docker ssh秘钥免密登录
一、概述
有一台跳板机,已经实现了免密登录后端服务器。但是我写了一个django项目,它是运行在容器中的,也需要免密登录后端服务器。
虽然可以在容器中手动做一下免密登录,但是容器重启之后,之前做的设置都消失了。
是否可以在生成新的django镜像时,也能免密登录后端服务器呢?答案是可以的!
二、实现过程
环境说明
跳板机
操作系统:centos 7.6
ip地址:192.168.28.229
后端主机
操作系统:centos 7.6
ip地址:192.168.28.218
制作docker镜像
django_base目录结构如下:
./
├──?dockerfile
├──?id_rsa
│???├──?id_rsa
│???└──?id_rsa.pub
├──?pip.conf
├──?requirements.txt
├──?run.sh
└──?sources.listdockerfile
FROM?ubuntu:16.04
#?修改更新源为阿里云
ADD?sources.list?/etc/apt/sources.list
ADD?.?/
#?时区为上海
ENV?TZ?Asia/Shanghai
#?设置时区,设置utf-8编码,安装django,添加任务计划
RUN?apt-get?update?&&?apt-get?install?-y?tzdata?locales?python3-pip?cron?openssh-server?&&?apt-get?clean?all?&&?\
????ln?-snf?/usr/share/zoneinfo/$TZ?/etc/localtime?&&?echo?$TZ?>?/etc/timezone?&&?\
????locale-gen?en_US.UTF-8?&&?\
????mkdir?~/.pip?&&?cp?/pip.conf?~/.pip?&&?pip3?install?--upgrade?pip?&&?\
????pip3?install?-r?/requirements.txt?&&?\
????mkdir?~/.ssh?&&?cp?-r?/id_rsa/*?~/.ssh
#?解决中文乱码问题
#RUN?locale-gen?en_US.UTF-8
ENV?LANG?en_US.UTF-8
ENV?LANGUAGE?en_US:en
ENV?LC_ALL?en_US.UTF-8
#?添加启动脚本
ADD?run.sh?.
RUN?chmod?755?run.sh
ENTRYPOINT?[?"/run.sh"]id_rsa文件夹里面的2个文件,就是跳板机的ssh秘钥,copy进来即可。
pip.conf
[global]
index-url?=?http://pypi.douban.com/simple
trusted-host?=?pypi.douban.comrequirements.txt
Django==2.1.8
paramiko==2.7.1run.sh
#!/bin/bash
#?收集主机公钥,写入known_hosts,避免出现Are?you?sure?you?want?to?continue?connecting?(yes/no)?
ssh-keyscan?-H?-t?ecdsa?-p?22?192.168.28.218?>>?~/.ssh/known_hostssources.list
#?deb?cdrom:[Ubuntu?16.04?LTS?_Xenial?Xerus_?-?Release?amd64?(20160420.1)]/?xenial?main?restricted
deb-src?http://archive.ubuntu.com/ubuntu?xenial?main?restricted?#Added?by?software-properties
deb?http://mirrors.aliyun.com/ubuntu/?xenial?main?restricted
deb-src?http://mirrors.aliyun.com/ubuntu/?xenial?main?restricted?multiverse?universe?#Added?by?software-properties
deb?http://mirrors.aliyun.com/ubuntu/?xenial-updates?main?restricted
deb-src?http://mirrors.aliyun.com/ubuntu/?xenial-updates?main?restricted?multiverse?universe?#Added?by?software-properties
deb?http://mirrors.aliyun.com/ubuntu/?xenial?universe
deb?http://mirrors.aliyun.com/ubuntu/?xenial-updates?universe
deb?http://mirrors.aliyun.com/ubuntu/?xenial?multiverse
deb?http://mirrors.aliyun.com/ubuntu/?xenial-updates?multiverse
deb?http://mirrors.aliyun.com/ubuntu/?xenial-backports?main?restricted?universe?multiverse
deb-src?http://mirrors.aliyun.com/ubuntu/?xenial-backports?main?restricted?universe?multiverse?#Added?by?software-properties
deb?http://archive.canonical.com/ubuntu?xenial?partner
deb-src?http://archive.canonical.com/ubuntu?xenial?partner
deb?http://mirrors.aliyun.com/ubuntu/?xenial-security?main?restricted
deb-src?http://mirrors.aliyun.com/ubuntu/?xenial-security?main?restricted?multiverse?universe?#Added?by?software-properties
deb?http://mirrors.aliyun.com/ubuntu/?xenial-security?universe
deb?http://mirrors.aliyun.com/ubuntu/?xenial-security?multiverse生成镜像
cd?django_base
docker?build?-t?django_base:v1?.运行镜像
docker?run?-it?django_base:v1?/bin/bash测试ssh免密
ssh?192.168.28.218不需要输入密码,就表示成功了。
本文参与?腾讯云自媒体分享计划,分享自作者个人站点/博客。
原始发表:2020-04-20 ,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读