在centos8中,默认是启动了 firewalld的,而且默认是关闭了流量转交,为了让docker 镜像能上网,须要firewalld如下配置:
firewall-cmd --query-masquerade 查看状态 no关闭 yes许可firewall-cmd --add-masquerade --permanent永久开启IP地址转发firewall-cmd --reload 重载防火墙规则,使之生效
Setup 2 安装centos7镜像
docker search centosdocker pull centosdocker -run -itd --name centos-t1 centos:centos7 -p 2244:22 /bin/bash (把稳:采取默认net默认,不能利用net host或者none模式)
Setup3 进入docker镜像安装net-tools和sshd
docker exec -it centos-t1 /bin/bash #进入镜像yum install net-tools #安装ifconfigyum install -y vim lrzsz wget gcc-c++ pcre pcre-devel zlib zlib-deve l ruby openssl openssl-devel patch bash-completion zlib.i686 libstdc++.i686 lsof unzip zip #安装必要软件yum install -y openssh-server openssh-clients/usr/sbin/sshd -p 2200 #-p后面是自定义端口
如果报错:
[root@d2fb3e67eb84 /]# /usr/sbin/sshd -p 2200Could not load host key: /etc/ssh/ssh_host_rsa_keyCould not load host key: /etc/ssh/ssh_host_ecdsa_keyCould not load host key: /etc/ssh/ssh_host_ed25519_keysshd: no hostkeys available -- exiting.[root@d2fb3e67eb84 /]# ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N ''[root@d2fb3e67eb84 /]# ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''[root@d2fb3e67eb84 /]# ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key -N ''[root@d2fb3e67eb84 /]# /usr/sbin/sshd -p 2200 #-p后面是自定义端口
把稳:开拓2244端口
firewall-cmd --add-port=2244/tcp
