[pikchurn]

I use containers as lightweight VMs in many places. Generally I see this as a way to get a minimal install that other tools can then configure appropriately, with up to date packages fetched from upstream mirrors directly, instead of installed from CD and then upgraded.

I currently use packer.io to script the creation of a bunch of server images, and for ubuntu I've missed the "minimal install CD" that other distros have. Instead packer has to download a 800MB CD image, in order to install only a few hundred megabytes of uncompressed packages in a bare-bones install, which is then provisioned using some orchestration tool that at its heart uses ssh to login to the virtual machine.

Not having SSH means you need to add in some sort of serial-attach step to manually install sshd, or hook into the install scripts to download sshd as part of the install or whatever. Either way that's additional custom work that is probably common to a great many use cases.

[verst]

So why not build your own version with a SSH daemon if you really need it? I don't think most people need the SSH daemon in their container image.

Your Dockerfile could be something like this:

  FROM ubuntu:bionic
  RUN sudo apt-get install openssh-server -y && sudo service ssh restart

These are definitely not the complete steps for setting up SSHd but you get the idea.

[moondev]

This is meant as a base image for containers. There's not even a kernel or init

[isostatic]

Just do a netboot with a preseed file (have your own local cache - either with apt-cacher or something more independent)

Our server preseed has the following line

d-i pkgsel/include string openssh-server build-essential iperf htop screen sysstat vim-nox

And a couple of internal packages which have their own dependencies (including lldp, snmpd etc) which do a variety of things including user management (active directory based), automatic registration into our asset database and monitoring systems

[acomar]

You're running these containers in an orchestrator, right? That should give you API access to the running container, allowing you to get shell. E.g. with kubernetes, `kubectl exec` will get you into the container.

But the sibling comment about using a Dockerfile to install/start sshd works if you're running these containers on a remote host without any kind of access to the running container.

[dustinkirkland]

LXD containers make fantastic replacements for VMs! Just try 'lxc launch ubuntu:'. Then 'lxc list'. And then you can either exec into, or ssh into your machine container!