记录一些容器镜像的构建或服务部署
搭建centos ssh容器
-
docker run -it centos bash -
yum -y install openssh-server openssh-clients -
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" -
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" -
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" -
vi /etc/ssh/sshd_config,UsePAM no #UsePAM yes -
passwd root -
docker commit containerid imagename -
docker run -d -p 10022:22 imagename /usr/sbin/sshd -D(也可以使用-v 挂载目录到容器) -
ssh root@localhost -p 10022
Dockerfile文件如下:
FROM centos:7
LABEL name="work container for centos" \
vendor="hanamichi" \
email="x893675@gmail.com"
RUN yum -y install git && yum clean all \
&& rm -rf /var/cache/yum \
&& rm -rf /etc/yum.repos.d/*.repo \
&& cd /root && git clone https://gitee.com/x893675/dotfiles.git \
&& cp -v /root/dotfiles/centos/yum/*.repo /etc/yum.repos.d/
RUN yum -y install openssh-server openssh-clients vim wget which epel-release
RUN cd /root/dotfiles/tmux/ && bash /root/dotfiles/tmux/setup.sh \
&& cd /root/dotfiles/zsh && bash /root/dotfiles/zsh/setup.sh \
&& yum install -y the_silver_searcher && yum clean all && rm -rf /var/cache/yum
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" \
&& ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" \
&& ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
RUN sed -i "s/\(UsePAM \)\S*/\1yes/" /etc/ssh/sshd_config && echo "1234" | passwd --stdin root
CMD ["/usr/sbin/sshd","-D"]
使用dockerfile文件构建的镜像启动命令:docker run -d -p 10022:22 imagename
centos容器使用ss代理
-
yum install python python-pip -y -
pip install shadowsocks -
写ss代理的配置文件
vi ss.json:{ "server":"server.....", "server_port":11518, "local_address": "127.0.0.1", "local_port":1080, "password":"password", "timeout":600, "method":"aes-256-cfb" } -
sslocal -c ss.json -d start -
安装privoxy,从www.privoxy.org下载源码
-
yum install gcc make autoconf -y -
解压源码,进入源码目录
-
useradd privoxy -
autoheader && autoconf -
./configure -
make && make install -
vi /usr/local/etc/privoxy/config去掉forward-socks5t那行的注视,修改地址为ss运行的本地地址,一般改为127.0.0.1:1080 -
privoxy --user privoxy /usr/local/etc/privoxy/config -
export http_proxy='http://127.0.0.1:8118' -
export https_proxy='https://127.0.0.1:8118' -
curl www.google.com有输出则表示正常 -
也可通过
curl ip.gs查看当前网络的代理是否正常
搭建drone服务
使用docker-compose.yml文件启动drone相关容器
version: '2'
services:
drone-server:
image: drone/drone:0.8
ports:
- 8000:8000
- 9000:9000
volumes:
- /root/docker/drone:/var/lib/drone/
restart: always
environment:
- DRONE_OPEN=true
- DRONE_HOST=http://localhost
- DRONE_GOGS=true
- DRONE_GOGS_URL=http://172.29.101.81:3000
- DRONE_SECRET=dronepw
drone-agent1:
image: drone/agent:0.8
command: agent
restart: always
depends_on:
- drone-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_SERVER=drone-server:9000
- DRONE_SECRET=dronepw
drone-agent2:
image: drone/agent:0.8
command: agent
restart: always
depends_on:
- drone-server
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- DRONE_SERVER=drone-server:9000
- DRONE_SECRET=dronepw
