建立基礎的Dockerfile
建立基礎的Dockerfile
FROM ubuntu:xenial
MAINTAINER kawsing <kawsing@gmail.com>
#有基本中文環境,ssh與tftp與rsyslog
RUN echo "deb http://tw.archive.ubuntu.com/ubuntu/ xenial main\n\
deb http://tw.archive.ubuntu.com/ubuntu/ xenial multiverse\n\
deb http://tw.archive.ubuntu.com/ubuntu/ xenial universe\n\
deb http://tw.archive.ubuntu.com/ubuntu/ xenial restricted\n\
"> /etc/apt/sources.list
RUN apt-get update && apt-get install -y ssh bash-completion \
language-pack-zh-hant fonts-droid-fallback \
net-tools openssl ssl-cert \
tftp-hpa tftpd-hpa apache2 libapache2-mod-php \
mysql-server php-mysql pwgen php-apcu php-mcrypt rsyslog \
python-imaging python-pip python-setuptools \
&& apt-get autoclean \
&& apt-get autoremove \
&& rm -rf /var/lib/apt/lists/*
# Configure locales and timezone
RUN locale-gen en_US.UTF-8 en_GB.UTF-8 zh_TW.UTF-8
RUN cp /usr/share/zoneinfo/Asia/Taipei /etc/localtime
RUN echo "Asia/Taipei" > /etc/timezone
# Supervisor config
RUN mkdir /var/log/supervisor
RUN pip install supervisor
COPY supervisord.conf /etc/supervisord.conf
RUN make-ssl-cert generate-default-snakeoil --force-overwrite
RUN mkdir /var/run/sshd
RUN mkdir /opt/tftpdata
RUN echo "TFTP_USERNAME='tftp'\n\
TFTP_DIRECTORY='/opt/tftpdata'\n\
TFTP_ADDRESS='[::]:69'\n\
TFTP_OPTIONS='--secure -c -vvvv'\n\
"> /etc/default/tftpd-hpa
RUN chown -R tftp /opt/tftpdata
#建立密碼
RUN echo 'root:password' | chpasswd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
# Startup script
COPY start.sh /opt/start.sh
RUN chmod 755 /opt/start.sh
COPY ./rsyslog.conf /etc/rsyslog.conf
NV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile
EXPOSE 22
EXPOSE 80
EXPOSE 443
EXPOSE 3306
ENTRYPOINT ["/opt/start.sh"]
supervisord.conf
[unix_http_server]
file=/var/run/supervisor.sock ; (the path to the socket file)
[supervisord]
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)
logfile_backups=10 ; (num of main logfile rotation backups;default 10)
loglevel=info ; (log level;default info; others: debug,warn,trace)
pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
nodaemon=false ; (start in foreground if true;default false)
minfds=1024 ; (min. avail startup file descriptors;default 1024)
minprocs=200 ; (min. avail process descriptors;default 200)
; the below section must remain in the config file for RPC
; (supervisorctl/web interface) to work, additional interfaces may be
; added by defining them in separate rpcinterface: sections
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket
[program:ssh]
command=service ssh start
stdout_events_enabled=true
stderr_events_enabled=true
[program:rsyslog]
command=service rsyslog start
stdout_events_enabled=true
stderr_events_enabled=true
[program:apache2]
command=service apache2 start
numprocs=1
autostart=true
autorestart=true
[program:mysqld]
command=service mysql start
numprocs=1
autostart=true
autorestart=true
rsyslog.conf
/etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
# Enable non-kernel facility klog messages
$KLogPermitNonKernelFacility on
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# Filter duplicated messages
$RepeatedMsgReduction on
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
# TFTP Logfile
# template to log local in dynamic files
$template tftp,"/var/log/tftp/tftp-%$YEAR%-%$MONTH%-%$DAY%.log"
:programname, isequal, "in.tftpd" -?tftp;RSYSLOG_TraditionalFileFormat
& ~start.sh
#!/bin/bash
function start {
echo "Starting service"
ulimit -n 30000
exec /usr/local/bin/supervisord -c /etc/supervisord.conf -n
exit 0
}
start
exit 0Last updated