docker配備vsftpd
文書ディレクトリまとめ 実行コマンド インストール.7 zファイルの解凍と圧縮 ダウンロードアップロードftpコマンド FTP接続 を閉じる.ステータスコード FTPコマンド サービス運行メンテナンス 全体ステップ ユーザを作成し、対応する権限を付与する .問題発生 まとめ
vsftpdの導入は実行コマンドを見るだけでいいです.他はftpに関する知識を自分で記録しています.
コマンドの実行
インストール.7 zファイルの解凍と圧縮
#解釈は以下の通りです:xは解凍ファイルを表し、元のディレクトリで解凍します(パラメータeも解凍ファイルですが、自分の元のフォルダの下ではなく、すべてのファイルをルートの下に解凍します).manager.7 zは圧縮ファイルです.ここでは自分のファイルに変更します.現在のディレクトリの下に完全なディレクトリ-rを持たないと、すべてのサブフォルダ-oが解凍されたディレクトリであることを示します.ここで、-oの後にスペースがないことに注意してください.aはファイル/フォルダを圧縮パッケージに追加します.tは圧縮タイプを指定します.一般的に私たちは7 z-rとしてすべてのサブフォルダを再帰します.manager.7 zは圧縮後の圧縮パッケージ名、/home/manager/*は圧縮するディレクトリ、*はそのディレクトリの下にあるすべてのファイルを表します.
ダウンロードアップロードftpコマンド
FTP接続を閉じる
ステータスコード
FTPコマンド
サービス運行維持
全体的な手順
ユーザーを作成し、適切な権限を付与
問題にぶつかる
vsftp.confで構成し、次の行を追加します.
次にvuser_を作成しますconfフォルダ、ユーザー名でユーザー構成を作成する
操作に従って
reference:https://segmentfault.com/a/1190000008161400#articleHeader14
vsftpdの導入は実行コマンドを見るだけでいいです.他はftpに関する知識を自分で記録しています.
コマンドの実行
docker pull fauria/vsftpd
docker run -d -v /data/ftp:/home/vsftpd \
-p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
-e FTP_USER=ftp_stu -e FTP_PASS=student \
-e PASV_ADDRESS=10.36.31.161 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \
--name vsftpd --restart=always fauria/vsftpd
インストール.7 zファイルの解凍と圧縮
sudo apt install p7zip-full
7z x manager.7z -r -o /home/xx
7z a -t7z -r manager.7z /home/manager/*
#解釈は以下の通りです:xは解凍ファイルを表し、元のディレクトリで解凍します(パラメータeも解凍ファイルですが、自分の元のフォルダの下ではなく、すべてのファイルをルートの下に解凍します).manager.7 zは圧縮ファイルです.ここでは自分のファイルに変更します.現在のディレクトリの下に完全なディレクトリ-rを持たないと、すべてのサブフォルダ-oが解凍されたディレクトリであることを示します.ここで、-oの後にスペースがないことに注意してください.aはファイル/フォルダを圧縮パッケージに追加します.tは圧縮タイプを指定します.一般的に私たちは7 z-rとしてすべてのサブフォルダを再帰します.manager.7 zは圧縮後の圧縮パッケージ名、/home/manager/*は圧縮するディレクトリ、*はそのディレクトリの下にあるすべてのファイルを表します.
ダウンロードアップロードftpコマンド
ftp> get readme.txt # readme.txt
ftp> mget *.txt #
ftp> put /path/readme.txt # readme.txt
ftp> mput *.txt #
FTP接続を閉じる
bye
exit
quit
ステータスコード
230 -
200 -
150 - ,
250 -
226 - ,
FTPコマンド
ftp> ascii # ASCII ( )
ftp> bell # , .
ftp> binary # .
ftp> bye # FTP , FTP .
ftp> case # ON , MGET , .
ftp> cd # UNIX CD .
ftp> cdup # .
ftp> chmod # .
ftp> close # FTP , FTP , .
ftp> delete # .
ftp> dir [remote-directory] [local-file] # . , .
ftp> get [remote-file] [local-file] # .
ftp> help [command] # .
ftp> lcd # , , HOME .
ftp> ls [remote-directory] [local-file] # DIR.
ftp> macdef # .
ftp> mdelete [remote-files] # .
ftp> mget [remote-files] # .
ftp> mkdir directory-name # .
ftp> mput local-files # .
ftp> open host [port] # .
ftp> prompt # .
ftp> put local-file [remote-file] # .
ftp> pwd # .
ftp> quit # BYE.
ftp> recv remote-file [local-file] # GET.
ftp> rename [from] [to] # .
ftp> rmdir directory-name # .
ftp> send local-file [remote-file] # PUT.
ftp> status # FTP .
ftp> system # .
ftp> user user-name [password] [account] # .
ftp> ? [command] # HELP. [command] 。 command,ftp 。
ftp> ! # ftp 。
サービス運行維持
systemctl restart vsftpd.service #
systemctl start vsftpd.service #
systemctl status vsftpd.service #
全体的な手順
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \
> -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
> -e FTP_USER=ftp_stu -e FTP_PASS=student \
> -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \
> --name vsftpd --restart=always fauria/vsftpd
ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d
/usr/bin/docker-current: Error response from daemon: driver failed programming external connectivity on endpoint vsftpd (7f753629aae087e3ec1548483bd92ca11dcafb97e7fb8ca07c491361285721e1): Erre.
[root@ieat1 vsftpd]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-dns-5-3a54b7e3
19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healthcheck-healthcheck-5-bdacdf26
e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-5-944c46f4
ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-network-manager-5-ae860036
7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec-cni-driver-5-64a39019
d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher-agent
[root@ieat1 vsftpd]# netstat -tanlp # root ,+ sudo , 。
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 2407/dnsmasq
tcp 0 0 127.0.0.1:5941 0.0.0.0:* LISTEN 1565/teamviewerd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1352/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1350/cupsd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1637/master
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 20508/sshd: root@pt
tcp 0 0 172.17.0.1:45224 169.254.169.250:80 TIME_WAIT -
tcp 0 0 172.17.0.1:45222 169.254.169.250:80 TIME_WAIT -
tcp 0 0 172.17.0.1:45270 169.254.169.250:80 ESTABLISHED 18164/plugin-manage
tcp 0 0 172.17.0.1:45242 169.254.169.250:80 ESTABLISHED 18164/plugin-manage
tcp 0 0 10.36.31.161:44288 10.36.31.164:8080 ESTABLISHED 16874/agent
tcp 0 0 172.17.0.1:45206 169.254.169.250:80 TIME_WAIT -
tcp 0 0 172.17.0.1:45168 169.254.169.250:80 TIME_WAIT -
tcp 0 0 10.36.31.161:57250 217.146.11.102:80 ESTABLISHED 1565/teamviewerd
tcp 0 0 172.17.0.1:45160 169.254.169.250:80 TIME_WAIT -
tcp 0 0 172.17.0.1:45240 169.254.169.250:80 ESTABLISHED 18164/plugin-manage
tcp 0 0 10.36.31.161:44286 10.36.31.164:8080 ESTABLISHED 16874/agent
tcp 0 0 172.17.0.1:45238 169.254.169.250:80 FIN_WAIT2 -
tcp 0 0 172.17.0.1:45234 169.254.169.250:80 TIME_WAIT -
tcp 0 264 10.36.31.161:22 202.196.41.207:8864 ESTABLISHED 20508/sshd: root@pt
tcp 0 0 172.17.0.1:45278 169.254.169.250:80 ESTABLISHED 18164/plugin-manage
tcp 0 0 172.17.0.1:45260 169.254.169.250:80 FIN_WAIT2 -
tcp 0 0 10.36.31.161:39916 10.36.31.164:8080 ESTABLISHED 16874/agent
tcp 0 0 172.17.0.1:45236 169.254.169.250:80 TIME_WAIT -
tcp 0 0 10.36.31.161:57252 217.146.11.102:80 ESTABLISHED 1565/teamviewerd
tcp 0 0 172.17.0.1:45280 169.254.169.250:80 ESTABLISHED 18164/plugin-manage
tcp 0 0 172.17.0.1:45258 169.254.169.250:80 FIN_WAIT2 -
tcp 0 0 172.17.0.1:45244 169.254.169.250:80 TIME_WAIT -
tcp 0 0 172.17.0.1:45246 169.254.169.250:80 FIN_WAIT2 -
tcp 0 0 172.17.0.1:45144 169.254.169.250:80 TIME_WAIT -
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::21 :::* LISTEN 20665/vsftpd
tcp6 0 0 :::22 :::* LISTEN 1352/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1350/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1637/master
tcp6 0 0 ::1:6010 :::* LISTEN 20508/sshd: root@pt
[root@ieat1 vsftpd]# kill 20665
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd -p 20:20 -p 21:21 -p 21100-21110:21100-21110 -e FTP_USER=ftp_stu -e FTP_PASS=student -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=2
/usr/bin/docker-current: Error response from daemon: Conflict. The container name "/vsftpd" is already in use by container ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d. Yo
See '/usr/bin/docker-current run --help'.
[root@ieat1 vsftpd]# docker ls
docker: 'ls' is not a docker command.
See 'docker --help'
[root@ieat1 vsftpd]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-dns-5-3a54b7e3
19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healthcheck-healthcheck-5-bdacdf26
e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-5-944c46f4
ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-network-manager-5-ae860036
7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec-cni-driver-5-64a39019
d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher-agent
[root@ieat1 vsftpd]# docker remove ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d
docker: 'remove' is not a docker command.
See 'docker --help'
[root@ieat1 vsftpd]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae36a80acf21 fauria/vsftpd "/usr/sbin/run-vsf..." 8 minutes ago Created vsftpd
[root@ieat1 vsftpd]# docker rm ae36a80acf21
ae36a80acf21
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd -p 20:20 -p 21:21 -p 21100-21110:21100-21110 -e FTP_USER=ftp_stu -e FTP_PASS=student -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=2
65a2f82d86e83310c8b1117973a1e67dab16f1adcb8ef0473b0db264204e577e
[root@ieat1 vsftpd]# ll
48
-rw-r--r-- 1 root root 18 8 3 14:47 chroot_list
-rw------- 1 root root 125 10 31 2018 ftpusers
-rw------- 1 root root 361 10 31 2018 user_list
-rw-r--r-- 1 root root 162 8 3 19:02 vsftpd.conf
-rw------- 1 root root 5116 8 3 14:39 vsftpd.conf.bak
-rwxr--r-- 1 root root 338 10 31 2018 vsftpd_conf_migrate.sh
-rw-r--r-- 1 root root 628 8 3 14:41 vsftpd.conf.rpmsave
drwxr-xr-x 2 root root 38 8 3 14:51 vuser_conf
-rw------- 1 root root 12288 8 3 14:45 vuser_passwd.db
-rw-r--r-- 1 root root 32 8 3 14:44 vuser_passwd.txt
[root@ieat1 vsftpd]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
65a2f82d86e8 fauria/vsftpd "/usr/sbin/run-vsf..." 4 minutes ago Up 4 minutes 0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp vsftpd
abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healt
e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec
d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher
[root@ieat1 vsftpd]# docker exec 65a2f82d86e8
"docker exec" requires at least 2 argument(s).
See 'docker exec --help'.
Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
Run a command in a running container
[root@ieat1 vsftpd]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
65a2f82d86e8 fauria/vsftpd "/usr/sbin/run-vsf..." 5 minutes ago Up 5 minutes 0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp vsftpd
abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healt
e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec
d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher
[root@ieat1 vsftpd]# systemclt status firewalld.service
bash: systemclt: ...
: 'systemctl'
[root@ieat1 vsftpd]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since 2019-08-03 12:41:08 CST; 9h ago
Docs: man:firewalld(1)
Main PID: 963 (code=exited, status=0/SUCCESS)
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables:
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name.
8 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@ieat1 vsftpd]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since 2019-08-03 12:41:08 CST; 9h ago
Docs: man:firewalld(1)
Main PID: 963 (code=exited, status=0/SUCCESS)
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables:
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name.
8 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@ieat1 vsftpd]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since 2019-08-03 12:41:08 CST; 9h ago
Docs: man:firewalld(1)
Main PID: 963 (code=exited, status=0/SUCCESS)
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables:
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name.
8 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@ieat1 vsftpd]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since 2019-08-03 12:41:08 CST; 9h ago
Docs: man:firewalld(1)
Main PID: 963 (code=exited, status=0/SUCCESS)
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables:
8 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name.
8 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon...
8 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@ieat1 vsftpd]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
65a2f82d86e8 fauria/vsftpd "/usr/sbin/run-vsf..." 13 minutes ago Up 13 minutes 0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp vsftpd
abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healt
e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo
7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec
d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher
[root@ieat1 vsftpd]# docker stop 65a2f82d86e8
65a2f82d86e8
[root@ieat1 vsftpd]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-dns-5-3a54b7e3
19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healthcheck-healthcheck-5-bdacdf26
e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-5-944c46f4
ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-network-manager-5-ae860036
7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec-cni-driver-5-64a39019
d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher-agent
[root@ieat1 vsftpd]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest 98ebf73aba75 2 weeks ago 109 MB
docker.io/mysql latest de764ad211de 2 weeks ago 443 MB
docker.io/redis latest 598a6f110d01 3 weeks ago 118 MB
docker.io/fauria/vsftpd latest 4900fef1a627 3 months ago 261 MB
docker.io/rancher/agent v1.2.11 1cc7591af4f5 12 months ago 243 MB
docker.io/rancher/net v0.13.17 f170c38e3763 12 months ago 311 MB
docker.io/rancher/dns v0.17.4 678bde0de4d2 12 months ago 249 MB
docker.io/rancher/healthcheck v0.3.8 ce78cf69cc0b 13 months ago 391 MB
docker.io/rancher/metadata v0.10.4 02104eb6e270 13 months ago 251 MB
docker.io/rancher/network-manager v0.7.22 13381626c510 13 months ago 256 MB
docker.io/rancher/net holder 665d9f6e8cc1 2 years ago 267 MB
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \
> -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
> -e FTP_USER=ftp_stu -e FTP_PASS=student \
> -e PASV_ADDRESS=10.36.31.161 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \
> --name vsftpd --restart=always fauria/vsftpd
/usr/bin/docker-current: Error response from daemon: Conflict. The container name "/vsftpd" is already in use by container 65a2f82d86e83310c8b1117973a1e67dab16f1adcb8ef0473b0db264204e577e. Yo
See '/usr/bin/docker-current run --help'.
[root@ieat1 vsftpd]# docler images ls
bash: docler: ...
[root@ieat1 vsftpd]# docker sl
docker: 'sl' is not a docker command.
See 'docker --help'
[root@ieat1 vsftpd]# docker ls
docker: 'ls' is not a docker command.
See 'docker --help'
[root@ieat1 vsftpd]# docker ls -a
unknown shorthand flag: 'a' in -a
See 'docker --help'.
Usage: docker COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-D, --debug Enable debug mode
--help Print usage
-H, --host list Daemon socket(s) to connect to (default [])
-l, --log-level string Set the logging level ("debug", "info", "warn", "error", "fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
checkpoint Manage checkpoints
container Manage containers
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
volume Manage volumes
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
deploy Deploy a new stack or update an existing stack
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
[root@ieat1 vsftpd]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
65a2f82d86e8 fauria/vsftpd "/usr/sbin/run-vsf..." 18 minutes ago Exited (137) 3 minutes ago vsftpd
[root@ieat1 vsftpd]# docker rm 65a2f82d86e8
65a2f82d86e8
[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \
> -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \
> -e FTP_USER=ftp_stu -e FTP_PASS=student \
> -e PASV_ADDRESS=10.36.31.161 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \
> --name vsftpd --restart=always fauria/vsftpd
3d785f39c0f3ca6002a5e07b9d818d796e5ebc026643ab54bc7af9dddc82f93b
[root@ieat1 vsftpd]#
ユーザーを作成し、適切な権限を付与
問題にぶつかる
vsftp.confで構成し、次の行を追加します.
user_config_dir=/etc/vsftpd/vuser_conf
次にvuser_を作成しますconfフォルダ、ユーザー名でユーザー構成を作成する
[root@ieat1 vuser_conf ]# cat ftp_admin
ocal_root=/data/ftp # , docker
write_enable=YES
anon_umask=022
anon_world_readable_only=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
操作に従って
[root@3d785f39c0f3 vsftpd]# cat virtual_users.txt
ftp_stu
student
[root@3d785f39c0f3 vsftpd]# vi virtual_users..txt
[root@3d785f39c0f3 vsftpd]# vi virtual_users.txt
[root@3d785f39c0f3 vsftpd]# cat virtual_users.txt
ftp_stu
student
ftp_admin
admin
[root@3d785f39c0f3 vsftpd]# /usr/bin/db_load -T -t hash -f /etc/vsftpd/virtual_users.txt /etc/vsftpd/virtual_users.db
[root@3d785f39c0f3 vsftpd]# exit
exit
[root@ieat1 ~]# docker restart vsftpd
vsftpd
[root@ieat1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3d785f39c0f3 fauria/vsftpd "/usr/sbin/run-vsf..." 13 hours ago Up 19 seconds 0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp vsftpd
abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 23 hours ago Up 17 hours r-network-services-metadata-dns-5-3a54b7e3
19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 23 hours ago Up 17 hours r-healthcheck-healthcheck-5-bdacdf26
e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 23 hours ago Up 17 hours r-network-services-metadata-5-944c46f4
ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 23 hours ago Up 17 hours r-network-services-network-manager-5-ae860036
7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 23 hours ago Up 17 hours r-ipsec-cni-driver-5-64a39019
d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 17 hours rancher-agent
[root@ieat1 ~]# docker exec -it 3d785f39c0f3 /bin/bash
reference:https://segmentfault.com/a/1190000008161400#articleHeader14