ssh-keygen -t rsa
FROM ubuntu:latest
RUN apt-get update \
&& apt-get install -y openssh-server \
&& mkdir -p /var/run/sshd
EXPOSE 22
COPY docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
#!/bin/sh
#SSH_PUBLIC_KEY=생성된 id_rsa.pub의 내용 복사부분(AWS Systems Manager Parameter Store에 저장해놓고 끌어오거나 그게 아니라면 직접 적용해줄 수 도있다.)
if [ -z "$SSH_PUBLIC_KEY" ]
then
echo "Need your SSH public key as the SSH_PUBLIC_KEY env variable."
exit 1
fi
# Create a folder to store user's SSH keys if it does not exist.
USER_SSH_KEYS_FOLDER=~/.ssh
[ ! -d "$USER_SSH_KEYS_FOLDER" ] && mkdir -p $USER_SSH_KEYS_FOLDER
# Copy contents from the `SSH_PUBLIC_KEY` environment variable
# to the `${USER_SSH_KEYS_FOLDER}/authorized_keys` file.k
# The environment variable must be set when the container starts.
echo $SSH_PUBLIC_KEY > ${USER_SSH_KEYS_FOLDER}/authorized_keys
# Clear the `SSH_PUBLIC_KEY` environment variable.
unset SSH_PUBLIC_KEY
# Start the SSH daemon.
/usr/sbin/sshd -D
AWS ECR Repository설정
https://ap-northeast-2.console.aws.amazon.com/ecr/repositories?region=ap-northeast-2
AWS ECR에 로그인
// aws configure 사전 등록 완료할 것
// 명령어
aws ecr get-login-password --region ap-northeast-2 | docker login --username AWS --password-stdin ${AWS ECR Repository URL}
// 예시
aws ecr get-login-password --region ap-northeast-2 | docker login --username AWS --password-stdin 762202190844.dkr.ecr.ap-northeast-2.amazonaws.com/fargate-ssh
// 명령어1(docker repository 복사, 이름변경)
docker tag ${REPOSITORY}:${TAG} ${AWS ECR Repository URL}:${TAG}
docker tag info/m2sj/camel-ose-springboot-xml:latest 762202190844.dkr.ecr.ap-northeast-2.amazonaws.com/test-fargate-efs
docker tag sshawsfargate:1.0.0 762202190833.dkr.ecr.ap-northeast-2.amazonaws.com/test0713-fargatessh
docker tag docker-ssh-aws-fargate4:latest 762202190844.dkr.ecr.ap-northeast-2.amazonaws.com/fargate-ssh
// 명령어2(docker images 새롭게 만들어진 image의 repository를 사용)
docker push ${REPOSITORY}:${TAG}
docker push 762202190844.dkr.ecr.ap-northeast-2.amazonaws.com/fargate-ssh
{
"executionRoleArn": "arn:aws:iam::account-id:role/ecsTaskExecutionRole",
"containerDefinitions": [
{
"portMappings": [
{
"hostPort": 22,
"protocol": "tcp",
"containerPort": 22
}
],
"secrets": [
{
"valueFrom": "arn:aws:ssm:region:account-id:parameter/parameter-name",
"name": "SSH_PUBLIC_KEY"
}
],
"image": "account-id.dkr.ecr.region.amazonaws.com/ssh-public-key:latest",
"name": "ssh-public-key-container"
}
],
"memory": "1024",
"family": "fargate-ssh-public-key",
"requiresCompatibilities": [
"FARGATE"
],
"networkMode": "awsvpc",
"cpu": "512"
}
ssh -i ~/.ssh/id_rsa root@ip-address