CODEWITHSUNDEEP
sshdockercontainersibm-cloud
philemon33
philemon33

Reputation: 11

Unable to connect to an ibmnode:latest-based container with putty over ssh

I am unable to connect to a container in created. Here is the Dockerfile

FROM registry-ice.ng.bluemix.net/ibmnode:latest

COPY id_rsa.pub /root/.ssh/
RUN cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

RUN DEBIAN_FRONTEND=noninteractive apt-get -y install git && mkdir /vApp

COPY . vApp
RUN cd vApp && npm install -d --production

EXPOSE 3000 22
CMD ["node", "vApp/app.js"]

Here is the output of ice ps:

Container Id                         Name                   Group      Image                          Created      State    Private IP      Public IP       Ports

bbf72b72-6377-4c53-afdf-a133eed1872c toto                                                             May 28 17:31 Running  172.31.0.9      129.41.226.101  [3000, 22]

But impossible to SSH to the container. I can ping the container, but the connection is refused on port 22.

Thanks

Upvotes: 0

Views: 282

Answers (2)

esnible
esnible

Reputation: 360

I have been using supervisord to set up ssh access for my containers.

In my Dockerfile I do RUN mkdir -p /var/run/sshd ADD sshd.conf /etc/supervisor/conf.d/sshd.conf

ADD id_rsa.pub /root/.ssh/id_rsa.pub
RUN cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

# the line below is needed for SSH to work with ubuntu 14.04
RUN sed -i 's/session \+required \+pam_loginuid\.so/session optional pam_loginuid.so/' /etc/pam.d/sshd

EXPOSE 22

My sshd.conf reads

[program:sshd]
command=/usr/sbin/sshd -D

Upvotes: 0

Phil E
Phil E

Reputation: 1908

While the ibmnode image does have a ssh server installed, you have overridden the CMD entry in your Dockerfile to only start the Node.js application, which means that the sshd daemon is not running when you run your container. Note that if you docker inspect the ibmnode image you will find the current Cmd setting as:

"Cmd": [
    "/usr/bin/supervisord",
    "-n"
],

While it is strongly recommended to use docker exec to access containers, at this time the Bluemix Container service does not enable docker exec access to containers, so you are going to be stuck with solutions like using a supervisor to start both the ssh daemon and your Node.js application. This is trivially copied from others who have done the same, but reveals another reason why the core design of Docker is one process per container as it simplifies the container configuration and CMD/ENTRYPOINT setup.

Upvotes: 1

Related Questions