CMD ["/usr/sbin/sshd","-D"]
我知道我可以在 CentOS 7 基础 Docker 容器中启动 sshd ,docker run <debug_container_id>因为我在其他地方看到过这样的操作
- https://stackoverflow.com/a/25449705/1258525
- https://engineering.riotgames.com/news/jenkins-ephemeral-docker-tutorial
- https://github.com/CentOS/CentOS-Dockerfiles/blob/master/ssh/centos7/Dockerfile
当我运行容器时,无法启动 sshd,我认为这与我的 Dockerfile 中的ENTRYPOINT和的组合有关。CMD
我采取的步骤:
docker run --name="<debug_container_id>" -d <debug_image>docker exec <debug_container_id> ps aux
ENTRYPOINT您可以在输出中看到我的“dotnet TSL.Security.Service.dll”与“/usr/sbin/sshd -D”结合在一起docker exec <debug_container_id> ps aux
我目前运行 sshd 的方法是:
docker exec -d <debug_container_id> bash -c "/usr/sbin/sshd -D"
通过我的解决方法,我可以通过 ssh 进入容器。
因此你可以将 ENTRYPOINT 和 CMD 结合起来,参见这里尽管本文作者正在构建一个使用 ENTRYPOINT 和 CMD 组合来执行的单字符串命令。我试图执行两个命令字符串。
重读之后我开始意识到文章使用 ENTRYPOINT 和 CMD 一起用于构建要执行的单个字符串命令,用户可以根据需要docker run覆盖参数。CMD
我试图在容器运行时执行两个命令,因此我尝试将 ENTRYPOINT 更改为以下内容并完全删除 CMD:
ENTRYPOINT ["dotnet", "TSL.Security.Service.dll", "&&", "/usr/sbin/sshd", "-D"]
这导致了相同的结果,sshd 没有运行:
当我进一步调查时,我认为我正在尝试在我的 Docker 容器中启动两个进程,但我无法做到这一点:Docker 多个入口点
这是我的 debug_image 的 Dockerfile:
FROM centos:7
MAINTAINER Brian Ogden
#Timezone
ENV TZ=America/Los_Angeles
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
RUN yum update -y && \
yum clean all
#############################################
# .NET Core SDK
#############################################
RUN yum install -y \
libunwind \
libicu
RUN curl -sSL -o dotnet.tar.gz https://go.microsoft.com/fwlink/?linkid=848821
RUN mkdir -p /opt/dotnet && tar zxf dotnet.tar.gz -C /opt/dotnet
RUN ln -s /opt/dotnet/dotnet /usr/local/bin
#speed up dotnet core builds
ENV NUGET_XMLDOC_MODE skip
ENV DOTNET_SKIP_FIRST_TIME_EXPERIENCE true
#############################################
#############################################
# Setup Container for SSH
#############################################
WORKDIR /
RUN yum install -y \
unzip \
openssh-server \
curl
RUN mkdir -p /var/run/sshd
RUN echo 'root:password' | chpasswd
# SSH login fix. Otherwise user is kicked off after login
#ref https://engineering.riotgames.com/news/jenkins-ephemeral-docker-tutorial
RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
# gen dummy keys, centos doesn't autogen them like ubuntu does
#ref https://engineering.riotgames.com/news/jenkins-ephemeral-docker-tutorial
RUN /usr/bin/ssh-keygen -A
#to pass environment variables when running a Dockerized SSHD service.
#SSHD scrubs the environment, therefore ENV variables contained in Dockerfile
#must be pushed to /etc/profile in order for them to be available.
ENV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile
#############################################
#############################################
# .NET Sevrice setup
#############################################
#install CLRDBG, Microsoft's new cross-platform command line debugger used for debugging code running on .NET Core
RUN curl -sSL https://aka.ms/getclrdbgsh | bash /dev/stdin vs2015u2 ~/clrdbg
# Copy our code from the "/src/MyWebApi/bin/Debug/netcoreapp1.1/publish" folder to the "/app" folder in our container
WORKDIR /app
COPY ./src/TSL.Security.Service/bin/Debug/netcoreapp1.1/publish .
ARG ASPNETCORE_ENVIRONMENT
# Expose port 5000 for the Web API traffic
ENV ASPNETCORE_URLS http://+:5000
ENV ASPNETCORE_ENVIRONMENT $ASPNETCORE_ENVIRONMENT
EXPOSE 5000 22
ENTRYPOINT ["dotnet", "TSL.Security.Service.dll"]
#############################################
#I wish this would start ssh when the container is ran but it doesn't, tried lots to get this to work
CMD ["/usr/sbin/sshd","-D"]