Starguard
开发笔记
Toggle navigation
Starguard
全部笔记
Unity
大话存储笔记
C语言
MongoDB
About Me
归档
标签
docker具名挂载和匿名挂载
2022-02-13 06:41:33
47
0
0
admin
# docker具名挂载和匿名挂载 [TOC] ## 按路径挂载 * 宿主机上的目录会覆盖容器中的目录: ```bash docker run -d --name nginx03 -P -v /home/xxx/conf/nginx:/etc/nginx nginx ``` ## 具名挂载 * 以下命令会将容器内的/etc/nginx挂载到/var/lib/docker/volume/卷名/_data,这里卷名就是etc-nginx: ```bash $ docker run -d --name nginx01 -P -v etc-nginx:/etc/nginx nginx $ ll /var/lib/docker/volumes/etc-nginx/_data/ 总用量 36 drwxr-xr-x 3 root root 4096 2月 13 13:43 ./ drwx-----x 3 root root 4096 2月 13 13:43 ../ drwxr-xr-x 2 root root 4096 2月 13 13:43 conf.d/ -rw-r--r-- 1 root root 1007 12月 28 23:28 fastcgi_params -rw-r--r-- 1 root root 5349 12月 28 23:28 mime.types lrwxrwxrwx 1 root root 22 12月 28 23:40 modules -> /usr/lib/nginx/modules -rw-r--r-- 1 root root 648 12月 28 23:40 nginx.conf -rw-r--r-- 1 root root 636 12月 28 23:28 scgi_params -rw-r--r-- 1 root root 664 12月 28 23:28 uwsgi_params ``` * 执行以下命令,具名挂载会显示卷名: ```bash $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ebeea9cf1fa9 nginx "/docker-entrypoint.…" 5 minutes ago Up 5 minutes 0.0.0.0:49153->80/tcp, :::49153->80/tcp nginx01 $ docker inspect ebeea9cf1fa9 "Mounts": [ { "Type": "volume", "Name": "etc-nginx", "Source": "/var/lib/docker/volumes/etc-nginx/_data", "Destination": "/etc/nginx", "Driver": "local", "Mode": "z", "RW": true, "Propagation": "" } ], ... $ docker volume ls DRIVER VOLUME NAME ... local etc-nginx ... ``` ## 匿名挂载 * 匿名挂载不需要写宿主机上的路径,挂载路径也在/var/lib/docker/volume/目录下,但卷名是一长串随机字符串: ```bash $ docker run -d --name nginx02 -P -v /etc/nginx nginx $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d476391f6231 nginx "/docker-entrypoint.…" 24 seconds ago Up 24 seconds 0.0.0.0:49154->80/tcp, :::49154->80/tcp nginx02 $ docker inspect d476391f6231 ... "Mounts": [ { "Type": "volume", "Name": "a090507e20d344f9298731b769728d252b7c43ef1dc1c80e520c82be761db578", "Source": "/var/lib/docker/volumes/a090507e20d344f9298731b769728d252b7c43ef1dc1c80e520c82be761db578/_data", "Destination": "/etc/nginx", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ], ... ``` ### 通过Dockerfile匿名挂载 ```Dockerfile $ cat dockerfile01 FROM centos ENTRYPOINT ["/bin/bash"] VOLUME ["volume01", "volume02"] RUN echo "----end build----" $ docker build -f dockerfile01 -t scott/centos:1.0 . Sending build context to Docker daemon 2.048kB Step 1/4 : FROM centos latest: Pulling from library/centos a1d0c7532777: Pull complete Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177 Status: Downloaded newer image for centos:latest ---> 5d0da3dc9764 Step 2/4 : ENTRYPOINT ["/bin/bash"] ---> Running in 5744a7751935 Removing intermediate container 5744a7751935 ---> 00364df73617 Step 3/4 : VOLUME ["volume01", "volume02"] ---> Running in 664616219d10 Removing intermediate container 664616219d10 ---> 8cf7bd193272 Step 4/4 : RUN echo "----end build----" ---> Running in 4e6d012837e5 ----end build---- Removing intermediate container 4e6d012837e5 ---> fee57adc730f Successfully built fee57adc730f Successfully tagged scott/centos:1.0 $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE scott/centos 1.0 fee57adc730f About a minute ago 231MB $ docker run -itd --name "centos01" scott/centos:1.0 ``` ### 数据卷容器 * 几个容器共享一个数据,最开始创建的容器叫父容器,不过删除父容器也不会删除创建的卷。 * 将上面创建的centos01容器作为父容器,创建centos02容器,和centos01共享volume01、volume02两个数据卷。 ```bash $ docker run -itd --name "centos02" --volumes-from centos01 scott/centos:1.0 $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4ca1f2787be4 scott/centos:1.0 "/bin/bash" 3 minutes ago Up 3 minutes centos02 c2dad2c92f3a scott/centos:1.0 "/bin/bash" 5 minutes ago Up 5 minutes centos01 $ docker inspect 4ca1f2787be4 ... "Mounts": [ { "Type": "volume", "Name": "afffdb0871ea75696ef2f08458312aba26474c665b2246044adedd61b6950a5c", "Source": "/var/lib/docker/volumes/afffdb0871ea75696ef2f08458312aba26474c665b2246044adedd61b6950a5c/_data", "Destination": "volume02", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "volume", "Name": "bf710817e8daa8ffe052fbe8f1a9de364eb95b191900c5c2025aa6d85a87234e", "Source": "/var/lib/docker/volumes/bf710817e8daa8ffe052fbe8f1a9de364eb95b191900c5c2025aa6d85a87234e/_data", "Destination": "volume01", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ], ... $ docker inspect c2dad2c92f3a ... "Mounts": [ { "Type": "volume", "Name": "bf710817e8daa8ffe052fbe8f1a9de364eb95b191900c5c2025aa6d85a87234e", "Source": "/var/lib/docker/volumes/bf710817e8daa8ffe052fbe8f1a9de364eb95b191900c5c2025aa6d85a87234e/_data", "Destination": "volume01", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "volume", "Name": "afffdb0871ea75696ef2f08458312aba26474c665b2246044adedd61b6950a5c", "Source": "/var/lib/docker/volumes/afffdb0871ea75696ef2f08458312aba26474c665b2246044adedd61b6950a5c/_data", "Destination": "volume02", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ], ... ``` * 如果挂载的卷是父容器的子集,例如dockerfile02如下,则使用--volumes-from仍然会和父容器共享卷: ```bash $ cat dockerfile02 FROM centos ENTRYPOINT ["/bin/bash"] VOLUME ["volume01"] RUN echo "----end build----" $ docker build -f dockerfile02 -t scott/centos:1.1 . $ docker run -itd --name "centos03" --volumes-from centos01 scott/centos:1.1 $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0d66742336f0 scott/centos:1.1 "/bin/bash" 7 minutes ago Up 7 minutes centos03 $ docker inspect 0d66742336f0 ... "Mounts": [ { "Type": "volume", "Name": "bf710817e8daa8ffe052fbe8f1a9de364eb95b191900c5c2025aa6d85a87234e", "Source": "/var/lib/docker/volumes/bf710817e8daa8ffe052fbe8f1a9de364eb95b191900c5c2025aa6d85a87234e/_data", "Destination": "volume01", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "volume", "Name": "afffdb0871ea75696ef2f08458312aba26474c665b2246044adedd61b6950a5c", "Source": "/var/lib/docker/volumes/afffdb0871ea75696ef2f08458312aba26474c665b2246044adedd61b6950a5c/_data", "Destination": "volume02", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ], ... ``` * 如果挂载的卷是父容器的超集,例如要挂载volume01、volume02、volume03三个匿名卷,使用--volumes-from会使volume01、volume02和父容器共享,但volume03由于父容器没有创建,所以会创建: ``` ... $ docker inspect 9c24bbf78668 ... "Mounts": [ { "Type": "volume", "Name": "8c6b227a247371dddb4cd9e1914d33c186ee7f82646a3efa2851971bc0abc310", "Source": "/var/lib/docker/volumes/8c6b227a247371dddb4cd9e1914d33c186ee7f82646a3efa2851971bc0abc310/_data", "Destination": "volume03", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "volume", "Name": "bf710817e8daa8ffe052fbe8f1a9de364eb95b191900c5c2025aa6d85a87234e", "Source": "/var/lib/docker/volumes/bf710817e8daa8ffe052fbe8f1a9de364eb95b191900c5c2025aa6d85a87234e/_data", "Destination": "volume01", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "volume", "Name": "afffdb0871ea75696ef2f08458312aba26474c665b2246044adedd61b6950a5c", "Source": "/var/lib/docker/volumes/afffdb0871ea75696ef2f08458312aba26474c665b2246044adedd61b6950a5c/_data", "Destination": "volume02", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ], ... ``` * centos02使用--volumes-from继承centos01,centos03使用--volumes-from继承centos02,三者的卷都是共享的。 * 所有容器都使用`docker rm -f`命令删掉后,卷在宿主机上仍然存在。 ```bash $ docker ps -q | xargs docker rm -f ``` ## 卷的权限 * 卷默认是可读写的,即宿主机和容器都能修改卷中的内容。 * 要使卷是只读的,即只允许宿主机修改卷中的内容,不允许容器修改卷中的内容,要显式指定卷是ro(read only)的,不过这种写法不适合匿名挂载,只适合指定宿主机目录的挂载和具名挂载: ```bash $ docker run -itd --name "centos01" -v /etc:/etc/:ro centos ... $ docker exec -it 99893fcbd412 bash bash-4.4# mount | grep etc /dev/sda5 on /etc type ext4 (ro,relatime,errors=remount-ro) /dev/sda5 on /etc/hostname type ext4 (rw,relatime,errors=remount-ro) /dev/sda5 on /etc/hosts type ext4 (rw,relatime,errors=remount-ro) ```
上一篇:
goland+docker远程部署
下一篇:
beego+swagger生成API文档
0
赞
47 人读过
新浪微博
微信
腾讯微博
QQ空间
人人网
文档导航