Docker container startup, if you want to mount a directory host can be specified with the -v parameter.
For example, I want to start a centos container, the host / test directory is mounted to the container / soft directory, you can specify the following ways:
# docker run -it -v /test:/soft centos /bin/bash
So that after the container starts, the directory / soft is automatically created within the container. In this way, we can be clear that the -v argument, a colon ":" in front of the host directory is a directory, the directory is behind the container directory.
Seemingly simple, it is not true, we have to verify the following:
A container for the relative path directory can not
[root@localhost ~]# docker run -it -v /test:soft centos /bin/bash invalid value "/test:soft" for flag -v: soft is not an absolute path See 'docker run --help'.
Direct error, suggesting that soft is not an absolute path, the so-called absolute path, the following must slash "/" at the beginning.
Second, the host if the directory does not exist, is automatically generated
If there is / test directory host, first remove it
[root@localhost ~]# rm -rf /test [root@localhost ~]# ls / bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
Start container
[root@localhost ~]# docker run -it -v /test:/soft centos /bin/bash [root@a487a3ca7997 /]# ls bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin soft srv sys tmp usr var
Check the host, found a new / test directory
[root@localhost ~]# ls / bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys test tmp usr var
Third, the host of the directory if it is a relative path?
This time, we try to change the directory name test1
# docker run -it -v test1:/soft centos /bin/bash
And then to see whether the host adds a / test1 directory, the results did not, is it because I was using a relative path, so the resulting test1 directory in the current directory and found or not. / Soft directory is mounted within the container that gone? By docker inspect command to check container "Mounts" that part, we can get the answer to this question.
"Mounts": [ { "Name": "test1", "Source": "/var/lib/docker/volumes/test1/_data", "Destination": "/soft", "Driver": "local", "Mode": "z", "RW": true } ],
As can be seen, / soft directory is mounted in the container / var / lib / docker / volumes / test1 on the host / _data directory
Originally, the so-called relative path is the / var / lib / docker / volumes /, regardless of the current directory of the host.
Fourth, if only -v specify a directory, this is how it corresponds?
Start a container
[root@localhost ~]# docker run -it -v /test2 centos /bin/bash [root@ea24067bc902 /]# ls bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys test2 tmp usr var
Also use docker inspect command to view the host's mount directory
"Mounts": [ { "Name": "96256232eb74edb139d652746f0fe426e57fbacdf73376963e3acdb411b3d73a", "Source": "/var/lib/docker/volumes/96256232eb74edb139d652746f0fe426e57fbacdf73376963e3acdb411b3d73a/_data", "Destination": "/test2", "Driver": "local", "Mode": "", "RW": true } ],
As can be seen, with similar results in 3, but it is not the path relative directory name, a directory name but randomly generated.
Fifth, if you modify the owner and group directory in the container, then the corresponding mount point whether it will amend it?
First, open a container to view the container / soft directory attributes
[root@localhost ~]# docker run -it -v /test:/soft centos /bin/bash [root@b5ed8216401f /]# ll -d /soft/ drwxr-xr-x 2 root root 6 Sep 24 03:48 /soft/
View inside the host / directory attribute test
[root@localhost ~]# ll -d /test/ drwxr-xr-x 2 root root 6 Sep 24 11:48 /test/
Within the new container user, modify / soft to the owner and group
[root@b5ed8216401f /]# useradd victor [root@b5ed8216401f /]# chown -R victor.victor /soft/ [root@b5ed8216401f /]# ll -d /soft/ drwxr-xr-x 2 victor victor 6 Sep 24 03:48 /soft/
Let's look at whether the owner and group within the host / test directory will change?
[root@localhost ~]# ll -d /test/ drwxr-xr-x 2 mycat mycat 6 Sep 24 11:48 /test/
Actually becomes a mycat. . .
Originally, this relationship with the UID, UID, namely "user ID" is an integer within the system to use it to identify the user. Under normal circumstances it with the user name is one to one.
First check the container victor corresponding UID is a number,
[root@b5ed8216401f /]# cat /etc/passwd | grep victor victor:x:1000:1000::/home/victor:/bin/bash
victor's UID is 1000, then who in the host 1000 corresponding to the user what is it?
[root@localhost ~]# cat /etc/passwd |grep 1000 mycat:x:1000:1000::/home/mycat:/bin/bash
As can be seen, corresponding to the host user UID 1000 is mycat.
Six container destroyed, whether on a host of new mount directory will disappear?
Here, the main verify two situations: First, the host specified directory, i.e. -v / test: / soft. Second, the host is not specified directory, i.e. -v / soft
The first case:
[root @ localhost ~] # rm -rf / test - first remove the host / test directory [root @ localhost ~] # ls / - can be seen, not on the host / test directory bin boot dev etc home lib Media mnt the root proc opt the lib64 sbin SRV RUN SYS usr var tmp [the root @ localhost ~] RUN # Docker Expediting IT centos_test --name = -v / Test: / Soft CentOS / bin / the bash - starting container, for convenience deleted, I use --name parameter specifies the name of the vessel [root @ 82ad7f3a779a /] # Exit Exit [root @ localhost ~] # Docker RM centos_test - delete container centos_test [root @ localhost ~] # LS / - find / test directory still exists bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys test tmp usr var
As can be seen, even if the container destroyed, the new mount directories will not disappear. Further also verifiable, if the owner and group host directory has changed, after the destruction of the vessel, the owner and group host directory will not be restored to the state before the mount.
The second case, by the above validation know, if there is no directory specified host, the container will configure a directory in / var / lib / docker / volumes / random, then we take a look at the container in this case is whether it will be destroyed resulting in a corresponding directory delete
First, start the container
[root@localhost ~]# docker run -it --name=centos_test -v /soft centos /bin/bash [root@6b75579ec934 /]# exit exit
See container mount directory generated in the host by the docker inspect command
"Mounts": [ { "Name": "b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301", "Source": "/var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301/_data", "Destination": "/soft", "Driver": "local", "Mode": "", "RW": true } ],
It corresponds to the / var / lib / docker / volumes / b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301 / _data directory
Destroy containers to see whether there is a directory
[root@localhost ~]# docker rm centos_test centos_test [root@localhost ~]# ll /var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301 total 0 drwxr-xr-x 2 root root 6 Sep 24 14:25 _data
It found that the directory still exists, even if the restart docker service, the directory still exists
[root@localhost ~]# systemctl restart docker [root@localhost ~]# ll /var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301 total 0 drwxr-xr-x 2 root root 6 Sep 24 14:25 _data
Seven mount host the directory already exists in the container to manipulate, report "Permission denied".
It can be solved in two ways:
1> Turn off selinux.
Temporarily turn off: # setenforce 0
Permanently closed: Modify / etc / sysconfig / selinux file, set the value to SELINUX disabled.
2> in a privileged way to start container
Parameters specified --privileged
如:# docker run -it --privileged=true -v /test:/soft centos /bin/bash
Reproduced in: https: //my.oschina.net/pengpengpengone/blog/1838966