Mirror group selected
Tomcat8 alpine base image using the most current version of the official dokcer hub, https://hub.docker.com/_/tomcat/
docker pull tomcat:8.5.32-jre8-alpine
docker tag tomcat:8.5.32-jre8-alpine 10.240.4.159/app/tomcat:8.5.32-alpine docker push 10.240.4.159/app/tomcat:8.5.32-alpine |
Add SSH support
Executed on the host #
mkdir -p / the root / docker_build / Tomcat SSH-
CD / the root / docker_build / Tomcat SSH-
CP / usr / Share / zoneinfo / Asia / of Shanghai.
VI Repositories
# --------- -------------------------------------------------- -------------
http://mirrors.aliyun.com/alpine/v3.7/main
http://mirrors.aliyun.com/alpine/v3.7/community
# - -------------------------------------------------- --------------------
vi run.sh
# ------------------------- -----------------------------------------------
#! / bin / bash
/ usr / sbin / sshd -D &
Exec mysqld
# ----------------------------------- -------------------------------------
vi Dockerfile
# ------------ -------------------------------------------------- ----------
FROM 10.240.4.159/app/tomcat:8.5.32-alpine
ADD Shanghai /etc/localtime
ADD repositories /etc/apk/repositories
RUN apk --no-cache update
RUN apk --no-cache add openssh
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" \
&& ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N "" \
&& ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" \
&& ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" \
&& sed -i "s/#PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config \
&& echo 'root:ydgw.cn' | chpasswd
ADD run.sh /root/run.sh
RUN chmod +x /root/run.sh
VOLUME [ "/ usr / local / Tomcat / webapps", "/ usr / local / Tomcat / conf", "/ usr / local / Tomcat / logs"]
CMD [ "/root/run.sh"]
# --- -------------------------------------------------- -------------------
Docker Build -t 10.240.4.159/app/tomcat:8.5.32-alpine-ssh.
Docker the Push 10.240.4.159/app/tomcat:8.5 SSH-Alpine-.32
# the following is a specific item to set the root password security, build a single image, for later use (into the new folder)
VI Dockerfile
# ----------------------- -------------------------------------------------- ----------
the FROM 10.240.4.159/app/tomcat:8.5.32-alpine-ssh
RUN echo 'root: xxxxxxxxxx' | chpasswd
# -------------- -------------------------------------------------- --------
Docker Build -t 10.240.4.159/erpjs/tomcat:8.5.32-alpine-ssh-erpjs.
Docker the Push 10.240.4.159/erpjs/tomcat:8.5.32-alpine-ssh-erpjs
Creating VOLUME volume
# Executed on the host mkdir / docker_mnt / erpjs-Tomcat # downloaded apache-tomcat-8.5.32.tar.gz uploaded to the current / tmp directory cd / tmp tar zxvpf apache-tomcat-8.5.32.tar.gz cd Tomcat-8.5.32-Apache CP -rf the webapps / docker_mnt / erpjs-Tomcat / CP -rf the conf / docker_mnt / erpjs-Tomcat / CP -rf logs / docker_mnt / erpjs-Tomcat /
TOMCAT deployment services
- Log Rancher (1.6.18), the layout tool is the default Cattle
- Applications - Users - Add Application - Name: [ERP-JS] - Creating
- Add Service - Please fill in the following information in the Add Service Configuration page - Create
Title: tomcat Select the image: 10.240.4.159/erpjs/tomcat:8.5.32-alpine-ssh-erpjs port mapping: 8080: 8080 / tcp 15922: 22 / tcp Volume - Add Volume: / docker_mnt / erpjs-tomcat / webapps: / usr / local / Tomcat / webapps / docker_mnt / erpjs-Tomcat / conf: / usr / local / Tomcat / conf / docker_mnt / erpjs-Tomcat / logs: / usr / local / Tomcat / logs network - host name: erpjs scheduling - all vessels running on the specified host: docker159
Configuration manager-gui
# SSH登陆tomcat容器 vi /usr/local/tomcat/conf/tomcat-users.xml # 在</tomcat-users> 上面添加 #------------------------------------------------------------------------ <role rolename="admin-gui"/> <role rolename="admin-script"/> <role rolename="manager-gui"/> <role rolename="manager-script"/> <role rolename="manager-jmx"/> <role rolename="manager-status"/> <user username="admin" password="ydgw.cn18" roles="manager-gui,manager-script,manager-jmx,manager-status,admin-script,admin-gui"/> #------------------------------------------------------------------------ # 创建 vi /usr/local/tomcat/conf/Catalina/localhost/manager.xml #------------------------------------------------------------------------ <Context privileged="true" antiResourceLocking="false" The docBase = " $ {} the catalina.home / the webapps / Manager " > <Valve className = " org.apache.catalina.valves.RemoteAddrValve " the allow = " ^. * $ " /> </ The Context> # ---- -------------------------------------------------- ------------------ # comment out the original content, change the following vi / usr / local / Tomcat / webapps / Host-Manager / META-INF / context.xml # ------------------------------------------------- ----------------------- <-! <Context antiResourceLocking = " false " Privileged = "true" > <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> <Manager sessionAttributeValueClassNameFilter="java\.lang\.(?:Boolean|Integer|Long|Number|String)|org\.apache\.catalina\.filters\.CsrfPreventionFilter\$LruCache(?:\$1)?|java\.util\.(?:Linked)?HashMap"/> </Context>--> <Context antiResourceLocking="false" privileged="true" > <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="^.*$" /> </Context> # ------------------------------------------------- ----------------------- # modify only the first two, then there will be access to Serve Status, Manager APP but not to HostManager