2. 科技
  3. docker 部署 vsftpd

docker 部署 vsftpd

it2024-03-27  12

文章目录

总结运行命令安装 .7z 解压和压缩文件下载上传ftp命令关闭FTP连接状态码FTP命令服务运维整体步骤创建用户并赋予相应的权限遇到问题

总结

部署vsftpd只需要看 运行命令 就行了,其他的就是自己在记录一些与ftp有关的知识

运行命令

docker pull fauria/vsftpd docker run -d -v /data/ftp:/home/vsftpd \ -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \ -e FTP_USER=ftp_stu -e FTP_PASS=student \ -e PASV_ADDRESS=10.36.31.161 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \ --name vsftpd --restart=always fauria/vsftpd

安装 .7z 解压和压缩文件

sudo apt install p7zip-full 7z x manager.7z -r -o /home/xx 7z a -t7z -r manager.7z /home/manager/*

#解释如下: x 代表解压缩文件,并且是按原始目录解压(还有个参数 e 也是解压缩文件,但其会将所有文件都解压到根下,而不是自己原有的文件夹下)manager.7z 是压缩文件,这里大家要换成自己的。如果不在当前目录下要带上完整的目录 -r 表示递归所有的子文件夹 -o 是指定解压到的目录,这里大家要注意-o后是没有空格的直 解释如下: a 代表添加文件/文件夹到压缩包 -t 是指定压缩类型 一般我们定为7z -r 表示递归所有的子文件夹,manager.7z 是压缩好后的压缩包名,/home/manager/* 是要压缩的目录,*是表示该目录下所有的文件。

下载上传ftp命令

ftp> get readme.txt # 下载 readme.txt 文件 ftp> mget *.txt # 下载 ftp> put /path/readme.txt # 上传 readme.txt 文件 ftp> mput *.txt # 可以上传多个文件

关闭FTP连接

bye exit quit

状态码

230 - 登录成功 200 - 命令执行成功 150 - 文件状态正常,开启数据连接端口 250 - 目录切换操作完成 226 - 关闭数据连接端口,请求的文件操作成功

FTP命令

ftp> ascii # 设定以ASCII方式传送文件(缺省值) ftp> bell # 每完成一次文件传送,报警提示. ftp> binary # 设定以二进制方式传送文件. ftp> bye # 终止主机FTP进程,并退出FTP管理方式. ftp> case # 当为ON时,用MGET命令拷贝的文件名到本地机器中,全部转换为小写字母. ftp> cd # 同UNIX的CD命令. ftp> cdup # 返回上一级目录. ftp> chmod # 改变远端主机的文件权限. ftp> close # 终止远端的FTP进程,返回到FTP命令状态, 所有的宏定义都被删除. ftp> delete # 删除远端主机中的文件. ftp> dir [remote-directory] [local-file] # 列出当前远端主机目录中的文件.如果有本地文件,就将结果写至本地文件. ftp> get [remote-file] [local-file] # 从远端主机中传送至本地主机中. ftp> help [command] # 输出命令的解释. ftp> lcd # 改变当前本地主机的工作目录,如果缺省,就转到当前用户的HOME目录. ftp> ls [remote-directory] [local-file] # 同DIR. ftp> macdef # 定义宏命令. ftp> mdelete [remote-files] # 删除一批文件. ftp> mget [remote-files] # 从远端主机接收一批文件至本地主机. ftp> mkdir directory-name # 在远端主机中建立目录. ftp> mput local-files # 将本地主机中一批文件传送至远端主机. ftp> open host [port] # 重新建立一个新的连接. ftp> prompt # 交互提示模式. ftp> put local-file [remote-file] # 将本地一个文件传送至远端主机中. ftp> pwd # 列出当前远端主机目录. ftp> quit # 同BYE. ftp> recv remote-file [local-file] # 同GET. ftp> rename [from] [to] # 改变远端主机中的文件名. ftp> rmdir directory-name # 删除远端主机中的目录. ftp> send local-file [remote-file] # 同PUT. ftp> status # 显示当前FTP的状态. ftp> system # 显示远端主机系统类型. ftp> user user-name [password] [account] # 重新以别的用户名登录远端主机. ftp> ? [command] # 同HELP. [command]指定需要帮助的命令名称。如果没有指定 command,ftp 将显示全部命令的列表。 ftp> ! # 从 ftp 子系统退出到外壳。

服务运维

systemctl restart vsftpd.service # 重启服务 systemctl start vsftpd.service # 启动服务 systemctl status vsftpd.service # 服务状态查看

整体步骤

[root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \ > -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \ > -e FTP_USER=ftp_stu -e FTP_PASS=student \ > -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \ > --name vsftpd --restart=always fauria/vsftpd ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d /usr/bin/docker-current: Error response from daemon: driver failed programming external connectivity on endpoint vsftpd (7f753629aae087e3ec1548483bd92ca11dcafb97e7fb8ca07c491361285721e1): Erre. [root@ieat1 vsftpd]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-dns-5-3a54b7e3 19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healthcheck-healthcheck-5-bdacdf26 e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-5-944c46f4 ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-network-manager-5-ae860036 7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec-cni-driver-5-64a39019 d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher-agent [root@ieat1 vsftpd]# netstat -tanlp #一定要要在root下看,+ sudo ,否则因为权限不够看不到具体的进程。 Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 2407/dnsmasq tcp 0 0 127.0.0.1:5941 0.0.0.0:* LISTEN 1565/teamviewerd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1352/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1350/cupsd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1637/master tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 20508/sshd: root@pt tcp 0 0 172.17.0.1:45224 169.254.169.250:80 TIME_WAIT - tcp 0 0 172.17.0.1:45222 169.254.169.250:80 TIME_WAIT - tcp 0 0 172.17.0.1:45270 169.254.169.250:80 ESTABLISHED 18164/plugin-manage tcp 0 0 172.17.0.1:45242 169.254.169.250:80 ESTABLISHED 18164/plugin-manage tcp 0 0 10.36.31.161:44288 10.36.31.164:8080 ESTABLISHED 16874/agent tcp 0 0 172.17.0.1:45206 169.254.169.250:80 TIME_WAIT - tcp 0 0 172.17.0.1:45168 169.254.169.250:80 TIME_WAIT - tcp 0 0 10.36.31.161:57250 217.146.11.102:80 ESTABLISHED 1565/teamviewerd tcp 0 0 172.17.0.1:45160 169.254.169.250:80 TIME_WAIT - tcp 0 0 172.17.0.1:45240 169.254.169.250:80 ESTABLISHED 18164/plugin-manage tcp 0 0 10.36.31.161:44286 10.36.31.164:8080 ESTABLISHED 16874/agent tcp 0 0 172.17.0.1:45238 169.254.169.250:80 FIN_WAIT2 - tcp 0 0 172.17.0.1:45234 169.254.169.250:80 TIME_WAIT - tcp 0 264 10.36.31.161:22 202.196.41.207:8864 ESTABLISHED 20508/sshd: root@pt tcp 0 0 172.17.0.1:45278 169.254.169.250:80 ESTABLISHED 18164/plugin-manage tcp 0 0 172.17.0.1:45260 169.254.169.250:80 FIN_WAIT2 - tcp 0 0 10.36.31.161:39916 10.36.31.164:8080 ESTABLISHED 16874/agent tcp 0 0 172.17.0.1:45236 169.254.169.250:80 TIME_WAIT - tcp 0 0 10.36.31.161:57252 217.146.11.102:80 ESTABLISHED 1565/teamviewerd tcp 0 0 172.17.0.1:45280 169.254.169.250:80 ESTABLISHED 18164/plugin-manage tcp 0 0 172.17.0.1:45258 169.254.169.250:80 FIN_WAIT2 - tcp 0 0 172.17.0.1:45244 169.254.169.250:80 TIME_WAIT - tcp 0 0 172.17.0.1:45246 169.254.169.250:80 FIN_WAIT2 - tcp 0 0 172.17.0.1:45144 169.254.169.250:80 TIME_WAIT - tcp6 0 0 :::111 :::* LISTEN 1/systemd tcp6 0 0 :::21 :::* LISTEN 20665/vsftpd tcp6 0 0 :::22 :::* LISTEN 1352/sshd tcp6 0 0 ::1:631 :::* LISTEN 1350/cupsd tcp6 0 0 ::1:25 :::* LISTEN 1637/master tcp6 0 0 ::1:6010 :::* LISTEN 20508/sshd: root@pt [root@ieat1 vsftpd]# kill 20665 [root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd -p 20:20 -p 21:21 -p 21100-21110:21100-21110 -e FTP_USER=ftp_stu -e FTP_PASS=student -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=2 /usr/bin/docker-current: Error response from daemon: Conflict. The container name "/vsftpd" is already in use by container ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d. Yo See '/usr/bin/docker-current run --help'. [root@ieat1 vsftpd]# docker ls docker: 'ls' is not a docker command. See 'docker --help' [root@ieat1 vsftpd]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-dns-5-3a54b7e3 19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healthcheck-healthcheck-5-bdacdf26 e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-5-944c46f4 ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-network-manager-5-ae860036 7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec-cni-driver-5-64a39019 d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher-agent [root@ieat1 vsftpd]# docker remove ae36a80acf216d08382d7619a43f9362f32b7d729b25640f2cd6760d7bd4706d docker: 'remove' is not a docker command. See 'docker --help' [root@ieat1 vsftpd]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ae36a80acf21 fauria/vsftpd "/usr/sbin/run-vsf..." 8 minutes ago Created vsftpd [root@ieat1 vsftpd]# docker rm ae36a80acf21 ae36a80acf21 [root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd -p 20:20 -p 21:21 -p 21100-21110:21100-21110 -e FTP_USER=ftp_stu -e FTP_PASS=student -e PASV_ADDRESS=127.0.0.1 -e PASV_MIN_PORT=2 65a2f82d86e83310c8b1117973a1e67dab16f1adcb8ef0473b0db264204e577e [root@ieat1 vsftpd]# ll 总用量 48 -rw-r--r-- 1 root root 18 8月 3 14:47 chroot_list -rw------- 1 root root 125 10月 31 2018 ftpusers -rw------- 1 root root 361 10月 31 2018 user_list -rw-r--r-- 1 root root 162 8月 3 19:02 vsftpd.conf -rw------- 1 root root 5116 8月 3 14:39 vsftpd.conf.bak -rwxr--r-- 1 root root 338 10月 31 2018 vsftpd_conf_migrate.sh -rw-r--r-- 1 root root 628 8月 3 14:41 vsftpd.conf.rpmsave drwxr-xr-x 2 root root 38 8月 3 14:51 vuser_conf -rw------- 1 root root 12288 8月 3 14:45 vuser_passwd.db -rw-r--r-- 1 root root 32 8月 3 14:44 vuser_passwd.txt [root@ieat1 vsftpd]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 65a2f82d86e8 fauria/vsftpd "/usr/sbin/run-vsf..." 4 minutes ago Up 4 minutes 0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp vsftpd abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo 19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healt e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo 7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher [root@ieat1 vsftpd]# docker exec 65a2f82d86e8 "docker exec" requires at least 2 argument(s). See 'docker exec --help'. Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...] Run a command in a running container [root@ieat1 vsftpd]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 65a2f82d86e8 fauria/vsftpd "/usr/sbin/run-vsf..." 5 minutes ago Up 5 minutes 0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp vsftpd abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo 19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healt e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo 7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher [root@ieat1 vsftpd]# systemclt status firewalld.service bash: systemclt: 未找到命令... 相似命令是: 'systemctl' [root@ieat1 vsftpd]# systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: inactive (dead) since 六 2019-08-03 12:41:08 CST; 9h ago Docs: man:firewalld(1) Main PID: 963 (code=exited, status=0/SUCCESS) 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name. 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables: 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name. 8月 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon... 8月 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon. [root@ieat1 vsftpd]# systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: inactive (dead) since 六 2019-08-03 12:41:08 CST; 9h ago Docs: man:firewalld(1) Main PID: 963 (code=exited, status=0/SUCCESS) 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name. 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables: 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name. 8月 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon... 8月 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon. [root@ieat1 vsftpd]# systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: inactive (dead) since 六 2019-08-03 12:41:08 CST; 9h ago Docs: man:firewalld(1) Main PID: 963 (code=exited, status=0/SUCCESS) 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name. 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables: 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name. 8月 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon... 8月 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon. [root@ieat1 vsftpd]# systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: inactive (dead) since 六 2019-08-03 12:41:08 CST; 9h ago Docs: man:firewalld(1) Main PID: 963 (code=exited, status=0/SUCCESS) 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name. 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE' failed: iptables: No chain/target/mat 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C DOCKER -i docker0 -j RETURN' failed: iptables: Bad rule (does a matching rule exist in that ch 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule e 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed: iptables: Bad rule (does a matching rule 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT' failed: iptables: 8月 03 12:26:15 ieat1 firewalld[963]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: No chain/target/match by that name. 8月 03 12:41:07 ieat1 systemd[1]: Stopping firewalld - dynamic firewall daemon... 8月 03 12:41:08 ieat1 systemd[1]: Stopped firewalld - dynamic firewall daemon. [root@ieat1 vsftpd]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 65a2f82d86e8 fauria/vsftpd "/usr/sbin/run-vsf..." 13 minutes ago Up 13 minutes 0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp vsftpd abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo 19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healt e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-netwo 7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher [root@ieat1 vsftpd]# docker stop 65a2f82d86e8 65a2f82d86e8 [root@ieat1 vsftpd]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-dns-5-3a54b7e3 19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 9 hours ago Up 3 hours r-healthcheck-healthcheck-5-bdacdf26 e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-metadata-5-944c46f4 ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-network-services-network-manager-5-ae860036 7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 9 hours ago Up 3 hours r-ipsec-cni-driver-5-64a39019 d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 3 hours rancher-agent [root@ieat1 vsftpd]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/nginx latest 98ebf73aba75 2 weeks ago 109 MB docker.io/mysql latest de764ad211de 2 weeks ago 443 MB docker.io/redis latest 598a6f110d01 3 weeks ago 118 MB docker.io/fauria/vsftpd latest 4900fef1a627 3 months ago 261 MB docker.io/rancher/agent v1.2.11 1cc7591af4f5 12 months ago 243 MB docker.io/rancher/net v0.13.17 f170c38e3763 12 months ago 311 MB docker.io/rancher/dns v0.17.4 678bde0de4d2 12 months ago 249 MB docker.io/rancher/healthcheck v0.3.8 ce78cf69cc0b 13 months ago 391 MB docker.io/rancher/metadata v0.10.4 02104eb6e270 13 months ago 251 MB docker.io/rancher/network-manager v0.7.22 13381626c510 13 months ago 256 MB docker.io/rancher/net holder 665d9f6e8cc1 2 years ago 267 MB [root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \ > -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \ > -e FTP_USER=ftp_stu -e FTP_PASS=student \ > -e PASV_ADDRESS=10.36.31.161 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \ > --name vsftpd --restart=always fauria/vsftpd /usr/bin/docker-current: Error response from daemon: Conflict. The container name "/vsftpd" is already in use by container 65a2f82d86e83310c8b1117973a1e67dab16f1adcb8ef0473b0db264204e577e. Yo See '/usr/bin/docker-current run --help'. [root@ieat1 vsftpd]# docler images ls bash: docler: 未找到命令... [root@ieat1 vsftpd]# docker sl docker: 'sl' is not a docker command. See 'docker --help' [root@ieat1 vsftpd]# docker ls docker: 'ls' is not a docker command. See 'docker --help' [root@ieat1 vsftpd]# docker ls -a unknown shorthand flag: 'a' in -a See 'docker --help'. Usage: docker COMMAND A self-sufficient runtime for containers Options: --config string Location of client config files (default "/root/.docker") -D, --debug Enable debug mode --help Print usage -H, --host list Daemon socket(s) to connect to (default []) -l, --log-level string Set the logging level ("debug", "info", "warn", "error", "fatal") (default "info") --tls Use TLS; implied by --tlsverify --tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem") --tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem") --tlskey string Path to TLS key file (default "/root/.docker/key.pem") --tlsverify Use TLS and verify the remote -v, --version Print version information and quit Management Commands: checkpoint Manage checkpoints container Manage containers image Manage images network Manage networks node Manage Swarm nodes plugin Manage plugins secret Manage Docker secrets service Manage services stack Manage Docker stacks swarm Manage Swarm system Manage Docker volume Manage volumes Commands: attach Attach to a running container build Build an image from a Dockerfile commit Create a new image from a container's changes cp Copy files/folders between a container and the local filesystem create Create a new container deploy Deploy a new stack or update an existing stack diff Inspect changes on a container's filesystem events Get real time events from the server exec Run a command in a running container export Export a container's filesystem as a tar archive history Show the history of an image images List images import Import the contents from a tarball to create a filesystem image info Display system-wide information inspect Return low-level information on Docker objects kill Kill one or more running containers load Load an image from a tar archive or STDIN login Log in to a Docker registry logout Log out from a Docker registry logs Fetch the logs of a container pause Pause all processes within one or more containers port List port mappings or a specific mapping for the container ps List containers pull Pull an image or a repository from a registry push Push an image or a repository to a registry rename Rename a container restart Restart one or more containers rm Remove one or more containers rmi Remove one or more images run Run a command in a new container save Save one or more images to a tar archive (streamed to STDOUT by default) search Search the Docker Hub for images start Start one or more stopped containers stats Display a live stream of container(s) resource usage statistics stop Stop one or more running containers tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE top Display the running processes of a container unpause Unpause all processes within one or more containers update Update configuration of one or more containers version Show the Docker version information wait Block until one or more containers stop, then print their exit codes Run 'docker COMMAND --help' for more information on a command. [root@ieat1 vsftpd]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 65a2f82d86e8 fauria/vsftpd "/usr/sbin/run-vsf..." 18 minutes ago Exited (137) 3 minutes ago vsftpd [root@ieat1 vsftpd]# docker rm 65a2f82d86e8 65a2f82d86e8 [root@ieat1 vsftpd]# docker run -d -v /data/ftp:/home/vsftpd \ > -p 20:20 -p 21:21 -p 21100-21110:21100-21110 \ > -e FTP_USER=ftp_stu -e FTP_PASS=student \ > -e PASV_ADDRESS=10.36.31.161 -e PASV_MIN_PORT=21100 -e PASV_MAX_PORT=21110 \ > --name vsftpd --restart=always fauria/vsftpd 3d785f39c0f3ca6002a5e07b9d818d796e5ebc026643ab54bc7af9dddc82f93b [root@ieat1 vsftpd]#

创建用户并赋予相应的权限

遇到问题

在vsftp.conf中进行配置,在其中添加如下一行

user_config_dir=/etc/vsftpd/vuser_conf

然后创建 vuser_conf文件夹,在其中以用户名创建用户配置

[root@ieat1 vuser_conf ]# cat ftp_admin ocal_root=/data/ftp #要注意这个不是宿主的,要改成映射的docker自己的 write_enable=YES anon_umask=022 anon_world_readable_only=YES anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES

然后按照一下操作

[root@3d785f39c0f3 vsftpd]# cat virtual_users.txt ftp_stu student [root@3d785f39c0f3 vsftpd]# vi virtual_users..txt [root@3d785f39c0f3 vsftpd]# vi virtual_users.txt [root@3d785f39c0f3 vsftpd]# cat virtual_users.txt ftp_stu student ftp_admin admin [root@3d785f39c0f3 vsftpd]# /usr/bin/db_load -T -t hash -f /etc/vsftpd/virtual_users.txt /etc/vsftpd/virtual_users.db [root@3d785f39c0f3 vsftpd]# exit exit [root@ieat1 ~]# docker restart vsftpd vsftpd [root@ieat1 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3d785f39c0f3 fauria/vsftpd "/usr/sbin/run-vsf..." 13 hours ago Up 19 seconds 0.0.0.0:20-21->20-21/tcp, 0.0.0.0:21100-21110->21100-21110/tcp vsftpd abd4d5d89b20 rancher/dns:v0.17.4 "/rancher-entrypoi..." 23 hours ago Up 17 hours r-network-services-metadata-dns-5-3a54b7e3 19289cb5b39b rancher/healthcheck:v0.3.8 "/.r/r /rancher-en..." 23 hours ago Up 17 hours r-healthcheck-healthcheck-5-bdacdf26 e0606c299ed1 rancher/metadata:v0.10.4 "/rancher-entrypoi..." 23 hours ago Up 17 hours r-network-services-metadata-5-944c46f4 ce1e6f7ee4e4 rancher/network-manager:v0.7.22 "/rancher-entrypoi..." 23 hours ago Up 17 hours r-network-services-network-manager-5-ae860036 7ec9b65e37f1 rancher/net:v0.13.17 "/rancher-entrypoi..." 23 hours ago Up 17 hours r-ipsec-cni-driver-5-64a39019 d938c0feaae7 rancher/agent:v1.2.11 "/run.sh run" 2 weeks ago Up 17 hours rancher-agent [root@ieat1 ~]# docker exec -it 3d785f39c0f3 /bin/bash

reference:https://segmentfault.com/a/1190000008161400#articleHeader14

最新回复(0)