首页 > 网站技巧 > 服务器 > Docker 创建centos容器集群并实现远程登录功能

Docker 创建centos容器集群并实现远程登录功能

福牛 3月 27, 2023 29 0

Docker 创建centos容器集群并实现远程登录

-1

0.拉取Docker镜像(Centos7官方版)

拉取官方镜像(这个镜像里面几乎什么都没有,很多依赖库需要自己配置,实实在在的“纯净版”。关注我,下期教你用ISO镜像文件使用dockerfile制作究极完整版docker镜像)

  1. docker pull centos:centos7

1.搭建网桥加入网络

创建docker bridge网桥

搭建网桥可以方便管理结点,并且让结点同时位于同一个网段下

  1. sudo docker network create NodeNetWork

创建三个不同端口的结点容器

  1. zwb@testalgo:~$ sudo docker run itd restart=always hostname node01 name Node01 50001:22 /data/sda/sharedata:/share –network NodeNetWork –privileged=true centos:centos7 /sbin/init
  2.  
  3. zwb@testalgo:~$ sudo docker run itd restart=always hostname node02 name Node02 50002:22 /data/sda/sharedata:/share –network NodeNetWork –privileged=true centos:centos7 /sbin/init
  4.  
  5. zwb@testalgo:~$ sudo docker run itd restart=always hostname node03 name Node03 50003:22 /data/sda/sharedata:/share –network NodeNetWork –privileged=true centos:centos7 /sbin/init
  6.  
  7. # 参数解释:
  8. # -itd
  9. # 选项 选项简写 说明
  10. # –detach -d 在后台运行容器,并且打印容器id。
  11. # –interactive -i 即使没有连接,也要保持标准输入保持打开状态,一般与 -t 连用。
  12. # –tty -t 分配一个伪tty,一般与 -i 连用。
  13. # –restart=always 机器启动时自启动
  14. # –hostname 初始化的hostname
  15. # -p 50001:22 端口映射 宿主机端口:容器端口这里为22表示容器内ssh端口
  16. # –privileged=true 通过特权模式进入docker,不仅可以使用systemctl命令(centos 7系统),还可以开启ssh服务
  17. # –network NodeNetWork 将容器结点加入网桥中
  18.  
  19. # 注意:在 linux Docker中无法使用 systemd(systemctl) 相关命令的原因是 1号进程不是 init ,而是其他例如 /bin/bash ,所以导致缺少相关文件无法运行。(System has not been booted with systemd as init system (PID 1). Can’t operat
  20. #解决方案:/sbin/init并且–privilaged=true一定要加上

2.配置机器网络环境并加入ssh

以Node01为例子,进入结点容器并配置网络环境并加入ssh

  1. (base) zwb@testalgo:~$ sudo docker exec it Node01 /bin/bash
  2. [root@aa92cb71e3ab /]# yum y install nettools.x86_64
  3. Failed to set locale, defaulting to C.UTF8
  4. CentOS Linux 8  AppStream 26 B/| 38 B 00:01
  5. Error: Failed to download metadata for repo ‘appstream’: Cannot prepare internal mirrorlist: No URLs in mirrorlist

可以看到我们在安装网络工具包的时候出错了,上面的报错信息意思是,从仓库 ‘appstream’ 下载元数据失败:由于镜像列表中没有 URL,不能准备内部镜像列表。

问题分析:

✨第一种可能的情况便是网络连接问题。检查是否可以连接外部网络,可以使用 ping baidu.com 查看是否有丢包情况。如果丢包,则进一步检查网络连接是否正常;如果没有丢包,继续阅读下文
✨那么第二种情况,便是 CentOS 已经停止维护的问题。2020 年 12 月 8 号,CentOS 官方宣布了停止维护 CentOS Linux 的计划,并推出了 CentOS Stream 项目,CentOS Linux 8 作为 RHEL 8 的复刻版本,生命周期缩短,于 2021 年 12 月 31 日停止更新并停止维护(EOL),更多的信息可以查看 CentOS 官方公告。如果需要更新 CentOS,需要将镜像从 mirror.centos.org 更改为 vault.centos.org
那么针对上面提到的第二种情况,给出的解决方法如下:

首先,进入到 yum 的 repos 目录

  1. cd /etc/yum.repos.d/

其次,修改 centos 文件内容

  1. sed ‘s/mirrorlist/#mirrorlist/g’ /etc/yum.repos.d/CentOS-*
  2. sed ‘s|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g’ /etc/yum.repos.d/CentOS-*

然后,生成缓存更新(第一次更新,速度稍微有点慢,耐心等待两分钟左右)

  1. yum makecache

最后,运行 yum update 并重新安装工具包、ssh网络环境和vim

  1. yum update y
  2. yum y install nettools.x86_64
  3. yum y install opensshserver
  4. yum install vim

安装passwd并修改root密码

  1. yum install passwd
  2.  
  3. [root@aa92cb71e3ab yum.repos.d]# passwd
  4. Changing password for user root.
  5. New password:
  6. Retype new password:
  7. passwd: all authentication tokens updated successfully.

重启docker

  1.      systemctl stop docker
  2.      systemctl start docker

查看容器

  1. (base) zwb@testalgo:~$ sudo docker ps a
  2. CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
  3. 2b8fa155e71f centos “/sbin/init” 17 minutes ago Up 9 seconds 0.0.0.0:50003->22/tcp, :::50003->22/tcp Node03
  4. 97041252bf37 centos “/sbin/init” 17 minutes ago Up 9 seconds 0.0.0.0:50002->22/tcp, :::50002->22/tcp Node02
  5. aa92cb71e3ab centos “/sbin/init” 17 minutes ago Up 9 seconds 0.0.0.0:50001->22/tcp, :::50001->22/tcp Node01

开放宿主机防火墙

  1. (base) zwb@testalgo:~$ firewallcmd addport=50022/tcp permanent
  2. You‘re performing an operation over default zone (‘public‘),
  3. but your connections/interfaces are in zone ‘docker‘ (see –get-active-zones)
  4. You most likely need to use –zone=docker option.
  5.  
  6. Authorization failed.
  7.      Make sure polkit agent is running or run the application as superuser.
  8. (base) zwb@test-algo:~$ sudo firewall-cmd –add-port=50022/tcp –permanent
  9. You’re performing an operation over default zone (‘public’),
  10. but your connections/interfaces are in zone ‘docker’ (see getactivezones)
  11. You most likely need to use zone=docker option.
  12.  
  13. Warning: ALREADY_ENABLED: 50022:tcp
  14. success
  15. (base) zwb@testalgo:~$ sudo firewallcmd reload
  16. success
  17. (base) zwb@testalgo:~$ sudo firewallcmd listport
  18. You‘re performing an operation over default zone (‘public‘),
  19. but your connections/interfaces are in zone ‘docker‘ (see –get-active-zones)
  20. You most likely need to use –zone=docker option.
  21.  
  22. 50022/tcp

手动启动sshd

  1. (base) zwb@testalgo:~$ sudo /usr/sbin/sshd
  2. (base) zwb@testalgo:~$ sudo netstat antp | grep sshd
  3. tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 929/sshd: /usr/sbin
  4. tcp 0 76 172.21.198.185:22 10.3.16.31:53836 ESTABLISHED 127529/sshd: zwb [p
  5. tcp 0 0 127.0.0.1:50522 127.0.0.1:38979 ESTABLISHED 127629/sshd: zwb@no
  6. tcp 0 0 127.0.0.1:50510 127.0.0.1:38979 ESTABLISHED 127629/sshd: zwb@no
  7. tcp 0 0 172.21.198.185:22 10.3.16.31:52932 ESTABLISHED 127260/sshd: zwb [p
  8. tcp6 0 0 :::22 :::* LISTEN 929/sshd: /usr/sbin

若发生以下问题

问题

  1. [root@79a70e3d26cd /]# /usr/sbin/sshd
  2. Unable to load host key: /etc/ssh/ssh_host_rsa_key
  3. Unable to load host key: /etc/ssh/ssh_host_ecdsa_key
  4. Unable to load host key: /etc/ssh/ssh_host_ed25519_key
  5. sshd: no hostkeys available  exiting.
  6. [root@79a70e3d26cd /]#

解决方案

执行:

  1. # ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N “”
  2. # ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N “”
  3. # ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N “”

通过宿主机ip和端口远程连接容器

  1. # 这是在Windows上的shell远程连接,可以看到已经通过ssh连接上了node01,aa92cb71e3ab表示的是Node01的docker容器id
  2. PS C:\Users\99140> ssh root@172.21.198.185 50001
  3. The authenticity of host ‘[172.21.198.185]:50001 ([172.21.198.185]:50001)’ can‘t be established.
  4. ED25519 key fingerprint is SHA256:zqNzugPY6dYmLFlaDGFOfkxOF8qtY/a5mP0DXH7Vxbk.
  5. This key is not known by any other names
  6. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  7. Warning: Permanently added ‘[172.21.198.185]:50001‘ (ED25519) to the list of known hosts.
  8. root@172.21.198.185′s password:
  9. [root@aa92cb71e3ab ~]#

3. 查看容器中自启项内容

  1. [root@79a70e3d26cd ~]# systemctl listunitfiles|grep enabled
  2. autovt@.service enabled
  3. getty@.service enabled
  4. kdump.service enabled
  5. nisdomainname.service enabled
  6. sshd.service enabled
  7. remotefs.target enabled
  8. dnfmakecache.timer enabled
  9. [root@62435d2d7fd2 ~]#

容器在创建时通过—-restart=always实现自启动 但还可以在使用on – failure策略时,指定Docker将尝试重新启动容器的最大次数

  1. docker run restart=onfailure:10 xxx

最后重启测试一下自启动是否成功

  1. reboot

最后在远程主机上ssh连接三台centos结点并查看其网络ip情况

  1. # Node01
  2. PS C:\Users\99140> ssh root@172.21.198.185 50001
  3. root@172.21.198.185‘s password:
  4. Last login: Tue Mar 21 11:37:04 2023 from 10.3.16.31
  5. [root@aa92cb71e3ab ~]# ifconfig
  6. eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
  7.          inet 172.18.0.4 netmask 255.255.0.0 broadcast 172.18.255.255
  8.          ether 02:42:ac:12:00:04 txqueuelen 0 (Ethernet)
  9.          RX packets 46 bytes 5625 (5.4 KiB)
  10.          RX errors 0 dropped 0 overruns 0 frame 0
  11.          TX packets 30 bytes 4929 (4.8 KiB)
  12.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
  13.  
  14. eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
  15.          inet 172.17.0.4 netmask 255.255.0.0 broadcast 172.17.255.255
  16.          ether 02:42:ac:11:00:04 txqueuelen 0 (Ethernet)
  17.          RX packets 11 bytes 946 (946.0 B)
  18.          RX errors 0 dropped 0 overruns 0 frame 0
  19.          TX packets 0 bytes 0 (0.0 B)
  20.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
  21.  
  22. lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
  23.          inet 127.0.0.1 netmask 255.0.0.0
  24.          loop txqueuelen 1000 (Local Loopback)
  25.          RX packets 0 bytes 0 (0.0 B)
  26.          RX errors 0 dropped 0 overruns 0 frame 0
  27.          TX packets 0 bytes 0 (0.0 B)
  28.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
  30. # Node02
  31. PS C:\Users\99140> ssh root@172.21.198.185 -p 50002
  32. root@172.21.198.185′s password:
  33. Last login: Tue Mar 21 11:37:16 2023 from 10.3.16.31
  34. [root@97041252bf37 ~]# ifconfig
  35. eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
  36.          inet 172.18.0.3 netmask 255.255.0.0 broadcast 172.18.255.255
  37.          ether 02:42:ac:12:00:03 txqueuelen 0 (Ethernet)
  38.          RX packets 46 bytes 5625 (5.4 KiB)
  39.          RX errors 0 dropped 0 overruns 0 frame 0
  40.          TX packets 29 bytes 4819 (4.7 KiB)
  41.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
  42.  
  43. eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
  44.          inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
  45.          ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
  46.          RX packets 11 bytes 946 (946.0 B)
  47.          RX errors 0 dropped 0 overruns 0 frame 0
  48.          TX packets 0 bytes 0 (0.0 B)
  49.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
  50.  
  51. lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
  52.          inet 127.0.0.1 netmask 255.0.0.0
  53.          loop txqueuelen 1000 (Local Loopback)
  54.          RX packets 0 bytes 0 (0.0 B)
  55.          RX errors 0 dropped 0 overruns 0 frame 0
  56.          TX packets 0 bytes 0 (0.0 B)
  57.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
  58.  
  59. # Node03
  60. PS C:\Users\99140> ssh root@172.21.198.185 50003
  61. The authenticity of host ‘[172.21.198.185]:50003 ([172.21.198.185]:50003)’ can‘t be established.
  62. ED25519 key fingerprint is SHA256:JdfhD5YG8cVOheu8diTuPlByz+KKdjYtQW8c6/XL28I.
  63. This key is not known by any other names
  64. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  65. Warning: Permanently added ‘[172.21.198.185]:50003‘ (ED25519) to the list of known hosts.
  66. root@172.21.198.185′s password:
  67. [root@2b8fa155e71f ~]# ifconfig
  68. eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
  69.          inet 172.18.0.2 netmask 255.255.0.0 broadcast 172.18.255.255
  70.          ether 02:42:ac:12:00:02 txqueuelen 0 (Ethernet)
  71.          RX packets 47 bytes 6271 (6.1 KiB)
  72.          RX errors 0 dropped 0 overruns 0 frame 0
  73.          TX packets 27 bytes 5135 (5.0 KiB)
  74.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
  75.  
  76. eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
  77.          inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
  78.      ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
  79.          RX packets 11 bytes 946 (946.0 B)
  80.          RX errors 0 dropped 0 overruns 0 frame 0
  81.          TX packets 0 bytes 0 (0.0 B)
  82.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
  83.  
  84. lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
  85.          inet 127.0.0.1 netmask 255.0.0.0
  86.          loop txqueuelen 1000 (Local Loopback)
  87.          RX packets 0 bytes 0 (0.0 B)
  88.          RX errors 0 dropped 0 overruns 0 frame 0
  89.          TX packets 0 bytes 0 (0.0 B)
  90.          TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

三台结点都能远程连接并且ip在同一网段下,完美,可以躺在寝室完美运行学校服务器上的结点集群了!

4. 参考文章:

https://www.cnblogs.com/code-red-memory/p/14371893.html#:~:text=docker%E6%8B%89%E5%8F%96centos%E9%95%9C%E5%83%8F%E5%B9%B6%E9%85%8D%E7%BD%AE%E8%BF%9C%E7%A8%8B%E8%AE%BF%E9%97%AE%201%20%E4%B8%80%E3%80%81docker%E9%95%9C%E5%83%8F%E5%AE%89%E8%A3%85%E5%8F%8A%E5%AE%B9%E5%99%A8%E5%90%AF%E5%8A%A8%201.%20docker%E6%8B%89%E5%8F%96centos%E9%95%9C%E5%83%8F%20…%202%20%E4%BA%8C%E3%80%81%E5%AE%89%E8%A3%85centos%E5%9F%BA%E7%A1%80%E7%8E%AF%E5%A2%83,3%20%E4%B8%89%E3%80%81%E5%BC%80%E6%94%BE%E5%AE%B9%E5%99%A8%E6%98%A0%E5%B0%84%E7%AB%AF%E5%8F%A3%EF%BC%88%E6%89%8B%E5%8A%A8%E8%B0%83%E6%95%B4%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6%EF%BC%89%201.%20…%204%20%E5%9B%9B%E3%80%81%E5%90%AF%E5%8A%A8%E5%AE%B9%E5%99%A8sshd%E6%9C%8D%E5%8A%A1%201.%20

https://blog.csdn.net/qq_41899586/article/details/108981036?ops_request_misc=%257B%2522request%255Fid%2522%253A%2522167935990016800211531628%2522%252C%2522scm%2522%253A%252220140713.130102334…%2522%257D&request_id=167935990016800211531628&biz_id=0&utm_medium=distribute.pc_search_result.none-task-blog-2allbaidu_landing_v2~default-3-108981036-null-null.142v74pc_new_rank,201v4add_ask,239v2insert_chatgpt&utm_term=%E4%BD%BF%E7%94%A8ssh%E8%BF%9C%E7%A8%8B%E8%AE%BF%E9%97%AEdocekr&spm=1018.2226.3001.4187

https://zhuanlan.zhihu.com/p/212772001

https://blog.csdn.net/chj_1224365967/article/details/109286763

https://www.cnblogs.com/davis12/p/14392125.html

https://blog.csdn.net/rjszz1314/article/details/112948993

其他常用工具命令

  1. # 安装ifconfig
  2. yum install nettools
  3. # 修改hostname
  4. hostnamectl sethostname 想要的名字
  5. #会报错误:Could not set property: Failed to set static hostname: Device or resource busy,
  6. #exit退出重新进入容器即可

到此这篇关于Docker 创建centos容器集群并实现远程登录的文章就介绍到这了,更多相关Docker  centos容器远程登录内容请搜索我们以前的文章或继续浏览下面的相关文章希望大家以后多多支持我们!

标签

相关推荐

发表评论