Tag:Docker directory mount
Category:docker
Article From:https://www.cnblogs.com/conserdao/p/9061774.html

Source: https://www.linuxidc.com/Linux/2015-09/123519.htm, thank you for sharing.

 

docker run Grammar:
docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

 

[OPTIONS]   -v

 

DockerWhen the container starts, if you want to mount a directory of the host, you can specify it with the -v parameter.

For example, I want to start a CentOS container, and the /test directory of the host is mounted to the /soft directory of the container.

# docker run -it -v /test:/soft centos /bin/bash

Thus, after the container is started, the directory of /soft will be automatically created in the container. In this way, we can make it clear that in the -v parameter, the colon “:” the directory in front is the host directory, and the later directory is the directory inside the container.

Seemingly simple, in fact, otherwise, let’s verify the following:

The container directory can not be a relative path

[root@localhost ~]# docker run -it -v /test:soft centos /bin/bash
invalid value “/test:soft” for flag -v: soft is not an absolute path
See ‘docker run –help’.

Direct reporting error indicates that soft is not an absolute path, and the so-called absolute path must begin with the following slash “/”.

Two, if Host Directory does not exist, it will automatically generate.

If there is a /test directory in the host, delete it first.

[root@localhost ~]# rm -rf /test
[root@localhost ~]# ls /
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var

Starting container

[root@localhost ~]# docker run -it -v /test:/soft centos /bin/bash
[root@a487a3ca7997 /]# ls
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  soft  srv  sys  tmp  usr  var

Look at the host and find a new /test directory

[root@localhost ~]# ls /
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  test  tmp  usr  var

Three, if the host directory is relative path?

This time, let’s try a new directory named test1

# docker run -it -v test1:/soft centos /bin/bash

Then see if a /test1 directory is added to the host, and the result is not because I’m using the relative path, so the generated test1 directory is in the current directory, and the results are not found. Where is the /soft directory in that container? Through dockerThe inspect command looks at the part of the container “Mounts”, and we can get the answer to this question.

    “Mounts”: [
        {
            “Name”: “test1”,
            “Source”: “/var/lib/docker/volumes/test1/_data”,
            “Destination”: “/soft”,
            “Driver”: “local”,
            “Mode”: “z”,
            “RW”: true
        }
    ],

 

It can be seen that the /soft directory in the container mounts the /var/lib/docker/volumes/test1/_data directory on the host computer.

It turns out that the so-called relative path refers to /var/lib/docker/volumes/, which has nothing to do with the current directory of the host.

Four, if only -v specifies a directory, how does this correspond?

Start a container

[root@localhost ~]# docker run -it -v /test2 centos /bin/bash
[root@ea24067bc902 /]# ls
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  test2  tmp  usr  var

Also use the docker inspect command to view the mount directory of host hosts.

 

  “Mounts”: [
        {
            “Name”: “96256232eb74edb139d652746f0fe426e57fbacdf73376963e3acdb411b3d73a”,
            “Source”: “/var/lib/docker/volumes/96256232eb74edb139d652746f0fe426e57fbacdf73376963e3acdb411b3d73a/_data”,
            “Destination”: “/test2”,
            “Driver”: “local”,
            “Mode”: “”,
            “RW”: true
        }
    ],

 

It can be seen that the result is similar to that in 3, but it is not a directory name of relative path, but a randomly generated directory name.

Five, if we modify the directory owner and group in the container, will the corresponding mount points be modified?

First, open a container to view the attributes of the /soft directory in the container.

[root@localhost ~]# docker run -it -v /test:/soft centos /bin/bash
[root@b5ed8216401f /]# ll -d /soft/
drwxr-xr-x 2 root root 6 Sep 24 03:48 /soft/

View the properties of the /test directory in the host

[root@localhost ~]# ll -d /test/
drwxr-xr-x 2 root root 6 Sep 24 11:48 /test/

Create new users in the container, modify the owner and group of /soft.

[root@b5ed8216401f /]# useradd victor
[root@b5ed8216401f /]# chown -R victor.victor /soft/
[root@b5ed8216401f /]# ll -d /soft/
drwxr-xr-x 2 victor victor 6 Sep 24 03:48 /soft/

Let’s take a look at whether the host and group of the /test directory in the host computer will change.

[root@localhost ~]# ll -d /test/
drwxr-xr-x 2 mycat mycat 6 Sep 24 11:48 /test/

It turns out to be MYCAT.

Originally, this has something to do with UID. UID, the user identification number, is an integer that identifies users in the system. In general, it is one-to-one correspondence with user names.

First, look at the number of UID corresponding to victor in the container.

[root@b5ed8216401f /]# cat /etc/passwd | grep victor
victor:x:1000:1000::/home/victor:/bin/bash

victorThe UID is 1000, so who is the 1000 corresponding user in the host computer?

[root@localhost ~]# cat /etc/passwd |grep 1000
mycat:x:1000:1000::/home/mycat:/bin/bash

It can be seen that the corresponding UID 1000 user in the host computer is MYCAT.

Six, the container is destroyed. Will the new mounted directory on the host machine disappear?

Here, we mainly verify two situations: first, specify the host directory, namely -v /test:/soft. Two. There is no designated host directory, that is, -v /soft

The first case:

 

[root@localhost ~]# rm -rf /test    –First delete the /test directory of the host
[root@localhost ~]# ls /    –As you can see, there is no /test directory on the host
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
[root@localhost ~]# docker run -it –name=centos_test -v /test:/soft centos /bin/bash  –To start the container, I use the –name parameter to specify the name of the container.
[root@82ad7f3a779a /]# exit
exit
[root@localhost ~]# docker rm centos_test  –Deleting container
centos_test
[root@localhost ~]# ls /  –It is found that the /test directory still exists
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  test  tmp  usr  var

 

It can be seen that even if the container is destroyed, the new mount directory will not disappear. It is further verifiable that if the host and group of host directories have changed, after the container is destroyed, the host and the group of the host directory will not recover to the state before the mount.

The second case, through the above verification, knows that if the directory is not specified for the host, the container will configure a directory at random in /var/lib/docker/volumes/, so let’s see if the container destruction in this case will result in the deletion of the corresponding directory.

First start the container

[root@localhost ~]# docker run -it –name=centos_test -v /soft centos /bin/bash
[root@6b75579ec934 /]# exit
exit

Look at the mount directory generated by the container on the host through the docker inspect command.

 

    “Mounts”: [
        {
            “Name”: “b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301”,
            “Source”: “/var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301/_data”,
            “Destination”: “/soft”,
            “Driver”: “local”,
            “Mode”: “”,
            “RW”: true
        }
    ],

 

The corresponding directory is /var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301/_data.

Destroy the container to see if the directory exists

[root@localhost ~]# docker rm centos_test
centos_test
[root@localhost ~]# ll /var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301
total 0
drwxr-xr-x 2 root root 6 Sep 24 14:25 _data

It is found that the directory still exists, even if the docker service is restarted, the directory still exists.

[root@localhost ~]# systemctl restart docker
[root@localhost ~]# ll /var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301
total 0
drwxr-xr-x 2 root root 6 Sep 24 14:25 _data

Seven, after hosting the existing host directory, operate it in the container and report “Permission denied”.

It can be solved in two ways:

1> Close the SELinux.

Temporary closure: setenforce 0

Permanent closure: modify the /etc/sysconfig/selinux file and set the SELINUX value to disabled.

2> Starting the container in a privileged manner

Specify the –privileged parameter

Such as: docker run -it –privileged -v /test:/soft CentOS /bin/bash

 

Link of this Article: [docker run] -v

Leave a Reply

Your email address will not be published. Required fields are marked *