docker之ubuntu开启sshd登陆服务

如题，我们使用docker pull elasticsearch 到本地并且安装完毕后，我们发现docker提供的服务确实能用，但我们需要将现有的docker容器添加其他服务该怎么办？又无法登陆到容器内部，ok下面就讲解怎么将现有容器添加ssh登陆。下面我们分两步骤讲解，首先我们需要一个原生ubuntu环境支持sshd登陆服务。然后再讲解其它容器的整合。

1. 原生ubuntu环境支持sshd登陆服务

创建Dockfile文件

FROM       ubuntu:14.04
MAINTAINER yufu niu "https://github.com/e421083458"

RUN apt-get update

RUN apt-get install -y openssh-server
RUN mkdir /var/run/sshd

RUN echo 'root:root' |chpasswd

RUN sed -ri 's/^PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config

EXPOSE 22

CMD    ["/usr/sbin/sshd", "-D"]

然后，构建镜像：

docker build -t e421083458/ubuntu-sshd .

然后，创建容器：

docker run -d -p 222:22 e421083458/ubuntu_sshd

然后，登陆测试：，密码为root

ssh [email protected] -p 222

2. ok下面让我们整合其他容器登陆服务。

首先我们下载es的docker源码：

git clone [email protected]:docker-library/elasticsearch.git

然后跳转到2.4版本目录：

cd elasticsearch/2.4

然后修改Dockefile如下：（修改部分我作了标红）

FROM openjdk:8-jre

# grab gosu for easy step-down from root
ENV GOSU_VERSION 1.7
RUN set -x \
	&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \
	&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \
	&& export GNUPGHOME="$(mktemp -d)" \
	&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
	&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
	&& rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \
	&& chmod +x /usr/local/bin/gosu \
	&& gosu nobody true

# https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-repositories.html
# https://packages.elasticsearch.org/GPG-KEY-elasticsearch
RUN apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys 46095ACC8548582C1A2699A9D27D666CD88E42B4

ENV ELASTICSEARCH_VERSION 2.4.0
ENV ELASTICSEARCH_REPO_BASE http://packages.elasticsearch.org/elasticsearch/2.x/debian

RUN echo "deb $ELASTICSEARCH_REPO_BASE stable main" > /etc/apt/sources.list.d/elasticsearch.list

RUN set -x \
	&& apt-get update \
	&& apt-get install -y --no-install-recommends elasticsearch=$ELASTICSEARCH_VERSION \
	&& rm -rf /var/lib/apt/lists/*

ENV PATH /usr/share/elasticsearch/bin:$PATH

WORKDIR /usr/share/elasticsearch

RUN set -ex \
	&& for path in \
		./data \
		./logs \
		./config \
		./config/scripts \
	; do \
		mkdir -p "$path"; \
		chown -R elasticsearch:elasticsearch "$path"; \
	done

COPY config ./config

VOLUME /usr/share/elasticsearch/data

COPY docker-entrypoint.sh /

RUN set -x \
    && apt-get update \
    && apt-get install -y openssh-server \
    && mkdir /var/run/sshd

RUN echo 'root:root' |chpasswd

RUN sed -ri 's/^PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config

EXPOSE 22 9200 9300 

#EXPOSE 9200 9300
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["elasticsearch"]

修改docker-entrypoint.sh，即es入口文件：

#!/bin/bash

#开启sshd登陆支持
service ssh start

set -e

# Add elasticsearch as command if needed
if [ "${1:0:1}" = '-' ]; then
	set -- elasticsearch "$@"
fi

# Drop root privileges if we are running elasticsearch
# allow the container to be started with `--user`
if [ "$1" = 'elasticsearch' -a "$(id -u)" = '0' ]; then
	# Change the ownership of /usr/share/elasticsearch/data to elasticsearch
	chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/data
	
	set -- gosu elasticsearch "$@"
	#exec gosu elasticsearch "$BASH_SOURCE" "$@"
fi

# As argument is not related to elasticsearch,
# then assume that user wants to run his own process,
# for example a `bash` shell to explore this image
exec "$@"

然后重新构建镜像：

docker build -t e421083458/elasticsearch-sshd .

然后跑起容器：

docker run -d -v "${PWD}/esdata":/usr/share/elasticsearch/data -p 9200:9200 -p 9300:9300 -p 223:22 e421083458/elasticsearch-sshd

然后测试登陆即可：

ssh [email protected] -p 223

此时，你既能享受es给你带来的便捷，又能随时进入容器内部查看各种运行指标。  enjoy it!!!