privileged
- (一般不推荐)
是否给容器最高权限,这意味着容器内应用将不受权限的控制,一般不推荐
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6a6bdd924693 centos:centos7 "/bin/bash" 11 seconds ago Up 10 seconds on_privileged
2d1cc959f96c centos:centos7 "/bin/bash" 28 seconds ago Up 27 seconds off_privileged
/usr/sbin/init
启动容器之后可以使用systemctl
命令
-
无
privileged
(不带 root 权限)$ docker run -d --name=off_privileged -it centos:centos7 /usr/sbin/init $ docker exec -it off_privileged /bin/bash $ systemctl # 不能执行 Failed to get D-Bus connection: Operation not permitted
-
有
privileged
(带 root 权限)$ docker run -d --name=on_privileged --privileged=true -it centos:centos7 /usr/sbin/init $ docker exec -it on_privileged /bin/bash $ systemctl # 可以执行
数据卷
容器内文件夹拷贝到宿主机上
# docker cp 容器ID:容器内路径 宿主机路径
$ docker cp adfc4e3b9652:/tmp/file_dir /tmp/
容器内文件夹映射到宿主机上, 修改数据是同步的(修改主机-容器内随之改变,修改容器-主机内随之改变)
-v 容器内路径:宿主机路径
$ docker run -p 8080:80 -v /tmp/my-nginx/html:/usr/share/nginx/html -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx
# $ docker run
# -p 8080:80
# -v /tmp/my-nginx/html:/usr/share/nginx/html
# -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf
# -d nginx
容器内路径只读
ro
(默认为可读写权限rw
)
$ docker run -p 8080:80 -v /tmp/my-nginx/html:/usr/share/nginx/html:ro -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx
继承与共享
--volumes-from
$ docker run -v /tmp/my-nginx/html:/usr/share/nginx/html:ro -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx
$ docker run -p 8080:80 --volumes-from 971ae2240bea -d nginx
$ docker run -p 8081:80 --volumes-from 971ae2240bea -d nginx