一、基于commit命令方式创建

1. docker的安装

[root@test01 ~]# yum install docker
[root@test01 ~]# systemctl enable docker
[root@test01 ~]# systemctl start docker

2. 下载本地镜像
   使用docker run命令时，Docker会自动的先查找本地的镜像，如果没有找到，会继续向docker hub上查找并下载。我习惯先下载下来
   docker pull centos 默认本系统版本的最新版，如果指定版本，加上冒号和版本号

[root@test01 ~]# docker pull centos:7.4.1708
[root@test01 ~]# docker images 
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
docker.io/centos    7.4.1708            3afd47092a0e        3 months ago        196.6 MB

3. 创建交互型容器

[root@test01 ~]# docker run -it --name="ssh_server" centos:7.4.1708 /bin/bash
[root@ffe61e183a6c /]#

4. 安装必要的服务
   通过yum安装，检查yum源配置是否正确，centos7的默认和主机的一样
   yum install openssh-server 安装ssh服务程序
   yum install net-tools 安装网络工具，用来查看端口，可不安装

[root@ffe61e183a6c /]# yum install openssh-server net-tools

5. 配置sshserver服务
   使用ssh-keygen生成必要的密钥

[root@ffe61e183a6c /]# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
[root@ffe61e183a6c /]# ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
[root@ffe61e183a6c /]# ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key

6. 启动ssh服务器，并查看是否启动成功
   /usr/sbin/sshd -D &
   此处的-D参数用于告诉SSH服务不以守护进程运行，而是和运行终端关联，有了运行终端，容器就不会退出

[root@ffe61e183a6c /]# /usr/sbin/sshd -D &
[1] 82
[root@ffe61e183a6c /]# netstat -tunpla
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      82/sshd             
tcp6       0      0 :::22                   :::*                    LISTEN      82/sshd
[root@ffe61e183a6c /]# pkill sshd

7. 编写SSH运行脚本
   至此，我们可以证实ssh服务启动没有问题，接下来我们编写启动脚本，用于启动容器的时候运行，因为容器启动时只能运行一个命令，一般这个命令用来启动脚本

[root@ffe61e183a6c ~]# cat run.sh 
#!/bin/bash
/usr/sbin/sshd -D
[root@ffe61e183a6c ~]# chmod 775 run.sh

8. 提交生成的镜像
   使用docker commit将刚才的容器提交为一个新的镜像

[root@ffe61e183a6c ~]# exit
exit
[root@test01 ~]# 
[root@test01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
ffe61e183a6c        centos:7.4.1708     "/bin/bash"         19 minutes ago      Exited (0) 8 seconds ago                       ssh_server
[root@test01 ~]# docker commit ffe61e183a6c ssh:commit
sha256:be55c135e6141481aff3218b7a269b27d8f0faa295ed244849bf8ccf7ad1c7b1

[root@test01 ~]# docker images 
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
ssh                 commit              be55c135e614        11 seconds ago      296.5 MB
docker.io/centos    7.4.1708            3afd47092a0e        3 months ago        196.6 MB

9. 启动镜像

[root@test01 ~]# docker run -d -p 2022:22 ssh:commit /root/run.sh
6d5628a2a336bc302fa45baf6e6a1d5ade2f6dd42a4697553c6e3dda1a0a3226
[root@test01 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                  NAMES
6d5628a2a336        ssh:commit          "/root/run.sh"      8 seconds ago       Up 6 seconds        0.0.0.0:2022->22/tcp   prickly_bell

10. 补漏
    刚才忘记给docker镜像设置密码了，这次需要给设置一下密码

[root@test01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
6d5628a2a336        ssh:commit          "/root/run.sh"      6 minutes ago       Exited (137) 4 minutes ago                       prickly_bell
ffe61e183a6c        centos:7.4.1708     "/bin/bash"         29 minutes ago      Exited (0) 9 minutes ago                         ssh_server

[root@test01 ~]# docker run -it ssh:commit /bin/bash
[root@0204e7257a24 /]# passwd root
Changing password for user root.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.

[root@0204e7257a24 /]# exit
exit
[root@test01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
0204e7257a24        ssh:commit          "/bin/bash"         29 seconds ago      Exited (0) 4 seconds ago                         trusting_borg
6d5628a2a336        ssh:commit          "/root/run.sh"      9 minutes ago       Exited (137) 7 minutes ago                       prickly_bell
ffe61e183a6c        centos:7.4.1708     "/bin/bash"         32 minutes ago      Exited (0) 12 minutes ago                        ssh_server

[root@test01 ~]# docker commit 0204e7257a24 ssh02:commit
sha256:b92a3cde4c9162cf12ac9cf61a61ce0332d3755b7708e4037c4df09b4e794177

11. 再次启动需改后的镜像

[root@test01 ~]# docker run -d -p 2022:22 ssh02:commit /root/run.sh
357ed4074c5d7f1ec1fe0df6af9c9a3162c70fa5624f7742bf59f309d9842247

12. 验证是否成功

[root@test01 ~]# ssh root@192.168.1.60 -p2022
root@192.168.1.60's password: 
[root@357ed4074c5d ~]# exit
[root@test01 ~]# docker stop 357ed4074c5d

二、基于Dockerfile方式创建

1. 准备文件
   创建一个存放生成镜像相关文件的目录
   该目录下需要创建2个文件：Dockerfile、run.sh。Dockerfile用于构建镜像，run.sh是启动SSH服务的脚本

mkdir ssh_dockerfile && cd ssh_dockerfile

2. 编写Dockerfile、run.sh

[root@test01 ssh_dockerfile]# cat Dockerfile 
#使用的基础镜像
FROM centos:7.4.1708

#添加作者信息
MAINTAINER liuxin 842887233@qq.com

#安装SSH服务
RUN yum install -y openssh-server

#添加必要的密钥
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
RUN ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key

#添加启动文件
ADD run.sh /root/run.sh
RUN chmod 775 /root/run.sh

#导出端口
EXPOSE 22

#设置默认启动命令
CMD ["/root/run.sh"]

[root@test01 ssh_dockerfile]# cat run.sh 
#!/bin/bash
/usr/sbin/sshd -D

3. 创建镜像

[root@test01 ssh_dockerfile]# docker build ./
Sending build context to Docker daemon 3.072 kB
Step 1 : FROM centos:7.4.1708
 ---> 3afd47092a0e
Step 2 : MAINTAINER liuxin 842887233@qq.com
 ---> Using cache
 ---> bd64810df0bc
Step 3 : RUN yum install -y openssh-server
 ---> Using cache
 ---> 5dc6301a0304
Step 4 : RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
 ---> Using cache
 ---> 0ce92e5baa9f
Step 5 : RUN ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
 ---> Using cache
 ---> fcb2bcf78ea0
Step 6 : RUN ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
 ---> Using cache
 ---> 7eae01e47ee2
Step 7 : ADD run.sh /root/run.sh
 ---> 4d07a723ffcf
Removing intermediate container 0b137a9274be
Step 8 : RUN chmod 775 /root/run.sh
 ---> Running in 1d5a9524da86
 ---> 324868eb5780
Removing intermediate container 1d5a9524da86
Step 9 : EXPOSE 22
 ---> Running in ada62bb87978
 ---> a0b3df156e21
Removing intermediate container ada62bb87978
Step 10 : CMD /root/run.sh
 ---> Running in 4f5031577ff4
 ---> 8679c00088ef
Removing intermediate container 4f5031577ff4
Successfully built 8679c00088ef

[root@test01 ssh_dockerfile]# docker images 
REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
<none>              <none>              8679c00088ef        About a minute ago   295.9 MB
ssh02               commit              b92a3cde4c91        55 minutes ago       296.5 MB
ssh                 commit              be55c135e614        About an hour ago    296.5 MB
docker.io/centos    7.4.1708            3afd47092a0e        3 months ago         196.6 MB

4. 运行镜像

[root@test01 ssh_dockerfile]# docker run -d -p 2022:22 8679c00088ef
e73a441afc8df35f42a30974c8697278fe6d35c1ac711d13ec817e74ffbf4008
[root@test01 ssh_dockerfile]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                  NAMES
e73a441afc8d        8679c00088ef        "/root/run.sh"      14 seconds ago      Up 12 seconds       0.0.0.0:2022->22/tcp   fervent_yonath

5. 遗漏
   又忘记设密码了，有兴趣的朋友自行更改吧