Docker Notes Installation &Operation&ssh

Posted by blaster_master on Sat, 13 Jun 2020 04:27:21 +0200

1. Installation

1) Install dependent packages

sudo yum install -y yum-utils device-mapper-persistent-data lvm2 

2) Set Ali Cloud Mirror Source

sudo yum-config-manager --add-repo 

3) Install Docker-CE

sudo yum install docker-ce

4) Start docker

# Start-Up Self-Starting
sudo systemctl enable docker 
# Start docker service
sudo systemctl start docker

2. Configuration AccelerationDaemon.json, the download will be fast

1) Create without words

[root@localhost docker]# touch daemon.json

2) Add content
vi daemon.json

"registry-mirrors": [""]

3) Restart docker

[root@localhost docker]# service docker restart

3. Download Basic Mirror

Mirror address: (Https://

[root@localhost docker]# docker pull centos:centos7

4. View Basic Mirror

  • 4.1 View all mirrors

[root@localhost docker]# docker images

  • 4.2 #Enter the system according to the imageID (port mapping pays attention to opening the firewall)
[root@localhost docker]# Docker run --net=host --privileged=true-d-i-t Mirror I d/bin/bash

Show <ContainerID> after executing the command, which is temporary and long and can also be viewed through docker ps

--net=host means that a network is shared with the host. Port mapping using p under host does not work. --net=bridge defaults to port mapping. I will not tune the network at this time.

--privileged=true indicates privilege mode

There's a problem with using--net=host to enter. You don't know if you're in a container or the original system. It's a nightmare. The solution is to enter docker, execute outside, not inside.

Multiple Port Mapping

    [root@localhost docker]# Docker run --net=bridge --privileged=true-d-i-t-p 5001:22-p 5080:8080 mirror I d/bin/bash

centos firewall:

Open the firewall port: firewall-cmd --zone=public --add-port=5001/tcp --permanent
Reload configuration: firewall-cmd --reload
View open ports: firewall-cmd --list-ports
Close firewall: systemctl stop firewalld
Check firewall status: systemctl status firewalld


  • 4.3 #Enter the mirror system according to <ContainerID>

     docker attach <ContainerID>

 [root@localhost docker]# docker attach 4c2a84a7828590b95115b9556ca0f428b038f97500e6843c847d7ae84ed8f472
  • 4.4 #Enter the container and install common tools
 [root@ce0ad2c45c5e /]# yum install -y openssh-server vim lrzsz wget gcc-c++ pcre pcre-devel zlib zlib-devel ruby openssl openssl-devel patch bash-completion zlib.i686 libstdc++.i686 lsof unzip zip
  • 4.5 #Enter container, service installation
  [root@localhost /]#  yum install initscripts 
  • 4.6 #Enter container, ifconfig installation
 [root@localhost /]# yum install net-tools.x86_64
  • 4.7 #Enter container, ssh installation ( is docker's ip)
  [root@localhost docker]# yum install openssh-server

  [root@localhost docker]# yum -y install openssh-clients

After installation, start sshd:

 /usr/sbin/sshd -D

Error reporting:

[root@68e7598797d7 /]# ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''  
[root@68e7598797d7 /]# ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
[root@68e7598797d7 /]# ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''
  • 4.8 #Modify sshd_config login for password
vim /etc/ssh/sshd_config

#Remove the comment in front of Port 22 (open port 22, if --net=host can modify the port number, I'll change it to 5001 here, and then open a 5001 firewall on the physical system)
#Open the comment PermitRootLogin yes, allow password login, save exit

 /usr/sbin/sshd -D &
  • 4.9 #Set root user password
   passwd root

Then you can ssh the docker system

  • 4.10 #Re-create the mirror by packaging the container into a mirror (ctrl+p+q exits the container to make it)

docker commit container id hy:myfCentos7

5. Basic Commands

#Exit without stopping the container

#Back under Docker, stop the container
Docker stop <container ID>

#Submit the current container to the mirror
Docker commit <container ID> <NAME/VERSION>

#Start a new container and map ports (native port 50001 maps port 22 of the container)
docker run --privileged=true-itd-p 5001:22-p 5080:8080 <Mirror ID just submitted>/bin/bash

#View running containers
docker ps

#Enter the mirror system according to <ContainerID>
docker attach <ContainerID>
#Delete the mirror for the specified id

docker rmi <image id>
#Delete all
docker rmi -f $(docker images -q)








Topics: Docker yum firewall ssh