libvirt管理のネットワークを固定ipにするためのhostタグを第3オクテットを指定して作ってみた話

まえがき

awk便利だよなー

def_ip.awk

コード表示

[root@centos vx]# cat def_ip.awk
{
  gsub(/[^ ]+/,"\x5c\x27&\x5c\x27");
  print "<host mac="$2" name="$1" ip=\x5c\x27""192.168."third_octet"."NR+1"\x5c\x27""/>"
}

split_@ファイル

グルーピング後のファイルを対象に実行してみるよ

コード表示

[root@centos vx]# ll split*
-rw-r--r--. 1 root root 48  6月  2 15:32 split_0
-rw-r--r--. 1 root root 48  6月  2 15:32 split_1
-rw-r--r--. 1 root root 48  6月  2 15:32 split_2
[root@centos vx]# seq 0 2 | xargs -t -I@ bash -c 'cat split_@'
bash -c cat split_0 
node1 52:54:00:5d:4a:3f
node2 52:54:00:dc:5b:1b
bash -c cat split_1 
node3 52:54:00:77:33:99
node4 52:54:00:61:72:67
bash -c cat split_2 
node5 52:54:00:88:c2:54
node6 52:54:00:a8:bc:df

実行

第3オクテット100の時と、200の時で実行してみるよ。シングルクォートはエスケープしておく。後続処理のため。

コード表示

[root@centos vx]# seq 0 2 | xargs -I@ bash -c 'gawk -v "third_octet=$((@+100))" -f def_ip.awk split_@'
<host mac=\'52:54:00:5d:4a:3f\' name=\'node1\' ip=\'192.168.100.2\'/>
<host mac=\'52:54:00:dc:5b:1b\' name=\'node2\' ip=\'192.168.100.3\'/>
<host mac=\'52:54:00:77:33:99\' name=\'node3\' ip=\'192.168.101.2\'/>
<host mac=\'52:54:00:61:72:67\' name=\'node4\' ip=\'192.168.101.3\'/>
<host mac=\'52:54:00:88:c2:54\' name=\'node5\' ip=\'192.168.102.2\'/>
<host mac=\'52:54:00:a8:bc:df\' name=\'node6\' ip=\'192.168.102.3\'/>
[root@centos vx]# seq 0 2 | xargs -I@ bash -c 'gawk -v "third_octet=$((@+200))" -f def_ip.awk split_@'
<host mac=\'52:54:00:5d:4a:3f\' name=\'node1\' ip=\'192.168.200.2\'/>
<host mac=\'52:54:00:dc:5b:1b\' name=\'node2\' ip=\'192.168.200.3\'/>
<host mac=\'52:54:00:77:33:99\' name=\'node3\' ip=\'192.168.201.2\'/>
<host mac=\'52:54:00:61:72:67\' name=\'node4\' ip=\'192.168.201.3\'/>
<host mac=\'52:54:00:88:c2:54\' name=\'node5\' ip=\'192.168.202.2\'/>
<host mac=\'52:54:00:a8:bc:df\' name=\'node6\' ip=\'192.168.202.3\'/>
[root@centos vx]# seq 0 2 | xargs -I@ bash -c 'gawk -v "third_octet=$((@+100))" -f def_ip.awk split_@ >def_host_tag_$((@+100))'
[root@centos vx]# ll def_host*
-rw-r--r--. 1 root root 140  6月  2 15:54 def_host_tag_100
-rw-r--r--. 1 root root 140  6月  2 15:54 def_host_tag_101
-rw-r--r--. 1 root root 140  6月  2 15:54 def_host_tag_102
[root@centos vx]# seq 0 2 | xargs -t -I@ bash -c 'cat def_host_tag_$((@+100))'
bash -c cat def_host_tag_$((0+100)) 
<host mac=\'52:54:00:5d:4a:3f\' name=\'node1\' ip=\'192.168.100.2\'/>
<host mac=\'52:54:00:dc:5b:1b\' name=\'node2\' ip=\'192.168.100.3\'/>
bash -c cat def_host_tag_$((1+100)) 
<host mac=\'52:54:00:77:33:99\' name=\'node3\' ip=\'192.168.101.2\'/>
<host mac=\'52:54:00:61:72:67\' name=\'node4\' ip=\'192.168.101.3\'/>
bash -c cat def_host_tag_$((2+100)) 
<host mac=\'52:54:00:88:c2:54\' name=\'node5\' ip=\'192.168.102.2\'/>
<host mac=\'52:54:00:a8:bc:df\' name=\'node6\' ip=\'192.168.102.3\'/>

あとがき

いいかんじだぁ

ファイルをグルーピングして分割する話

まえがき

awk便利だよな

参考文献

クロス集計をBash(とawk)だけで実装した話  

grp.sh

コード表示

[root@centos vx]# cat grp.sh
#!/bin/bash
grp(){
  RN=$1
  GRP=$2
  while read line;do
     echo ${line} | sed -e s/GRP/${GRP}/ | bash;
  done < <(seq ${RN} | xargs -I@ bash -c 'echo echo $\(\(@%GRP\)\)') | sort >grp
}

grp $1 $2

6行を3等分

コード表示

[root@centos vx]# ./grp.sh 6 3
[root@centos vx]# cat grp
0
0
1
1
2
2

対象ファイルをgrpに従い分割

対象ファイルはvminfo。$1でグルーピング単位を指定できるらしい。便利!

コード表示

[root@centos vx]# paste -d ' ' grp vminfo | awk '{print>"split_"$1}'
[root@centos vx]# ll split*
-rw-r--r--. 1 root root 52  6月  2 15:21 split_0
-rw-r--r--. 1 root root 52  6月  2 15:21 split_1
-rw-r--r--. 1 root root 52  6月  2 15:21 split_2
[root@centos vx]# cat vminfo
node1 52:54:00:5d:4a:3f
node2 52:54:00:dc:5b:1b
node3 52:54:00:77:33:99
node4 52:54:00:61:72:67
node5 52:54:00:88:c2:54
node6 52:54:00:a8:bc:df
[root@centos vx]# seq 0 2 | xargs -t -I@ bash -c 'cat split_@'
bash -c cat split_0 
0 node1 52:54:00:5d:4a:3f
0 node2 52:54:00:dc:5b:1b
bash -c cat split_1 
1 node3 52:54:00:77:33:99
1 node4 52:54:00:61:72:67
bash -c cat split_2 
2 node5 52:54:00:88:c2:54
2 node6 52:54:00:a8:bc:df
[root@centos vx]# seq 0 2 | xargs -t -I@ bash -c 'cat split_@' | awk '{print $2" "$3>"split_"$1}'
[root@centos vx]# seq 0 2 | xargs -t -I@ bash -c 'cat split_@'
bash -c cat split_0 
node1 52:54:00:5d:4a:3f
node2 52:54:00:dc:5b:1b
bash -c cat split_1 
node3 52:54:00:77:33:99
node4 52:54:00:61:72:67
bash -c cat split_2 
node5 52:54:00:88:c2:54
node6 52:54:00:a8:bc:df

グルーピングするシェルスクリプトを作った話

まえがき

もうちょい簡単できそうだけど、こんなのを思いついてしまったぜ。

実行例

コード表示

[root@centos vx]# cat grp.sh
#!/bin/bash
grp(){
  RN=$1
  GRP=$2
  while read line;do
     echo ${line} | sed -e s/GRP/${GRP}/ | bash;
  done < <(seq ${RN} | xargs -I@ bash -c 'echo echo $\(\(@%GRP\)\)') | sort
}

grp $1 $2
[root@centos vx]# ll grp.sh
-rwxr-xr-x. 1 root root 195  6月  2 14:33 grp.sh
[root@centos vx]# ./grp.sh 12 3
0
0
0
0
1
1
1
1
2
2
2
2
[root@centos vx]# ./grp.sh 12 4
0
0
0
1
1
1
2
2
2
3
3
3
[root@centos vx]# ./grp.sh 12 2
0
0
0
0
0
0
1
1
1
1
1
1
[root@centos vx]# ./grp.sh 12 3 | nl
     1	0
     2	0
     3	0
     4	0
     5	1
     6	1
     7	1
     8	1
     9	2
    10	2
    11	2
    12	2
[root@centos vx]# ./grp.sh 12 4 | nl
     1	0
     2	0
     3	0
     4	1
     5	1
     6	1
     7	2
     8	2
     9	2
    10	3
    11	3
    12	3
[root@centos vx]# ./grp.sh 12 2 | nl
     1	0
     2	0
     3	0
     4	0
     5	0
     6	0
     7	1
     8	1
     9	1
    10	1
    11	1
    12	1

あとがき

あんま大したことないけど、fin。

シェルスクリプト なんとか以外を削除する話

まえがき

調べた。

参考文献

Linuxで特定のファイル、ディレクトリ以外を削除するコマンド  

実行例

コード表示

[oracle@centos jj]$ ll
合計 557488
-rw-r--r--. 1 oracle docker 179439263  5月 25 13:09 jdk-8u211-linux-x64.rpm
-rw-r--r--. 1 oracle docker  21886970  5月 25 13:23 sqlcl-19.1.0.094.1619.zip
-rw-r--r--. 1 oracle docker 369526372  5月 25 13:14 sqldeveloper-19.1.0.094.2042.noarch.rpm
[oracle@centos jj]$ ls
jdk-8u211-linux-x64.rpm  sqlcl-19.1.0.094.1619.zip  sqldeveloper-19.1.0.094.2042.noarch.rpm
[oracle@centos jj]$ ls | grep -v -E 'rpm' | xargs echo
sqlcl-19.1.0.094.1619.zip
[oracle@centos jj]$ ls | grep -v -E 'zip' | xargs echo
jdk-8u211-linux-x64.rpm sqldeveloper-19.1.0.094.2042.noarch.rpm
[oracle@centos jj]$ ls | grep -v -E 'zip' | xargs rm -rf
[oracle@centos jj]$ ll
合計 21376
-rw-r--r--. 1 oracle docker 21886970  5月 25 13:23 sqlcl-19.1.0.094.1619.zip

あとがき

fin

body閉じタグの直前にscriptタグを挿入した話(スクレイピング 環境構築に派生した話)

まえがき

スクレイピングなんだろって気になった。ググって、調べていたら、おもしろそうとおもってスクレイピングするローカルホスト環境を構築したいなと思いました。

参考文献

記号を言葉で表現できなかったから調べた。

キーボード特殊記号の読み方  

関数定義と関数呼出の方法知っておけばいいとおもう。

関数の定義と呼び出し  

フォルダ構成

__htmlに対してsedかます

コード表示

[oracle@centos weban]$ ll
合計 192
-rw-r--r--. 1 oracle docker    246  5月 25 08:44 Dockerfile
-rw-r--r--. 1 oracle docker 176088  5月 25 09:57 __.html
-rwxr-xr-x. 1 oracle docker    807  5月 17 16:46 kick.sh
-rw-r--r--. 1 root   root       96  5月 25 09:53 screep.js
drwxr-xr-x. 6 oracle docker   4096  5月 20 20:10 src
drwxr-xr-x. 2 oracle docker   4096  5月 19 22:31 tmp
[oracle@centos weban]$ docker exec -it httpd /bin/bash
[root@6d1f534a84b7 /]# cd /var/www/html
[root@6d1f534a84b7 html]# ll
total 192
-rw-r--r--. 1 1000 1001    246 May 24 23:44 Dockerfile
-rw-r--r--. 1 1000 1001 176088 May 25 00:57 __.html
-rwxr-xr-x. 1 1000 1001    807 May 17 07:46 kick.sh
-rw-r--r--. 1 root root     96 May 25 00:53 screep.js
drwxr-xr-x. 6 1000 1001   4096 May 20 11:10 src
drwxr-xr-x. 2 1000 1001   4096 May 19 13:31 tmp

Dockerfile

コード表示

[oracle@centos weban]$ cat D*
FROM centos:latest

RUN yum install -y httpd \ 
yum install -y iputils \
yum install -y net-tools \
yum install -y iproute \
yum install -y vim \
yum install -y tree \
yum install -y lsof \
yum install -y traceroute

EXPOSE 80
CMD ["/sbin/init"]

コンテナ作成

コード表示

[oracle@centos weban]$ docker build -t centos_httpd .
[oracle@centos weban]$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos_httpd        latest              1eeca6ecbb88        2 hours ago         389MB
centos_php          latest              8d9f2dcb8da1        3 days ago          499MB
centos              latest              9f38484d220f        2 months ago        202MB

コンテナ起動

コード表示

[oracle@centos weban]$ docker run --privileged -v $(pwd):/var/www/html -p 8080:80 --name httpd -itd centos_httpd /sbin/init
[oracle@centos weban]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                  NAMES
6d1f534a84b7        centos_httpd        "/sbin/init"        2 hours ago         Up 2 hours          0.0.0.0:8080->80/tcp   httpd

httpdサービス起動

コード表示

[oracle@centos weban]$ docker exec -it httpd systemctl start httpd
[oracle@centos weban]$ docker exec -it httpd systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2019-05-24 23:58:50 UTC; 1h 36min ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 2663 (httpd)
   Status: "Total requests: 38; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /docker/6d1f534a84b7d7b77dd82169582df46058867c0f159d829c9ff92735d3e28a62/system.slice/httpd.service
           ├─2663 /usr/sbin/httpd -DFOREGROUND
           ├─2664 /usr/sbin/httpd -DFOREGROUND
           ├─2665 /usr/sbin/httpd -DFOREGROUND
           ├─2666 /usr/sbin/httpd -DFOREGROUND
           ├─2667 /usr/sbin/httpd -DFOREGROUND
           ├─2668 /usr/sbin/httpd -DFOREGROUND
           └─2682 /usr/sbin/httpd -DFOREGROUND
           ‣ 2663 /usr/sbin/httpd -DFOREGROUND

May 24 23:58:50 6d1f534a84b7 systemd[1]: Starting The Apache HTTP Server...
May 24 23:58:50 6d1f534a84b7 httpd[2663]: AH00558: httpd: Could not reliably...e
May 24 23:58:50 6d1f534a84b7 systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.

【OK】埋め込む用のsed

レフト・アングル、ライト・アングルはエスケープしなくてOKだったことに気付いた。

コード表示

sed -e 's/<\/body>/\<script type=\"text\/javascript\" src=\"screep.js\"\>\<\/script\><\/body>/' __.html | grep \</body\>

【NG】埋め込む用のsed

レフト・アングル、ライト・アングルはエスケープしなくてOKだったことに気付いた。

コード表示

sed -e 's/\<\/body\>/\<script type=\"text\/javascript\" src=\"screep.js\"\>\<\/script\><\/body>/' __.html | grep \</body\>

【OK】埋め込む用のsed上書き指定

-i指定

コード表示

sed -i -e 's/<\/body>/\<script type=\"text\/javascript\" src=\"screep.js\"\>\<\/script\><\/body>/' __.html | grep \</body\>

確認

NGパターンで置換していない状態を確認し、OKパターンで置換されたことを確認する。

コード表示

[root@6d1f534a84b7 html]# sed -e 's/\<\/body\>/\<script type=\"text\/javascript\" src=\"screep.js\"\>\<\/script\><\/body>/' __.html | grep \</body\>
<div id="fancybox-tmp"></div><div id="fancybox-loading"><div></div></div><div id="fancybox-overlay"></div><div id="fancybox-wrap"><div id="fancybox-outer"><div class="fancybox-bg" id="fancybox-bg-n"></div><div class="fancybox-bg" id="fancybox-bg-ne"></div><div class="fancybox-bg" id="fancybox-bg-e"></div><div class="fancybox-bg" id="fancybox-bg-se"></div><div class="fancybox-bg" id="fancybox-bg-s"></div><div class="fancybox-bg" id="fancybox-bg-sw"></div><div class="fancybox-bg" id="fancybox-bg-w"></div><div class="fancybox-bg" id="fancybox-bg-nw"></div><div id="fancybox-content"></div><a id="fancybox-close"></a><div id="fancybox-title"></div><a id="fancybox-left"><span class="fancy-ico" id="fancybox-left-ico"></span></a><a id="fancybox-right"><span class="fancy-ico" id="fancybox-right-ico"></span></a></div></div></body>
[root@6d1f534a84b7 html]# sed -e 's/<\/body>/\<script type=\"text\/javascript\" src=\"screep.js\"\>\<\/script\><\/body>/' __.html | grep \</body\>
<div id="fancybox-tmp"></div><div id="fancybox-loading"><div></div></div><div id="fancybox-overlay"></div><div id="fancybox-wrap"><div id="fancybox-outer"><div class="fancybox-bg" id="fancybox-bg-n"></div><div class="fancybox-bg" id="fancybox-bg-ne"></div><div class="fancybox-bg" id="fancybox-bg-e"></div><div class="fancybox-bg" id="fancybox-bg-se"></div><div class="fancybox-bg" id="fancybox-bg-s"></div><div class="fancybox-bg" id="fancybox-bg-sw"></div><div class="fancybox-bg" id="fancybox-bg-w"></div><div class="fancybox-bg" id="fancybox-bg-nw"></div><div id="fancybox-content"></div><a id="fancybox-close"></a><div id="fancybox-title"></div><a id="fancybox-left"><span class="fancy-ico" id="fancybox-left-ico"></span></a><a id="fancybox-right"><span class="fancy-ico" id="fancybox-right-ico"></span></a></div></div><script type="text/javascript" src="screep.js"></script></body>

スクレイピングの練習環境をミニマムに作りたかった

screep.js

コード表示

function an(){
  var html = document.getElementsByTagName('html');
  console.log(html);
}
an();

firefoxのコンソールログでscreepを検索条件に入力すると見易い。自分のサイトをスクレイピングの犠牲にする。

あとがき

スクレイピングっておもしろい。練習は自分のサイトをlocalhostに落としてからやればよさそう。イメージどおりに練習環境つくれた。「スクレイピング 環境構築」でぐぐっていたらseleniumヒットして「ぁぁあったのか」となったけど、まぁいいか。以上、ありがとうございました。

Webスクレイピング入門

多段ssh接続をdockerホストからdockerコンテナに向けてやってみた話

参考文献

多段ssh設定のまとめ  
SSH 多段接続で三段先のサーバに接続する  
多段sshを行うときに、ローカルの秘密鍵を参照し続ける  
Compose file version 3 reference  
Compose のネットワーク機能  

まえがき

フォルダ構成

ssh3フォルダは用意。a.shは使わない。

コード表示

[oracle@centos tadan]$ rm ./share/ssh{1..3}/*pub
[oracle@centos tadan]$ tree
.
├── Dockerfile
├── Makefile
├── docker-compose.yml
├── share
│   ├── ssh1
│   │   └── tmpl
│   ├── ssh2
│   │   └── tmpl
│   └── ssh3
│       └── tmpl
└── tmpl
    └── a.sh

8 directories, 4 files

権限整備

dockerホストで

コード表示

[oracle@centos tadan]$ sudo chown -R oracle:docker share
[oracle@centos tadan]$ sudo chown -R oracle:docker tmpl
[oracle@centos tadan]$ ll
合計 20
-rw-r--r--. 1 oracle docker  531  5月 11 16:33 Dockerfile
-rw-r--r--. 1 oracle docker   58  5月 11 13:25 Makefile
-rw-r--r--. 1 oracle docker  962  5月 11 16:25 docker-compose.yml
drwxr-xr-x. 4 oracle docker 4096  5月 11 16:08 share
drwxr-xr-x. 2 oracle docker 4096  5月 11 16:19 tmpl

Dockerfile

oracleユーザーでログインするようにすると、権限まわりであぁとなるので、デフぉのrootで。suしてもだめだった気がする。

コード表示

[oracle@centos tadan]$ cat D*
FROM centos:latest

RUN yum install -y iputils \
yum install -y net-tools \
yum install -y iproute \
yum install -y vim \
yum install -y tree \
yum install -y lsof \
yum install -y expect \
yum install -y openssh-server \
yum install -y openssh-clients

ENV TZ='Asia/Tokyo'

RUN groupadd -g 1001 docker
RUN useradd -m -g docker -u 1000 oracle

RUN echo 'ORACLE_PWD' | passwd --stdin oracle
RUN echo 'ORACLE_PWD' | passwd --stdin root

RUN mkdir -p /home/oracle/.ssh

#USER oracle
#WORKDIR /home/oracle
EXPOSE 20
CMD ["/sbin/init"]

Makefile

エイリアス

コード表示

[oracle@centos tadan]$ cat M*
CMD=docker-compose
up:
	@$(CMD) up -d
down:
	@$(CMD) down

docker-compose.yml

3コンテナ起動。

コード表示

[oracle@centos tadan]$ docker --version
Docker version 18.09.5, build e8ff056
[oracle@centos tadan]$ cat d*
version: '3.7'
services:
  ssh_saba1:
    image: centos_ssh
    container_name: ssh1
    #command: bash -c "ehoc hoge"
    privileged: true
    volumes:
      -  /home/oracle/tadan/share/ssh1:/home/oracle/.ssh
      -  /home/oracle/tadan/tmpl:/home/oracle/.ssh/tmpl
    networks:
      ssh_net:
        ipv4_address: 192.168.100.101
    ports:
      - '1:22'
  ssh_saba2:
    image: centos_ssh
    container_name: ssh2
    #command: bash -c "echo hoge"
    privileged: true
    volumes:
      -  /home/oracle/tadan/share/ssh2:/home/oracle/.ssh
      -  /home/oracle/tadan/tmpl:/home/oracle/.ssh/tmpl
    networks:
      ssh_net:
        ipv4_address: 192.168.100.102
    ports:
      - '2:22'
  ssh_saba3:
    image: centos_ssh
    container_name: ssh3
    #command: bash -c "echo hoge"
    privileged: true
    volumes:
      -  /home/oracle/tadan/share/ssh3:/home/oracle/.ssh
      -  /home/oracle/tadan/tmpl:/home/oracle/.ssh/tmpl
    networks:
      ssh_net:
        ipv4_address: 192.168.100.103
    ports:
      - '3:22'
networks:
  ssh_net:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 192.168.100.0/24

a.sh

コンテナ内でkickするやつ。sshの公開鍵と秘密鍵をコンテナ単位で作成。expectコマンド使って自動化しようとした名残だけある。今回はローカル(docker ホスト)で鍵作成。

コード表示

[oracle@centos tadan]$ cat t*/a*
#!/bin/bash
PWD=""
expect -c "
spawn ssh-keygen -t rsa
expect \"Enter\"
send \"${PWD}\n\"
expect \"Enter\"
send \"${PWD}\n\"
expect \"Enter\"
send \"${PWD}\n\"
expect \"\\\$\"
exit 0
"

centos_sshイメージの作成

dockerfileでマルチステージング機能あるぽくて、サイズ圧縮できるってどっかで見て試したけど、うまく使いこなせなかった。

コード表示

[oracle@centos tadan]$ docker build -t centos_ssh .
[oracle@centos tadan]$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos_ssh          latest              43f44c1e64a5        11 seconds ago      360MB
centos              latest              9f38484d220f        8 weeks ago         202MB

コンテナ起動前ネットワーク確認

ネットワークすき

コード表示

[oracle@centos tadan]$ brctl show
bridge name	bridge id		STP enabled	interfaces
docker0		8000.0242818de210	no		
virbr0		8000.5254006a2171	yes		virbr0-nic
[oracle@centos tadan]$ ip a show
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:d8:61:2c:f1:5b brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.109/24 brd 192.168.1.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::ccc0:20d4:3aed:ca75/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: virbr0:  mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:6a:21:71 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic:  mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:6a:21:71 brd ff:ff:ff:ff:ff:ff
6: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:81:8d:e2:10 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:81ff:fe8d:e210/64 scope link 
       valid_lft forever preferred_lft forever


[oracle@centos tadan]$ sudo iptables -t nat -L -n | grep -A 10 "Chain POSTROUTING"
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0           
RETURN     all  --  192.168.122.0/24     224.0.0.0/24        
RETURN     all  --  192.168.122.0/24     255.255.255.255     
MASQUERADE  tcp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  udp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  all  --  192.168.122.0/24    !192.168.122.0/24    
POSTROUTING_direct  all  --  0.0.0.0/0            0.0.0.0/0           
POSTROUTING_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           
POSTROUTING_ZONES  all  --  0.0.0.0/0            0.0.0.0/0           

コンテナ起動

makeコマンドで。

コード表示

[oracle@centos tadan]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[oracle@centos tadan]$ make up
Creating network "tadan_ssh_net" with driver "bridge"
Creating ssh1 ... done
Creating ssh2 ... done
Creating ssh3 ... done
[oracle@centos tadan]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                       NAMES
4869f3cec966        centos_ssh          "/sbin/init"        13 hours ago        Up 13 hours         20/tcp, 0.0.0.0:1->22/tcp   ssh1
5f6b238319ff        centos_ssh          "/sbin/init"        13 hours ago        Up 13 hours         20/tcp, 0.0.0.0:2->22/tcp   ssh2
50e75a25f30f        centos_ssh          "/sbin/init"        13 hours ago        Up 13 hours         20/tcp, 0.0.0.0:3->22/tcp   ssh3

コンテナ起動後ネットワーク確認

docker0のIFは使われていない。独自に定義したbridgeルータにコンテナは接続している。

コード表示

[oracle@centos tadan]$ brctl show
bridge name	bridge id		STP enabled	interfaces
br-3cb3a09916e1		8000.0242011202de	no		veth3ab229f
							vetha272766
							vethc24b63c
docker0		8000.0242818de210	no		
virbr0		8000.5254006a2171	yes		virbr0-nic
[oracle@centos tadan]$ ip a show
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:d8:61:2c:f1:5b brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.109/24 brd 192.168.1.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::ccc0:20d4:3aed:ca75/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: virbr0:  mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:6a:21:71 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic:  mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:6a:21:71 brd ff:ff:ff:ff:ff:ff
6: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:81:8d:e2:10 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:81ff:fe8d:e210/64 scope link 
       valid_lft forever preferred_lft forever
363: br-3cb3a09916e1:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:01:12:02:de brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.1/24 brd 192.168.100.255 scope global br-3cb3a09916e1
       valid_lft forever preferred_lft forever
    inet6 fe80::42:1ff:fe12:2de/64 scope link 
       valid_lft forever preferred_lft forever
365: vetha272766@if364:  mtu 1500 qdisc noqueue master br-3cb3a09916e1 state UP group default 
    link/ether c2:10:0e:d3:93:fb brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::c010:eff:fed3:93fb/64 scope link 
       valid_lft forever preferred_lft forever
367: veth3ab229f@if366:  mtu 1500 qdisc noqueue master br-3cb3a09916e1 state UP group default 
    link/ether 66:3f:98:2c:cc:97 brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::643f:98ff:fe2c:cc97/64 scope link 
       valid_lft forever preferred_lft forever
369: vethc24b63c@if368:  mtu 1500 qdisc noqueue master br-3cb3a09916e1 state UP group default 
    link/ether b6:f4:23:67:1d:3a brd ff:ff:ff:ff:ff:ff link-netnsid 2
    inet6 fe80::b4f4:23ff:fe67:1d3a/64 scope link 
       valid_lft forever preferred_lft forever
[oracle@centos tadan]$ sudo iptables -t nat -L -n | grep -A 10 "Chain POSTROUTING"
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  192.168.100.0/24     0.0.0.0/0           
MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0           
RETURN     all  --  192.168.122.0/24     224.0.0.0/24        
RETURN     all  --  192.168.122.0/24     255.255.255.255     
MASQUERADE  tcp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  udp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  all  --  192.168.122.0/24    !192.168.122.0/24    
POSTROUTING_direct  all  --  0.0.0.0/0            0.0.0.0/0           
POSTROUTING_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           

a.shをキックしない。

今回はローカル(docker ホスト)で鍵作成。

コード表示

[oracle@centos .ssh]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:bxKbA6TM6rg/RG5ANOqORnL/7wP/247Mjbsnr8D7Hvg oracle@centos
The key's randomart image is:
+---[RSA 2048]----+
|.o               |
|...              |
|o     .          |
|o .o o           |
|.*. + . S        |
|=.+o  .o *       |
|.=. .  oO +      |
|.o.  .  oX.*.    |
|ooo.  .o+=EX=    |
+----[SHA256]-----+

dockerホストから各コンテナに公開鍵を配布

コンテナごとに公開鍵を配布。

コード表示

[oracle@centos tadan]$ echo -e $(pwd)/share/ssh{1..3}\\n | xargs -I@ bash -c 'cp ~/.ssh/*pub @'
[oracle@centos tadan]$ tree
.
├── Dockerfile
├── Makefile
├── docker-compose.yml
├── share
│   ├── ssh1
│   │   ├── id_rsa.pub
│   │   └── tmpl
│   ├── ssh2
│   │   ├── id_rsa.pub
│   │   └── tmpl
│   └── ssh3
│       ├── id_rsa.pub
│       └── tmpl
└── tmpl
    └── a.sh

8 directories, 7 files

sshdサービス起動確認

コード表示

[oracle@centos .ssh]$ docker exec -it ssh1 /bin/bash
[root@4869f3cec966 /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-05-11 18:27:07 JST; 13h ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 2344 (sshd)
   CGroup: /docker/4869f3cec966c4611962f1b02c163264d8e292c8df4a3b320b8e8b08fbb86d35/system.slice/sshd.service
           └─2344 /usr/sbin/sshd -D
           ‣ 2344 /usr/sbin/sshd -D

May 11 18:27:07 4869f3cec966 systemd[1]: Starting OpenSSH server daemon...
May 11 18:27:07 4869f3cec966 sshd[2344]: Server listening on 0.0.0.0 port 22.
May 11 18:27:07 4869f3cec966 sshd[2344]: Server listening on :: port 22.
May 11 18:27:07 4869f3cec966 systemd[1]: Started OpenSSH server daemon.
May 11 21:57:48 4869f3cec966 sshd[5431]: Accepted password for root from 192.168.100.1 port 33038 ssh2
May 11 21:57:55 4869f3cec966 sshd[5448]: Connection closed by 192.168.100.1 port 33044 [preauth]
May 12 07:22:11 4869f3cec966 sshd[5454]: Accepted password for root from 192.168.100.1 port 42396 ssh2
May 12 07:23:04 4869f3cec966 sshd[5471]: Accepted password for root from 192.168.100.1 port 42410 ssh2
[root@4869f3cec966 /]# exit
[oracle@centos .ssh]$ docker exec -it ssh2 /bin/bash
[root@5f6b238319ff /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-05-11 18:27:07 JST; 13h ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1866 (sshd)
   CGroup: /docker/5f6b238319ff35260f1385261064b6f67562554c668cf4f009682acf20202b54/system.slice/sshd.service
           └─1866 /usr/sbin/sshd -D
           ‣ 1866 /usr/sbin/sshd -D

May 11 18:27:07 5f6b238319ff systemd[1]: Starting OpenSSH server daemon...
May 11 18:27:07 5f6b238319ff sshd[1866]: Server listening on 0.0.0.0 port 22.
May 11 18:27:07 5f6b238319ff sshd[1866]: Server listening on :: port 22.
May 11 18:27:07 5f6b238319ff systemd[1]: Started OpenSSH server daemon.
May 11 21:51:32 5f6b238319ff sshd[5402]: Accepted password for root from 192.168.100.1 port 46484 ssh2
May 11 22:09:56 5f6b238319ff sshd[5419]: Accepted password for oracle from 192.168.100.1 port 47334 ssh2
May 11 22:16:08 5f6b238319ff sshd[5422]: Accepted password for oracle from 192.168.100.1 port 47626 ssh2
May 11 22:17:21 5f6b238319ff sshd[5425]: Accepted password for oracle from 192.168.100.1 port 47646 ssh2
May 11 22:17:53 5f6b238319ff sshd[5428]: Accepted password for oracle from 192.168.100.1 port 47660 ssh2
[root@5f6b238319ff /]# exit
[oracle@centos .ssh]$ docker exec -it ssh3 /bin/bash
[root@50e75a25f30f /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-05-11 18:27:06 JST; 13h ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1884 (sshd)
   CGroup: /docker/50e75a25f30f6af7dd199924be5505094f35b0550ee87113f252fea2f5815194/system.slice/sshd.service
           └─1884 /usr/sbin/sshd -D
           ‣ 1884 /usr/sbin/sshd -D

May 11 18:27:06 50e75a25f30f systemd[1]: Starting OpenSSH server daemon...
May 11 18:27:06 50e75a25f30f sshd[1884]: Server listening on 0.0.0.0 port 22.
May 11 18:27:06 50e75a25f30f sshd[1884]: Server listening on :: port 22.
May 11 18:27:06 50e75a25f30f systemd[1]: Started OpenSSH server daemon.
May 11 21:48:59 50e75a25f30f sshd[8002]: Accepted password for root from 192.168.100.1 port 59862 ssh2
May 11 21:54:55 50e75a25f30f sshd[8020]: Connection closed by 192.168.100.1 port 60144 [preauth]
May 11 22:10:02 50e75a25f30f sshd[8022]: Accepted password for root from 192.168.100.102 port 50252 ssh2
May 11 22:16:23 50e75a25f30f sshd[8040]: Accepted password for root from 192.168.100.102 port 50542 ssh2
May 11 22:17:28 50e75a25f30f sshd[8073]: Accepted password for oracle from 192.168.100.102 port 50568 ssh2
May 11 22:17:58 50e75a25f30f sshd[8095]: Accepted password for root from 192.168.100.102 port 50576 ssh2

こっちのほうが楽。-itオプション指定しないこと。

コード表示

[oracle@centos tadan]$ seq 3 | xargs -I@ bash -c 'docker exec ssh@ systemctl status sshd'
[oracle@centos tadan]$ seq 3 | xargs -I@ bash -c 'docker exec ssh@ systemctl status sshd'
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2019-05-12 17:20:27 JST; 13min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 2015 (sshd)
   CGroup: /docker/638ccb67f9caf21a7ad35524eb9c3b09950ca17f7cda1d8f5ee33ad0537d7078/system.slice/sshd.service
           └─2015 /usr/sbin/sshd -D
           ‣ 2015 /usr/sbin/sshd -D

May 12 17:20:27 638ccb67f9ca systemd[1]: Starting OpenSSH server daemon...
May 12 17:20:27 638ccb67f9ca sshd[2015]: Server listening on 0.0.0.0 port 22.
May 12 17:20:27 638ccb67f9ca sshd[2015]: Server listening on :: port 22.
May 12 17:20:27 638ccb67f9ca systemd[1]: Started OpenSSH server daemon.
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2019-05-12 17:20:27 JST; 13min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1991 (sshd)
   CGroup: /docker/f62321332bb2fc8952c5de347678c9c362fec317c7316670b61c87e9397ef99c/system.slice/sshd.service
           └─1991 /usr/sbin/sshd -D
           ‣ 1991 /usr/sbin/sshd -D

May 12 17:20:27 f62321332bb2 systemd[1]: Starting OpenSSH server daemon...
May 12 17:20:27 f62321332bb2 sshd[1991]: Server listening on 0.0.0.0 port 22.
May 12 17:20:27 f62321332bb2 sshd[1991]: Server listening on :: port 22.
May 12 17:20:27 f62321332bb2 systemd[1]: Started OpenSSH server daemon.
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2019-05-12 17:20:27 JST; 13min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1405 (sshd)
   CGroup: /docker/cb4b615a81692c9bb1d2283d49cb84d24ecae03b69210e08724255afca9f03b5/system.slice/sshd.service
           └─1405 /usr/sbin/sshd -D
           ‣ 1405 /usr/sbin/sshd -D

May 12 17:20:27 cb4b615a8169 systemd[1]: Starting OpenSSH server daemon...
May 12 17:20:27 cb4b615a8169 sshd[1405]: Server listening on 0.0.0.0 port 22.
May 12 17:20:27 cb4b615a8169 sshd[1405]: Server listening on :: port 22.
May 12 17:20:27 cb4b615a8169 systemd[1]: Started OpenSSH server daemon.

dockerホストからssh3コンテナまでssh疎通できるかconfigファイル編集しながら試す。

ssh1まで

できた

コード表示

[oracle@centos .ssh]$ pwd
/home/oracle/.ssh
[oracle@centos .ssh]$ whoami
oracle
[oracle@centos .ssh]$ ip a show eth0
2: eth0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:d8:61:2c:f1:5b brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.109/24 brd 192.168.1.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::ccc0:20d4:3aed:ca75/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[oracle@centos .ssh]$ cat c*
#Host ssh3
#  Hostname 192.168.100.103
#  Port 22
#  Identityfile ~/.ssh/id_rsa
#  User root
#  ProxyCommand ssh -W %h:%p 192.168.100.102
#Host ssh2
#  Hostname 192.168.100.102
#  Port 22
#  Identityfile ~/.ssh/id_rsa
#  User root
#  ProxyCommand ssh -W %h:%p 192.168.100.101
Host ssh1
  Hostname 192.168.100.101
  Port 22
  Identityfile ~/.ssh/id_rsa
  User root
[oracle@centos .ssh]$ ssh ssh1
root@192.168.100.101's password: 
Last login: Sat May 11 22:23:04 2019 from gateway
[root@4869f3cec966 ~]# whoami
root
[root@4869f3cec966 ~]# ip a show eth0
368: eth0@if369:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:65 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.101/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever
[root@4869f3cec966 ~]# logout
Connection to 192.168.100.101 closed.
[oracle@centos .ssh]$ ssh oracle@ssh1
oracle@192.168.100.101's password: 
[oracle@4869f3cec966 ~]$ whoami
oracle
[oracle@4869f3cec966 ~]$ ip a show eth0
368: eth0@if369:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:65 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.101/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever
[oracle@4869f3cec966 ~]$ logout
Connection to 192.168.100.101 closed.



[oracle@centos .ssh]$ ssh ssh2
ssh: Could not resolve hostname ssh2: Name or service not known
[oracle@centos .ssh]$ ssh ssh3
ssh: Could not resolve hostname ssh3: Name or service not known

ssh2まで

できた

コード表示

[oracle@centos .ssh]$ cat c*
#Host ssh3
#  Hostname 192.168.100.103
#  Port 22
#  Identityfile ~/.ssh/id_rsa
#  User root
#  ProxyCommand ssh -W %h:%p 192.168.100.102
Host ssh2
  Hostname 192.168.100.102
  Port 22
  Identityfile ~/.ssh/id_rsa
  User root
  ProxyCommand ssh -W %h:%p 192.168.100.101
Host ssh1
  Hostname 192.168.100.101
  Port 22
  Identityfile ~/.ssh/id_rsa
  User root
[oracle@centos .ssh]$ ssh ssh2
oracle@192.168.100.101's password: 
root@192.168.100.102's password: 
Last login: Sat May 11 12:51:32 2019 from gateway
[root@5f6b238319ff ~]# whoami
root
[root@5f6b238319ff ~]# ip a show eth0
366: eth0@if367:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:66 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.102/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever


[root@5f6b238319ff ~]# logout
Connection to 192.168.100.102 closed.
Killed by signal 1.
[oracle@centos .ssh]$ ssh oracle@ssh2
oracle@192.168.100.101's password: 
oracle@192.168.100.102's password: 
Permission denied, please try again.
oracle@192.168.100.102's password: 
Last failed login: Sat May 11 22:48:43 UTC 2019 from ssh1.tadan_ssh_net on ssh:notty
There was 1 failed login attempt since the last successful login.
[oracle@5f6b238319ff ~]$ whoami
oracle
[oracle@5f6b238319ff ~]$ ip a show eth0
366: eth0@if367:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:66 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.102/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever
[oracle@5f6b238319ff ~]$ logout
Connection to 192.168.100.102 closed.
Killed by signal 1.
[oracle@centos .ssh]$ ssh ssh3
ssh: Could not resolve hostname ssh3: Name or service not known

ssh3まで

できた

コード表示

[oracle@centos .ssh]$ cat c*
Host ssh3
  Hostname 192.168.100.103
  Port 22
  Identityfile ~/.ssh/id_rsa
  User root
  ProxyCommand ssh -W %h:%p 192.168.100.102
Host ssh2
  Hostname 192.168.100.102
  Port 22
  Identityfile ~/.ssh/id_rsa
  User root
  ProxyCommand ssh -W %h:%p 192.168.100.101
Host ssh1
  Hostname 192.168.100.101
  Port 22
  Identityfile ~/.ssh/id_rsa
  User root
[oracle@centos .ssh]$ ssh ssh3
oracle@192.168.100.102's password: 
root@192.168.100.103's password: 
Last login: Sat May 11 13:17:58 2019 from ssh2.tadan_ssh_net
[root@50e75a25f30f ~]# whoami
root
[root@50e75a25f30f ~]# ip a show eth0
364: eth0@if365:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:67 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.103/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever
[root@50e75a25f30f ~]# logout
Connection to 192.168.100.103 closed.
Killed by signal 1.


[oracle@centos .ssh]$ ssh oracle@ssh3
oracle@192.168.100.102's password: 
oracle@192.168.100.103's password: 
Last login: Sat May 11 13:17:28 2019 from ssh2.tadan_ssh_net
[oracle@50e75a25f30f ~]$ whoami
oracle
[oracle@50e75a25f30f ~]$ ip a show eth0
364: eth0@if365:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:67 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.103/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever
[oracle@50e75a25f30f ~]$ logout
Connection to 192.168.100.103 closed.
Killed by signal 1.

あとがき

多段sshの練習になった。コンテナ名の色とコンテナの名前をおしゃれにしたい。以上、ありがとうございました。

dockerコンテナ同士でssh疎通した話

参考文献

ssh-keygen - 認証用の鍵を生成 - Linuxコマンド  
Compose file version 3 reference  
SSH通信って、結局何してるの?  
Compose のネットワーク機能  

参考文献よんで感じたこと

自鯖にログインしてきたユーザーが持って来たハッシュ値と鯖側でユーザーごとに生成しておいたハッシュ値をマッチングして本人であることを証明している感じかな。あらかじめ、自鯖側ではログインしてくるユーザーを知る必要がある(コンテナごとの公開鍵)。鯖はログインしてきたユーザに対して暗号を生成して、ログインユーザーのマシンに送り返す。ログインユーザーは送られてきた暗号を自分だけが保持している秘密鍵を使って、解読し、ハッシュ値を生成。作ったハッシュ値を鯖に送り返す。鯖は送られてきたハッシュ値と予めユーザーごとに生成して置いたハッシュ値をマッチングし、照合一致したら、ログインしてきていじっていいよ。照合不一致なら、denyする。ってかんじか。ちなみにログインユーザーは秘密鍵を作成するときに公開鍵も一緒につくっちゃってるらしいので、この公開鍵を鯖に送っておいて(公開鍵をauthorized_keysとして送る)、鯖がログインユーザごとのハッシュ値を生成するときに使用すれば、ハッシュ値をマッチングする際にご本人様であることを証明できるのかな。。rootユーザー以外にもユーザー作っておこうかな。

参考文献よんで感じたことがまちがっていたこと

以下の考え方が正しい。気づけてよかった。


SSH公開鍵認証
 
ゼロからはじめるLinuxサーバー構築・運用ガイド 動かしながら学ぶWebサーバーの作り方  

まえがき

仕事ではwindowsでteratermから鯖に接続しているけど、sshという技術を使って接続しているぐらいの理解。dockerコンテナ内でもそういうのつくってみよとおもった。自動化したかったけど、今のシェル力では実現できなかった。

フォルダ構成

ssh3フォルダは用意していない、めんどくさくなってしまった。

コード表示

[oracle@centos tadan]$ tree
.
├── Dockerfile
├── Makefile
├── docker-compose.yml
├── share
│   ├── ssh1
│   └── ssh2
└── tmpl
    └── a.sh

4 directories, 4 files

権限整備

dockerホストで

コード表示

[oracle@centos tadan]$ sudo chown -R oracle:docker share
[oracle@centos tadan]$ sudo chown -R oracle:docker tmpl
[oracle@centos tadan]$ ll
合計 20
-rw-r--r--. 1 oracle docker  531  5月 11 16:33 Dockerfile
-rw-r--r--. 1 oracle docker   58  5月 11 13:25 Makefile
-rw-r--r--. 1 oracle docker  962  5月 11 16:25 docker-compose.yml
drwxr-xr-x. 4 oracle docker 4096  5月 11 16:08 share
drwxr-xr-x. 2 oracle docker 4096  5月 11 16:19 tmpl

Dockerfile

oracleユーザーでログインするようにすると、権限まわりであぁとなるので、デフぉのrootで。suしてもだめだった気がする。

コード表示

[oracle@centos tadan]$ cat D*
FROM centos:latest

RUN yum install -y iputils \
yum install -y net-tools \
yum install -y iproute \
yum install -y vim \
yum install -y tree \
yum install -y lsof \
yum install -y expect \
yum install -y openssh-server \
yum install -y openssh-clients

ENV TZ='Asia/Tokyo'

RUN groupadd -g 1001 docker
RUN useradd -m -g docker -u 1000 oracle

RUN echo 'ORACLE_PWD' | passwd --stdin oracle
RUN echo 'ORACLE_PWD' | passwd --stdin root

RUN mkdir -p /home/oracle/.ssh

#USER oracle
#WORKDIR /home/oracle
EXPOSE 20
CMD ["/sbin/init"]

Makefile

エイリアス

コード表示

[oracle@centos tadan]$ cat M*
CMD=docker-compose
up:
	@$(CMD) up -d
down:
	@$(CMD) down

docker-compose.yml

ssh3コンテナは今回は起動しない。

コード表示

[oracle@centos tadan]$ docker --version
Docker version 18.09.5, build e8ff056
[oracle@centos tadan]$ cat d*
version: '3.7'
services:
  ssh_saba1:
    image: centos_ssh
    container_name: ssh1
    #command: bash -c "ehoc hoge"
    privileged: true
    volumes:
      -  /home/oracle/tadan/share/ssh1:/home/oracle/.ssh
      -  /home/oracle/tadan/tmpl:/home/oracle/.ssh/tmpl
    networks:
      ssh_net:
        ipv4_address: 192.168.100.101
    ports:
      - '1:22'
  ssh_saba2:
    image: centos_ssh
    container_name: ssh2
    #command: bash -c "echo hoge"
    privileged: true
    volumes:
      -  /home/oracle/tadan/share/ssh2:/home/oracle/.ssh
      -  /home/oracle/tadan/tmpl:/home/oracle/.ssh/tmpl
    networks:
      ssh_net:
        ipv4_address: 192.168.100.102
    ports:
      - '2:22'
#  ssh_saba3:
#    image: centos_ssh
#    container_name: ssh3
#    #command: bash -c "echo hoge"
#    privileged: true
#    volumes:
#      -  /home/oracle/tadan/share/ssh3:/home/oracle/.ssh
#      -  /home/oracle/tadan/tmpl:/home/oracle/.ssh/tmpl
#    networks:
#      ssh_net:
#        ipv4_address: 192.168.100.103
#    ports:
#      - '3:22'
networks:
  ssh_net:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 192.168.100.0/24

a.sh

コンテナ内でkickするやつ。sshの公開鍵と秘密鍵をコンテナ単位で作成。expectコマンド使って自動化しようとした名残だけある。

コード表示

[oracle@centos tadan]$ cat t*/a*
#!/bin/bash
PWD=""
expect -c "
spawn ssh-keygen -t rsa
expect \"Enter\"
send \"${PWD}\n\"
expect \"Enter\"
send \"${PWD}\n\"
expect \"Enter\"
send \"${PWD}\n\"
expect \"\\\$\"
exit 0
"

centos_sshイメージの作成

dockerfileでマルチステージング機能あるぽくて、サイズ圧縮できるってどっかで見て試したけど、うまく使いこなせなかった。

コード表示

[oracle@centos tadan]$ docker build -t centos_ssh .
[oracle@centos tadan]$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos_ssh          latest              43f44c1e64a5        11 seconds ago      360MB
centos              latest              9f38484d220f        8 weeks ago         202MB

コンテナ起動前ネットワーク確認

ネットワークすき

コード表示

[oracle@centos tadan]$ brctl show
bridge name	bridge id		STP enabled	interfaces
docker0		8000.0242818de210	no		
virbr0		8000.5254006a2171	yes		virbr0-nic
[oracle@centos tadan]$ ip a show
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:d8:61:2c:f1:5b brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.109/24 brd 192.168.1.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::ccc0:20d4:3aed:ca75/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: virbr0:  mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:6a:21:71 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic:  mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:6a:21:71 brd ff:ff:ff:ff:ff:ff
6: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:81:8d:e2:10 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:81ff:fe8d:e210/64 scope link 
       valid_lft forever preferred_lft forever


[oracle@centos tadan]$ sudo iptables -t nat -L -n | grep -A 10 "Chain POSTROUTING"
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0           
RETURN     all  --  192.168.122.0/24     224.0.0.0/24        
RETURN     all  --  192.168.122.0/24     255.255.255.255     
MASQUERADE  tcp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  udp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  all  --  192.168.122.0/24    !192.168.122.0/24    
POSTROUTING_direct  all  --  0.0.0.0/0            0.0.0.0/0           
POSTROUTING_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           
POSTROUTING_ZONES  all  --  0.0.0.0/0            0.0.0.0/0           

コンテナ起動

makeコマンドで。

コード表示

[oracle@centos tadan]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[oracle@centos tadan]$ make up
Creating network "tadan_ssh_net" with driver "bridge"
Creating ssh1 ... done
Creating ssh2 ... done
[oracle@centos tadan]$ docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                       NAMES
4f8438a2804d        centos_ssh          "/sbin/init"        3 minutes ago       Up 3 minutes        20/tcp, 0.0.0.0:2->22/tcp   ssh2
6a3e6a11fc2e        centos_ssh          "/sbin/init"        3 minutes ago       Up 3 minutes        20/tcp, 0.0.0.0:1->22/tcp   ssh1

コンテナ起動後ネットワーク確認

docker0のIFは使われていない。独自に定義したbridgeルータにコンテナは接続している。

コード表示

[oracle@centos tadan]$ brctl show
bridge name	bridge id		STP enabled	interfaces
br-c37740979afc		8000.0242636f83e9	no		veth0e21071
							veth75a278d
docker0		8000.0242818de210	no		
virbr0		8000.5254006a2171	yes		virbr0-nic
[oracle@centos tadan]$ ip a show
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:d8:61:2c:f1:5b brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.109/24 brd 192.168.1.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::ccc0:20d4:3aed:ca75/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: virbr0:  mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:6a:21:71 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic:  mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:6a:21:71 brd ff:ff:ff:ff:ff:ff
6: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:81:8d:e2:10 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:81ff:fe8d:e210/64 scope link 
       valid_lft forever preferred_lft forever
358: br-c37740979afc:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:63:6f:83:e9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.1/24 brd 192.168.100.255 scope global br-c37740979afc
       valid_lft forever preferred_lft forever
    inet6 fe80::42:63ff:fe6f:83e9/64 scope link 
       valid_lft forever preferred_lft forever
360: veth75a278d@if359:  mtu 1500 qdisc noqueue master br-c37740979afc state UP group default 
    link/ether 32:55:ae:38:be:ed brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::3055:aeff:fe38:beed/64 scope link 
       valid_lft forever preferred_lft forever
362: veth0e21071@if361:  mtu 1500 qdisc noqueue master br-c37740979afc state UP group default 
    link/ether 02:b8:bf:1a:82:a9 brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::b8:bfff:fe1a:82a9/64 scope link 
       valid_lft forever preferred_lft forever


[oracle@centos tadan]$ sudo iptables -t nat -L -n | grep -A 10 "Chain POSTROUTING"
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  192.168.100.0/24     0.0.0.0/0           
MASQUERADE  all  --  172.17.0.0/16        0.0.0.0/0           
RETURN     all  --  192.168.122.0/24     224.0.0.0/24        
RETURN     all  --  192.168.122.0/24     255.255.255.255     
MASQUERADE  tcp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  udp  --  192.168.122.0/24    !192.168.122.0/24     masq ports: 1024-65535
MASQUERADE  all  --  192.168.122.0/24    !192.168.122.0/24    
POSTROUTING_direct  all  --  0.0.0.0/0            0.0.0.0/0           
POSTROUTING_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0           

a.shをキック

コンテナごとに公開鍵と秘密鍵を作成。これが面倒。su oracle忘れそう。。

コード表示

[oracle@centos tadan]$ docker exec -it ssh1 /bin/bash
[root@6a3e6a11fc2e /]# whoami
root
[root@6a3e6a11fc2e /]# id
uid=0(root) gid=0(root) groups=0(root)
[root@6a3e6a11fc2e ~]# su oracle
[oracle@6a3e6a11fc2e root]$ cd ~ && pwd
/home/oracle
[oracle@6a3e6a11fc2e ~]$ cd .ssh
[oracle@6a3e6a11fc2e .ssh]$ ll
total 4
drwxr-xr-x. 2 oracle docker 4096 May 11 16:19 tmpl
[oracle@6a3e6a11fc2e .ssh]$ cd tmpl
[oracle@6a3e6a11fc2e tmpl]$ ll
total 4
-rwxr-xr-x. 1 oracle docker 185 May 11 16:13 a.sh
[oracle@6a3e6a11fc2e tmpl]$ id
uid=1000(oracle) gid=1001(docker) groups=1001(docker)
[oracle@6a3e6a11fc2e tmpl]$ ./a.sh
spawn ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:qq8h9ksNyw0iBJMkC6MTkyv4lWoxMptVYB/kzKZ143w oracle@6a3e6a11fc2e
The key's randomart image is:
+---[RSA 2048]----+
|X+ooo            |
|BB =..           |
|=o .B.o          |
|B.++o+ .         |
|oBo=o o E        |
|o.+o * o         |
| .o = +          |
| . + o           |
|    =+.          |
+----[SHA256]-----+
[oracle@6a3e6a11fc2e tmpl]$ cd -
/home/oracle/.ssh
[oracle@6a3e6a11fc2e .ssh]$ ll
total 12
-rw-------. 1 oracle docker 1679 May 11 17:32 id_rsa
-rw-r--r--. 1 oracle docker  401 May 11 17:32 id_rsa.pub
drwxr-xr-x. 2 oracle docker 4096 May 11 16:19 tmpl
[oracle@6a3e6a11fc2e .ssh]$ exit
[root@6a3e6a11fc2e ~]# exit
[oracle@centos tadan]$ docker exec -it ssh2 /bin/bash
[root@4f8438a2804d /]# whoami
root
[root@4f8438a2804d /]# id
uid=0(root) gid=0(root) groups=0(root)
[root@4f8438a2804d /]# su oracle
[oracle@4f8438a2804d /]$ whoami
oracle
[oracle@4f8438a2804d /]$ id
uid=1000(oracle) gid=1001(docker) groups=1001(docker)
[oracle@4f8438a2804d /]$ cd ~ && pwd
/home/oracle
[oracle@4f8438a2804d ~]$ cd .ssh
[oracle@4f8438a2804d .ssh]$ ll
total 4
drwxr-xr-x. 2 oracle docker 4096 May 11 16:19 tmpl
[oracle@4f8438a2804d .ssh]$ cd tmpl
[oracle@4f8438a2804d tmpl]$ ll
total 4
-rwxr-xr-x. 1 oracle docker 185 May 11 16:13 a.sh
[oracle@4f8438a2804d tmpl]$ ./a.sh
spawn ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:a7sPCgRI/k9/g8S8xn/bxI7OrvdFttxbFwuDTqL83Ys oracle@4f8438a2804d
The key's randomart image is:
+---[RSA 2048]----+
| .               |
|o.               |
|...              |
|  ..  o     .    |
|   ... +S. o o + |
|   .o = +.+ . * =|
|    .. O+o . o =+|
|     ..o+o+oB . +|
|      . o*BEo*.. |
+----[SHA256]-----+
[oracle@4f8438a2804d tmpl]$ cd -
/home/oracle/.ssh
[oracle@4f8438a2804d .ssh]$ ll
total 12
-rw-------. 1 oracle docker 1675 May 11 17:33 id_rsa
-rw-r--r--. 1 oracle docker  401 May 11 17:33 id_rsa.pub
drwxr-xr-x. 2 oracle docker 4096 May 11 16:19 tmpl
[oracle@4f8438a2804d .ssh]$ exit
[root@4f8438a2804d /]# exit

dockerホストでauthorized_keysを作成

コンテナごとの公開鍵を互いに配布。

コード表示

[oracle@centos tadan]$ tree
.
├── Dockerfile
├── Makefile
├── docker-compose.yml
├── share
│   ├── ssh1
│   │   ├── id_rsa
│   │   ├── id_rsa.pub
│   │   └── tmpl
│   └── ssh2
│       ├── id_rsa
│       ├── id_rsa.pub
│       └── tmpl
└── tmpl
    └── a.sh

6 directories, 8 files
[oracle@centos tadan]$ cp ./share/ssh1/id_rsa.pub ./share/ssh2/authorized_keys
[oracle@centos tadan]$ diff ./share/ssh1/id_rsa.pub ./share/ssh2/authorized_keys
[oracle@centos tadan]$ tree
.
├── Dockerfile
├── Makefile
├── docker-compose.yml
├── share
│   ├── ssh1
│   │   ├── id_rsa
│   │   ├── id_rsa.pub
│   │   └── tmpl
│   └── ssh2
│       ├── authorized_keys
│       ├── id_rsa
│       ├── id_rsa.pub
│       └── tmpl
└── tmpl
    └── a.sh

6 directories, 9 files
[oracle@centos tadan]$ cp ./share/ssh2/id_rsa.pub ./share/ssh1/authorized_keys
[oracle@centos tadan]$ diff ./share/ssh2/id_rsa.pub ./share/ssh1/authorized_keys
[oracle@centos tadan]$ tree
.
├── Dockerfile
├── Makefile
├── docker-compose.yml
├── share
│   ├── ssh1
│   │   ├── authorized_keys
│   │   ├── id_rsa
│   │   ├── id_rsa.pub
│   │   └── tmpl
│   └── ssh2
│       ├── authorized_keys
│       ├── id_rsa
│       ├── id_rsa.pub
│       └── tmpl
└── tmpl
    └── a.sh

6 directories, 10 files

sshdサービス起動確認

コード表示

[oracle@centos tadan]$ docker exec -it ssh1 /bin/bash
[root@6a3e6a11fc2e /]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-05-11 17:19:39 JST; 18min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1794 (sshd)
   CGroup: /docker/6a3e6a11fc2e4d26e1c0d521f6a1cee66c28352f71820538e4ceb18d06b95286/system.slice/sshd.service
           └─1794 /usr/sbin/sshd -D
           ‣ 1794 /usr/sbin/sshd -D

May 11 17:19:39 6a3e6a11fc2e systemd[1]: Starting OpenSSH server daemon...
May 11 17:19:39 6a3e6a11fc2e sshd[1794]: Server listening on 0.0.0.0 port 22.
May 11 17:19:39 6a3e6a11fc2e sshd[1794]: Server listening on :: port 22.
May 11 17:19:39 6a3e6a11fc2e systemd[1]: Started OpenSSH server daemon.
[root@6a3e6a11fc2e /]# lsof -i:22 -P
COMMAND  PID USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
sshd    1794 root    3u  IPv4 1670476      0t0  TCP *:22 (LISTEN)
sshd    1794 root    4u  IPv6 1670485      0t0  TCP *:22 (LISTEN)
[root@6a3e6a11fc2e /]# exit
[oracle@centos tadan]$ docker exec -it ssh2 /bin/bash
[root@4f8438a2804d /]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-05-11 17:19:40 JST; 18min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1915 (sshd)
   CGroup: /docker/4f8438a2804da37b2b2334f4982bd58c8eb310402a9765991eb667d79988d75e/system.slice/sshd.service
           └─1915 /usr/sbin/sshd -D
           ‣ 1915 /usr/sbin/sshd -D

May 11 17:19:39 4f8438a2804d systemd[1]: Starting OpenSSH server daemon...
May 11 17:19:40 4f8438a2804d sshd[1915]: Server listening on 0.0.0.0 port 22.
May 11 17:19:40 4f8438a2804d sshd[1915]: Server listening on :: port 22.
May 11 17:19:40 4f8438a2804d systemd[1]: Started OpenSSH server daemon.
[root@4f8438a2804d /]# lsof -i:22 -P
COMMAND  PID USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
sshd    1915 root    3u  IPv4 1671407      0t0  TCP *:22 (LISTEN)
sshd    1915 root    4u  IPv6 1671409      0t0  TCP *:22 (LISTEN)

ssh1からssh2のrootユーザーへログイン

できた

コード表示

[oracle@centos tadan]$ docker exec -it ssh1 /bin/bash
[root@6a3e6a11fc2e /]# ssh root@ssh2 
The authenticity of host 'ssh2 (192.168.100.102)' can't be established.
ECDSA key fingerprint is SHA256:YLGhVCPZjqdyU07cP241x2pJiuWc6eG25aAbrruLxdg.
ECDSA key fingerprint is MD5:14:c5:03:e2:e4:93:7f:99:b7:4b:3b:c3:df:78:5e:c4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ssh2,192.168.100.102' (ECDSA) to the list of known hosts.
root@ssh2's password: 
[root@4f8438a2804d ~]# whoami
root
[root@4f8438a2804d ~]# id
uid=0(root) gid=0(root) groups=0(root)
[root@4f8438a2804d ~]# ip a show
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
361: eth0@if362:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:66 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.102/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever
[root@4f8438a2804d ~]# logout
Connection to ssh2 closed.

ssh1からssh2のoracleユーザーへログイン

できた

コード表示

[root@6a3e6a11fc2e /]# ssh oracle@192.168.100.102
oracle@192.168.100.102's password: 
Last login: Sat May 11 08:32:54 2019
[oracle@4f8438a2804d ~]$ whoami
oracle
[oracle@4f8438a2804d ~]$ id
uid=1000(oracle) gid=1001(docker) groups=1001(docker)
[oracle@4f8438a2804d ~]$ ip a show
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
361: eth0@if362:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:66 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.102/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever

[oracle@4f8438a2804d ~]$ logout
Connection to 192.168.100.102 closed.
[root@6a3e6a11fc2e /]# exit

ssh2からssh1のrootユーザーへログイン

できた

コード表示

[oracle@centos tadan]$ docker exec -it ssh2 /bin/bash
[root@4f8438a2804d /]# ssh root@ssh1
The authenticity of host 'ssh1 (192.168.100.101)' can't be established.
ECDSA key fingerprint is SHA256:m9E3P8+t6PNN7QQ1QHaq7xn2zdOWJ36pNBfogyP0QEk.
ECDSA key fingerprint is MD5:5a:f2:d3:9d:75:4e:b4:1d:28:3e:d5:9c:9e:4e:48:3b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ssh1,192.168.100.101' (ECDSA) to the list of known hosts.
root@ssh1's password: 
[root@6a3e6a11fc2e ~]# whoami
root
[root@6a3e6a11fc2e ~]# id
uid=0(root) gid=0(root) groups=0(root)
[root@6a3e6a11fc2e ~]# ip a show
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
359: eth0@if360:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:65 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.101/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever
[root@6a3e6a11fc2e ~]# logout
Connection to ssh1 closed.

ssh2からssh1のoracleユーザーへログイン

できた

コード表示

[root@4f8438a2804d /]# ssh oracle@192.168.100.101
oracle@192.168.100.101's password: 
Last login: Sat May 11 08:30:13 2019
[oracle@6a3e6a11fc2e ~]$ whoami
oracle
[oracle@6a3e6a11fc2e ~]$ id
uid=1000(oracle) gid=1001(docker) groups=1001(docker)
[oracle@6a3e6a11fc2e ~]$ ip a show
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
359: eth0@if360:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:c0:a8:64:65 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.100.101/24 brd 192.168.100.255 scope global eth0
       valid_lft forever preferred_lft forever
[oracle@6a3e6a11fc2e ~]$ logout
Connection to 192.168.100.101 closed.
[root@4f8438a2804d /]# exit

あとがき

sshの練習になった。コンテナ名の色とコンテナの名前をおしゃれにしたい。以上、ありがとうございました。

jqコマンドとbashコマンドでjson形式をドット記法へ変換した話

はじめに

json形式をドット記法に変換したいなーと思ってググっていました。qiitaにアップされていた記事をもとに少し加工してドット形式に変換してみようと思います。ことの発端はoracle19cr3にjsonデータ投入したいなーと思ったからです。19cr3からかなりjson力入れているようなので、データ入れて弄りたいなと思ってそのやり方を探っていました。色んな電文形式としてjsonが扱われているようですが、そういったデータをsqlで処理したいがための前処理みたいな位置付けです。なので、深入りはしていません。json形式はなかみはなんとなく知っていたよぐらいの人ですので、もっといいやり方あれば、コメント欲しいです。bashも再入門し始めて、徐々に思い出し始めている最中です。jqコマンドははじめて7日。。難しかったけど、粘りました。。。たぶん役に立つはず!!!

参考文献

jqで階層構造を持つオブジェクトをCSVにマップする  
reduceを極めてデータ・フォーマットを自由自在に変換  
コマンドラインJSONプロセッサー jqの演算子と関数  
JSONにコメントを書いて前処理で消す  
jq: jsonのkey/valueの追加、arrayへ要素追加  

jsonデータ

ポイントはタイプを確認しながら追うことだと思う。

空のjsonをもつjson

コード表示

[oracle@centos ~]$ cat ng2p.json
{
  "Labels": {},
  "Containers": {},
  "Options": {}
}

jsonオブジェクト配列をもつjson

コード表示

[oracle@centos ~]$ cat ng1p.json
{
  "IPAM": {
    "Driver": "default",
    "Options": null,
    "Config": [
      {
        "Subnet": "172.17.0.0/16",
        "Gateway": "172.17.0.1"
      }
    ]
  }
}

関数は2つ。fmt関数とdig関数。

どちらもユーザー定義関数。単体テストできるようにbashスクリプトに1つのfunctionを切り出しました。呼び出した後、整形処理をしています。

コード表示

[oracle@centos ~]$ cat dig.sh
#!/bin/bash 
dig(){
  jq '
  def dig(k):
    . as $in
    |if type=="array" then .[]|dig(.)
    elif type=="object" then
       reduce keys[] as $key 
         ({};
             .
             +{
                ($key):($in[$key]|dig(.))
              }
         )
     else . end;
  dig(.)
  ' "$@"
}
[oracle@centos ~]$ cat fmt.sh
#!/bin/bash
fmt(){                                                                                                                                                                                         
  jq -c '
  def fmt(k):
    k as $kk
    |to_entries
    |if length==0 then [{key:null,value:"dummy"}] else . end
    |.[]
    |{key:($kk+.key),value:.value}
    |.key as $prekey
    |.
    |(select(.value|type!="object"))//(.value|fmt($prekey+"."))
  ;
  fmt("")|[.key]
  ' "$@"
}
[oracle@centos ~]$ cat caller.sh
#!/bin/bash
source ./dig.sh
source ./fmt.sh

fmt <<<$(dig "$@") | sed -E 's/\]|\[|"//g' | sed -e 's/\.$//'

実行例

fmt関数では空jsonをもつケースに備え、dummyでjsonオブジェクトをaddしています。dig関数では配列が来た場合は先にラップを剥し、全てのオブジェクトをjsonオブジェクトに変換しています。そのあとで、fmtでkey:value形式のjsonオブジェクトに変換しています。jqのビルトイン関数でwalk関数がありますが、それと似たような考え方で、与えられたjsonデータを透過的に歩き回り、各要素の内部状態をkey:value形式のjsonオブジェクトに変換していくことで、定義した関数のインターフェース(引数)が単一になり、扱いやすくなるのではと思いました。

コード表示

[oracle@centos ~]$ ./caller.sh ng1p.json
IPAM.Config.Gateway
IPAM.Config.Subnet
IPAM.Driver
IPAM.Options
[oracle@centos ~]$ ./caller.sh ng2p.json
Containers
Labels
Options

透過的に歩き回って内部状態を変える??

dig関数を少しこれの説明用に変えます。dig “$@”を追加しただけ。

コード表示

[oracle@centos ~]$ cat dig.sh
#!/bin/bash 
dig(){
  jq '
  def dig(k):
    . as $in
    |if type=="array" then .[]|dig(.)
    elif type=="object" then
       reduce keys[] as $key 
         ({};
             .
             +{
                ($key):($in[$key]|dig(.))
              }
         )
     else . end;
  dig(.)
  ' "$@"
}
dig "$@"

配列がなくなりました。

コード表示

[oracle@centos ~]$ cat ng1p.json
{
  "IPAM": {
    "Driver": "default",
    "Options": null,
    "Config": [
      {
        "Subnet": "172.17.0.0/16",
        "Gateway": "172.17.0.1"
      }
    ]
  }
}
[oracle@centos ~]$ ./dig.sh ng1p.json
{
  "IPAM": {
    "Config": {
      "Gateway": "172.17.0.1",
      "Subnet": "172.17.0.0/16"
    },
    "Driver": "default",
    "Options": null
  }
}

caller.shとfmt.shを少し変えます。fmt関数の呼び出し後、[.key,.value]を追加しました。

コード表示

[oracle@centos ~]$ cat caller.sh
#!/bin/bash
source ./dig.sh
source ./fmt.sh

fmt <<<$(dig "$@")
[oracle@centos ~]$ cat fmt.sh
#!/bin/bash
fmt(){                                                                                                                                                                                         
  jq -c '
  def fmt(k):
    k as $kk
    |to_entries
    |if length==0 then [{key:null,value:"dummy"}] else . end
    |.[]
    |{key:($kk+.key),value:.value}
    |.key as $prekey
    |.
    |(select(.value|type!="object"))//(.value|fmt($prekey+"."))
  ;
  fmt("")|[.key,.value]
  ' "$@"
}
[oracle@centos ~]$ ./caller.sh ng1p.json
{
  "IPAM": {
    "Config": {
      "Gateway": "172.17.0.1",
      "Subnet": "172.17.0.0/16"
    },
    "Driver": "default",
    "Options": null
  }
}
["IPAM.Config.Gateway","172.17.0.1"]
["IPAM.Config.Subnet","172.17.0.0/16"]
["IPAM.Driver","default"]
["IPAM.Options",null]
[oracle@centos ~]$ ./caller.sh ng2p.json
{
  "Containers": {},
  "Labels": {},
  "Options": {}
}
["Containers.","dummy"]
["Labels.","dummy"]
["Options.","dummy"]

あとがき

もっと複雑なjsonデータにうまく動くかは怪しいですが、様子見です。これで、jsonデータをoracleに投入できそう。以上、ありがとうございました。

機能的には指定回数コマンドを繰り返すだけのスクリプトになってしまった話

参考文献

このサイト楽しいんですけど

Linux: Repeat Command N Times – Bash FOR Loop  

何回もみさせてもらっています。

位置パラメーターの一括展開の違いを知れ!!  

まえがき

機能的には指定回数コマンド繰り返すだけのスクリプトになってしまったけど、”$@”と”$*”違いを意識しながらかけた(つもりになっている)”$@”ではなく”$*”の方が組込変数とか組み込んで展開されるから、今回は”$@”が作りたかった方になる。

ast

コード表示

[root@c10c717ad069 wk]# cat as*
#/bin/bash
usg(){
  clr="${1}"
  shift
  case "${*}" in
    'runerr') fmtclr "${clr}" "$(prt 'syntax err.chk caller cmd.')";exit 1;;
    'argchk') fmtclr "${clr}" "$(prt 'chk args.must 2 args.primary arg is run time.secondary arg is cmd.')";exit 1;;
    'success') fmtclr "${clr}" "$(prt 'successfully done.')";exit 0;;
  esac
}

fmtclr(){
  local clr_nm clr
  [ "${#}" -eq 2 ] || usg 'argchk'
  readonly clr_nm="${1}"
  shift
  case "${clr_nm}" in
    red) clr=31;;
    green) clr=32;;
    yellow) clr=33;;
    cyan) clr=36;;
    white) clr=37;;
    magenta) clr=95;;
    *) clr=30;;
  esac
  printf "\033[${clr}m%b\033[m\n" "${*}"
}

hdl(){
  local clr_nm typ cmd
  [ "${#}" -eq 2 ] || usg 'argchk'
  clr="${1}"
  shift
  readonly typ="${*}"
  case "${typ}" in
    runerr) choice_clr="${clr}";;
    argchk) choice_clr="${clr}";;
    success) choice_clr="${clr}";;
    *) :;;
  esac
  cmd="usg"
  ${cmd} "${choice_clr}" "${typ}"
}

prt(){
  local msg
  [ "${#}" -eq 1 ] || usg 'argchk'
  readonly msg="$1"
  echo "-----${msg}-----"
}

run(){
  cxt "${*}"
  local rpt cmd
  echo $(fmtclr 'magenta' "_____args:${#}_____")
  [ "${#}" -eq 2 ] || hdl 'yellow' 'argchk'
  rpt="${1}"
  echo $(fmtclr 'magenta' "_____rpt:${rpt}_____")
  shift
  cmd="${*}"
  echo $(fmtclr 'magenta' "_____cmd:${cmd}_____")
  for i in $(seq "${rpt}");do
    bash -c "${cmd}"
    [ "${?}" -eq 0 ] || hdl 'red' 'runerr'
  done
  [ "${?}" -ne 0 ] || hdl 'green' 'success'
}

cxt(){
  slf=$0
  echo $(fmtclr 'white' "-----${slf#*/}-----")
  echo $(fmtclr 'white' "_____args:${#}_____")
  echo $(fmtclr 'white' "_____args..is:[${*}]_____")
}

run "${*}"

atm

コード表示

[root@c10c717ad069 wk]# cat at*
#/bin/bash
usg(){
  clr="${1}"
  shift
  case "${*}" in
    'runerr') fmtclr "${clr}" "$(prt 'syntax err.chk caller cmd.')";exit 1;;
    'argchk') fmtclr "${clr}" "$(prt 'chk args.must 2 args.primary arg is run time.secondary arg is cmd.')";exit 1;;
    'success') fmtclr "${clr}" "$(prt 'successfully done.')";exit 0;;
  esac
}

fmtclr(){
  local clr_nm clr
  [ "${#}" -eq 2 ] || usg 'argchk'
  readonly clr_nm="${1}"
  shift
  case "${clr_nm}" in
    red) clr=31;;
    green) clr=32;;
    yellow) clr=33;;
    cyan) clr=36;;
    white) clr=37;;
    magenta) clr=95;;
    *) clr=30;;
  esac
  printf "\033[${clr}m%b\033[m\n" "${*}"
}

hdl(){
  local clr_nm typ cmd
  [ "${#}" -eq 2 ] || usg 'argchk'
  clr="${1}"
  shift
  readonly typ="${*}"
  case "${typ}" in
    runerr) choice_clr="${clr}";;
    argchk) choice_clr="${clr}";;
    success) choice_clr="${clr}";;
    *) :;;
  esac
  cmd="usg"
  ${cmd} "${choice_clr}" "${typ}"
}

prt(){
  local msg
  [ "${#}" -eq 1 ] || usg 'argchk'
  readonly msg="$1"
  echo "-----${msg}-----"
}

run(){
  cxt "${@}"
  local rpt cmd
  echo $(fmtclr 'magenta' "_____args:${#}_____")
  [ "${#}" -eq 2 ] || hdl 'yellow' 'argchk'
  rpt="${1}"
  echo $(fmtclr 'magenta' "_____rpt:${rpt}_____")
  shift
  cmd="${*}"
  echo $(fmtclr 'magenta' "_____cmd:${cmd}_____")
  for i in $(seq "${rpt}");do
    bash -c "${cmd}"
    [ "${?}" -eq 0 ] || hdl 'red' 'runerr'
  done
  [ "${?}" -ne 0 ] || hdl 'green' 'success'
}

cxt(){
  slf=$0
  echo $(fmtclr 'white' "-----${slf#*/}-----")
  echo $(fmtclr 'white' "_____args:${#}_____")
  echo $(fmtclr 'white' "_____args..is:[${@}]_____")
}

run "${@}"

実行例

コード表示

[root@c10c717ad069 wk]# time { for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[] \"3\" \"echo hoge\"; "; }
-----ast.sh-----
_____args:1_____
_____args..is:[3 echo hoge]_____
_____args:1_____
-----chk args.must 2 args.primary arg is run time.secondary arg is cmd.-----
-----atm.sh-----
_____args:2_____
_____args..is:[3 echo hoge]_____
_____args:2_____
_____rpt:3_____
_____cmd:echo hoge_____
hoge
hoge
hoge
-----successfully done.-----

real	0m10.016s
user	0m0.011s
sys	0m0.006s

diff

diffだよ

コード表示

[root@c10c717ad069 wk]# diff as* at*
53c53
<   cxt "${*}"
---
>   cxt "${@}"
73c73
<   echo $(fmtclr 'white' "_____args..is:[${*}]_____")
---
>   echo $(fmtclr 'white' "_____args..is:[${@}]_____")
76c76
< run "${*}"
---
> run "${@}"
[root@c10c717ad069 wk]# diff -y as* at* | nl

エラーのハンドリングむずかしいシェル

こういいうの実行すると、よろしくない動きするから、まだまだ構文解析的な予測の仕方が足りないことがわかる。コンパイラ作る人すげ。思ったけど、ASCII文字から覚えっていった方が、別の視点でプログラム書けるようになるかも、やってみよ。エスケープの癖を上手く回避できるようになるかも、最小限で。個人的にはメッセージの関数は可変長引数にしたかったけど、いったんここまで。テストケース↓。

コード表示

[root@c10c717ad069 wk]# for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[] \"3\" \"echo hoge\"; "
[root@c10c717ad069 wk]# for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[] \"3\" \"eco hoge\"; "
[root@c10c717ad069 wk]# for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[] \"3\" \"\"; "
[root@c10c717ad069 wk]# for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[] \"3\" \"; "
[root@c10c717ad069 wk]# for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[] \"3\" "
[root@c10c717ad069 wk]# for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[] \"\" \"\"; "
[root@c10c717ad069 wk]# for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[]; "
[root@c10c717ad069 wk]# for i in *;do echo $i; done | xargs -I[] bash -c "sleep 5;./[] \"3\" \"echo hoge\"; "

peeコマンドをinstallしたかった話

参考文献

丁寧だよなー。

今さらですがyum(^^;)

ローカルマシンに登録しているレポジトリを確認

コード表示

[root@61eff46d2318 mnt]# yum repolist
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
repo id                                                                                              repo name                                                                                               status
base/7/x86_64                                                                                        CentOS-7 - Base                                                                                         10019
extras/7/x86_64                                                                                      CentOS-7 - Extras                                                                                         387
updates/7/x86_64                                                                                     CentOS-7 - Updates                                                                                       1840
repolist: 12246

コマンドがどのレポジトリのパッケージに含まれているか確認

コード表示

[root@61eff46d2318 mnt]# yum provides cp
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
coreutils-8.22-23.el7.x86_64 : A set of basic GNU tools commonly used in shell scripts
Repo        : base
Matched from:
Filename    : /bin/cp



coreutils-8.22-23.el7.x86_64 : A set of basic GNU tools commonly used in shell scripts
Repo        : base
Matched from:
Filename    : /usr/bin/cp



coreutils-8.22-23.el7.x86_64 : A set of basic GNU tools commonly used in shell scripts
Repo        : @CentOS
Matched from:
Filename    : /bin/cp



coreutils-8.22-23.el7.x86_64 : A set of basic GNU tools commonly used in shell scripts
Repo        : @CentOS
Matched from:
Filename    : /usr/bin/cp

コマンドの所在を確認

コード表示

[root@61eff46d2318 mnt]# which cp
alias cp='cp -i'
	/usr/bin/cp
[root@61eff46d2318 mnt]# rpm -qf $(which cp)
rpm: -i': unknown option
[root@61eff46d2318 mnt]# rpm -qf $(which cp | tail -n 1)
coreutils-8.22-23.el7.x86_64

peeコマンドは登録しているレポジトリにない

コード表示

[root@61eff46d2318 mnt]# yum provides pee
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
base/7/x86_64/filelists_db                                                                                                                                                                  | 7.1 MB  00:00:03     
extras/7/x86_64/filelists_db                                                                                                                                                                | 236 kB  00:00:00     
updates/7/x86_64/filelists_db                                                                                                                                                               | 3.4 MB  00:00:01     
No matches found

peeコマンドは登録しているレポジトリにないので、該当するパッケージもあるわけなく。。

コード表示

[root@61eff46d2318 mnt]# rpm -qf $(which pee)
/usr/bin/which: no pee in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
rpm: no arguments given for query

peeコマンドを含むパッケージが管理されているレポジトリを探す旅に出る。

でた

ローカルに登録されているレポジトリを確認

コード表示

[root@61eff46d2318 mnt]# cd /etc/yum.repos.d
[root@61eff46d2318 yum.repos.d]# ll
total 32
-rw-r--r--. 1 root root 1664 Nov 23 22:16 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Nov 23 22:16 CentOS-CR.repo
-rw-r--r--. 1 root root  649 Nov 23 22:16 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root  630 Nov 23 22:16 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 Nov 23 22:16 CentOS-Sources.repo
-rw-r--r--. 1 root root 5701 Nov 23 22:16 CentOS-Vault.repo
-rw-r--r--. 1 root root  314 Nov 23 22:16 CentOS-fasttrack.repo
らいい

enablerepo=*のオプションで全レポジトリに大して当該のコマンドの提供元をぎゃくびきする。

CentOS-Media.repoのせいでfailする

コード表示

[root@61eff46d2318 yum.repos.d]# yum --enablerepo=* provides pee
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * c7-media: 
 * centosplus: ty1.mirror.newmediaexpress.com
 * extras: ty1.mirror.newmediaexpress.com
 * fasttrack: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
C7.0.1406-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.0.1406-centosplus                                                                                                                                                                        | 2.9 kB  00:00:00     
C7.0.1406-extras                                                                                                                                                                            | 2.9 kB  00:00:00     
C7.0.1406-fasttrack                                                                                                                                                                         | 2.9 kB  00:00:00     
C7.0.1406-updates                                                                                                                                                                           | 2.9 kB  00:00:00     
C7.1.1503-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.1.1503-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.1.1503-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.1.1503-fasttrack                                                                                                                                                                         | 3.4 kB  00:00:00     
C7.1.1503-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
C7.2.1511-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.2.1511-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.2.1511-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.2.1511-fasttrack                                                                                                                                                                         | 3.3 kB  00:00:00     
C7.2.1511-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
C7.3.1611-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.3.1611-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.3.1611-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.3.1611-fasttrack                                                                                                                                                                         | 3.3 kB  00:00:00     
C7.3.1611-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
C7.4.1708-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.4.1708-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.4.1708-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.4.1708-fasttrack                                                                                                                                                                         | 3.3 kB  00:00:00     
C7.4.1708-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
C7.5.1804-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.5.1804-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.5.1804-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.5.1804-fasttrack                                                                                                                                                                         | 3.3 kB  00:00:00     
C7.5.1804-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
base-debuginfo                                                                                                                                                                              | 2.5 kB  00:00:00     
base-source                                                                                                                                                                                 | 2.9 kB  00:00:00     
file:///media/CentOS/repodata/repomd.xml: [Errno 14] curl#37 - "Couldn't open file /media/CentOS/repodata/repomd.xml"
Trying other mirror.
file:///media/cdrecorder/repodata/repomd.xml: [Errno 14] curl#37 - "Couldn't open file /media/cdrecorder/repodata/repomd.xml"
Trying other mirror.
file:///media/cdrom/repodata/repomd.xml: [Errno 14] curl#37 - "Couldn't open file /media/cdrom/repodata/repomd.xml"
Trying other mirror.


 One of the configured repositories failed (CentOS-7 - Media),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=c7-media ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable c7-media
        or
            subscription-manager repos --disable=c7-media

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=c7-media.skip_if_unavailable=true

failure: repodata/repomd.xml from c7-media: [Errno 256] No more mirrors to try.
file:///media/CentOS/repodata/repomd.xml: [Errno 14] curl#37 - "Couldn't open file /media/CentOS/repodata/repomd.xml"
file:///media/cdrecorder/repodata/repomd.xml: [Errno 14] curl#37 - "Couldn't open file /media/cdrecorder/repodata/repomd.xml"
file:///media/cdrom/repodata/repomd.xml: [Errno 14] curl#37 - "Couldn't open file /media/cdrom/repodata/repomd.xml"

CentOS-Media.repoを削除する

コード表示

[root@61eff46d2318 yum.repos.d]# pwd
/etc/yum.repos.d
[root@61eff46d2318 yum.repos.d]# ll
total 32
-rw-r--r--. 1 root root 1664 Nov 23 22:16 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Nov 23 22:16 CentOS-CR.repo
-rw-r--r--. 1 root root  649 Nov 23 22:16 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root  630 Nov 23 22:16 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 Nov 23 22:16 CentOS-Sources.repo
-rw-r--r--. 1 root root 5701 Nov 23 22:16 CentOS-Vault.repo
-rw-r--r--. 1 root root  314 Nov 23 22:16 CentOS-fasttrack.repo
[root@61eff46d2318 yum.repos.d]# rm CentOS-Media.repo
rm: remove regular file 'CentOS-Media.repo'? y
[root@61eff46d2318 yum.repos.d]# ll
total 28
-rw-r--r--. 1 root root 1664 Nov 23 22:16 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Nov 23 22:16 CentOS-CR.repo
-rw-r--r--. 1 root root  649 Nov 23 22:16 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 1331 Nov 23 22:16 CentOS-Sources.repo
-rw-r--r--. 1 root root 5701 Nov 23 22:16 CentOS-Vault.repo
-rw-r--r--. 1 root root  314 Nov 23 22:16 CentOS-fasttrack.repo

enablerepo=*のオプションで全レポジトリに大して当該のコマンドの提供元をぎゃくびきする。

コード表示

[root@61eff46d2318 yum.repos.d]# yum --enablerepo=* provides pee
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * centosplus: ty1.mirror.newmediaexpress.com
 * extras: ty1.mirror.newmediaexpress.com
 * fasttrack: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
C7.0.1406-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.0.1406-centosplus                                                                                                                                                                        | 2.9 kB  00:00:00     
C7.0.1406-extras                                                                                                                                                                            | 2.9 kB  00:00:00     
C7.0.1406-fasttrack                                                                                                                                                                         | 2.9 kB  00:00:00     
C7.0.1406-updates                                                                                                                                                                           | 2.9 kB  00:00:00     
C7.1.1503-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.1.1503-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.1.1503-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.1.1503-fasttrack                                                                                                                                                                         | 3.4 kB  00:00:00     
C7.1.1503-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
C7.2.1511-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.2.1511-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.2.1511-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.2.1511-fasttrack                                                                                                                                                                         | 3.3 kB  00:00:00     
C7.2.1511-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
C7.3.1611-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.3.1611-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.3.1611-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.3.1611-fasttrack                                                                                                                                                                         | 3.3 kB  00:00:00     
C7.3.1611-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
C7.4.1708-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.4.1708-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.4.1708-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.4.1708-fasttrack                                                                                                                                                                         | 3.3 kB  00:00:00     
C7.4.1708-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
C7.5.1804-base                                                                                                                                                                              | 3.6 kB  00:00:00     
C7.5.1804-centosplus                                                                                                                                                                        | 3.4 kB  00:00:00     
C7.5.1804-extras                                                                                                                                                                            | 3.4 kB  00:00:00     
C7.5.1804-fasttrack                                                                                                                                                                         | 3.3 kB  00:00:00     
C7.5.1804-updates                                                                                                                                                                           | 3.4 kB  00:00:00     
base                                                                                                                                                                                        | 3.6 kB  00:00:00     
base-debuginfo                                                                                                                                                                              | 2.5 kB  00:00:00     
base-source                                                                                                                                                                                 | 2.9 kB  00:00:00     
centosplus                                                                                                                                                                                  | 3.4 kB  00:00:00     
centosplus-source                                                                                                                                                                           | 2.9 kB  00:00:00     
cr                                                                                                                                                                                          | 3.3 kB  00:00:00     
extras                                                                                                                                                                                      | 3.4 kB  00:00:00     
extras-source                                                                                                                                                                               | 2.9 kB  00:00:00     
fasttrack                                                                                                                                                                                   | 3.4 kB  00:00:00     
updates                                                                                                                                                                                     | 3.4 kB  00:00:00     
updates-source                                                                                                                                                                              | 2.9 kB  00:00:00     
(1/44): C7.0.1406-extras/x86_64/primary_db                                                                                                                                                  |  43 kB  00:00:00     
(2/44): C7.0.1406-fasttrack/x86_64/primary_db                                                                                                                                               | 124 kB  00:00:00     
(3/44): C7.0.1406-base/x86_64/group_gz                                                                                                                                                      | 157 kB  00:00:00     
(4/44): C7.1.1503-base/x86_64/group_gz                                                                                                                                                      | 154 kB  00:00:00     
(5/44): C7.0.1406-centosplus/x86_64/primary_db                                                                                                                                              | 3.5 MB  00:00:03     
(6/44): C7.1.1503-extras/x86_64/primary_db                                                                                                                                                  | 120 kB  00:00:00     
(7/44): C7.1.1503-fasttrack/x86_64/primary_db                                                                                                                                               |  71 kB  00:00:00     
(8/44): C7.1.1503-centosplus/x86_64/primary_db                                                                                                                                              | 2.2 MB  00:00:03     
(9/44): C7.0.1406-base/x86_64/primary_db                                                                                                                                                    | 4.9 MB  00:00:04     
(10/44): C7.2.1511-base/x86_64/group_gz                                                                                                                                                     | 155 kB  00:00:00     
(11/44): C7.1.1503-base/x86_64/primary_db                                                                                                                                                   | 5.1 MB  00:00:12     
(12/44): C7.2.1511-extras/x86_64/primary_db                                                                                                                                                 | 166 kB  00:00:01     
(13/44): C7.2.1511-fasttrack/x86_64/primary_db                                                                                                                                              | 1.2 kB  00:00:00     
(14/44): C7.2.1511-centosplus/x86_64/primary_db                                                                                                                                             | 4.1 MB  00:00:19     
(15/44): C7.3.1611-base/x86_64/group_gz                                                                                                                                                     | 155 kB  00:00:00     
(16/44): C7.1.1503-updates/x86_64/primary_db                                                                                                                                                | 4.7 MB  00:00:23     
(17/44): C7.2.1511-base/x86_64/primary_db                                                                                                                                                   | 5.3 MB  00:00:22     
(18/44): C7.3.1611-extras/x86_64/primary_db                                                                                                                                                 | 191 kB  00:00:01     
(19/44): C7.3.1611-fasttrack/x86_64/primary_db                                                                                                                                              | 1.2 kB  00:00:00     
(20/44): C7.0.1406-updates/x86_64/primary_db                                                                                                                                                | 7.2 MB  00:00:29     
(21/44): C7.4.1708-base/x86_64/group_gz                                                                                                                                                     | 156 kB  00:00:00     
(22/44): C7.3.1611-centosplus/x86_64/primary_db                                                                                                                                             | 3.2 MB  00:00:11     
(23/44): C7.2.1511-updates/x86_64/primary_db                                                                                                                                                | 9.1 MB  00:00:26     
(24/44): C7.4.1708-extras/x86_64/primary_db                                                                                                                                                 | 185 kB  00:00:00     
(25/44): C7.4.1708-fasttrack/x86_64/primary_db                                                                                                                                              | 1.2 kB  00:00:00     
(26/44): C7.3.1611-base/x86_64/primary_db                                                                                                                                                   | 5.6 MB  00:00:18     
(27/44): C7.5.1804-base/x86_64/group_gz                                                                                                                                                     | 166 kB  00:00:00     
(28/44): C7.4.1708-base/x86_64/primary_db                                                                                                                                                   | 5.7 MB  00:00:23     
(29/44): C7.4.1708-centosplus/x86_64/primary_db                                                                                                                                             | 3.1 MB  00:00:17     
(30/44): C7.3.1611-updates/x86_64/primary_db                                                                                                                                                | 7.8 MB  00:00:27     
(31/44): C7.5.1804-fasttrack/x86_64/primary_db                                                                                                                                              | 1.1 kB  00:00:00     
(32/44): C7.5.1804-extras/x86_64/primary_db                                                                                                                                                 | 205 kB  00:00:00     
(33/44): base-debuginfo/x86_64/primary_db                                                                                                                                                   | 2.5 MB  00:00:03     
(34/44): base-source/7/primary_db                                                                                                                                                           | 966 kB  00:00:03     
(35/44): C7.5.1804-centosplus/x86_64/primary_db                                                                                                                                             | 3.3 MB  00:00:10     
(36/44): centosplus-source/7/primary_db                                                                                                                                                     | 5.9 kB  00:00:00     
(37/44): centosplus/7/x86_64/primary_db                                                                                                                                                     | 2.0 MB  00:00:00     
(38/44): extras-source/7/primary_db                                                                                                                                                         |  25 kB  00:00:00     
(39/44): fasttrack/7/x86_64/primary_db                                                                                                                                                      |  76 kB  00:00:00     
(40/44): cr/7/x86_64/primary_db                                                                                                                                                             | 1.1 kB  00:00:00     
(41/44): updates-source/7/primary_db                                                                                                                                                        | 113 kB  00:00:00     
(42/44): C7.5.1804-updates/x86_64/primary_db                                                                                                                                                | 6.0 MB  00:00:14     
(43/44): C7.5.1804-base/x86_64/primary_db                                                                                                                                                   | 5.9 MB  00:00:32     
(44/44): C7.4.1708-updates/x86_64/primary_db                                                                                                                                                | 6.9 MB  00:00:39     
C7.0.1406-base/x86_64/filelists_db                                                                                                                                                          | 5.8 MB  00:00:37     
C7.0.1406-centosplus/x86_64/filelists_db                                                                                                                                                    | 2.2 MB  00:00:17     
C7.0.1406-extras/x86_64/filelists_db                                                                                                                                                        | 121 kB  00:00:00     
C7.0.1406-fasttrack/x86_64/filelists_db                                                                                                                                                     |  93 kB  00:00:00     
C7.0.1406-updates/x86_64/filelists_db                                                                                                                                                       | 5.3 MB  00:00:19     
C7.1.1503-base/x86_64/filelists_db                                                                                                                                                          | 6.0 MB  00:00:20     
C7.1.1503-centosplus/x86_64/filelists_db                                                                                                                                                    | 1.1 MB  00:00:06     
C7.1.1503-extras/x86_64/filelists_db                                                                                                                                                        | 392 kB  00:00:02     
C7.1.1503-fasttrack/x86_64/filelists_db                                                                                                                                                     |  76 kB  00:00:00     
C7.1.1503-updates/x86_64/filelists_db                                                                                                                                                       | 3.0 MB  00:00:15     
C7.2.1511-base/x86_64/filelists_db                                                                                                                                                          | 6.2 MB  00:00:34     
C7.2.1511-centosplus/x86_64/filelists_db                                                                                                                                                    | 2.0 MB  00:00:10     
C7.2.1511-extras/x86_64/filelists_db                                                                                                                                                        | 468 kB  00:00:02     
C7.2.1511-fasttrack/x86_64/filelists_db                                                                                                                                                     |  586 B  00:00:00     
C7.2.1511-updates/x86_64/filelists_db                                                                                                                                                       | 5.3 MB  00:00:23     
C7.3.1611-base/x86_64/filelists_db                                                                                                                                                          | 6.6 MB  00:00:30     
C7.3.1611-centosplus/x86_64/filelists_db                                                                                                                                                    | 1.5 MB  00:00:06     
C7.3.1611-extras/x86_64/filelists_db                                                                                                                                                        | 1.1 MB  00:00:06     
C7.3.1611-fasttrack/x86_64/filelists_db                                                                                                                                                     |  586 B  00:00:00     
C7.3.1611-updates/x86_64/filelists_db                                                                                                                                                       | 4.4 MB  00:00:27     
C7.4.1708-base/x86_64/filelists_db                                                                                                                                                          | 6.7 MB  00:00:36     
C7.4.1708-centosplus/x86_64/filelists_db                                                                                                                                                    | 1.4 MB  00:00:06     
C7.4.1708-extras/x86_64/filelists_db                                                                                                                                                        | 709 kB  00:00:02     
C7.4.1708-fasttrack/x86_64/filelists_db                                                                                                                                                     |  586 B  00:00:00     
C7.4.1708-updates/x86_64/filelists_db                                                                                                                                                       | 4.2 MB  00:00:26     
C7.5.1804-base/x86_64/filelists_db                                                                                                                                                          | 6.9 MB  00:01:02     
C7.5.1804-centosplus/x86_64/filelists_db                                                                                                                                                    | 1.5 MB  00:00:11     
C7.5.1804-extras/x86_64/filelists_db                                                                                                                                                        | 603 kB  00:00:02     
C7.5.1804-fasttrack/x86_64/filelists_db                                                                                                                                                     |  586 B  00:00:00     
C7.5.1804-updates/x86_64/filelists_db                                                                                                                                                       | 3.4 MB  00:00:18     
base-debuginfo/x86_64/filelists_db                                                                                                                                                          |  66 MB  00:05:35     
centosplus/7/x86_64/filelists_db                                                                                                                                                            | 926 kB  00:00:00     
cr/7/x86_64/filelists_db                                                                                                                                                                    |  586 B  00:00:00     
fasttrack/7/x86_64/filelists_db                                                                                                                                                             |  39 kB  00:00:00     
No matches found

見つからなかったので、epelレポ登録する。結局。

調査力がすごい。すごすぎ。どんな検索の仕方したんだろ。

EPELリポジトリの簡単な追加方法
コード表示

[root@61eff46d2318 yum.repos.d]# yum --disablerepo=* --enablerepo=extra* --showduplicates list epel*
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * extras: ty1.mirror.newmediaexpress.com
Available Packages
epel-release.noarch                                                                                           7-11                                                                                           extras

epelいんすこ

コード表示

[root@61eff46d2318 yum.repos.d]# ll
total 28
-rw-r--r--. 1 root root 1664 Nov 23 22:16 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Nov 23 22:16 CentOS-CR.repo
-rw-r--r--. 1 root root  649 Nov 23 22:16 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 1331 Nov 23 22:16 CentOS-Sources.repo
-rw-r--r--. 1 root root 5701 Nov 23 22:16 CentOS-Vault.repo
-rw-r--r--. 1 root root  314 Nov 23 22:16 CentOS-fasttrack.repo
[root@61eff46d2318 yum.repos.d]# yum install -y epel-release
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-11 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================================================
 Package                                                 Arch                                              Version                                         Repository                                         Size
===================================================================================================================================================================================================================
Installing:
 epel-release                                            noarch                                            7-11                                            extras                                             15 k

Transaction Summary
===================================================================================================================================================================================================================
Install  1 Package

Total download size: 15 k
Installed size: 24 k
Downloading packages:
epel-release-7-11.noarch.rpm                                                                                                                                                                |  15 kB  00:00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : epel-release-7-11.noarch                                                                                                                                                                        1/1 
  Verifying  : epel-release-7-11.noarch                                                                                                                                                                        1/1 

Installed:
  epel-release.noarch 0:7-11                                                                                                                                                                                       

Complete!
[root@61eff46d2318 yum.repos.d]# ll
total 36
-rw-r--r--. 1 root root 1664 Nov 23 22:16 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Nov 23 22:16 CentOS-CR.repo
-rw-r--r--. 1 root root  649 Nov 23 22:16 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 1331 Nov 23 22:16 CentOS-Sources.repo
-rw-r--r--. 1 root root 5701 Nov 23 22:16 CentOS-Vault.repo
-rw-r--r--. 1 root root  314 Nov 23 22:16 CentOS-fasttrack.repo
-rw-r--r--. 1 root root 1050 Oct  3  2017 epel-testing.repo
-rw-r--r--. 1 root root  951 Oct  3  2017 epel.repo
[root@61eff46d2318 yum.repos.d]# yum repolist
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * epel: ftp.riken.jp
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
repo id                                                                                repo name                                                                                                             status
base/7/x86_64                                                                          CentOS-7 - Base                                                                                                       10019
epel/x86_64                                                                            Extra Packages for Enterprise Linux 7 - x86_64                                                                        13125
extras/7/x86_64                                                                        CentOS-7 - Extras                                                                                                       387
updates/7/x86_64                                                                       CentOS-7 - Updates                                                                                                     1840
repolist: 25371

peeは何処

コード表示

[root@61eff46d2318 yum.repos.d]# yum provides pee
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * epel: ftp.riken.jp
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
moreutils-0.49-2.el7.x86_64 : Additional unix utilities
Repo        : epel
Matched from:
Filename    : /usr/bin/pee

[root@61eff46d2318 yum.repos.d]# which pee
/usr/bin/which: no pee in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
[root@61eff46d2318 yum.repos.d]# rpm -qf $(which pee)
/usr/bin/which: no pee in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
rpm: no arguments given for query



moreutils-0.49-2.el7.x86_64いんすこ

コード表示

[root@61eff46d2318 yum.repos.d]# yum install -y moreutils-0.49-2.el7.x86_64
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * epel: ftp.riken.jp
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
Resolving Dependencies
--> Running transaction check
---> Package moreutils.x86_64 0:0.49-2.el7 will be installed
--> Processing Dependency: perl(IPC::Run) for package: moreutils-0.49-2.el7.x86_64
--> Processing Dependency: perl-Time-Duration for package: moreutils-0.49-2.el7.x86_64
--> Processing Dependency: perl-TimeDate for package: moreutils-0.49-2.el7.x86_64
--> Running transaction check
---> Package perl-IPC-Run.noarch 0:0.92-2.el7 will be installed
--> Processing Dependency: perl(IO::Pty) >= 1.08 for package: perl-IPC-Run-0.92-2.el7.noarch
---> Package perl-Time-Duration.noarch 0:1.06-17.el7 will be installed
---> Package perl-TimeDate.noarch 1:2.30-2.el7 will be installed
--> Running transaction check
---> Package perl-IO-Tty.x86_64 0:1.10-11.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================================================
 Package                                                    Arch                                           Version                                              Repository                                    Size
===================================================================================================================================================================================================================
Installing:
 moreutils                                                  x86_64                                         0.49-2.el7                                           epel                                          76 k
Installing for dependencies:
 perl-IO-Tty                                                x86_64                                         1.10-11.el7                                          base                                          42 k
 perl-IPC-Run                                               noarch                                         0.92-2.el7                                           base                                         122 k
 perl-Time-Duration                                         noarch                                         1.06-17.el7                                          epel                                          17 k
 perl-TimeDate                                              noarch                                         1:2.30-2.el7                                         base                                          52 k

Transaction Summary
===================================================================================================================================================================================================================
Install  1 Package (+4 Dependent packages)

Total download size: 308 k
Installed size: 674 k
Downloading packages:
(1/5): perl-IO-Tty-1.10-11.el7.x86_64.rpm                                                                                                                                                   |  42 kB  00:00:00     
warning: /var/cache/yum/x86_64/7/epel/packages/moreutils-0.49-2.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY
Public key for moreutils-0.49-2.el7.x86_64.rpm is not installed
(2/5): moreutils-0.49-2.el7.x86_64.rpm                                                                                                                                                      |  76 kB  00:00:00     
(3/5): perl-IPC-Run-0.92-2.el7.noarch.rpm                                                                                                                                                   | 122 kB  00:00:00     
(4/5): perl-Time-Duration-1.06-17.el7.noarch.rpm                                                                                                                                            |  17 kB  00:00:00     
(5/5): perl-TimeDate-2.30-2.el7.noarch.rpm                                                                                                                                                  |  52 kB  00:00:00     
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                              505 kB/s | 308 kB  00:00:00     
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Importing GPG key 0x352C64E5:
 Userid     : "Fedora EPEL (7) "
 Fingerprint: 91e9 7d7c 4a5e 96f1 7f3e 888f 6a2f aea2 352c 64e5
 Package    : epel-release-7-11.noarch (@extras)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 1:perl-TimeDate-2.30-2.el7.noarch                                                                                                                                                               1/5 
  Installing : perl-Time-Duration-1.06-17.el7.noarch                                                                                                                                                           2/5 
  Installing : perl-IO-Tty-1.10-11.el7.x86_64                                                                                                                                                                  3/5 
  Installing : perl-IPC-Run-0.92-2.el7.noarch                                                                                                                                                                  4/5 
  Installing : moreutils-0.49-2.el7.x86_64                                                                                                                                                                     5/5 
  Verifying  : perl-IPC-Run-0.92-2.el7.noarch                                                                                                                                                                  1/5 
  Verifying  : moreutils-0.49-2.el7.x86_64                                                                                                                                                                     2/5 
  Verifying  : perl-IO-Tty-1.10-11.el7.x86_64                                                                                                                                                                  3/5 
  Verifying  : perl-Time-Duration-1.06-17.el7.noarch                                                                                                                                                           4/5 
  Verifying  : 1:perl-TimeDate-2.30-2.el7.noarch                                                                                                                                                               5/5 

Installed:
  moreutils.x86_64 0:0.49-2.el7                                                                                                                                                                                    

Dependency Installed:
  perl-IO-Tty.x86_64 0:1.10-11.el7                  perl-IPC-Run.noarch 0:0.92-2.el7                  perl-Time-Duration.noarch 0:1.06-17.el7                  perl-TimeDate.noarch 1:2.30-2.el7                 

Complete!

peeみつけた

コード表示

[root@61eff46d2318 yum.repos.d]# which pee
/usr/bin/pee
[root@61eff46d2318 yum.repos.d]# rpm -qf $(which pee)
moreutils-0.49-2.el7.x86_64

man peeはみれない

dockerhostのほうはみれるからな。ここらへんはおいおいりかいしていけたらいいかな

コード表示


[root@61eff46d2318 yum.repos.d]# rpm -qf $(which man)
man-db-2.6.3-11.el7.x86_64
[root@61eff46d2318 yum.repos.d]# man bash
[root@61eff46d2318 yum.repos.d]# 
[root@61eff46d2318 yum.repos.d]# man pee
No manual entry for pee
[root@61eff46d2318 yum.repos.d]# rpm -qf $(which pee)
moreutils-0.49-2.el7.x86_64
[root@61eff46d2318 yum.repos.d]# yum reinstall -y moreutils-0.49-2.el7.x86_64
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * epel: ftp.riken.jp
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
Resolving Dependencies
--> Running transaction check
---> Package moreutils.x86_64 0:0.49-2.el7 will be reinstalled
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================================================
 Package                                             Arch                                             Version                                                 Repository                                      Size
===================================================================================================================================================================================================================
Reinstalling:
 moreutils                                           x86_64                                           0.49-2.el7                                              epel                                            76 k

Transaction Summary
===================================================================================================================================================================================================================
Reinstall  1 Package

Total download size: 76 k
Installed size: 152 k
Downloading packages:
moreutils-0.49-2.el7.x86_64.rpm                                                                                                                                                             |  76 kB  00:00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : moreutils-0.49-2.el7.x86_64                                                                                                                                                                     1/1 
  Verifying  : moreutils-0.49-2.el7.x86_64                                                                                                                                                                     1/1 

Installed:
  moreutils.x86_64 0:0.49-2.el7                                                                                                                                                                                    

Complete!
[root@61eff46d2318 yum.repos.d]# man pee
No manual entry for pee
[root@61eff46d2318 yum.repos.d]# yum reinstall -y man-pages
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * epel: ftp.riken.jp
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
Resolving Dependencies
--> Running transaction check
---> Package man-pages.noarch 0:3.53-5.el7 will be reinstalled
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================================================
 Package                                             Arch                                             Version                                                 Repository                                      Size
===================================================================================================================================================================================================================
Reinstalling:
 man-pages                                           noarch                                           3.53-5.el7                                              base                                           5.0 M

Transaction Summary
===================================================================================================================================================================================================================
Reinstall  1 Package

Total download size: 5.0 M
Installed size: 4.6 M
Downloading packages:
man-pages-3.53-5.el7.noarch.rpm                                                                                                                                                             | 5.0 MB  00:00:02     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : man-pages-3.53-5.el7.noarch                                                                                                                                                                     1/1 
  Verifying  : man-pages-3.53-5.el7.noarch                                                                                                                                                                     1/1 

Installed:
  man-pages.noarch 0:3.53-5.el7                                                                                                                                                                                    

Complete!
[root@61eff46d2318 yum.repos.d]# man pee
No manual entry for pee

man peeはみれない

いれたレポからとればいいんじゃね。とかおもったけどみれなかった。dockerホストと同じパッケージみてるんだけどな。

コード表示

[root@61eff46d2318 yum.repos.d]# yum install -y man-pages-de.noarch
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
 * base: ty1.mirror.newmediaexpress.com
 * epel: ftp.riken.jp
 * extras: ty1.mirror.newmediaexpress.com
 * updates: ty1.mirror.newmediaexpress.com
Resolving Dependencies
--> Running transaction check
---> Package man-pages-de.noarch 0:1.8-4.g7c4902d.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================================================
 Package                                              Arch                                           Version                                                    Repository                                    Size
===================================================================================================================================================================================================================
Installing:
 man-pages-de                                         noarch                                         1.8-4.g7c4902d.el7                                         epel                                         1.5 M

Transaction Summary
===================================================================================================================================================================================================================
Install  1 Package

Total download size: 1.5 M
Installed size: 1.4 M
Downloading packages:
man-pages-de-1.8-4.g7c4902d.el7.noarch.rpm                                                                                                                                                  | 1.5 MB  00:00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : man-pages-de-1.8-4.g7c4902d.el7.noarch                                                                                                                                                          1/1 
  Verifying  : man-pages-de-1.8-4.g7c4902d.el7.noarch                                                                                                                                                          1/1 

Installed:
  man-pages-de.noarch 0:1.8-4.g7c4902d.el7                                                                                                                                                                         

Complete!
[root@61eff46d2318 yum.repos.d]# man pee
No manual entry for pee
[root@61eff46d2318 yum.repos.d]# yum clean all
Loaded plugins: fastestmirror, ovl
Cleaning repos: base epel extras updates
Cleaning up list of fastest mirrors
Other repos take up 1.7 G of disk space (use --verbose for details)
[root@61eff46d2318 yum.repos.d]# yum update
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
epel/x86_64/metalink                                                                                                                                                                        | 6.8 kB  00:00:00     
 * base: ftp.iij.ad.jp
 * epel: ftp.iij.ad.jp
 * extras: ftp.iij.ad.jp
 * updates: ftp.iij.ad.jp
base                                                                                                                                                                                        | 3.6 kB  00:00:00     
epel                                                                                                                                                                                        | 4.7 kB  00:00:00     
extras                                                                                                                                                                                      | 3.4 kB  00:00:00     
updates                                                                                                                                                                                     | 3.4 kB  00:00:00     
(1/7): epel/x86_64/group_gz                                                                                                                                                                 |  88 kB  00:00:00     
(2/7): base/7/x86_64/group_gz                                                                                                                                                               | 166 kB  00:00:00     
(3/7): epel/x86_64/updateinfo                                                                                                                                                               | 995 kB  00:00:00     
(4/7): extras/7/x86_64/primary_db                                                                                                                                                           | 188 kB  00:00:00     
(5/7): base/7/x86_64/primary_db                                                                                                                                                             | 6.0 MB  00:00:02     
(6/7): epel/x86_64/primary_db                                                                                                                                                               | 6.7 MB  00:00:02     
(7/7): updates/7/x86_64/primary_db                                                                                                                                                          | 4.2 MB  00:00:02     
No packages marked for update
[root@61eff46d2318 yum.repos.d]# man pee
No manual entry for pee
[root@61eff46d2318 yum.repos.d]# yum reinstall -y man-pages.noarch
[root@61eff46d2318 yum.repos.d]# yum reinstall -y moreutils-0.49-2.el7.x86_64
[root@61eff46d2318 yum.repos.d]# man pee
No manual entry for pee

あとがき

とりあえずepelレポいれておこう。peeでこんなに時間とってしまったぜ。

コード表示

[root@61eff46d2318 yum.repos.d]# echo ainekurainenahatomujiku | pee 'cat -' 'rev'
ainekurainenahatomujiku
ukijumotahaneniarukenia
[root@61eff46d2318 yum.repos.d]# echo ainekurainenahatomujiku | pee 'cat -' 'rev' | pee 'cat -' 'rev'
ainekurainenahatomujiku
ukijumotahaneniarukenia
ukijumotahaneniarukenia
ainekurainenahatomujiku