create Dockerfile
FROM ubuntu:latest
RUN apt-get update
RUN apt-get install openssh-server -y
RUN service ssh start
#edit sshd_config
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN sed -i 's/#PermitRootLogin yes/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
RUN sed -i 's/#PasswordAuthentication no/PasswordAuthentication no/' /etc/ssh/sshd_config
#make directory
RUN mkdir -p ~/.ssh
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]push the image
create a Repositories on docker hub (https://hub.docker.com)
?docker build and tag
docker build -t firstimage .
docker tag own-image ziyiyi/firstimage:version1then login
docker logindo the docker push
$ docker push ziyiyi/firstimage:version1
The push refers to repository [docker.io/ziyiyi/firstimage]
ec95150d5656: Pushed
575cafaa406d: Pushed
f54ff46ec837: Pushed
f25e4e9f70f3: Pushed
0b36e911075e: Pushed
d2a953fa5513: Pushed
c652dae3e282: Pushed
7f5cbd8cc787: Pushed
version1: digest: sha256:232730e524038e13284eedaba418b150c06b64e7362fb95477d212a39baa0fbe size: 1992you can see the image
$ docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
own-image latest 8bed6064f82e 16 seconds ago 224MBcreate a SSH-key
ssh-keygensee the public key
$ cat /home/ziyi/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDG/v77BlpbZsxlsm+Zh8hYzjzKVWNPlv/E7p1lP7mfM+5auj9VR7zHTLLQgMmK7ApwCk0ob89kxSTOIYdAog+Wmkrq8bsTS+6jm66lZ9Cew2hqgcXceLHgdpJHV+KKgYNKTT9JNTQlvWLzgkVdxewUhIbEkZ28IBAPv3/RwPjELJr5siElIUxbd/gbWeI8K6mM8IE07TAK5A3LdfJylvTi8oZ7MEZS78tZQEz9BtTqUQMIyU0LDfzGlgrmo3OxThwZsXxsifSJY+3t54Go2Feq0cqJ0r0KOsxnKqhpOdMTbWyE8ZvlUWt2ODZNV/FduuQ54U8IYuqgR1QNMvhjgJe8nd8FvSLYwnoQQhDNswjfaxiVFpAk2p9Et/hNYHcq1szrmHu2JKEIaq5geAh/KI2d1nwZThNjf8SrceCeqfmtddFWoRZcchzY5l6Wezi/712VlkN3u/1gJmNPnKdE1p2D082Oudyl9XUvzAbBg+kKQ0mY5cafr1FxXhzpz+Kg2vM= ziyi@ubuntu##create configMap and add the public key to?it
apiVersion: v1
kind: ConfigMap
metadata:
name: ssh-config
data:
authorized_keys: |
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDG/v77BlpbZsxlsm+Zh8hYzjzKVWNPlv/E7p1lP7mfM+5auj9VR7zHTLLQgMmK7ApwCk0ob89kxSTOIYdAog+Wmkrq8bsTS+6jm66lZ9Cew2hqgcXceLHgdpJHV+KKgYNKTT9JNTQlvWLzgkVdxewUhIbEkZ28IBAPv3/RwPjELJr5siElIUxbd/gbWeI8K6mM8IE07TAK5A3LdfJylvTi8oZ7MEZS78tZQEz9BtTqUQMIyU0LDfzGlgrmo3OxThwZsXxsifSJY+3t54Go2Feq0cqJ0r0KOsxnKqhpOdMTbWyE8ZvlUWt2ODZNV/FduuQ54U8IYuqgR1QNMvhjgJe8nd8FvSLYwnoQQhDNswjfaxiVFpAk2p9Et/hNYHcq1szrmHu2JKEIaq5geAh/KI2d1nwZThNjf8SrceCeqfmtddFWoRZcchzY5l6Wezi/712VlkN3u/1gJmNPnKdE1p2D082Oudyl9XUvzAbBg+kKQ0mY5cafr1FxXhzpz+Kg2vM=
kubectl create -f xxxxx.yaml##make a file
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keyscreate Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: application-deployment
spec:
selector:
matchLabels:
app: application
replicas: 1
template:
metadata:
labels:
app: application
spec:
runtimeClassName: kata-qemu
containers:
- name: application
image: ziyiyi/firstimage:version1
ports:
- containerPort: 22
=====================================delete====================================
volumeMounts:
- name: ssh-volume
subPath: authorized_keys
mountPath: ~/.ssh/authorized_keys
volumes:
- name: ssh-volume
configMap:
name: ssh-configapiVersion: v1
kind: Pod
metadata:
name: test-pod
labels:
app: application
spec:
runtimeClassName: kata-qemu
containers:
- name: application
image: ziyiyi/firstimage:version1
ports:
- containerPort: 22 open tunnel?
open a new terminal in?order to?expose the LoadBalancer
minikube tunnelcreate server
apiVersion: v1
kind: Service
metadata:
name: ssh-service
spec:
type: LoadBalancer
ports:
- port: 22222
targetPort: 22
name: lb
selector:
app: applicationget service
$ kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ssh-service LoadBalancer 10.107.127.107 <pending> 22222:31331/TCP 38m?load up public key to server
ssh-copy-id -i ~/.ssh/id_rsa.pub root@{externalIP}if the external-IP always pending
$ minikube service ssh-service
|-----------|-------------|-------------|-----------------------------|
| NAMESPACE | NAME | TARGET PORT | URL |
|-----------|-------------|-------------|-----------------------------|
| default | ssh-service | 22222 | http://192.168.39.176:31331 |
|-----------|-------------|-------------|-----------------------------|
🎉 Opening service default/ssh-service in default browser...then we can get the external-IP
check the connection
ssh -p 22222 root@{externalIP}when unable to connect to the server
Unable to connect to the server: dial tcp 192.168.39.176:8443: connect: no route to host
?restart the minikube
minikube start