Docker容器数据卷

1.什么是Docker容器数据卷

​ 卷就是目录或文件,存在于一个或多个容器中,由docker挂载到容器,但不属于联合文件系统,因此能够绕过Union File System提供一些用于持续存储或共享数据的特性

​ 卷的设计目的就是数据的持久化,完全独立于容器的生存周期,因此Docker不会在容器删除时删除其挂载的数据卷

​ 将docker容器内的数据保存进宿主机的磁盘中

运行一个带有容器卷存储功能的容器实例:

 docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录      镜像名

Docker挂载主机目录访问如果出现cannot open directory .: Permission denied

解决办法:在挂载目录后多加一个--privileged=true参数即可

默认情况,仓库被创建在容器的/var/lib/registry目录下,建议自行用容器卷映射,方便于宿主机联调

2.能做啥

将运用与运行的环境打包镜像,run后形成容器实例运行 ,但是我们对数据的要求希望是持久化的

Docker容器产生的数据,如果不备份,那么当容器实例删除后,容器内的数据自然也就没有了。

为了能保存数据在docker中我们使用卷。

特点:

1:数据卷可在容器之间共享或重用数据

2:卷中的更改可以直接实时生效

3:数据卷中的更改不会包含在镜像的更新中

4:数据卷的生命周期一直持续到没有容器使用它为止

3.数据卷案例

3.1 宿主vs容器之间映射添加容器卷

1.直接命令添加

docker run -it --privileged=true -v /tmp/host_data:/tmp/docker_data  --name=ub01 ubuntu
[dark@EndeavourOS01 ~]$ ls /tmp/
checkup-db-1000                   sddm-:0-wWicIi                                                                  systemd-private-d7d5de65840f4bf081982322959ceaa1-systemd-timesyncd.service-CaeEWa
eos-FindAppIcon-issues.log        sddm-auth2f4bec6d-f808-4816-bc6a-2e5449075493                                   systemd-private-d7d5de65840f4bf081982322959ceaa1-upower.service-UG6Paq
eos-update-notifier.log.iUzNbdpv  systemd-private-d7d5de65840f4bf081982322959ceaa1-systemd-logind.service-OhPP1M  vmware-root_580-2730496794
[dark@EndeavourOS01 ~]$ docker run -it --privileged=true -v /tmp/host_data:/tmp/docker_data  --name=ub01 ubuntu
root@d6cf1b6c3332:/# ls /tmp/
docker_data
root@d6cf1b6c3332:/# ls /tmp/docker_data/
root@d6cf1b6c3332:/# touch /tmp/docker_data/test.txt
root@d6cf1b6c3332:/# ls /tmp/docker_data/
test.txt
root@d6cf1b6c3332:/# cat /tmp/docker_data/test.txt 
root@d6cf1b6c3332:/# echo "hello docker" > /tmp/docker_data/test.txt 
root@d6cf1b6c3332:/# cat /tmp/docker_data/test.txt 
hello docker
root@d6cf1b6c3332:/# 

主机另起终端

[dark@EndeavourOS01 ~]$ ls /tmp/
checkup-db-1000                   host_data                                      systemd-private-d7d5de65840f4bf081982322959ceaa1-systemd-logind.service-OhPP1M     vmware-root_580-2730496794
eos-FindAppIcon-issues.log        sddm-:0-wWicIi                                 systemd-private-d7d5de65840f4bf081982322959ceaa1-systemd-timesyncd.service-CaeEWa
eos-update-notifier.log.iUzNbdpv  sddm-auth2f4bec6d-f808-4816-bc6a-2e5449075493  systemd-private-d7d5de65840f4bf081982322959ceaa1-upower.service-UG6Paq
[dark@EndeavourOS01 ~]$ ls /tmp/host_data/
test.txt
[dark@EndeavourOS01 ~]$ cat /tmp/host_data/test.txt 
hello docker
[dark@EndeavourOS01 ~]$ 

2.查看数据卷是否挂载成功

docker inspect 容器ID
[dark@EndeavourOS01 ~]$ docker ps
CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS      NAMES
d6cf1b6c3332   ubuntu    "bash"                   15 minutes ago   Up 15 minutes              ub01
6873ff4a1873   redis     "docker-entrypoint.s…"   8 hours ago      Up 8 hours      6379/tcp   interesting_beaver
[dark@EndeavourOS01 ~]$ docker inspect d6cf1b6c3332
[
    {
        "Id": "d6cf1b6c3332f42c6f139dc61be7ab7e48394530af7b711c885c16d93171421b",
        "Created": "2022-05-08T11:29:21.810465454Z",
        "Path": "bash",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 9405,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2022-05-08T11:29:22.608051355Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:ba6acccedd2923aee4c2acc6a23780b14ed4b8a5fa4e14e252a23b846df9b6c1",
        "ResolvConfPath": "/var/lib/docker/containers/d6cf1b6c3332f42c6f139dc61be7ab7e48394530af7b711c885c16d93171421b/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/d6cf1b6c3332f42c6f139dc61be7ab7e48394530af7b711c885c16d93171421b/hostname",
        "HostsPath": "/var/lib/docker/containers/d6cf1b6c3332f42c6f139dc61be7ab7e48394530af7b711c885c16d93171421b/hosts",
        "LogPath": "/var/lib/docker/containers/d6cf1b6c3332f42c6f139dc61be7ab7e48394530af7b711c885c16d93171421b/d6cf1b6c3332f42c6f139dc61be7ab7e48394530af7b711c885c16d93171421b-json.log",
        "Name": "/ub01",
        "RestartCount": 0,
        "Driver": "btrfs",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [
                "/tmp/host_data:/tmp/docker_data"
            ],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "CgroupnsMode": "private",
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": true,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": [
                "label=disable"
            ],
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": [],
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "KernelMemory": 0,
            "KernelMemoryTCP": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": null,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": null,
            "ReadonlyPaths": null
        },
        "GraphDriver": {
            "Data": null,
            "Name": "btrfs"
        },
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/tmp/host_data",
                "Destination": "/tmp/docker_data",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
        "Config": {
            "Hostname": "d6cf1b6c3332",
            "Domainname": "",
            "User": "",
            "AttachStdin": true,
            "AttachStdout": true,
            "AttachStderr": true,
            "Tty": true,
            "OpenStdin": true,
            "StdinOnce": true,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "bash"
            ],
            "Image": "ubuntu",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {}
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "00a2d53c687c25ba4af87b9ec3d6285a0ce7092241a64383055b82a89b58ac5e",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/00a2d53c687c",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "3204966179b866b09122a779ae4fdd3824090b1edefdf66e1d0276b82fb9c0ac",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:02",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "3c74bee0ac80741c4daed74965799258b9a2c077ab7306c773ec7bba4c3593bc",
                    "EndpointID": "3204966179b866b09122a779ae4fdd3824090b1edefdf66e1d0276b82fb9c0ac",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:02",
                    "DriverOpts": null
                }
            }
        }
    }
]
[dark@EndeavourOS01 ~]$ 

翻看找到

"Mounts": [
            {
                "Type": "bind",
                "Source": "/tmp/host_data",
                "Destination": "/tmp/docker_data",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            }
        ]

3.2 读写规则映射添加说明

1.读写(默认)

 docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录:rw      镜像名

默认同上案例,默认就是rw

2.只读

 docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录:ro      镜像名

容器实例内部被限制,只能读取不能写

/容器目录:ro 镜像名 就能完成功能,此时容器自己只能读取不能写

ro = read only

此时如果宿主机写入内容,可以同步给容器内,容器可以读取到。

3.3 卷的继承和共享

1.容器1完成和宿主机的映射

docker run -it  --privileged=true -v /mydocker/u:/tmp --name u1 ubuntu

2.容器2继承容器1的卷规则

docker run -it  --privileged=true --volumes-from 父类  --name u2 ubuntu

例如

docker run -it  --privileged=true --volumes-from u1  --name u2 ubuntu
posted @ 2022-05-08 20:09  DarkH  阅读(158)  评论(0编辑  收藏  举报