Docker 入门&常见错误解决

  • A+
所属分类:安全开发

Docker 入门&常见错误解决

Docker 入门&常见错误解决

沙漏安全团队

欢迎真正热爱技术的你!

Docker 是什么?

Docker 是一个开源的应用容器引擎,基于 Go 语言 并遵从 Apache2.0 协议开源。Docker 可以让开发者打包他们的应用以及依赖包到一个轻量级、可移植的容器中,然后发布到任何流行的 Linux 机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口(类似 iPhone 的 app),更重要的是容器性能开销极低。

Docker 安装

具体步骤参考=>Docker 文档 https://docs.docker.com/

(centOS 为例)=>官方 centOS 文档 https://docs.docker.com/engine/install/centos/

如果电脑上有旧的 Docker,需要卸载:

$ sudo yum remove docker                   docker-client                   docker-client-latest                   docker-common                   docker-latest                   docker-latest-logrotate                   docker-logrotate                   docker-selinux                   docker-engine-selinux                   docker-engine

下载安装

推荐使用存储库:

$ sudo yum install -y yum-utils$ sudo yum-config-manager     --add-repo     https://download.docker.com/linux/centos/docker-ce.repo

以上是官方存储库,比较慢,推荐使用以下镜像库:阿里云:

$ sudo yum-config-manager     --add-repo     http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

清华大学镜像库:

$ sudo yum-config-manager     --add-repo     https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo

安装 Docker 主体

$ sudo yum install docker-ce docker-ce-cli containerd.io

如果弹出询问,请同意

启动 Docker

$ sudo systemctl start docker

测试

运行以下指令来测试 Docker 是否安装成功:

$ sudo docker run hello-world

成功的显示:

Unable to find image 'hello-world:latest' locallylatest: Pulling from library/hello-world0e03bdcc26d7: Pull completeDigest: sha256:e7c70bb24b462baa86c102610182e3efcb12a04854e8c582838d92970a09f323Status: Downloaded newer image for hello-world:latestHello from Docker!This message shows that your installation appears to be working correctly.

Docker 镜像库

推荐:Docker 官方镜像库网站=>Docker Hub  https://hub.docker.com/

阿里云镜像仓库=>https://cr.console.aliyun.com/cn-beijing/instances/images

DaoCloud 道客网络=>DaoCloud 镜像市场  https://hub.daocloud.io/

Docker 启动、运行与关闭

以下均以部署 CTF 比赛/练习网站:h1ve 为例

如何找到你想要的镜像?

使用search可以以关键词搜索 例如:

docker search [关键词]docker search h1ve

得到结果:

[[email protected] ~]# docker search h1veNAME                   DESCRIPTION         STARS               OFFICIAL            AUTOMATEDd0g3/h1ve                                  0d0g3/h1ve-frp                              0d0g3/h1ve-nginx                            0lusky0706/h1ve                             0lusky0706/h1ve-nginx                       0lusky0706/h1ve-frp                         0

我们要找的就是第一条

拉取(下载)镜像

(如果慢,请换源)

docker pull [镜像名]docker pull d0g3/h1ve
[[email protected] ~]# docker pull d0g3/h1veUsing default tag: latestlatest: Pulling from d0g3/h1veaad63a933944: Pull completef229563217f5: Pull complete71ded8122394: Pull complete807d0888ee2e: Pull complete95206a02ba21: Pull complete0e9984f156f6: Pull complete7e21289905da: Pull completecd1f0e7794ba: Pull completeDigest: sha256:6b14a7429a8729640495af0416ad4988d0aae8ffa475deccd48af46e1fe617c5Status: Downloaded newer image for d0g3/h1ve:latestdocker.io/d0g3/h1ve:latest

使用容器(非 web 应用)

启动:

docker run -it [镜像名] [命令]

退出:

exit

查看所有容器:

docker ps -a

进入容器:

docker attach <容器id>

删除容器:

docker rm -f <容器id>

使用容器(web 应用)

以 h1ve 为例

1.克隆项目

git clone https://github.com/D0g3-Lab/H1ve.git

国内仓库地址:

git clone https://gitee.com/rdd_233/H1ve.git

2.进入目录

cd H1ve

3.运行

docker-compose -f single.yml up -d

报错解决方式

-bash: docker-compose: 未找到命令

-bash: docker-compose: 未找到命令

安装 docker-compose

pip install docker-compose

等待安装完成显示下列提示及安装成功:

pyrsistent requires Python '>=3.5' but the running Python is 2.7.5

pyrsistent requires Python '>=3.5' but the running Python is 2.7.5You are using pip version 9.0.1, however version 20.3.1 is available.You should consider upgrading via the 'pip install --upgrade pip' command.
pip install --upgrade pip

ERROR: Package 'pyrsistent' requires a different Python: 2.7.5 not in '>=3.5'

ERROR: Package 'pyrsistent' requires a different Python: 2.7.5 not in '>=3.5'

查看版本:

pip install pyrsistent==?

更新 pyrsistent:

pip install pyrsistent==0.15.0

Python 2.7 reached the end of its life on January 1st

DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.

1.安装编译环境:

yum install gcc-c++ gcc make cmake zlib-devel bzip2-devel openssl-devel ncurse-devel libffi-devel -y

2.进入目录:

cd /tmp

3.下载 python3.7.3 安装包:

wget https://www.python.org/ftp/python/3.7.3/Python-3.7.3.tar.xz

4.解压:

tar Jxvf Python-3.7.3.tar.xz

5.进入目录:

cd Python-3.7.3

6.创建目录:

mkdir -p /usr/local/python3

7.配置:

./configure --prefix=/usr/local/python3 --enable-optimizations

8.安装:

make && make install

9.创建链接

ln -s /usr/local/python3/bin/python3.7 /usr/bin/pythonln -s /usr/local/python3/bin/pip3 /usr/bin/pip

10.查看是否修改成功

python -v

出现以下即为成功(在一大段文字中间)(时间为当前时间):

Python 3.7.3 (default, Dec  5 2020, 11:48:33)[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linuxType "help", "copyright", "credits" or "license" for more information.

11.修改 yum

修改这几个:

vim /usr/bin/yumvim /usr/libexec/urlgrabber-ext-downvim /usr/sbin/firewalldvim /usr/bin/firewall-cmd

修改这几个文件(vim 编辑方式见=>https://blog.csdn.net/u013083918/article/details/80853936) 将头部改为

#!/usr/bin/python2.7

归档文件中异常的 EOF

tar:归档文件中异常的 EOF

重新下载压缩包,或更换其他版本

ERROR: Command errored out with exit status 1:

 ERROR: Command errored out with exit status 1:跟一大段红...
yum install gcc libffi-devel python-devel openssl-devel -y

ReadTimeoutError: HTTPSConnectionPool(host='pypi.python.org', port=443): Read timed out

ReadTimeoutError: HTTPSConnectionPool(host='pypi.python.org', port=443): Read timed out
pip --default-timeout=200 install -U docker-compose

....python2.7......

类似这样:

/usr/lib/python2.7/site-packages/paramiko/transport.py:33: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in a future release.  from cryptography.hazmat.backends import default_backendTraceback (most recent call last):  File "/usr/bin/docker-compose", line 5, in <module>    from compose.cli.main import main  File "/usr/lib/python2.7/site-packages/compose/cli/main.py", line 24, in <module>    from ..config import ConfigurationError  File "/usr/lib/python2.7/site-packages/compose/config/__init__.py", line 6, in <module>    from .config import ConfigurationError  File "/usr/lib/python2.7/site-packages/compose/config/config.py", line 51, in <module>    from .validation import match_named_volumes  File "/usr/lib/python2.7/site-packages/compose/config/validation.py", line 12, in <module>    from jsonschema import Draft4Validator  File "/usr/lib/python2.7/site-packages/jsonschema/__init__.py", line 33, in <module>    import importlib_metadata as metadata  File "/usr/lib/python2.7/site-packages/importlib_metadata/__init__.py", line 16, in <module>    from ._compat import (  File "/usr/lib/python2.7/site-packages/importlib_metadata/_compat.py", line 20, in <module>    from backports.configparser import ConfigParserImportError: No module named configparser

解决方法:列出所有 docker 包

pip list|grep docker
docker                             4.4.0docker-compose                     1.26.2dockerpty                          0.4.1

卸载这些包

pip uninstall <包名>

重新安装:

pip install docker-compose==1.23.2 -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com

参考博客:

一次 docker-compose 升级问题排查
https://blog.51cto.com/wutengfei/2395919
搭建 H1ve-ctfd 以及如何部署题目
https://blog.csdn.net/qq_43431158/article/details/104507751
CTF 靶场搭建-H1ve
https://my.oschina.net/u/3076320/blog/4490420

Docker 入门&常见错误解决
Docker 入门&常见错误解决

平顶山学院· 沙漏安全团队

       微信号|SLteam666

奋发努力|拼搏向上

   本期编辑|bosounho

本文始发于微信公众号(网络安全攻防训练营):Docker 入门&常见错误解决

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: