去评论
海欣资源

docker搭建ftp服务器教程

docker
2022/05/31 23:15:08
1)docker拉取ftp镜像
  1. docker pull fauria/vsftpd
2)启动ftp镜像
  1. docker run -d -p 2121:21 -p 2020:20 -p 21100-21110:21100-21110 \
  2. -v /home/dispatch/ftp/root:/home/vsftpd/ftp \
  3. -e FTP_USER=ftp \
  4. -e FTP_PASS=123456 \
  5. -e PASV_ADDRESS=***.**.**.** \
  6. -e PASV_MIN_PORT=21100 \
  7. -e PASV_MAX_PORT=21110 \
  8. --name vsftpd \
  9. --restart=always fauria/vsftpd
数解释:
-p 2121:21 -p 2020:20  映射daocker和宿主机的端口号,通过ftp客户端,连接宿主机的2121端口,可以连接ftp服务器。2020端口,为docker映射到宿主机的数据传输端口。
-v /home/dispatch/ftp/root:/home/vsftpd/ftp 挂载的本机文件路径。注意:这个地方是有一个坑。/home/vsftpd/ftp 为docker-ftp的文件存放路径。这个不可以随便写,并且,每个人的也都不一样。路径格式为/home/vsftpd/${user}    ${user} 为我后面设置的用户名。也就是FTP_USER=ftp。所以上面那个作者,设置了自己账户名为root之后,他的挂载源路径就为什么必须是root原因了。关于这个配置,等下看下配置文件就知道。


而 /home/dispatch/ftp/root 这个路径是应道宿主机的文件路径。这个可以随便写。
-e FTP_USER=ftp -e FTP_PASS=123456  分别为账号密码。
PASV_ADDRESS 为宿主机的IP

3)启动成功之后,使用ftp客户端连接上我们的ftp服务器。 我用的是CuteFtp 9.0



出现下面提示信息,即显示连接成功

我们在此新建一个文件夹

找到上面我们挂载的文件路径/home/dispatch/ftp/root ,打开就可以看到刚才新建的文件。同样在ftp服务器上文件的新增、删除、变更。使用ftp客户端都可以看到。至此docker版的ftp服务器就搭建完成。可以再去测试一下文件的上传下载。

4)关于上面作者所提到的坑
关于挂载路径设置的问题,其实在配置文件中的都有配置。
    1、进入ftp的docker容器
    docker exec -it vsftpd /bin/bash

    2、打开/etc/vsftpd/vsftpd.conf
    vi /etc/vsftpd/vsftpd.conf


这个也就是挂载到宿主机的ftp文件路径。也就是跟每个用户名是相关的。不同的用户名,对应不同的文件路径。当然也可以自行修改配置。建议把配置文件和log日志也挂在本地
贴出整个配置文件。如下:

  1. # Run in the foreground to keep the container running:
  2. background=NO

  4. # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
  5. anonymous_enable=NO

  7. # Uncomment this to allow local users to log in.
  8. local_enable=YES

  10. ## Enable virtual users
  11. guest_enable=YES

  13. ## Virtual users will use the same permissions as anonymous
  14. virtual_use_local_privs=YES

  16. # Uncomment this to enable any form of FTP write command.
  17. # Run in the foreground to keep the container running:
  18. background=NO

  20. # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
  21. anonymous_enable=NO

  23. # Uncomment this to allow local users to log in.
  24. local_enable=YES

  26. ## Enable virtual users
  27. guest_enable=YES

  29. ## Virtual users will use the same permissions as anonymous
  30. virtual_use_local_privs=YES

  32. # Uncomment this to enable any form of FTP write command.
  33. write_enable=YES

  35. ## PAM file name
  36. pam_service_name=vsftpd_virtual

  38. ## Home Directory for virtual users
  39. user_sub_token=$USER
  40. local_root=/home/vsftpd/$USER

  42. # You may specify an explicit list of local users to chroot() to their home
  43. # directory. If chroot_local_user is YES, then this list becomes a list of
  44. # users to NOT chroot().
  45. chroot_local_user=YES

  47. # Workaround chroot check.
  48. # See https://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/
  49. # and http://serverfault.com/questions/362619/why-is-the-chroot-local-user-of-vsftpd-insecure
  50. allow_writeable_chroot=YES
  51. # Run in the foreground to keep the container running:
  52. background=NO

  54. # Allow anonymous FTP? (Beware - allowed by default if you comment this out).
  55. anonymous_enable=NO

  57. # Uncomment this to allow local users to log in.
  58. local_enable=YES

  60. ## Enable virtual users
  61. guest_enable=YES

  63. ## Virtual users will use the same permissions as anonymous
  64. virtual_use_local_privs=YES

  66. # Uncomment this to enable any form of FTP write command.
  67. write_enable=YES

  69. ## PAM file name
  70. pam_service_name=vsftpd_virtual

  72. ## Home Directory for virtual users
  73. user_sub_token=$USER
  74. local_root=/home/vsftpd/$USER

  76. # You may specify an explicit list of local users to chroot() to their home
  77. # directory. If chroot_local_user is YES, then this list becomes a list of
  78. # users to NOT chroot().
  79. chroot_local_user=YES

  81. # Workaround chroot check.
  82. # See https://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/
  83. # and http://serverfault.com/questions/362619/why-is-the-chroot-local-user-of-vsftpd-insecure
  84. allow_writeable_chroot=YES

  86. ## Hide ids from user
  87. hide_ids=YES

  89. ## Enable logging
  90. xferlog_enable=YES
  91. xferlog_file=/var/log/vsftpd/vsftpd.log

  93. ## Enable active mode
  94. port_enable=YES
  95. connect_from_port_20=YES
  96. ftp_data_port=20

  98. ##| Disable seccomp filter sanboxing
  99. seccomp_sandbox=NO

  101. ### Variables set at container runtime
  102. pasv_address=192.168.0.16
  103. pasv_max_port=21110
  104. pasv_min_port=21100
  105. pasv_addr_resolve=NO
  106. pasv_enable=YES
  107. file_open_mode=0666
  108. local_umask=077
  109. xferlog_std_format=NO
  110. reverse_lookup_enable=YES
  111. pasv_promiscuous=NO
  112. port_promiscuous=NO

进入原文参与互动