Docker 创建centos容器集群并实现远程登录功能
Docker 创建centos容器集群并实现远程登录
0.拉取Docker镜像(Centos7官方版)
拉取官方镜像(这个镜像里面几乎什么都没有,很多依赖库需要自己配置,实实在在的“纯净版”。关注我,下期教你用ISO镜像文件使用dockerfile制作究极完整版docker镜像)
docker pull centos:centos7
1.搭建网桥加入网络
创建docker bridge网桥
搭建网桥可以方便管理结点,并且让结点同时位于同一个网段下
sudo docker network create NodeNetWork
创建三个不同端口的结点容器
zwb@test-algo:~$ sudo docker run -itd --restart=always --hostname node01 --name Node01 -p 50001:22 -v /data/sda/sharedata:/share --network NodeNetWork --privileged=true centos:centos7 /sbin/init zwb@test-algo:~$ sudo docker run -itd --restart=always --hostname node02 --name Node02 -p 50002:22 -v /data/sda/sharedata:/share --network NodeNetWork --privileged=true centos:centos7 /sbin/init zwb@test-algo:~$ sudo docker run -itd --restart=always --hostname node03 --name Node03 -p 50003:22 -v /data/sda/sharedata:/share --network NodeNetWork --privileged=true centos:centos7 /sbin/init # 参数解释: # -itd # 选项 选项简写 说明 # –detach -d 在后台运行容器,并且打印容器id。 # –interactive -i 即使没有连接,也要保持标准输入保持打开状态,一般与 -t 连用。 # –tty -t 分配一个伪tty,一般与 -i 连用。 # --restart=always 机器启动时自启动 # --hostname 初始化的hostname # -p 50001:22 端口映射 宿主机端口:容器端口这里为22表示容器内ssh端口 # --privileged=true 通过特权模式进入docker,不仅可以使用systemctl命令(centos 7系统),还可以开启ssh服务 # --network NodeNetWork 将容器结点加入网桥中 # 注意:在 Linux Docker中无法使用 systemd(systemctl) 相关命令的原因是 1号进程不是 init ,而是其他例如 /bin/bash ,所以导致缺少相关文件无法运行。(System has not been booted with systemd as init system (PID 1). Can't operat #解决方案:/sbin/init并且--privilaged=true一定要加上
2.配置机器网络环境并加入ssh
以Node01为例子,进入结点容器并配置网络环境并加入ssh
(base) zwb@test-algo:~$ sudo docker exec -it Node01 /bin/bash [root@aa92cb71e3ab /]# yum -y install net-tools.x86_64 Failed to set locale, defaulting to C.UTF-8 CentOS Linux 8 - AppStream 26 B/s | 38 B 00:01 Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
可以看到我们在安装网络工具包的时候出错了,上面的报错信息意思是,从仓库 ‘appstream’ 下载元数据失败:由于镜像列表中没有 URL,不能准备内部镜像列表。
🥎问题分析:
✨第一种可能的情况便是网络连接问题。检查是否可以连接外部网络,可以使用 ping baidu.com 查看是否有丢包情况。如果丢包,则进一步检查网络连接是否正常;如果没有丢包,继续阅读下文
✨那么第二种情况,便是 CentOS 已经停止维护的问题。2020 年 12 月 8 号,CentOS 官方宣布了停止维护 CentOS Linux 的计划,并推出了 CentOS Stream 项目,CentOS Linux 8 作为 RHEL 8 的复刻版本,生命周期缩短,于 2021 年 12 月 31 日停止更新并停止维护(EOL),更多的信息可以查看 CentOS 官方公告。如果需要更新 CentOS,需要将镜像从 mirror.centos.org 更改为 vault.centos.org
🥎那么针对上面提到的第二种情况,给出的解决方法如下:
🔔 首先,进入到 yum 的 repos 目录
cd /etc/yum.repos.d/
🔔其次,修改 centos 文件内容
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
🔔 然后,生成缓存更新(第一次更新,速度稍微有点慢,耐心等待两分钟左右)
yum makecache
🔔 最后,运行 yum update 并重新安装工具包、ssh网络环境和vim
yum update -y yum -y install net-tools.x86_64 yum -y install openssh-server yum install vim
安装passwd并修改root密码
yum install passwd [root@aa92cb71e3ab yum.repos.d]# passwd Changing password for user root. New password: Retype new password: passwd: all authentication tokens updated successfully.
重启docker
systemctl stop docker systemctl start docker
查看容器
(base) zwb@test-algo:~$ sudo docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 2b8fa155e71f centos "/sbin/init" 17 minutes ago Up 9 seconds 0.0.0.0:50003->22/tcp, :::50003->22/tcp Node03 97041252bf37 centos "/sbin/init" 17 minutes ago Up 9 seconds 0.0.0.0:50002->22/tcp, :::50002->22/tcp Node02 aa92cb71e3ab centos "/sbin/init" 17 minutes ago Up 9 seconds 0.0.0.0:50001->22/tcp, :::50001->22/tcp Node01
开放宿主机防火墙
(base) zwb@test-algo:~$ firewall-cmd --add-port=50022/tcp --permanent You're performing an operation over default zone ('public'), but your connections/interfaces are in zone 'docker' (see --get-active-zones) You most likely need to use --zone=docker option. Authorization failed. Make sure polkit agent is running or run the application as superuser. (base) zwb@test-algo:~$ sudo firewall-cmd --add-port=50022/tcp --permanent You're performing an operation over default zone ('public'), but your connections/interfaces are in zone 'docker' (see --get-active-zones) You most likely need to use --zone=docker option. Warning: ALREADY_ENABLED: 50022:tcp success (base) zwb@test-algo:~$ sudo firewall-cmd --reload success (base) zwb@test-algo:~$ sudo firewall-cmd --list-port You're performing an operation over default zone ('public'), but your connections/interfaces are in zone 'docker' (see --get-active-zones) You most likely need to use --zone=docker option. 50022/tcp
手动启动sshd
(base) zwb@test-algo:~$ sudo /usr/sbin/sshd (base) zwb@test-algo:~$ sudo netstat -antp | grep sshd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 929/sshd: /usr/sbin tcp 0 76 172.21.198.185:22 10.3.16.31:53836 ESTABLISHED 127529/sshd: zwb [p tcp 0 0 127.0.0.1:50522 127.0.0.1:38979 ESTABLISHED 127629/sshd: zwb@no tcp 0 0 127.0.0.1:50510 127.0.0.1:38979 ESTABLISHED 127629/sshd: zwb@no tcp 0 0 172.21.198.185:22 10.3.16.31:52932 ESTABLISHED 127260/sshd: zwb [p tcp6 0 0 :::22 :::* LISTEN 929/sshd: /usr/sbin
若发生以下问题
问题
[root@79a70e3d26cd /]# /usr/sbin/sshd Unable to load host key: /etc/ssh/ssh_host_rsa_key Unable to load host key: /etc/ssh/ssh_host_ecdsa_key Unable to load host key: /etc/ssh/ssh_host_ed25519_key sshd: no hostkeys available -- exiting. [root@79a70e3d26cd /]#
解决方案
执行:
# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" # ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" # ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
通过宿主机ip和端口远程连接容器
# 这是在windows上的shell远程连接,可以看到已经通过ssh连接上了node01,aa92cb71e3ab表示的是Node01的docker容器id PS C:\Users\99140> ssh root@172.21.198.185 -p 50001 The authenticity of host '[172.21.198.185]:50001 ([172.21.198.185]:50001)' can't be established. ED25519 key fingerprint is SHA256:zqNzugPY6dYmLFlaDGFOfkxOF8qtY/a5mP0DXH7Vxbk. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[172.21.198.185]:50001' (ED25519) to the list of known hosts. root@172.21.198.185's password: [root@aa92cb71e3ab ~]#
3. 查看容器中自启项内容
[root@79a70e3d26cd ~]# systemctl list-unit-files|grep enabled autovt@.service enabled getty@.service enabled kdump.service enabled nis-domainname.service enabled sshd.service enabled remote-fs.target enabled dnf-makecache.timer enabled [root@62435d2d7fd2 ~]#
容器在创建时通过----restart=always实现自启动 但还可以在使用on - failure策略时,指定Docker将尝试重新启动容器的最大次数
docker run --restart=on-failure:10 xxx
最后重启测试一下自启动是否成功
reboot
最后在远程主机上ssh连接三台centos结点并查看其网络ip情况
# Node01 PS C:\Users\99140> ssh root@172.21.198.185 -p 50001 root@172.21.198.185's password: Last login: Tue Mar 21 11:37:04 2023 from 10.3.16.31 [root@aa92cb71e3ab ~]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.0.4 netmask 255.255.0.0 broadcast 172.18.255.255 ether 02:42:ac:12:00:04 txqueuelen 0 (Ethernet) RX packets 46 bytes 5625 (5.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 30 bytes 4929 (4.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.4 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:04 txqueuelen 0 (Ethernet) RX packets 11 bytes 946 (946.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 # Node02 PS C:\Users\99140> ssh root@172.21.198.185 -p 50002 root@172.21.198.185's password: Last login: Tue Mar 21 11:37:16 2023 from 10.3.16.31 [root@97041252bf37 ~]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.0.3 netmask 255.255.0.0 broadcast 172.18.255.255 ether 02:42:ac:12:00:03 txqueuelen 0 (Ethernet) RX packets 46 bytes 5625 (5.4 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 29 bytes 4819 (4.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet) RX packets 11 bytes 946 (946.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 # Node03 PS C:\Users\99140> ssh root@172.21.198.185 -p 50003 The authenticity of host '[172.21.198.185]:50003 ([172.21.198.185]:50003)' can't be established. ED25519 key fingerprint is SHA256:JdfhD5YG8cVOheu8diTuPlByz+KKdjYtQW8c6/XL28I. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[172.21.198.185]:50003' (ED25519) to the list of known hosts. root@172.21.198.185's password: [root@2b8fa155e71f ~]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.0.2 netmask 255.255.0.0 broadcast 172.18.255.255 ether 02:42:ac:12:00:02 txqueuelen 0 (Ethernet) RX packets 47 bytes 6271 (6.1 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 27 bytes 5135 (5.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet) RX packets 11 bytes 946 (946.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
三台结点都能远程连接并且ip在同一网段下,完美,可以躺在寝室完美运行学校服务器上的结点集群了!
4. 参考文章:
https://zhuanlan.zhihu.com/p/212772001
https://blog.csdn.net/chj_1224365967/article/details/109286763
https://www.cnblogs.com/davis12/p/14392125.html
https://blog.csdn.net/rjszz1314/article/details/112948993
其他常用工具命令
# 安装ifconfig yum install net-tools # 修改hostname hostnamectl set-hostname 想要的名字 #会报错误:Could not set property: Failed to set static hostname: Device or resource busy, #exit退出重新进入容器即可
到此这篇关于Docker 创建centos容器集群并实现远程登录的文章就介绍到这了,更多相关Docker centos容器远程登录内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!
相关文章
在Docker容器中使用iptables时的最小权限的开启方法
这篇文章主要介绍了在Docker容器中使用iptables时的最小权限的开启方法的相关资料,需要的朋友可以参考下2017-01-01docker拉取镜像报错:Error response from daemon: Get “https://r
今天做完一个新项目,搭建了一个新的虚拟机,打算使用docker来搭建各种环境,发现拉取镜像报错Error response from daemon: Get "https://registry-1.docker.io/v2/": dial tcp,所以接下来给大家介绍了docker拉取镜像报错的解决过程,需要的朋友可以参考下2024-08-08Docker之修改/etc/default/docker 里的DOCKER_OPTS参数不生效问题
这篇文章主要介绍了Docker之修改/etc/default/docker 里的DOCKER_OPTS参数不生效问题,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧2019-09-09Docker 容器监控原理及 cAdvisor的安装与使用说明
这篇文章主要介绍了Docker 容器监控原理及 cAdvisor的安装与使用说明,具有很好的参考价值,希望对大家有所帮助。一起跟随小编过来看看吧2020-11-11springboot整合docker部署实现两种构建Docker镜像方式
这篇文章主要介绍了springboot整合docker部署实现两种构建Docker镜像方式,小编觉得挺不错的,现在分享给大家,也给大家做个参考。一起跟随小编过来看看吧2019-04-04
最新评论