Docker OpenWrt镜像
本文档的目标是让OpenWrt镜像在Docker————这一基于LXC的容器系统中运行。
您可以使用以下命令导入基础镜像:
$ docker import http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/openwrt-x86-generic-rootfs.tar.gz openwrt-x86-generic-rootfs $ docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE openwrt-x86-generic-rootfs latest 2cebd16f086c 6 minutes ago 5.283 MB
您可以使用以下命令在docker镜像中运行一个简单的cat:
root@turmes /home/zoobab/docker [14]# docker run -i openwrt-x86-generic-rootfs cat /etc/banner
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
ATTITUDE ADJUSTMENT (12.09, r36088)
-----------------------------------------------------
* 1/4 oz Vodka Pour all ingredients into mixing
* 1/4 oz Gin tin with ice, strain into glass.
* 1/4 oz Amaretto
* 1/4 oz Triple sec
* 1/4 oz Peach schnapps
* 1/4 oz Sour mix
* 1 splash Cranberry juice
-----------------------------------------------------
root@turmes /home/zoobab/docker [15]#
Let's run a basic command:
root@turmes /home/zoobab [17]# docker run -i openwrt-x86-generic-rootfs ifconfig
eth0 Link encap:Ethernet HWaddr F2:06:70:1D:D0:65
inet addr:172.17.0.30 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::f006:70ff:fe1d:d065/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@turmes /home/zoobab [18]# docker run -i openwrt-x86-generic-rootfs /sbin/init
init started: BusyBox v1.19.4 (2013-03-06 20:07:44 UTC)
sysinit: date: can't set kernel time zone: Operation not permitted
sysinit: Loading defaults
sysinit: Loading synflood protection
sysinit: Adding custom chains
sysinit: Loading zones
sysinit: Loading forwardings
sysinit: Loading rules
sysinit: Loading redirects
sysinit: Loading includes
sysinit: Optimizing conntrack
sysinit: Loading interfaces
您可以使用以下命令运行一个交互式命令行工具:
root@turmes /home/zoobab [20]# docker run -i -t openwrt-x86-generic-rootfs /bin/ash
BusyBox v1.19.4 (2013-03-06 20:07:44 UTC) built-in shell (ash)
Enter 'help' for a list of built-in commands.
/ # ps
PID USER VSZ STAT COMMAND
1 root 1248 S /bin/ash
6 root 1248 R ps
/ #
There seems to be an issue with /var subdirs not created:
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:51:6F:E7:12:0A
inet addr:172.17.0.44 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::51:6fff:fee7:120a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:25 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:15551 (15.1 KiB) TX bytes:648 (648.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # opkg update
Collected errors:
* opkg_conf_load: Could not create lock file /var/lock/opkg.lock: No such file or directory.
/ # mkdir -p /var/lock
/ # ls
bin dev etc lib mnt overlay proc rom root sbin sys tmp usr var www
/ # opkg update
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/packages/Packages.gz.
Updated list of available packages in /var/opkg-lists/attitude_adjustment.
/ #
让我们修改root的密码然后使用dropbear通过ssh建立连接:
/ # passwd
Changing password for root
New password:
Bad password: too weak
Retype password:
Password for root changed by root
/ # ps
PID USER VSZ STAT COMMAND
1 root 1252 S /bin/ash
21 root 1248 R ps
/ # /etc/init.d/dropbear restart
/ # ps
PID USER VSZ STAT COMMAND
1 root 1260 S /bin/ash
44 root 960 S /usr/sbin/dropbear -P /var/run/dropbear.1.pid -p 22
45 root 1248 R ps
/ #
在打开控制台的同时,在另一个终端中尝试使用ssh方式连接到IP地址:
zoobab@turmes /home/zoobab [2]$ ssh root@172.17.0.45
root@172.17.0.45's password:
BusyBox v1.19.4 (2013-03-06 20:07:44 UTC) built-in shell (ash)
Enter 'help' for a list of built-in commands.
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
ATTITUDE ADJUSTMENT (12.09, r36088)
-----------------------------------------------------
* 1/4 oz Vodka Pour all ingredients into mixing
* 1/4 oz Gin tin with ice, strain into glass.
* 1/4 oz Amaretto
* 1/4 oz Triple sec
* 1/4 oz Peach schnapps
* 1/4 oz Sour mix
* 1 splash Cranberry juice
-----------------------------------------------------
root@17691dbb9d9a:~#
</code<
接下来,让我们安装一个软件包:
<code>
root@17691dbb9d9a:~# opkg update
Collected errors:
* opkg_conf_load: Could not create lock file /var/lock/opkg.lock: No such file or directory.
root@17691dbb9d9a:~# mkdir /var/lock
root@17691dbb9d9a:~# opkg update
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/packages/Packages.gz.
Updated list of available packages in /var/opkg-lists/attitude_adjustment.
root@17691dbb9d9a:~# opkg install
root@17691dbb9d9a:~# ps
PID USER VSZ STAT COMMAND
1 root 1260 S /bin/ash
30 root 960 S /usr/sbin/dropbear -P /var/run/dropbear.1.pid -p 22
38 root 1032 S /usr/sbin/dropbear -P /var/run/dropbear.1.pid -p 22
39 root 1256 S -ash
48 root 1248 R ps
root@17691dbb9d9a:~# opkg install lighttpd
Installing lighttpd (1.4.30-2) to root...
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/packages/lighttpd_1.4.30-2_x86.ipk.
Installing libopenssl (1.0.1e-1) to root...
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/packages/libopenssl_1.0.1e-1_x86.ipk.
Installing zlib (1.2.7-1) to root...
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/packages/zlib_1.2.7-1_x86.ipk.
Installing libpcre (8.11-2) to root...
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/packages/libpcre_8.11-2_x86.ipk.
Installing libpthread (0.9.33.2-1) to root...
Downloading http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/packages/libpthread_0.9.33.2-1_x86.ipk.
Configuring libpthread.
Configuring libpcre.
Configuring zlib.
Configuring libopenssl.
Configuring lighttpd.
root@17691dbb9d9a:~#
您可以使用以下命令,发布docker镜像:
docker pull zoobab/openwrt-x86-attitude
Example to get a shell:
root@turmes /home/zoobab [4]# docker run -i -t zoobab/openwrt-x86-attitude /bin/ash
BusyBox v1.19.4 (2013-03-06 20:07:44 UTC) built-in shell (ash)
Enter 'help' for a list of built-in commands.
/ # ls
bin dev etc lib mnt overlay proc rom root sbin sys tmp usr var www
/ # ifconfig
eth0 Link encap:Ethernet HWaddr E6:7A:80:85:59:68
inet addr:172.17.0.46 Bcast:172.17.255.255 Mask:255.255.0.0
inet6 addr: fe80::e47a:80ff:fe85:5968/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7069 (6.9 KiB) TX bytes:328 (328.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ #
待办列表
- Fix /sbin/init to get the openwrt banner and shell at the end?
- Fix the /var entries: mkdir /var/run && mkdir /var/lock
- Change the build to generate some images with dev entries
- Get the LUCI web interface to work
- publish more images with x64 and/or x32 arch
- publish images with a different arch via qemu (http://dktrkranz.wordpress.com/2013/11/19/cross-architecture-linux-containers-in-debian/)
- publish images with interesting profiles (lighttpd dirlist server, ftpd server, ircd server, tor server, etc...)
链接
Example Dockerfile
Note the use of “exec format” for the CMD which properly makes /sbin/init proc 1 and boots all services (fixing many issues).
FROM scratch
ADD https://downloads.openwrt.org/chaos_calmer/15.05/x86/generic/openwrt-15.05-x86-generic-Generic-rootfs.tar.gz /
EXPOSE 80
RUN mkdir /var/lock && \
opkg update && \
opkg install uhttpd-mod-lua && \
uci set uhttpd.main.interpreter='.lua=/usr/bin/lua' && \
uci commit uhttpd
USER root
# using exec format so that /sbin/init is proc 1 (see procd docs)
CMD ["/sbin/init"]