Data sharing
Docker can be used to isolate the environment, so that the environment inside the container and outside the container do not interfere with each other (actually will have an impact), so the program running inside the container, may produce data, so the data is also in the container by default, so how to get the data from outside the container? If I want to destroy the container, will the data in the container also be destroyed? If I want to upgrade the container, do I have to migrate the data?
A Linux file system is a tree. You can mount storage media to the file system by creating a mount point to access data on the disk.
Similarly, each container has an MNT namespace and a file tree, so you can also create a mount point to mount the storage media on the host to the mount point of the container. When a container writes data to a specific mount point, it is equivalent to writing data to the host. So the data can be stored on the host.
There are three common storage methods in Docker:
- Bind mounts
- In-memory storage
- Docker volumes
Bind mounts
You can attach a path on a host to a path inside a container to share data. You can mount files as well as directories. It also has some problems because it depends on a path on the host, and if there is no path on the host, it will not mount successfully. Another problem is that it increases the possibility of conflicts with other containers, which may preempt the use of files between containers. Therefore, it is best to avoid these types of specific bindings in a common platform or hardware pool.
# My current absolute path is /home/zhui/playground/
cat > ./example.html << EOF Hello Docker, How are you ? EOF
touch ./example.log
cat > ./example.conf <<EOF server { listen 80; server_name localhost; access_log /var/log/nginx/custom.host.access.log main; location / { root /usr/share/nginx/html; index index.html index.htm; } } EOF
LOG_SRC=/home/zhui/playground/example.log
LOG_DST=/var/log/nginx/custom.host.access.log CONF_DST=/etc/nginx/conf.d/default.conf CONF_SRC=/home/zhui/playground/example.conf HELLO_SRC=/home/zhui/playground/example.html DEFAULT_DST=/usr/share/nginx/html/index.html docker run -d --name nginx-web \ --mounttype=bind,src=${CONF_SRC},dst=${CONF_DST}.readonly=true \
--mount type=bind,src=${LOG_SRC},dst=${LOG_DST} \
--mount type=bind,src=${HELLO_SRC},dst=${DEFAULT_DST} \
-p 80:80 nginx:latest
Copy the code
In-memory storage
Most service software, such as Web applications, may use private keys, database passwords, API keys, or sensitive configuration files that require some space to temporarily buffer.
In this case, it’s not appropriate to write the data to the host file, so you can write the cached data to memory.
Example #
docker run --rm --mount type=tmpfs,dst=/tmp --entrypoint mount alpine:latest -v
Example #
docker run --rm --mount type=tmpfs,dst=/tmp,tmpfs-size=16k,tmpfs-mode=1770 --entrypoint mount alpine:latest -v
Copy the codeThe above command creates an empty TMPFS device (defined and created by Docker himself) and mounts it to the/TMP directory of the container. The operations in the/TMP directory will be stored in the memory of the host, thus protecting sensitive files.
Docker volumes
Volumes are different from bind mounts in that container instances can share data through volumes without knowing the host’s file system.
One of the features of volumes is the ability to share access to data, and the life cycle of volumes is container independent. That is, even if a container used a volume, when the container is destroyed, the volume still exists and can be used by other containers.
# create a volume
docker volume create --driver local --label example=location location-example
# View all volumes
docker volume ls
# View volume information
docker volume inspect location-example
# Mountpoint is automatically generated by Docker
ocker volume inspect --format "{{json .Mountpoint}}" location-example
Delete all unused volumes
docker volume prune
# to delete volume
docker volume rm location-example
# Create a volume first
docker volume create --driver local --label example=cassandra cass-shared
# Use volumes on containersDocker run - d - volume cass -shared: / var/lib/Cassandra/data - the name cass Cassandra: 2.2# After the container is deleted, the volume still exists
docker container rm -f cass
docker volume ls
Copy the codeA volume can have a name (human-friendly) or it can be anonymous, and when it’s an anonymous volume, its name is a long string of hash characters. Anonymous volumes are usually generated by using docker Volume create directly (with no other parameters), or by using docker run and docker create without specifying the volume name.
Docker also provides the volumees-from parameter to share data directly from other containers (called data volume containers).
# Generate an anonymous volume
docker volume create
# Create anonymous volumes directly when creating container instances
docker run --name fowler \
--mount type=volume,dst=/library \ \alpine:latest touch /library/{1.. 4}.txtUse the --volumes-from parameter to associate volumes
docker run --name reader \
--volumes-from fowler \
alpine:latest ls -l /library/
Copy the codeOther reference
Docker Basics – Manage application data using Bind mounts
## Data volume container