使用AWS(Amazon Linux2023)在docker上构建vsftpd
的是什么?
本文中记录了在AWS环境中创建了一个FTP服务器(在Docker容器中安装vsftpd),并实际执行了FTP命令并取得文件的验证内容。
通过创建Dockerfile并生成镜像,可以了解安装了什么,并且重新构建环境也更加容易。
前提条件 (paraphrased in Chinese)
-
- FTPサーバのEC2インスタンスは以下で作成
プラットフォーム:Amazon Linux2023(※1)
インスタンスタイプ:t2-micro
FTPクライアントのEC2インスタンスは以下で作成
プラットフォーム:RHEL9.0
インスタンスタイプ:t2-micro
FTPクライアント環境の構築は、1つ前に投稿した下記記事を参照ください。
AWS環境でFTPサーバを構築し、クライアントからFTPコマンドを実行
我本来想在RHEL上构建一个docker容器,并安装vsftpd。但是,RHEL8及更高版本要使用docker需要提前准备一些诸如Podman的工具,我尝试创建Dockerfile并安装vsftpd,但不成功(不知道vsftpd的RPM文件下载地址)。
但是,这次的目的是在Linux操作系统上创建一个用于vsftpd环境的docker容器,所以我决定使用Amazon Linux 2023作为平台。(而且在有时间的时候,我想再次尝试一下)
记录范围
我将描述从FTP客户端连接到FTP服务器,并执行FTP命令(GET)来获取文件的过程。(我提供了执行命令和日志的记录,希望对您参考后的执行结果有所帮助)
在尝试的过程中,我参考了以下网站:
通过Dockerfile创建一个在CentOS上运行vsftpd的Docker容器,同时学习如何使用Docker
Amazon Linux(官方)※在Dockerfile的FROM指令中指定Amazon Linux 2023的版本
Compose文件的版本和升级※在创建docker-compose.yml文件时指定的版本
预先准备(创建操作目录)
# /usr/localには、dockerディレクトリを作成
# /usr/local/dockerには、conteinar01ディレクトリを作成
[ec2-user@ip-xxx-xx-xx-xx docker]$ pwd
/usr/local/docker
[ec2-user@ip-xxx-xx-xx-xx docker]$ ls -la .
total 0
drwxr-xr-x. 3 root root 25 Nov 3 22:29 .
drwxr-xr-x. 13 root root 145 Nov 3 22:29 ..
drwxr-xr-x. 2 root root 6 Nov 3 22:29 container01
安装Docker
sudo yum install -y docker
[ec2-user@ip-xxx-xx-xx-xx docker]$ sudo yum install -y docker
上次元数据到期检查时间:0小时16分钟19秒前,2023年11月3日星期五22点23分30秒。
已解决依赖关系。
===============================================================================================================================
软件包 架构 版本 仓库 大小
===============================================================================================================================
正在安装:
docker x86_64 24.0.5-1.amzn2023.0.2 amazonlinux 42 M
正在安装依赖项:
containerd x86_64 1.7.2-1.amzn2023.0.4 amazonlinux 34 M
iptables-libs x86_64 1.8.8-3.amzn2023.0.2 amazonlinux 401 k
iptables-nft x86_64 1.8.8-3.amzn2023.0.2 amazonlinux 183 k
libcgroup x86_64 3.0-1.amzn2023.0.1 amazonlinux 75 k
libnetfilter_conntrack x86_64 1.0.8-2.amzn2023.0.2 amazonlinux 58 k
libnfnetlink x86_64 1.0.1-19.amzn2023.0.2 amazonlinux 30 k
libnftnl x86_64 1.2.2-2.amzn2023.0.2 amazonlinux 84 k
pigz x86_64 2.5-1.amzn2023.0.3 amazonlinux 83 k
runc x86_64 1.1.7-1.amzn2023.0.3 amazonlinux 3.0 M事务总结
===============================================================================================================================
安装 10 个软件包
总下载大小:80 M
已安装大小:306 M
下载软件包:
(1/10): libnftnl-1.2.2-2.amzn2023.0.2.x86_64.rpm 664 kB/s | 84 kB 00:00
(2/10): pigz-2.5-1.amzn2023.0.3.x86_64.rpm 1.3 MB/s | 83 kB 00:00
(3/10): libnfnetlink-1.0.1-19.amzn2023.0.2.x86_64.rpm 1.4 MB/s | 30 kB 00:00
(4/10): iptables-libs-1.8.8-3.amzn2023.0.2.x86_64.rpm 1.8 MB/s | 401 kB 00:00
(5/10): runc-1.1.7-1.amzn2023.0.3.x86_64.rpm 12 MB/s | 3.0 MB 00:00
(6/10): libcgroup-3.0-1.amzn2023.0.1.x86_64.rpm 1.5 MB/s | 75 kB 00:00
(7/10): libnetfilter_conntrack-1.0.8-2.amzn2023.0.2.x86_64.rpm 1.1 MB/s | 58 kB 00:00
(8/10): iptables-nft-1.8.8-3.amzn2023.0.2.x86_64.rpm 2.3 MB/s | 183 kB 00:00
(9/10): containerd-1.7.2-1.amzn2023.0.4.x86_64.rpm 45 MB/s | 34 MB 00:00
(10/10): docker-24.0.5-1.amzn2023.0.2.x86_64.rpm 37 MB/s | 42 MB 00:01
——————————————————————————————————————————-
总计 55 MB/s | 80 MB 00:01
正在运行事务检查
事务检查成功。
正在运行事务测试
事务测试成功。
正在运行事务
Preparing : 1/1
Installing : runc-1.1.7-1.amzn2023.0.3.x86_64 1/10
Installing : containerd-1.7.2-1.amzn2023.0.4.x86_64 2/10
Running scriptlet: containerd-1.7.2-1.amzn2023.0.4.x86_64 2/10
Installing : libcgroup-3.0-1.amzn2023.0.1.x86_64 3/10
Installing : libnfnetlink-1.0.1-19.amzn2023.0.2.x86_64 4/10
Installing : libnetfilter_conntrack-1.0.8-2.amzn2023.0.2.x86_64 5/10
Installing : iptables-libs-1.8.8-3.amzn2023.0.2.x86_64 6/10
Installing : pigz-2.5-1.amzn2023.0.3.x86_64 7/10
Installing : libnftnl-1.2.2-2.amzn2023.0.2.x86_64 8/10
Installing : iptables-nft-1.8.8-3.amzn2023.0.2.x86_64 9/10
Running scriptlet: iptables-nft-1.8.8-3.amzn2023.0.2.x86_64 9/10
Running scriptlet: docker-24.0.5-1.amzn2023.0.2.x86_64 10/10
Installing : docker-24.0.5-1.amzn2023.0.2.x86_64 10/10
Running scriptlet: docker-24.0.5-1.amzn2023.0.2.x86_64 10/10
正在创建符号链接/etc/systemd/system/sockets.target.wants/docker.socket → /usr/lib/systemd/system/docker.socket。
Verifying : libnftnl-1.2.2-2.amzn2023.0.2.x86_64 1/10
Verifying : iptables-libs-1.8.8-3.amzn2023.0.2.x86_64 2/10
Verifying : runc-1.1.7-1.amzn2023.0.3.x86_64 3/10
Verifying : pigz-2.5-1.amzn2023.0.3.x86_64 4/10
Verifying : libnfnetlink-1.0.1-19.amzn2023.0.2.x86_64 5/10
Verifying : libcgroup-3.0-1.amzn2023.0.1.x86_64 6/10
Verifying : docker-24.0.5-1.amzn2023.0.2.x86_64 7/10
Verifying : containerd-1.7.2-1.amzn2023.0.4.x86_64 8/10
Verifying : libnetfilter_conntrack-1.0.8-2.amzn2023.0.2.x86_64 9/10
Verifying : iptables-nft-1.8.8-3.amzn2023.0.2.x86_64 10/10
已安装:
containerd-1.7.2-1.amzn2023.0.4.x86_64 docker-24.0.5-1.amzn2023.0.2.x86_64
iptables-libs-1.8.8-3.amzn2023.0.2.x86_64 iptables-nft-1.8.8-3.amzn2023.0.2.x86_64
libcgroup-3.0-1.amzn2023.0.1.x86_64 libnetfilter_conntrack-1.0.8-2.amzn2023.0.2.x86_64
libnfnetlink-1.0.1-19.amzn2023.0.2.x86_64 libnftnl-1.2.2-2.amzn2023.0.2.x86_64
pigz-2.5-1.amzn2023.0.3.x86_64 runc-1.1.7-1.amzn2023.0.3.x86
启动Docker服务(★所示为执行命令)
[ec2-user@ip-xxx-xx-xx-xx docker]$ sudo service docker start ★
Redirecting to /bin/systemctl start docker.service
[ec2-user@ip-xxx-xx-xx-xx docker]$ docker --version ★
Docker version 24.0.5, build ced0996
设置使得「ec2-user」无需使用sudo命令即可执行docker命令。
#su切り替え
sudo su
#Dockerグループにec2-userを紐づける
sudo gpasswd -a ec2-user docker
#docker infoコマンドがsudoなしで実行できる
docker info
[ec2-user@ip-xxx-xx-xx-xx docker]$ sudo su ★
[root@ip-xxx-xx-xx-xx docker]# grep -i docker /etc/group ★确认更改前的情况
docker:x:992:
[root@ip-xxx-xx-xx-xx docker]# sudo gpasswd -a ec2-user docker ★
将用户ec2-user添加到docker组
[root@ip-xxx-xx-xx-xx docker]# grep -i docker /etc/group ★确认更改后的情况
docker:x:992:ec2-user
[ec2-user@ip-xxx-xx-xx-xx docker]$ docker info ★
客户端:
版本:24.0.5
上下文: 默认
调试模式:false
插件:
buildx:Docker Buildx (Docker Inc.)
版本:v0.0.0+unknown
路径:/usr/libexec/docker/cli-plugins/docker-buildx服务器:
错误:尝试连接到Docker守护程序套接字unix:///var/run/docker.sock时权限被拒绝:Get “http://%2Fvar%2Frun%2Fdocker.sock/v1.24/info”: dial unix /var/run/docker.sock: connect: permission denied
错误:打印信息时出错 ★在这个目的上不必担心这个错误,继续进行。
将Docker服务配置为自动启动
sudo systemctl enable docker
systemctl is-enabled docker
[ec2-user@ip-xxx-xx-xx-xx docker]$ sudo systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
[ec2-user@ip-xxx-xx-xx-xx docker]$ systemctl is-enabled docker
enabled
安装Docker Compose
#docker-composeのバイナリファイルを格納するディレクトリは作成しておく
#/usr/local/lib/docker/cli-plugins/docker-compose
sudo curl -L https://github.com/docker/compose/releases/download/v${VER}/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/lib/docker/cli-plugins/docker-compose
#ダウンロードしたdocker-compose(バイナリファイル)に実行権限を付与
sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
#/usr/bin/に/usr/local/lib/docker/cli-plugins/docker-composeへのシンボリックリンクを設定
sudo ln -s /usr/local/lib/docker/cli-plugins/docker-compose /usr/bin/docker-compose
#docker-composeのバージョンを確認
docker-compose --version
[ec2-user@ip-xxx-xx-xx-xx docker]$ sudo curl -L https://github.com/docker/compose/releases/download/v${VER}/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/lib/docker/cli-plugins/docker-compose
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 –:–:– –:–:– –:–:– 0
100 56.8M 100 56.8M 0 0 63.0M 0 –:–:– –:–:– –:–:– 139M
[ec2-user@ip-xxx-xx-xx-xx docker]$ sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
#/usr/bin/に/usr/local/lib/docker/cli-plugins/docker-composeへのシンボリックリンクを設定
[ec2-user@ip-xxx-xx-xx-xx docker]$ sudo ln -s /usr/local/lib/docker/cli-plugins/docker-compose /usr/bin/docker-compose
准备「myapp.sh」
vsftpdはデーモン起動するため、vsftpdの起動処理が終了するとDockerコンテナも終了してしまうため、「tail -f /dev/null」を利用してDockerコンテナが終了しないようにする。
・我的应用程序.sh
#!/usr/bin/bash
#vsftpdを起動
/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
#デーモン起動のDockerコンテナを終了させない
tail -f /dev/null
创建Dockerfile
-
- 「Amazon Linux2023」のイメージを利用
-
- FTPサーバは「vsftpd」をインストール
-
- 作業ディレクトリは「/usr/local/docker」
-
- ポート番号は「21」、「60000-60100」を指定
- 「vsftpd」起動向けに上記で準備した「myapp.sh」を指定して実行
#書式: FROM [イメージ] [タグ]
FROM amazonlinux:2023.2.20231026.0
#書式: RUN [コマンド]
RUN yum install -y vsftpd
#書式: WORKDIR [ディレクトリのパス]
WORKDIR /usr/local/docker
#書式: EXPOSE […]
EXPOSE 21
EXPOSE 60000-60100
#FTPテスト用のテキスト
RUN echo “Hello Amazon Linux2023 vsftpd.” > /var/ftp/pub/test.txt
#書式: COPY [コピー元][コピー先]
COPY vsftpd.conf /etc/vsftpd/
COPY myapp.sh /usr/local/bin/
#myapp.shの権限変更
RUN chmod 755 /usr/local/bin/myapp.sh
#書式: ENTRYPOINT [“実行可能なもの”, “パラメータ1”, “パラメータ2”]
ENTRYPOINT [“/usr/local/bin/myapp.sh”]
构建Dockerfile并对其进行镜像化。
#カレントディレクトリは「/usr/local/docker」、その直下に「Dockerfile」を配置
#タグ名は「al2023/vsftpd」 ※後述するdocker-compose.ymlで指定する名称
sudo docker build -t al2023/vsftpd .
[+] Building 21.9s (11/11) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 385B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/amazonlinux:2023.2.20231026.0 2.1s
=> [1/6] FROM docker.io/library/amazonlinux:2023.2.20231026.0@sha256:6d13678b68a6db66e13f1c738a721e5df41e9911a89c470825 5.2s
=> => resolve docker.io/library/amazonlinux:2023.2.20231026.0@sha256:6d13678b68a6db66e13f1c738a721e5df41e9911a89c470825 0.9s
=> => sha256:6d13678b68a6db66e13f1c738a721e5df41e9911a89c47082584cc76599b1ce8 547B / 547B 0.0s
=> => sha256:e1066a340e771620fdc12b9b65e19f49b732438cc9e3e5d4c72f3242ecacc24c 529B / 529B 0.0s
=> => sha256:5480a906305fcfcc0b956402f447cf29b9cd2cebd02290a09b05cdb9354c23ed 1.48kB / 1.48kB 0.0s
=> => sha256:a98bc98bb91a9e3ba206b37674c857456e1df8dd9fed29335a0441ffe4ba5869 52.40MB / 52.40MB 0.6s
=> => extracting sha256:a98bc98bb91a9e3ba206b37674c857456e1df8dd9fed29335a0441ffe4ba5869 3.4s
=> [internal] load build context 0.0s
=> => transferring context: 12.27kB 0.0s
=> [2/6] RUN yum install -y vsftpd 12.8s
=> [3/6] RUN echo “Hello Amazon Linux2023 vsftpd.” > /var/ftp/pub/test.txt 0.3s
=> [4/6] COPY vsftpd.conf /etc/vsftpd/ 0.0s
=> [5/6] COPY myapp.sh /usr/local/bin/ 0.1s
=> [6/6] RUN chmod 755 /usr/local/bin/myapp.sh 0.3s
=> exporting to image 1.0s
=> => exporting layers 0.9s
=> => writing image sha256:3bec3024d1bdadf01f4098c162c56ab6b3403bbbb7a0ddf8caa416825424c557 0.0s
=> => naming to docker.io/al2023/vsftpd
确认al2023/vsftpd镜像的内容
#タブ名はDockerfileのビルド時に指定した名称
[ec2-user@ip-xxx-xx-xx-xx docker]$ docker inspect al2023/vsftpd
[ec2-user@ip-xxx-xx-xx-xx docker]$ docker inspect al2023/vsftpd
[
{
“Id”: “sha256:3bec3024d1bdadf01f4098c162c56ab6b3403bbbb7a0ddf8caa416825424c557”,
“RepoTags”: [
“al2023/vsftpd:latest”
],
“RepoDigests”: [],
“Parent”: “”,
“Comment”: “buildkit.dockerfile.v0”,
“Created”: “2023-11-04T01:11:16.071521807Z”,
“Container”: “”,
“ContainerConfig”: {
“Hostname”: “”,
“Domainname”: “”,
“User”: “”,
“AttachStdin”: false,
“AttachStdout”: false,
“AttachStderr”: false,
“Tty”: false,
“OpenStdin”: false,
“StdinOnce”: false,
“Env”: null,
“Cmd”: null,
“Image”: “”,
“Volumes”: null,
“WorkingDir”: “”,
“Entrypoint”: null,
“OnBuild”: null,
“Labels”: null
},
“DockerVersion”: “”,
“Author”: “”,
“Config”: {
“Hostname”: “”,
“Domainname”: “”,
“User”: “”,
“AttachStdin”: false,
“AttachStdout”: false,
“AttachStderr”: false,
“ExposedPorts”: {
“21/tcp”: {},
“60000/tcp”: {},
“60001/tcp”: {},
“60002/tcp”: {},
“60003/tcp”: {},
“60004/tcp”: {},
“60005/tcp”: {},
“60006/tcp”: {},
“60007/tcp”: {},
“60008/tcp”: {},
“60009/tcp”: {},
“60010/tcp”: {},
“60011/tcp”: {},
“60012/tcp”: {},
“60013/tcp”: {},
“60014/tcp”: {},
“60015/tcp”: {},
“60016/tcp”: {},
“60017/tcp”: {},
“60018/tcp”: {},
“60019/tcp”: {},
“60020/tcp”: {},
“60021/tcp”: {},
“60022/tcp”: {},
“60023/tcp”: {},
“60024/tcp”: {},
“60025/tcp”: {},
“60026/tcp”: {},
“60027/tcp”: {},
“60028/tcp”: {},
“60029/tcp”: {},
“60030/tcp”: {},
“60031/tcp”: {},
“60032/tcp”: {},
“60033/tcp”: {},
“60034/tcp”: {},
“60035/tcp”: {},
“60036/tcp”: {},
“60037/tcp”: {},
“60038/tcp”: {},
“60039/tcp”: {},
“60040/tcp”: {},
“60041/tcp”: {},
“60042/tcp”: {},
“60043/tcp”: {},
“60044/tcp”: {},
“60045/tcp”: {},
“60046/tcp”: {},
“60047/tcp”: {},
“60048/tcp”: {},
“60049/tcp”: {},
“60050/tcp”: {},
“60051/tcp”: {},
“60052/tcp”: {},
“60053/tcp”: {},
“60054/tcp”: {},
“60055/tcp”: {},
“60056/tcp”: {},
“60057/tcp”: {},
“60058/tcp”: {},
“60059/tcp”: {},
“60060/tcp”: {},
“60061/tcp”: {},
“60062/tcp”: {},
“60063/tcp”: {},
“60064/tcp”: {},
“60065/tcp”: {},
“60066/tcp”: {},
“60067/tcp”: {},
“60068/tcp”: {},
“60069/tcp”: {},
“60070/tcp”: {},
“60071/tcp”: {},
“60072/tcp”: {},
“60073/tcp”: {},
“60074/tcp”: {},
“60075/tcp”: {},
“60076/tcp”: {},
“60077/tcp”: {},
“60078/tcp”: {},
“60079/tcp”: {},
“60080/tcp”: {},
“60081/tcp”: {},
“60082/tcp”: {},
“60083/tcp”: {},
“60084/tcp”: {},
“60085/tcp”: {},
“60086/tcp”: {},
“60087/tcp”: {},
“60088/tcp”: {},
“60089/tcp”: {},
“60090/tcp”: {},
“60091/tcp”: {},
“60092/tcp”: {},
“60093/tcp”: {},
“60094/tcp”: {},
“60095/tcp”: {},
“60096/tcp”: {},
“60097/tcp”: {},
“60098/tcp”: {},
“60099/tcp”: {},
“60100/tcp”: {}
},
“Tty”: false,
“OpenStdin”: false,
“StdinOnce”: false,
“Env”: [
“PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin”
],
“Cmd”: null,
“Image”: “”,
“Volumes”: null,
“WorkingDir”: “”,
“Entrypoint”: [
“/usr/local/bin/myapp.sh”
],
“OnBuild”: null,
“Labels”: null
},
“Architecture”: “amd64”,
“Os”: “linux”,
“Size”: 251598116,
“VirtualSize”: 251598116,
“GraphDriver”: {
“Data”: {
“LowerDir”: “/var/lib/docker/overlay2/eswk8dr035tjndxu403dt0sq3/diff:/var/lib/docker/overlay2/s2g2bsphvcr1n3vxl3bo5rtz0/diff:/var/lib/docker/overlay2/q1cca91kj9ktkx4zeha2exlan/diff:/var/lib/docker/overlay2/uoy5wlul5wckt4ve0ri05y1am/diff:/var/lib/docker/overlay2/95670f3fb328cac58f738837cbda8f42ac6cc24f88f81afa54c9dc0056dcb432/diff”,
“MergedDir”: “/var/lib/docker/overlay2/ood8wx8geq0onadvf4az5x89p/merged”,
“UpperDir”: “/var/lib/docker/overlay2/ood8wx8geq0onadvf4az5x89p/diff”,
“WorkDir”: “/var/lib/docker/overlay2/ood8wx8geq0onadvf4az5x89p/work”
},
“Name”: “overlay2”
},
“RootFS”: {
“Type”: “layers”,
“Layers”: [
“sha256:405c9a3fe367001cbf2b464d42eceaaef6cc83b044174752da8492ad551d2334”,
“sha256:f6260b6f70e7c90ad088d8d02090b7f33de98dd45729ad6e2ea51bd410d78d39”,
“sha256:63f404887ab65dee14d90f6a7165621c5166318ca1df25e361c7d1cb966343c6”,
“sha256:ed066320f2957fd10ff961f56108ab9b828b584e92fb331e70ed0cd34f194677”,
“sha256:0646670f3b2e67fce767aba32303bd582a0086ccef60de2fbcbf33dc8600072e”,
“sha256:c51fd6bae3dce587a51122573114c1d3267fcb95d26ac7367fbf5cbda577c6c7”
]
},
“Metadata”: {
“LastTagTime”: “2023-11-04T01:11:17.038371583Z”
}
}
]
运行Docker容器
docker-compose up -d
#docker-compose.ymlがあるディレクトリに移動
#「usr/local/docker/container01」ディレクトリに「docker-compose.yml」が配置されている事を確認
[ec2-user@ip-xxx-xx-xx-xx docker]$ cd container01/
[ec2-user@ip-xxx-xx-xx-xx container01]$ ls -la
total 4
drwxr-xr-x. 2 root root 32 Nov 4 01:10 .
drwxr-xr-x. 3 root root 78 Nov 4 00:53 ..
-rw-r–r–. 1 root root 139 Nov 4 01:10 docker-compose.yml
#Docokerコンテナを起動
[ec2-user@ip-xxx-xx-xx-xx container01]$ docker-compose up -d
[+] Building 0.0s (0/0) docker:default
[+] Running 2/1
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s[+] Running 2/2
? Network container01_default Created 0.1s
? Container container01-ftp-1 Started
查看Docker进程
[ec2-user@ip-xxx-xx-xx-xx container01]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
045bf39f84bc al2023/vsftpd "/usr/local/bin/myap…" 2 minutes ago Up 2 minutes 0.0.0.0:21->21/tcp, :::21->21/tcp, 0.0.0.0:60000-60100->60000-60100/tcp, :::60000-60100->60000-60100/tcp container01-ftp-1
创建一个名为”ftp-user”的新用户。
#「ftp-user」を追加
[ec2-user@ip-xxx-xx-xx-xx container01]$ sudo adduser --home /home/ftp-user ftp-user ★
#「ftp-user」のパスワードを設定
[ec2-user@ip-xxx-xx-xx-xx container01]$ sudo passwd ftp-user ★
Changing password for user ftp-user.
New password: ★パスワードを入力
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
添加已在「/etc/vsftpd/user_list」中创建的用户「ftp-user」。
[ec2-user@ip-xxx-xx-xx-xx container01]$ cat /etc/vsftpd/user_list ★
ftp-user
# 「/home/ftp-user」ディレクトリの権限を確認
[ec2-user@ip-xxx-xx-xx-xx container01]$ ls -la /home/ ★
total 0
drwxr-xr-x. 4 root root 38 Nov 4 05:35 .
dr-xr-xr-x. 18 root root 237 Nov 1 22:43 ..
drwx------. 5 ec2-user ec2-user 140 Nov 4 05:28 ec2-user
drwx------. 2 ftp-user ftp-user 62 Nov 4 05:35 ftp-user
查看Dockerfile的构建结果
#コンテナ名:ftp(docker-compose.ymlに記述)を指定し、bashでコンテナ内に入る
docker-compose exec ftp bash ★
#Dockerfileで記述したCOPYコマンドでファイルがコピーされているか確認(例:myapp.sh)
ls -la /usr/local/bin/ ★
[ec2-user@ip-xxx-xx-xx-xx container01]$ docker-compose exec ftp bash ★
bash-5.2# pwd
/usr/local/docker
bash-5.2# ls -la /usr/local/bin/ ★
总用量 4
drwxr-xr-x. 1 root root 22 Nov 5 06:38 .
drwxr-xr-x. 1 root root 17 Nov 5 06:38 ..
-rwxr-xr-x. 1 root root 75 Nov 4 00:22 myapp.sh
可以使用TeraTerm5,通过FTP连接和被动模式进行数据通信的确认。
ftp>open [FTPサーバのElasticIP]
Name ([FTPサーバのElasticIP]): ftp-user
Password:
# “xx.xxx.xxx.xxx”部分是FTP服务器的弹性IP
ftp> 打开 xx.xxx.xxx.xxx
已连接到 xx.xxx.xxx.xxx (xx.xxx.xxx.xxx).
220 欢迎使用 blah FTP 服务。
用户名 (xx.xxx.xxx.xxx:ec2-user): ftp-user ★ 输入”ftp-user”
331 请输入密码。
密码: ★ 输入密码
230 登录成功。
远程系统类型为 UNIX。
使用二进制模式传输文件。
ftp> pwd
257 “/home/ftp-user” 是当前目录。
请在客户端确认要获取的目录中不存在文件。
#FTP client
#「/usr/local/ftp_sample」には、ファイルは存在しない事を確認
[ec2-user@ip-xxx-xx-xx-xxx ftp_sample]$ pwd
/usr/local/ftp_sample
[ec2-user@ip-xxx-xx-xx-xxx ftp_sample]$ ls -l
total 0
查看(获取目标)在FTP服务器上设置的文件
#FTP server
#「/usr/local/ftp_sample/ftp_server_sample.txt」を確認
[ec2-user@ip-xxx-xx-xx-xxx ~]$ cd /usr/local/ftp_sample/
[ec2-user@ip-xxx-xx-xx-xxx ftp_sample]$ ls -l
total 4
-rwxrwxrwx. 1 ftp-user ftp-user 33 Oct 21 13:52 ftp_server_sample.txt ★getするファイル
在客户端连接到FTP服务器,并使用get命令获取文件。
#FTP client
[ec2-user@ip-xxx-xx-xx-xxx ftp_sample]$ ftp
#FTP client -> FTP serverに接続
ftp> open xx.xxx.xxx.xxx ★ftpでFTP serverに接続
Connected to xx.xxx.xxx.xxx (xx.xxx.xxx.xxx).
220 Welcome to blah FTP service.
Name (xx.xxx.xxx.xxx:ec2-user): ftp-user ★ftpに接続するユーザを入力
331 Please specify the password.
Password: ★ftpに接続するパスワードを入力
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /usr/local/ftp_sample/ ★ディレクトリを「usr/local/ftp_sample」に移動(FTPサーバ上)
250 Directory successfully changed.
ftp> ls ★「usr/local/ftp_sample」ディレクトリ配下を確認(FTPサーバ上)
227 Entering Passive Mode (xx,xxx,xxx,xxx,234,103).
150 Here comes the directory listing.
-rwxrwxrwx 1 1001 1001 33 Oct 21 13:52 ftp_server_sample.txt ★「ftp_server_sample.txt」が存在している事を確認(FTPサーバ上)
226 Directory send OK.
ftp> get ftp_server_sample.txt ★getコマンドで「ftp_server_sample.txt」を取得
local: ftp_server_sample.txt remote: ftp_server_sample.txt
227 Entering Passive Mode (xx,xxx,xxx,xxx,234,104).
150 Opening BINARY mode data connection for ftp_server_sample.txt (33 bytes).
226 Transfer complete.
33 bytes received in 4e-05 secs (825.00 Kbytes/sec)
请确认在客户端上是否存在”/usr/local/ftp_sample”目录下的文件。
#FTP client
#「xxx-xx-xx-xxx」部分はFTP client側のIPアドレス
[ec2-user@ip-xxx-xx-xx-xxx ftp_sample]$ pwd
/usr/local/ftp_sample
[ec2-user@ip-xxx-xx-xx-xxx ftp_sample]$ ll
total 4
-rw-r--r--. 1 ec2-user ec2-user 33 Oct 23 11:51 ftp_server_sample.txt ★「ftp_server_sample.txt」が存在