zoukankan html css js c++ java

docker ssh秘钥免密登录

一、概述

有一台跳板机，已经实现了免密登录后端服务器。但是我写了一个django项目，它是运行在容器中的，也需要免密登录后端服务器。

虽然可以在容器中手动做一下免密登录，但是容器重启之后，之前做的设置都消失了。

是否可以在生成新的django镜像时，也能免密登录后端服务器呢？答案是可以的！

二、实现过程

环境说明

跳板机

操作系统：centos 7.6

ip地址：192.168.28.229

后端主机

操作系统：centos 7.6

ip地址：192.168.28.218

制作docker镜像

django_base目录结构如下：

./
├── dockerfile
├── id_rsa
│   ├── id_rsa
│   └── id_rsa.pub
├── pip.conf
├── requirements.txt
├── run.sh
└── sources.list

dockerfile

FROM ubuntu:16.04
# 修改更新源为阿里云
ADD sources.list /etc/apt/sources.list
ADD . /
# 时区为上海
ENV TZ Asia/Shanghai

# 设置时区,设置utf-8编码,安装django,添加任务计划
RUN apt-get update && apt-get install -y tzdata locales python3-pip cron openssh-server && apt-get clean all && 
    ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && 
    locale-gen en_US.UTF-8 && 
    mkdir ~/.pip && cp /pip.conf ~/.pip && pip3 install --upgrade pip && 
    pip3 install -r /requirements.txt && 
    mkdir ~/.ssh && cp -r /id_rsa/* ~/.ssh

# 解决中文乱码问题
#RUN locale-gen en_US.UTF-8
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8

# 添加启动脚本
ADD run.sh .
RUN chmod 755 run.sh
ENTRYPOINT [ "/run.sh"]

View Code

id_rsa文件夹里面的2个文件，就是跳板机的ssh秘钥，copy进来即可。

pip.conf

[global]
index-url = http://pypi.douban.com/simple
trusted-host = pypi.douban.com

requirements.txt

Django==2.1.8
paramiko==2.7.1

run.sh

#!/bin/bash

# 收集主机公钥，写入known_hosts,避免出现Are you sure you want to continue connecting (yes/no)?
ssh-keyscan -H -t ecdsa -p 22 192.168.28.218 >> ~/.ssh/known_hosts

sources.list

# deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted
deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties
deb http://archive.canonical.com/ubuntu xenial partner
deb-src http://archive.canonical.com/ubuntu xenial partner
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse

View Code

生成镜像

cd django_base
docker build -t django_base:v1 .

运行镜像

docker run -it django_base:v1 /bin/bash

测试ssh免密

ssh 192.168.28.218

不需要输入密码，就表示成功了。

查看全文

相关阅读:
VysorPro助手
 Play 2D games on Pixel running Android Nougat (N7.1.2) with Daydream View VR headset
Play 2D games on Nexus 6P running Android N7.1.1 with Daydream View VR headset
Native SBS for Android
ADB和Fastboot最新版的谷歌官方下载链接
 How do I install Daydream on my phone?
Daydream Controller手柄数据的解析
 蓝牙BLE传输性能及延迟分析
 VR(虚拟现实)开发资源汇总
 Android(Java)控制GPIO的方法及耗时分析

原文地址：https://www.cnblogs.com/xiao987334176/p/12603805.html