Go to Qiita Advent Calendar 2024 Top
LoginSignup
1
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

@__kafka__

Dockerコンテナ間でssh接続をする

Posted at

Dockerコンテナ間でssh接続をする

ssh学習用に、ssh接続できるようなコンテナ2つを立てた。
その備忘録。

※ほぼほぼこちらを参考にさせていただいた。
https://qiita.com/3104k/items/16102a64fb1bae6665af

コンテナ2つを起動

  • Dockerfile。
FROM centos:7

# yum update
RUN yum -y update && yum clean all

# ssh install
RUN yum install -y openssh-server openssh-clients

CMD ["/usr/sbin/init"]

RUN mkdir  ~/.ssh && \
    touch  ~/.ssh/authorized_keys && \
    chmod 600  ~/.ssh/authorized_keys
  • Dockerイメージ生成
$ docker build -t fukafukafukka/centos_for_ssh_lesson .
  • Dockerコンテナ起動
$ docker run --privileged -d -v `pwd`:`pwd` -it --rm --name master -p 8080:80 -p 2222:22 fukafukafukka/centos_for_ssh_lesson

$ docker run --privileged -d -v `pwd`:`pwd` -it --rm --name slave -p 8090:80 -p 2233:22 --link master:mas fukafukafukka/centos_for_ssh_lesson

slaveコンテナ内でssh-keyを生成

$ docker exec -it slave bash

# cd ~/.ssh

# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
// 省略

slaveコンテナ内で~/.ssh/configの設定

masterコンテナのIPをチェック。

# ping master
PING mas (172.17.0.2) 56(84) bytes of data.
64 bytes from mas (172.17.0.2): icmp_seq=1 ttl=64 time=1.53 ms
64 bytes from mas (172.17.0.2): icmp_seq=2 ttl=64 time=0.184 ms
^C
--- mas ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.184/0.858/1.532/0.674 ms

~/.ssh/configファイルを設定する。

# vi ~/.ssh/config

Host master
HostName 172.17.0.2
User root
Port 2222
IdentityFile ~/.ssh/id_rsa

slaveコンテナ内の公開鍵をコピー

masterコンテナ配置用のslaveコンテナ内の公開鍵をコピーしておく。

# vi id_rsa.pub

// 中身をctl + c でコピー。

masterコンテナ内へ公開鍵を配置

$ docker exec -it master bash

# cd ~/.ssh

# vi authorized_keys
// slaveコンテナ内でコピーした公開鍵をペーストする

masterコンテナ内でsshポートをデフォルトから2222へ修正する

// コピーしてバックアップしておく。
# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.org

# vi /etc/ssh/sshd_config

// 以下のようにデフォルトではなっているので、Portを2222にしてコメントアウトを外す。
# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#Port 22 ← Port 2222に変更する。

上記の通り修正したら、sshdを再起動する。

# sshd -t

# systemctl restart sshd.service

slaveコンテナよりmasterコンテナへssh接続する

# ssh master
Last login: Sat May  1 02:49:38 2021 from 172.17.0.3
1
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
1
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?