Docker from entry to application (5): Docker container data volume
what is
As the name implies, the container data volume is the volume that Docker uses to store data; Docker packages the application and running environment into a container to run, and the running can be accompanied by the container, but our requirement for data is that it can be stored persistently, and we hope that different containers will able to share data
If the data generated by the Docker container is not converted into a new image through docker commit, so that the data is saved as part of the image, then when the container is deleted, the data will naturally disappear. In order to save the data, we use volumes in the container
Features of Container Data Volumes
A volume is a directory or a file that exists in one or more containers and is mounted to the container by Docker, but it does not belong to the union file system, so it can bypass the Union File System to provide some features for persistent storage or shared data. The volume is designed for persistence and is completely independent of the life cycle of the container. Therefore, Docker will not delete the mounted data volume when the container is deleted.
features
- Data volumes can share or reuse data between containers
- Changes in the volume can take effect directly
- Changes in the data volume will not be included in the update of the mirror
- The lifecycle of a data volume lasts until there are no containers using it
container add data volume
Container data volumes can be added through commands or through DockerFile. The introduction of DockerFile will be explained in the next chapter
command add
command :docker run -it -v /宿主机目录:/容器内目录 镜像ID或名称:tag
Create a default centos container, docker run -it centos
create and start the centos container, check the directory after the container is running, it is the default file structure
Configure the container data volume by adding -v
parameters to the command,docker run -it --name reel_centos -v ~/reelHostTest:/reelDokcerTest centos
The two newly created folders in the host directory and the Docker container directory respectively indicate that the container will automatically create a data volume folder when it starts. At this time, you can docker inspect 容器ID
check whether the data volume is mounted successfully by viewing the internal details of the container.
The data volume is successfully mounted, RW is true, that is, it has read and write permissions
Create a new a.log file in the reelDockerTest directory in the container, test data sharing, check whether the file exists in the corresponding directory of the host, and create a file in the container
The same file exists in the host machine after creation
Modify the content of the file in the host and check whether it is modified in the container
The content of the file in the container has been modified synchronously, indicating that there is data sharing between the host and the container
After the container stops and exits, the host modifies the data to check whether the data is synchronized
First stop the container to exit, the host modifies the file
Restart the container, the content of the file in the data volume has been modified synchronously
File read-only permission
-v
The default container of the data volume added through the parameter has read and write commands, and RO can be added to limit read-only
As shown in the figure, under the ReadOnly permission, the container cannot add files in this folder and docker inspect
view the internal information of the container. At this time,"RW":false
Add the file readOnly.txt in the directory of the host, switch to the container to view
The file exists in the container and can be read normally but cannot be modified. When modifying the file, it prompts E45: 'readonly' option is set (add ! to override)
Add data volume through DockerFile
What is DockerFile
Dockerfile is a build file used to build a Docker image, and is a script composed of a series of commands and parameters. DockerFile defines everything that a process needs. DockerFile involves executing code or files, environment variables, dependent packages, runtime environments, dynamic link libraries, operating system releases, service processes, and kernel processes (when the application process requires When dealing with system services and system kernel processes, it is necessary to consider how to design namespace permission control), etc. In simple terms, DockerFile can build the image we need for locks. The detailed introduction of DokcerFile will be explained in the next chapter
Add a DockerFile file to the host and build a mirror image
Create a DockerFile file, add the following test content to the file, where the VOLUME instruction is used to add one or more data volumes to the image
# volume test
FROM centos
VOLUME ["/dockerFile1","/dockerFile2"]
CMD echo "finished,--------success1"
CMD /bin/bash
- **Description:** For the sake of portability and sharing, this
-v 主机目录:容器目录
method cannot be directly implemented in Dockerfile . Since the host directory is dependent on a specific host, it cannot be guaranteed that such a specific directory exists on all hosts.
docker build
Command to build a mirror ** Note that the ** number docker build -f DockerFile文件地址 -t 镜像名称:tag .
at the end cannot be omitted (guess it should be the directory where the image is stored in the Docker engine).
Create and start a container, view the container directory, both dockerFile1 and dockerFile2 are created, and the data volume is bound successfully
When adding a container data volume through the command, you need to specify the data volume file directory in the host and the data volume file directory in the container. The files in the container are finally stored in the host disk. Then, the data volume created through DockerFile corresponds to the host’s Where is the file directory? Docker inspect
Command to view the internal details of the container and confirm the location of the data volume on the host
Switch to the corresponding directory and check whether dockerFile1 and dockerFile2 are created
When switching to the docker directory, it prompts that there is no permission, you can join it when running the container --privileged=true
, or grant the user access permission
1. sudo chmod -R 777 /var/lib/docker/
2. docker run -it --privileged=true --name privilegedtest -d ac9c738661da
Create a file after entering the folder, and check the synchronization in the container
File data sync successfully
data volume container
what is
The named container mounts the data volume, and other containers realize data sharing by mounting this (parent container). The container that mounts the data volume is called a data volume container.
Pass sharing between containers (–volumes-from)
Taking the image we just built as an example, first start the parent container df1, and create the file aa.txt in the dockerFile1 directory
Start the df2 and df3 containers inherited from the main commands of the df1 container --volumes-from
, and add aa2.txt and aa3.txt files to the df2 and df3 containers respectively
Enter the df1 container, aa2.txt and aa3.txt files have been synchronized. Delete the df1 container, enter the df2 container, the file aa.txt created by df1 exists and can be modified
Then delete the df2 container, access df3, and the file can be accessed normally
Delete df3 after creating df4 container based on df3, the file can be accessed normally
**Conclusion: The container data volume is used to transfer configuration information between containers, and the life cycle of the data volume lasts until no container uses it**