 will be installed
--> Processing Dependency: python-backports-ssl_match_hostname for package: python-setuptools-0.9.8-4.el7.noarch
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
---> Package python-backports-ssl_match_hostname.noarch 0:3.4.0.2-4.el7 will be installed
--> Processing Dependency: python-backports for package: python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch
--> Running transaction check
---> Package python-backports.x86_64 0:1.0-8.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
openssh-clients x86_64 6.6.1p1-22.el7 dvd 638 k
openssh-server x86_64 6.6.1p1-22.el7 dvd 436 k
supervisor noarch 3.1.3-3.el7 update 445 k
Installing for dependencies:
fipscheck x86_64 1.4.1-5.el7 dvd 21 k
fipscheck-lib x86_64 1.4.1-5.el7 dvd 11 k
libedit x86_64 3.0-12.20121213cvs.el7 dvd 92 k
openssh x86_64 6.6.1p1-22.el7 dvd 435 k
python-backports x86_64 1.0-8.el7 dvd 5.8 k
python-backports-ssl_match_hostname noarch 3.4.0.2-4.el7 dvd 12 k
python-meld3 x86_64 0.6.10-1.el7 update 73 k
python-setuptools noarch 0.9.8-4.el7 dvd 397 k
tcp_wrappers-libs x86_64 7.6-77.el7 dvd 66 k
Transaction Summary
================================================================================
Install 3 Packages (+9 Dependent packages)
Total download size: 2.6 M
Installed size: 9.3 M
Downloading packages:
--------------------------------------------------------------------------------
Total 1.7 MB/s | 2.6 MB 00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : fipscheck-1.4.1-5.el7.x86_64 1/12
Installing : fipscheck-lib-1.4.1-5.el7.x86_64 2/12
Installing : openssh-6.6.1p1-22.el7.x86_64 3/12
Installing : python-meld3-0.6.10-1.el7.x86_64 4/12
Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 5/12
Installing : python-backports-1.0-8.el7.x86_64 6/12
Installing : python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch 7/12
Installing : python-setuptools-0.9.8-4.el7.noarch 8/12
Installing : libedit-3.0-12.20121213cvs.el7.x86_64 9/12
Installing : openssh-clients-6.6.1p1-22.el7.x86_64 10/12
Installing : supervisor-3.1.3-3.el7.noarch 11/12
Installing : openssh-server-6.6.1p1-22.el7.x86_64 12/12
Verifying : openssh-clients-6.6.1p1-22.el7.x86_64 1/12
Verifying : python-setuptools-0.9.8-4.el7.noarch 2/12
Verifying : python-backports-ssl_match_hostname-3.4.0.2-4.el7.noarch 3/12
Verifying : libedit-3.0-12.20121213cvs.el7.x86_64 4/12
Verifying : openssh-6.6.1p1-22.el7.x86_64 5/12
Verifying : python-backports-1.0-8.el7.x86_64 6/12
Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 7/12
Verifying : python-meld3-0.6.10-1.el7.x86_64 8/12
Verifying : openssh-server-6.6.1p1-22.el7.x86_64 9/12
Verifying : supervisor-3.1.3-3.el7.noarch 10/12
Verifying : fipscheck-lib-1.4.1-5.el7.x86_64 11/12
Verifying : fipscheck-1.4.1-5.el7.x86_64 12/12
Installed:
openssh-clients.x86_64 0:6.6.1p1-22.el7
openssh-server.x86_64 0:6.6.1p1-22.el7
supervisor.noarch 0:3.1.3-3.el7
Dependency Installed:
fipscheck.x86_64 0:1.4.1-5.el7
fipscheck-lib.x86_64 0:1.4.1-5.el7
libedit.x86_64 0:3.0-12.20121213cvs.el7
openssh.x86_64 0:6.6.1p1-22.el7
python-backports.x86_64 0:1.0-8.el7
python-backports-ssl_match_hostname.noarch 0:3.4.0.2-4.el7
python-meld3.x86_64 0:0.6.10-1.el7
python-setuptools.noarch 0:0.9.8-4.el7
tcp_wrappers-libs.x86_64 0:7.6-77.el7
Complete!
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Cleaning repos: dvd update westos
Cleaning up everything
---> e8c94da88743
Removing intermediate container 1e227bb18a06
Step 7 : RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N "" && ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -q -N "" && ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -q -N "" && echo root:hahaha | chpasswd
---> Running in 2880ad28d7bb
---> adba630fb85c
Removing intermediate container 2880ad28d7bb
Step 8 : CMD /usr/bin/supervisord
---> Running in fa315bf36bdc
---> 002946b572e7
Removing intermediate container fa315bf36bdc
Successfully built 002946b572e7
[root@foundation95 super]# vim Dockerfile
[root@foundation95 super]# docker run -d --name super -p 2222:22 -p 8000:80 rhel7:v5
a350e66234c28c52341d1c6645a3ff49c9be4f69eb47903a171fd77f8488ac40
[root@foundation95 super]# ssh localhost -p 2222
ssh: connect to host localhost port 2222: Connection refused
[root@foundation95 super]# curl 172.25.254.250
www.westos.org
[root@foundation95 super]# ssh localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is d2:72:79:89:2c:5a:2e:9c:c5:1e:b9:63:5f:0a:19:24.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
root@localhost's password:
Permission denied, please try again.
root@localhost's password:
[root@foundation95 super]# docker inspect rhel7:v5
[
{
"Id": "sha256:002946b572e7ef3b85b57980a5b6182aff83fa6aaa080f60dc6059efcaa8e153",
"RepoTags": [
"rhel7:v5"
],
"RepoDigests": [],
"Parent": "sha256:adba630fb85c04ca8e87be1caa174fcf89d1923024981fbf98339bc12ddf31f9",
"Comment": "",
"Created": "2017-05-10T08:01:22.829654528Z",
"Container": "fa315bf36bdc8a4c19c4a68a1e4fd77101461fd827b95a48f476950ff146e029",
"ContainerConfig": {
"Hostname": "2b92e41b5245",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"22/tcp": {},
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"HOSTNAME=server2"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) CMD [\"/usr/bin/supervisord\"]"
],
"ArgsEscaped": true,
"Image": "sha256:adba630fb85c04ca8e87be1caa174fcf89d1923024981fbf98339bc12ddf31f9",
"Volumes": {},
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": [],
"Labels": {}
},
"DockerVersion": "1.10.3",
"Author": "BOBO@163.com",
"Config": {
"Hostname": "2b92e41b5245",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"22/tcp": {},
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"HOSTNAME=server2"
],
"Cmd": [
"/usr/bin/supervisord"
],
"ArgsEscaped": true,
"Image": "sha256:adba630fb85c04ca8e87be1caa174fcf89d1923024981fbf98339bc12ddf31f9",
"Volumes": {},
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": [],
"Labels": {}
},
"Architecture": "amd64",
"Os": "linux",
"Size": 221617803,
"VirtualSize": 221617803,
"GraphDriver": {
"Name": "devicemapper",
"Data": {
"DeviceId": "268",
"DeviceName": "docker-253:1-538695038-bb199625895b5b7ed72df0d7e44a76765cd5e7b895621e62080b3057f56bd030",
"DeviceSize": "10737418240"
}
}
}
]
[root@foundation95 super]# docker stop super
super
[root@foundation95 super]# docker rm super
[root@foundation95 super]# docker run -d --name super -p 2222:22 -p 8000[root@foundation95 super]# docker run -d --name super -p 2222:22 -p 8000:80 rhel7:v5
b6c2df45d7107f5e2ccbae31c1f6c3229b5d4598e854585330e24a0b12a99a3e
[root@foundation95 super]# ssh localhost -p 2222 -l root
ssh: connect to host localhost port 2222: Connection refused
[root@foundation95 super]# docker stop super
super
[root@foundation95 super]# docker rm super
super
[root@foundation95 super]# docker run -d --name super -p 2222:22 -p 8000:80 -v /tmp/docker/apache:/var/www/html rhel7:v5
b60b225dc11f245ca0fd061c04ef935073f0eaef6ca046208e9716bd90186c5c
[root@foundation95 super]# ssh localhost -p 2222
ssh: connect to host localhost port 2222: Connection refused
[root@foundation95 super]# curl 172.25.254.250
www.westos.org
[root@foundation95 super]# vim Dockerfile [root@foundation95 super]# netstat -antlp |grep 8000
[root@foundation95 super]# netstat -antlp |grep 2222
[root@foundation95 super]# vim Dockerfile
[root@foundation95 super]# docker stop super
super
[root@foundation95 super]# docker rm super
super
[root@foundation95 super]# docker build -t rhel7:v6 .
Sending build context to Docker daemon 4.096 kB
Step 1 : FROM rhel7:v1
---> 8954447a7830
Step 2 : MAINTAINER BOBO@163.com
---> Using cache
---> 84b8227a22bc
Step 3 : ENV HOSTNAME server2
---> Using cache
---> 1cd168277de4
Step 4 : EXPOSE 22 80
---> Using cache
---> 4dce920a63c6
Step 5 : COPY update.repo /etc/yum.repos.d
---> Using cache
---> 540eada0a50f
Step 6 : RUN yum install -y openssh-server openssh-clients httpd supervisor && yum clean all
---> Using cache
---> e8c94da88743
Step 7 : RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N "" && ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -q -N "" && ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -q -N "" && echo root:hahaha | chpasswd
---> Using cache
---> adba630fb85c
Step 8 : COPY supervisord.conf /etc/supervisord.conf
---> a7514759b84c
Removing intermediate container 2281a1f82d34
Step 9 : CMD /usr/bin/supervisord
---> Running in 6c861e0e726a
---> 181387b39e5d
Removing intermediate container 6c861e0e726a
Successfully built 181387b39e5d
[root@foundation95 super]# docker run -d --name super -p 2222:22 -p 8000:80 -v /tmp/docker/apache:/var/www/html rhel7:v6
6d83112bed2dcb1731c89746bcdd14601a36ee285e02ea4a58f13d00c2da1957
[root@foundation95 super]# ssh localhost -p 2222
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
5b:63:4c:33:b8:be:52:b8:8d:00:8c:2c:71:bb:83:46.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:1
ECDSA host key for [localhost]:2222 has changed and you have requested strict checking.
Host key verification failed.
[root@foundation95 super]# cd /root/.ssh/
[root@foundation95 .ssh]# ls
authorized_keys id_rsa known_hosts
[root@foundation95 .ssh]# rm -f known_hosts
[root@foundation95 .ssh]# cd ..
[root@foundation95 ~]# ssh localhost -p 2222
The authenticity of host '[localhost]:2222 ([::1]:2222)' can't be established.
ECDSA key fingerprint is 5b:63:4c:33:b8:be:52:b8:8d:00:8c:2c:71:bb:83:46.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of known hosts.
root@localhost's password:
-bash-4.2# curl 172.25.254.250
www.westos.org
-bash-4.2#
权威|前沿|技术|干货|国内首个API全生命周期开发者社区
更多推荐
0
0- 0
已为社区贡献1条内容
所有评论(0)