Docker Apache 起動イメージ †Docker を使用し、コンテナを起動したら Apache が自動で起動し、ログの確認や管理も行うことの出来る環境を作成します。 Dockerfile †まず以下のような Dockerfile を作成します。 FROM centos MAINTAINER otsuka RUN yum -y update && yum -y upgrade RUN yum install -y httpd RUN yum install -y openssh openssh-server openssh-clients sudo RUN useradd beat RUN passwd -f -u beat RUN mkdir -p /home/beat/.ssh;chown beat /home/beat/.ssh;chmod 700 /home/beat/.ssh ADD ./authorized_keys /home/beat/.ssh/authorized_keys RUN chown beat /home/beat/.ssh/authorized_keys;chmod 600 /home/beat/.ssh/authorized_keys RUN echo "beat ALL=(ALL) ALL" >> /etc/sudoers.d/beat #ADD ./sshd_config /etc/ssh/sshd_config RUN sed -ri "s/^UsePAM yes/#UsePAM yes/" /etc/ssh/sshd_config RUN sed -ri "s/^#UsePAM no/UsePAM no/" /etc/ssh/sshd_config RUN /etc/init.d/sshd start;/etc/init.d/sshd stop EXPOSE 80 22 ENTRYPOINT /etc/init.d/httpd start && /etc/init.d/sshd start && /bin/bash 行っているのは以下のような内容です。 authorized_keys †公開鍵 authorized_keys は ssh-keygen で以下のように作成します。 $ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/beat/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/beat/.ssh/id_rsa. Your public key has been saved in /home/beat/.ssh/id_rsa.pub. The key fingerprint is: 32:68:59:0f:88:06:ee:c6:f9:5f:44:1e:8e:1b:6d:af beat@docker-host The key's randomart image is: +--[ RSA 2048]----+ |. | |.. . . | | .o . oo | |o.. +*o. | | = +oo*S | |. .. =o. | | . . . . | | . . . | | . E | +-----------------+ 生成された公開鍵 id_rsa.pub を Dockerfile と同じ PATH に authorized_keys としてコピーしておきます。 $ cp ~/.ssh/id_rsa.pub authorized_keys build †用意が出来たらタグを指定して docker build を実行します。 $ sudo docker build -t centos:apache-pm . Uploading context 4.096 kB Uploading context Step 0 : FROM centos ---> 0c752394b855 Step 1 : MAINTAINER otsuka ---> Running in 33c852790c37 ---> af203b927e15 Removing intermediate container 33c852790c37 Step 2 : RUN yum -y update && yum -y upgrade ---> Running in 0af65bb828fc Loaded plugins: fastestmirror Setting up Update Process No Packages marked for Update Loaded plugins: fastestmirror Determining fastest mirrors * base: ftp.nara.wide.ad.jp * extras: ftp.nara.wide.ad.jp * updates: ftp.nara.wide.ad.jp Setting up Upgrade Process No Packages marked for Update ---> 8b2ddfc67d51 Removing intermediate container 0af65bb828fc Step 3 : RUN yum install -y httpd ---> Running in d285859a071d Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: ftp.nara.wide.ad.jp * extras: ftp.nara.wide.ad.jp * updates: ftp.nara.wide.ad.jp Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package httpd.x86_64 0:2.2.15-30.el6.centos will be installed --> Processing Dependency: httpd-tools = 2.2.15-30.el6.centos for package: httpd-2.2.15-30.el6.centos.x86_64 --> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.2.15-30.el6.centos.x86_64 --> Processing Dependency: initscripts >= 8.36 for package: httpd-2.2.15-30.el6.centos.x86_64 --> Processing Dependency: apr-util-ldap for package: httpd-2.2.15-30.el6.centos.x86_64 --> Processing Dependency: /etc/mime.types for package: httpd-2.2.15-30.el6.centos.x86_64 --> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.2.15-30.el6.centos.x86_64 --> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.2.15-30.el6.centos.x86_64 --> Running transaction check ---> Package apr.x86_64 0:1.3.9-5.el6_2 will be installed ---> Package apr-util.x86_64 0:1.3.9-3.el6_0.1 will be installed ---> Package apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 will be installed ---> Package httpd-tools.x86_64 0:2.2.15-30.el6.centos will be installed ---> Package initscripts.x86_64 0:9.03.40-2.el6.centos.1 will be installed --> Processing Dependency: upstart >= 0.6.0 for package: initscripts-9.03.40-2.el6.centos.1.x86_64 --> Processing Dependency: ethtool >= 1.8-2 for package: initscripts-9.03.40-2.el6.centos.1.x86_64 --> Processing Dependency: /sbin/ip for package: initscripts-9.03.40-2.el6.centos.1.x86_64 --> Processing Dependency: /sbin/arping for package: initscripts-9.03.40-2.el6.centos.1.x86_64 ---> Package mailcap.noarch 0:2.1.31-2.el6 will be installed ---> Package redhat-logos.noarch 0:60.0.14-12.el6.centos will be installed --> Running transaction check ---> Package ethtool.x86_64 2:3.5-1.4.el6_5 will be installed ---> Package iproute.x86_64 0:2.6.32-32.el6_5 will be installed --> Processing Dependency: iptables >= 1.4.5 for package: iproute-2.6.32-32.el6_5.x86_64 --> Processing Dependency: libxtables.so.4()(64bit) for package: iproute-2.6.32-32.el6_5.x86_64 ---> Package iputils.x86_64 0:20071127-17.el6_4.2 will be installed ---> Package upstart.x86_64 0:0.6.5-13.el6_5.3 will be installed --> Running transaction check ---> Package iptables.x86_64 0:1.4.7-11.el6 will be installed --> Processing Dependency: policycoreutils for package: iptables-1.4.7-11.el6.x86_64 --> Running transaction check ---> Package policycoreutils.x86_64 0:2.0.83-19.39.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: httpd x86_64 2.2.15-30.el6.centos updates 821 k Installing for dependencies: apr x86_64 1.3.9-5.el6_2 base 123 k apr-util x86_64 1.3.9-3.el6_0.1 base 87 k apr-util-ldap x86_64 1.3.9-3.el6_0.1 base 15 k ethtool x86_64 2:3.5-1.4.el6_5 updates 101 k httpd-tools x86_64 2.2.15-30.el6.centos updates 73 k initscripts x86_64 9.03.40-2.el6.centos.1 updates 940 k iproute x86_64 2.6.32-32.el6_5 updates 365 k iptables x86_64 1.4.7-11.el6 base 252 k iputils x86_64 20071127-17.el6_4.2 base 120 k mailcap noarch 2.1.31-2.el6 base 27 k policycoreutils x86_64 2.0.83-19.39.el6 base 648 k redhat-logos noarch 60.0.14-12.el6.centos base 15 M upstart x86_64 0.6.5-13.el6_5.3 updates 177 k Transaction Summary ================================================================================ Install 14 Package(s) Total download size: 18 M Installed size: 30 M Downloading Packages: -------------------------------------------------------------------------------- Total 2.9 MB/s | 18 MB 00:06 warning: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 Importing GPG key 0xC105B9DE: Userid : CentOS-6 Key (CentOS 6 Official Signing Key) <centos-6-key@centos.org> Package: centos-release-6-5.el6.centos.11.2.x86_64 (@Updates/$releasever) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Warning: RPMDB altered outside of yum. ** Found 2 pre-existing rpmdb problem(s), 'yum check' output follows: udev-147-2.51.el6.x86_64 has missing requires of /sbin/service udev-147-2.51.el6.x86_64 has missing requires of MAKEDEV >= ('0', '3.11', None) Installing : apr-1.3.9-5.el6_2.x86_64 1/14 Installing : apr-util-1.3.9-3.el6_0.1.x86_64 2/14 Installing : apr-util-ldap-1.3.9-3.el6_0.1.x86_64 3/14 Installing : httpd-tools-2.2.15-30.el6.centos.x86_64 4/14 Installing : mailcap-2.1.31-2.el6.noarch 5/14 Installing : upstart-0.6.5-13.el6_5.3.x86_64 6/14 Installing : redhat-logos-60.0.14-12.el6.centos.noarch 7/14 Installing : 2:ethtool-3.5-1.4.el6_5.x86_64 8/14 Installing : iputils-20071127-17.el6_4.2.x86_64 9/14 Installing : iproute-2.6.32-32.el6_5.x86_64 10/14 Installing : initscripts-9.03.40-2.el6.centos.1.x86_64 11/14 Installing : policycoreutils-2.0.83-19.39.el6.x86_64 12/14 Installing : iptables-1.4.7-11.el6.x86_64 13/14 Installing : httpd-2.2.15-30.el6.centos.x86_64 14/14 Verifying : httpd-2.2.15-30.el6.centos.x86_64 1/14 Verifying : apr-1.3.9-5.el6_2.x86_64 2/14 Verifying : 2:ethtool-3.5-1.4.el6_5.x86_64 3/14 Verifying : iproute-2.6.32-32.el6_5.x86_64 4/14 Verifying : apr-util-ldap-1.3.9-3.el6_0.1.x86_64 5/14 Verifying : initscripts-9.03.40-2.el6.centos.1.x86_64 6/14 Verifying : iputils-20071127-17.el6_4.2.x86_64 7/14 Verifying : redhat-logos-60.0.14-12.el6.centos.noarch 8/14 Verifying : iptables-1.4.7-11.el6.x86_64 9/14 Verifying : upstart-0.6.5-13.el6_5.3.x86_64 10/14 Verifying : mailcap-2.1.31-2.el6.noarch 11/14 Verifying : httpd-tools-2.2.15-30.el6.centos.x86_64 12/14 Verifying : apr-util-1.3.9-3.el6_0.1.x86_64 13/14 Verifying : policycoreutils-2.0.83-19.39.el6.x86_64 14/14 Installed: httpd.x86_64 0:2.2.15-30.el6.centos Dependency Installed: apr.x86_64 0:1.3.9-5.el6_2 apr-util.x86_64 0:1.3.9-3.el6_0.1 apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 ethtool.x86_64 2:3.5-1.4.el6_5 httpd-tools.x86_64 0:2.2.15-30.el6.centos initscripts.x86_64 0:9.03.40-2.el6.centos.1 iproute.x86_64 0:2.6.32-32.el6_5 iptables.x86_64 0:1.4.7-11.el6 iputils.x86_64 0:20071127-17.el6_4.2 mailcap.noarch 0:2.1.31-2.el6 policycoreutils.x86_64 0:2.0.83-19.39.el6 redhat-logos.noarch 0:60.0.14-12.el6.centos upstart.x86_64 0:0.6.5-13.el6_5.3 Complete! ---> d55e52846a21 Removing intermediate container d285859a071d Step 4 : RUN yum install -y openssh openssh-server openssh-clients sudo ---> Running in cc0c2a23a03d Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: ftp.nara.wide.ad.jp * extras: ftp.nara.wide.ad.jp * updates: ftp.nara.wide.ad.jp Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package openssh.x86_64 0:5.3p1-94.el6 will be installed --> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-5.3p1-94.el6.x86_64 ---> Package openssh-clients.x86_64 0:5.3p1-94.el6 will be installed --> Processing Dependency: libedit.so.0()(64bit) for package: openssh-clients-5.3p1-94.el6.x86_64 ---> Package openssh-server.x86_64 0:5.3p1-94.el6 will be installed ---> Package sudo.x86_64 0:1.8.6p3-12.el6 will be installed --> Processing Dependency: vim-minimal for package: sudo-1.8.6p3-12.el6.x86_64 --> Running transaction check ---> Package fipscheck-lib.x86_64 0:1.2.0-7.el6 will be installed --> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.2.0-7.el6.x86_64 ---> Package libedit.x86_64 0:2.11-4.20080712cvs.1.el6 will be installed ---> Package vim-minimal.x86_64 2:7.2.411-1.8.el6 will be installed --> Running transaction check ---> Package fipscheck.x86_64 0:1.2.0-7.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: openssh x86_64 5.3p1-94.el6 base 258 k openssh-clients x86_64 5.3p1-94.el6 base 402 k openssh-server x86_64 5.3p1-94.el6 base 311 k sudo x86_64 1.8.6p3-12.el6 base 703 k Installing for dependencies: fipscheck x86_64 1.2.0-7.el6 base 14 k fipscheck-lib x86_64 1.2.0-7.el6 base 8.3 k libedit x86_64 2.11-4.20080712cvs.1.el6 base 74 k vim-minimal x86_64 2:7.2.411-1.8.el6 base 364 k Transaction Summary ================================================================================ Install 8 Package(s) Total download size: 2.1 M Installed size: 5.8 M Downloading Packages: -------------------------------------------------------------------------------- Total 2.2 MB/s | 2.1 MB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : fipscheck-lib-1.2.0-7.el6.x86_64 1/8 Installing : fipscheck-1.2.0-7.el6.x86_64 2/8 Installing : openssh-5.3p1-94.el6.x86_64 3/8 Installing : libedit-2.11-4.20080712cvs.1.el6.x86_64 4/8 Installing : 2:vim-minimal-7.2.411-1.8.el6.x86_64 5/8 Installing : sudo-1.8.6p3-12.el6.x86_64 6/8 Installing : openssh-clients-5.3p1-94.el6.x86_64 7/8 Installing : openssh-server-5.3p1-94.el6.x86_64 8/8 Verifying : 2:vim-minimal-7.2.411-1.8.el6.x86_64 1/8 Verifying : libedit-2.11-4.20080712cvs.1.el6.x86_64 2/8 Verifying : fipscheck-1.2.0-7.el6.x86_64 3/8 Verifying : sudo-1.8.6p3-12.el6.x86_64 4/8 Verifying : openssh-5.3p1-94.el6.x86_64 5/8 Verifying : openssh-server-5.3p1-94.el6.x86_64 6/8 Verifying : openssh-clients-5.3p1-94.el6.x86_64 7/8 Verifying : fipscheck-lib-1.2.0-7.el6.x86_64 8/8 Installed: openssh.x86_64 0:5.3p1-94.el6 openssh-clients.x86_64 0:5.3p1-94.el6 openssh-server.x86_64 0:5.3p1-94.el6 sudo.x86_64 0:1.8.6p3-12.el6 Dependency Installed: fipscheck.x86_64 0:1.2.0-7.el6 fipscheck-lib.x86_64 0:1.2.0-7.el6 libedit.x86_64 0:2.11-4.20080712cvs.1.el6 vim-minimal.x86_64 2:7.2.411-1.8.el6 Complete! ---> 862fb101de8b Removing intermediate container cc0c2a23a03d Step 5 : RUN useradd beat ---> Running in 127cf271ea82 ---> de6b43bc16a1 Removing intermediate container 127cf271ea82 Step 6 : RUN passwd -f -u beat ---> Running in e38772cc9f23 Unlocking password for user beat. passwd: Success ---> 553e2712a32d Removing intermediate container e38772cc9f23 Step 7 : RUN mkdir -p /home/beat/.ssh;chown beat /home/beat/.ssh;chmod 700 /home/beat/.ssh ---> Running in a1864a63b96b ---> 3a3e6f141821 Removing intermediate container a1864a63b96b Step 8 : ADD ./authorized_keys /home/beat/.ssh/authorized_keys ---> c8613031a181 Removing intermediate container e313d28a4cde Step 9 : RUN chown beat /home/beat/.ssh/authorized_keys;chmod 600 /home/beat/.ssh/authorized_keys ---> Running in 5698592d5f42 ---> ca1dd0db4daf Removing intermediate container 5698592d5f42 Step 10 : RUN echo "beat ALL=(ALL) ALL" >> /etc/sudoers.d/beat ---> Running in 004f9a100c56 ---> 4f2da3069f62 Removing intermediate container 004f9a100c56 Step 11 : RUN sed -ri "s/^UsePAM yes/#UsePAM yes/" /etc/ssh/sshd_config ---> Running in 1f25a008e916 ---> 3a4f5eab72b4 Removing intermediate container 1f25a008e916 Step 12 : RUN sed -ri "s/^#UsePAM no/UsePAM no/" /etc/ssh/sshd_config ---> Running in b5a823a4dc7b ---> 8cf31df161ad Removing intermediate container b5a823a4dc7b Step 13 : RUN /etc/init.d/sshd start;/etc/init.d/sshd stop ---> Running in 6b2d69ec637d Generating SSH1 RSA host key: [ OK ] Generating SSH2 RSA host key: [ OK ] Generating SSH2 DSA host key: [ OK ] Starting sshd: [ OK ] Stopping sshd: [ OK ] ---> 43c54ea9b425 Removing intermediate container 6b2d69ec637d Step 14 : EXPOSE 80 22 ---> Running in 18f732a7d365 ---> fcc407208a56 Removing intermediate container 18f732a7d365 Step 15 : ENTRYPOINT /etc/init.d/httpd start && /etc/init.d/sshd start && /bin/bash ---> Running in 1b6375ebd85f ---> 8bdcbe80c0b3 Removing intermediate container 1b6375ebd85f Successfully built 8bdcbe80c0b3 作業単位ごとに commit が行われ、エラーがなければその作業単位ごとに古い中間生成コンテナは削除され最後にイメージが完成します。 $ sudo docker images [sudo] password for beat: REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE centos apache-pm d86505357c6f 1 minutes ago 220.8 MB centos centos6 0c752394b855 8 hours ago 124.1 MB centos latest 0c752394b855 8 hours ago 124.1 MB mysite-test latest f7961339d47b 2 weeks ago 374.4 MB django-test latest dea9ca265d14 2 weeks ago 504.8 MB centos 6.4 539c0211cd76 14 months ago 300.6 MB build 時に指定した centos:apache-pm が出来ています。 docker run のオプション †Dockerfileで ENTRYPOINT を指定した場合は、コマンド(/bin/bash)を指定する必要はありません。 $ sudo docker run -i -t -p 80:80 -p 22:22 centos:apache-pm このオプションでイメージを起動すると bash が forground でコンテナが起動され shell アクセス可能な状態になっています。 $ sudo docker run -i -t -d -p 80:80 -p 22:22 centos:apache-pm
RUN git clone http://git.someurl ローカルファイルであれば ADD /var/www/html/* /var/www/html/ といったコマンドを追加する必要があります。
$ sudo docker run -i -t -d -v /home/beat/web-contents/:/var/www/html/ -p 80:80 -p 22:22 centos:apache-pm オプション -v ホストOS上のPATH : コンテナ内のPATH 更新履歴 †2014/06/13 初稿公開 Satoshi OTSUKA
|