Docker(四):privileged、数据卷、继承volumes-from

参考地址:https://blog.csdn.net/weixin_43526371/article/details/126326614

privileged - (一般不推荐)
是否给容器最高权限,这意味着容器内应用将不受权限的控制,一般不推荐

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6a6bdd924693 centos:centos7 "/bin/bash" 11 seconds ago Up 10 seconds on_privileged
2d1cc959f96c centos:centos7 "/bin/bash" 28 seconds ago Up 27 seconds off_privileged

/usr/sbin/init 启动容器之后可以使用systemctl命令

无 privileged (不带 root 权限)

$ docker run -d --name=off_privileged -it centos:centos7 /usr/sbin/init
$ docker exec -it off_privileged /bin/bash
$ systemctl # 不能执行 Failed to get D-Bus connection: Operation not permitted

有 privileged (带 root 权限)

$ docker run -d --name=on_privileged --privileged=true -it centos:centos7 /usr/sbin/init
$ docker exec -it on_privileged /bin/bash
$ systemctl # 可以执行

数据卷
容器内文件夹拷贝到宿主机上

# docker cp 容器ID:容器内路径 宿主机路径
$ docker cp adfc4e3b9652:/tmp/file_dir /tmp/

容器内文件夹映射到宿主机上, 修改数据是同步的(修改主机-容器内随之改变,修改容器-主机内随之改变)

-v 容器内路径:宿主机路径

$ docker run -p 8080:80 -v /tmp/my-nginx/html:/usr/share/nginx/html -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx
# $ docker run
# -p 8080:80
# -v /tmp/my-nginx/html:/usr/share/nginx/html
# -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf
# -d nginx

容器内路径只读 ro (默认为可读写权限rw)

$ docker run -p 8080:80 -v /tmp/my-nginx/html:/usr/share/nginx/html:ro -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx

继承与共享 --volumes-from


$ docker run -v /tmp/my-nginx/html:/usr/share/nginx/html:ro -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx
$ docker run -p 8080:80 --volumes-from 971ae2240bea -d nginx
$ docker run -p 8081:80 --volumes-from 971ae2240bea -d nginx

posted @ 2023-01-07 10:58  嘻嘻哈哈的人生  阅读(159)  评论(0编辑  收藏  举报