안녕하세요?
CoreELEC 의 docker 를 사용해 보겠습니다.
1. 우분투 컨테이너 생성
하기 명령으로 이미지를 받습니다.
CoreELEC:~ # docker pull ubuntu:18.04
18.04: Pulling from library/ubuntu
854ab59e811f: Pull complete
996b7ca18b13: Pull complete
50a08dcf8afc: Pull complete
d34a2e7cb38e: Pull complete
Digest: sha256:05a58ded9a2c792598e8f4aa8ffe300318eac6f294bf4f49a7abae7544918592
Status: Downloaded newer image for ubuntu:18.04
하기 명령으로 실행합니다.
-d : 백그라운드
-it : 인터렉티브
--restart : 재시작 시 자동 실행
--name : 컨테이너 이름 지정
--net : 네트워크 지정
--privileged : root 권한 부여
--volume : 호스트 볼륨을 바인딩
실제로 ubuntu:18.04 /bin/bash 로 엔트리 포인트를 넣어주는게 맞습니다만, 이미 지정이 되어 있는 것 같아서 넘어갑니다.
CoreELEC:~ # docker run -d -it --restart always --name ubuntu --net host --privileged --volume /var/media:/media ubuntu:18.04
32d18a90c9b46dc22d576581b939e5b65ef9915a9f55e9992c88b72c94499bd7
CoreELEC:~ # docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
32d18a90c9b4 ubuntu:18.04 "/bin/bash" 5 seconds ago Up 4 seconds ubuntu
d8d36c1a3190 portainer/portainer "/portainer" 8 weeks ago Up About a minute 0.0.0.0:8000->8000/tcp, 0.0.0.0:9000->9000/tcp portainer
일단 컨테이너가 생성 되었습니다.
2. 컨테이너 삭제 및 이미지 삭제
컨테이너 생성이 잘못되었을 경우 하기 처럼 삭제가 가능합니다.
CoreELEC:~ # docker stop ubuntu
ubuntu
CoreELEC:~ # docker rm ubuntu
ubuntu
그리고 컨테이가 될 이미지도 하기 처럼 삭제가 가능합니다.
ubuntu:18.04 로 입력해야합니다. 이미지 이름 + TAG 를 입력하는 것입니다.
이미지 목록은 하기와 같이 확인이 가능합니다.
CoreELEC:~ # docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 18.04 80ab8702c001 3 weeks ago 46.8MB
portainer/portainer latest 2d43e3bd3a60 3 months ago 62.4MB
CoreELEC:~ # docker rmi ubuntu
Error: No such image: ubuntu
CoreELEC:~ # docker rmi ubuntu:18.04
Untagged: ubuntu:18.04
Untagged: ubuntu@sha256:05a58ded9a2c792598e8f4aa8ffe300318eac6f294bf4f49a7abae7544918592
Deleted: sha256:80ab8702c0012c20c56d7fa5f37e7cd7680c2013da3590e0acc6b2163d8997c1
Deleted: sha256:a6ab3ff46ae547142883356a8476d93ea4c6f101dab771cf3a1dbee48271aec8
Deleted: sha256:e18b30a0e515d54707fbb2cd4310bca8dc15f947645c2634c833c4ac8014eedc
Deleted: sha256:c624189ba4a0d8f909568511e309e238161a02499e6d9cf5ed42e87f4e671819
Deleted: sha256:5bd86e6d94cb2880e4ca820c380db22984327fadf6acd5d93dae9afe561091ef
추가적으로 활용할 수 있는 부분이 많이 있으나, 일단 이정도면 문제 없이 활용이 가능합니다.
3. 우분투 컨테이너 환경 진입하기
1번에서 다시 시작하여 3번으로 옵니다.
하기 명령으로 컨테이너에 진입합니다.
CoreELEC:~ # docker exec -it ubuntu /bin/bash
root@CoreELEC:/# ls
bin boot dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
이런식으로 됩니다.
여기서 바인딩 했던 볼륨이 있는지 확인합니다.
기본적으로 CoreELEC 는 /var/media 에 디스크들이 마운트 됩니다. 그걸 /media 랑 바인드 했으니 컨테이너 안의 /media 경로에 USB가 있어야 합니다.
네 정상적으로 파일이 보입니다.
root@CoreELEC:/# cd /media
root@CoreELEC:/media# ls
ESD-ISO
root@CoreELEC:/media# cd ESD-ISO/
root@CoreELEC:/media/ESD-ISO# ls
1XZD995_DNA_1.0.1912.302_shell_Module.zip boot
IT_WLAN.zip bootmgr
NFAuthentication.key bootmgr.efi
ProPlus2019Retail.img efi
RE_LAN.zip setup.exe
'System Volume Information' sources
WIN_OFFICE_ACTIVATE_DJJPROJECT.zip support
autorun.inf ''$'\355\225\234\352\270\200''2018.rar'
마운트 되는 이름은 CoreELEC 내부적으로 드라이브 이름을 기준으로 하고 있습니다.
일단은 CoreELEC 쉘에서 fdisk 유틸리티가 사용이 되지 않아서 우분투 컨테이너에서 포맷을 하려고 하고 있습니다.
4. 우분투 컨테이너 환경 설정하기
하기와 같이 진행합니다.
패키지 리스트를 갱신합니다.
root@CoreELEC:~# apt update
Get:1 http://ports.ubuntu.com/ubuntu-ports bionic InRelease [242 kB]
Get:2 http://ports.ubuntu.com/ubuntu-ports bionic-updates InRelease [88.7 kB]
Get:3 http://ports.ubuntu.com/ubuntu-ports bionic-backports InRelease [74.6 kB]
Get:4 http://ports.ubuntu.com/ubuntu-ports bionic-security InRelease [88.7 kB]
Get:5 http://ports.ubuntu.com/ubuntu-ports bionic/restricted armhf Packages [12.5 kB]
Get:6 http://ports.ubuntu.com/ubuntu-ports bionic/main armhf Packages [1277 kB]
Get:7 http://ports.ubuntu.com/ubuntu-ports bionic/universe armhf Packages [11.0 MB]
Get:8 http://ports.ubuntu.com/ubuntu-ports bionic/multiverse armhf Packages [157 kB]
Get:9 http://ports.ubuntu.com/ubuntu-ports bionic-updates/restricted armhf Packages [11.0 kB]
Get:10 http://ports.ubuntu.com/ubuntu-ports bionic-updates/universe armhf Packages [1189 kB]
Get:11 http://ports.ubuntu.com/ubuntu-ports bionic-updates/main armhf Packages [858 kB]
Get:12 http://ports.ubuntu.com/ubuntu-ports bionic-updates/multiverse armhf Packages [4825 B]
Get:13 http://ports.ubuntu.com/ubuntu-ports bionic-backports/main armhf Packages [8247 B]
Get:14 http://ports.ubuntu.com/ubuntu-ports bionic-backports/universe armhf Packages [8101 B]
Get:15 http://ports.ubuntu.com/ubuntu-ports bionic-security/multiverse armhf Packages [1849 B]
Get:16 http://ports.ubuntu.com/ubuntu-ports bionic-security/restricted armhf Packages [5504 B]
Get:17 http://ports.ubuntu.com/ubuntu-ports bionic-security/main armhf Packages [594 kB]
Get:18 http://ports.ubuntu.com/ubuntu-ports bionic-security/universe armhf Packages [719 kB]
Fetched 16.3 MB in 9s (1740 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
5 packages can be upgraded. Run 'apt list --upgradable' to see them.
그리고 필요로 되는 패키지들을 설치합니다.
nano / vim : 에디터
dialog : 선택창을 만들어 주는 바이너리
locales : 언어 선택
rsync / git : 차후에 활용할 용도
openssh-server : ssh 서버
tzdata : timezone 설정용
root@CoreELEC:~# apt install nano vim dialog locales rsync git openssh-server tzdata
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
ca-certificates dbus dmsetup file gir1.2-glib-2.0 git-man krb5-locales less libapparmor1
libargon2-0 libasn1-8-heimdal libbsd0 libcap2 libcryptsetup12 libcurl3-gnutls libdbus-1-3
libdevmapper1.02.1 libedit2 liberror-perl libexpat1 libgdbm-compat4 libgdbm5 libgirepository-1.0-1
libglib2.0-0 libglib2.0-data libgpm2 libgssapi-krb5-2 libgssapi3-heimdal libhcrypto4-heimdal
libheimbase1-heimdal libheimntlm0-heimdal libhx509-5-heimdal libicu60 libidn11 libip4tc0 libjson-c3
libk5crypto3 libkeyutils1 libkmod2 libkrb5-26-heimdal libkrb5-3 libkrb5support0 libldap-2.4-2
libldap-common libmagic-mgc libmagic1 libmpdec2 libnghttp2-14 libnss-systemd libpam-systemd
libperl5.26 libpopt0 libpsl5 libpython3-stdlib libpython3.6 libpython3.6-minimal
libpython3.6-stdlib libreadline7 libroken18-heimdal librtmp1 libsasl2-2 libsasl2-modules
libsasl2-modules-db libsqlite3-0 libssl1.0.0 libssl1.1 libwind0-heimdal libwrap0 libx11-6
libx11-data libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxmuu1 mime-support multiarch-support
ncurses-term netbase networkd-dispatcher openssh-client openssh-sftp-server openssl patch perl
perl-modules-5.26 publicsuffix python3 python3-certifi python3-chardet python3-dbus python3-gi
python3-idna python3-minimal python3-pkg-resources python3-requests python3-six python3-urllib3
python3.6 python3.6-minimal readline-common shared-mime-info ssh-import-id systemd systemd-sysv ucf
vim-common vim-runtime wget xauth xdg-user-dirs xxd xz-utils
Suggested packages:
default-dbus-session-bus | dbus-session-bus gettext-base git-daemon-run | git-daemon-sysvinit
git-doc git-el git-email git-gui gitk gitweb git-cvs git-mediawiki git-svn gdbm-l10n gpm krb5-doc
krb5-user libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal libsasl2-modules-ldap
libsasl2-modules-otp libsasl2-modules-sql spell iw | wireless-tools keychain libpam-ssh
monkeysphere ssh-askpass molly-guard rssh ufw ed diffutils-doc perl-doc libterm-readline-gnu-perl
| libterm-readline-perl-perl make python3-doc python3-tk python3-venv python-dbus-doc
python3-dbus-dbg python3-setuptools python3-cryptography python3-openssl python3-socks
python3.6-venv python3.6-doc binutils binfmt-support readline-doc systemd-container policykit-1
ctags vim-doc vim-scripts
The following NEW packages will be installed:
ca-certificates dbus dialog dmsetup file gir1.2-glib-2.0 git git-man krb5-locales less libapparmor1
libargon2-0 libasn1-8-heimdal libbsd0 libcap2 libcryptsetup12 libcurl3-gnutls libdbus-1-3
libdevmapper1.02.1 libedit2 liberror-perl libexpat1 libgdbm-compat4 libgdbm5 libgirepository-1.0-1
libglib2.0-0 libglib2.0-data libgpm2 libgssapi-krb5-2 libgssapi3-heimdal libhcrypto4-heimdal
libheimbase1-heimdal libheimntlm0-heimdal libhx509-5-heimdal libicu60 libidn11 libip4tc0 libjson-c3
libk5crypto3 libkeyutils1 libkmod2 libkrb5-26-heimdal libkrb5-3 libkrb5support0 libldap-2.4-2
libldap-common libmagic-mgc libmagic1 libmpdec2 libnghttp2-14 libnss-systemd libpam-systemd
libperl5.26 libpopt0 libpsl5 libpython3-stdlib libpython3.6 libpython3.6-minimal
libpython3.6-stdlib libreadline7 libroken18-heimdal librtmp1 libsasl2-2 libsasl2-modules
libsasl2-modules-db libsqlite3-0 libssl1.0.0 libssl1.1 libwind0-heimdal libwrap0 libx11-6
libx11-data libxau6 libxcb1 libxdmcp6 libxext6 libxml2 libxmuu1 locales mime-support
multiarch-support nano ncurses-term netbase networkd-dispatcher openssh-client openssh-server
openssh-sftp-server openssl patch perl perl-modules-5.26 publicsuffix python3 python3-certifi
python3-chardet python3-dbus python3-gi python3-idna python3-minimal python3-pkg-resources
python3-requests python3-six python3-urllib3 python3.6 python3.6-minimal readline-common rsync
shared-mime-info ssh-import-id systemd systemd-sysv tzdata ucf vim vim-common vim-runtime wget
xauth xdg-user-dirs xxd xz-utils
0 upgraded, 122 newly installed, 0 to remove and 5 not upgraded.
Need to get 48.2 MB of archives.
After this operation, 217 MB of additional disk space will be used.
Do you want to continue? [Y/n]
중간에 타임존 세팅을 하기와 같이 합니다.
로케일 설정을 합니다.
root@CoreELEC:~# dpkg-reconfigure locales
5. openssh 서버 설정하기
설정파일을 열어서 포트와 루트 로그인 허용 설정을 합니다.
root@CoreELEC:~# vim /etc/ssh/sshd_config
13 Port 22222
14 #AddressFamily any
15 #ListenAddress 0.0.0.0
16 #ListenAddress ::
17
18 #HostKey /etc/ssh/ssh_host_rsa_key
19 #HostKey /etc/ssh/ssh_host_ecdsa_key
20 #HostKey /etc/ssh/ssh_host_ed25519_key
비밀번호를 바꿔주고 서비스를 시작합니다.
root@CoreELEC:/# passwd root
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
root@CoreELEC:/# /etc/init.d/ssh start
* Starting OpenBSD Secure Shell server sshd [ OK ]
다른 서버에서 하기와 같이 연결이 가능합니다.
윈도우에서 mobaxterm 이나 xshell / putty 등을 사용하시면 편리합니다.
root@aml:~# ssh root@192.168.0.66 -p 22222
root@192.168.0.66's password:
Permission denied, please try again.
root@192.168.0.66's password:
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 4.9.113 aarch64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
This system has been minimized by removing packages and content that are
not required on a system that users do not log into.
To restore this content, you can run the 'unminimize' command.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
root@CoreELEC:~#
혹시 하기 부분은 팁인데, 키 인증을 하는 방식에 대한 설명입니다. 키를 추가하여 인증하는 방식이빈다.
(클라우드 서버 세팅할 때, git server 에 인증용으로 많이 활용하는 방법입니다.)
접속할 서버에서 키를 생성합니다.
그리고 ssh-copy-id 를 통해 CoreELEC 의 ssh 서버에 키를 등록합니다.
그 이후에는 키 인증을 하기 때문에 비밀번호를 물어보지 않게 됩니다.
root@aml:~# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /media/temp/id_rsa.
Your public key has been saved in /media/temp/id_rsa.pub.
The key fingerprint is:
SHA256:lUBCacO2mqHAhh64TBHpTs3BB7Khs0VuPz/IYO73uj8 root@aml
The key's randomart image is:
+---[RSA 2048]----+
| +=..oooo |
|.=+o .*. . . |
|B.B oo o o |
|+% +. . . |
|Oo+.o+ S |
|.*.oo+ |
| . o o |
| . . E. |
| ..o=o. |
+----[SHA256]-----+
root@aml:~# ssh-copy-id root@192.168.0.66 -p 22222
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.0.66's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p '22222' 'root@192.168.0.66'"
and check to make sure that only the key(s) you wanted were added.
root@aml:~# ssh root@192.168.0.66 -p 22222
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 4.9.113 aarch64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
This system has been minimized by removing packages and content that are
not required on a system that users do not log into.
To restore this content, you can run the 'unminimize' command.
Last login: Thu Sep 17 00:41:28 2020 from 192.168.0.17
root@CoreELEC:~#
한편, 계정이름과 포트까지 쓰기 싫으시면 하기와 같이 ~/.ssh/config 에 Host 와 Port / User 정보를 기입하시면 됩니다.
그럼 ssh 아이피 로 접근이 가능합니다.
root@aml:~# vim ~/.ssh/config
1 Host 192.168.0.66
2 Port 22222
3 User root
root@aml:~# ssh 192.168.0.66
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 4.9.113 aarch64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
This system has been minimized by removing packages and content that are
not required on a system that users do not log into.
To restore this content, you can run the 'unminimize' command.
Last login: Thu Sep 17 00:42:58 2020 from 192.168.0.17
root@CoreELEC:~#
6. 컨테이너 재시작 시 실행
기본적인 우분투 컨테이너 entry point 가 /bin/bash 입니다.
그렇기 때문에 /bin/bash 가 실행될 때, root 계정의 홈폴더의 .bashrc 를 읽게 됩니다.
거기에 시작할 서비스들을 기입하시면 간단하게 사용 가능합니다.
root@CoreELEC:~# vim ~/.bashrc
96 # sources /etc/bash.bashrc).
97 #if [ -f /etc/bash_completion ] && ! shopt -oq posix; then
98 # . /etc/bash_completion
99 #fi
100
101 # service run
102 /etc/init.d/ssh start
7. 마치며
오늘은 간단하게 여기까지 마치겠습니다.
감사합니다.
'서버 > 리눅스 서버' 카테고리의 다른 글
| Proxmox 설치 후 LVM 용량 조절하기 (0) | 2021.01.08 |
|---|---|
| Proxmox 설치 후기 (간단편) (2) | 2020.11.09 |
| 쉘 자동 완성 fuzzy finder (0) | 2020.08.30 |
| Beelink GT-MINI A / Armbian 블루투스 최적화 (HomeAssistant) (0) | 2020.08.22 |
| rclone crypt 마운트를 plexdrive 를 통해서 마운트 하기 (0) | 2020.08.13 |
댓글