Original: http://dockerone.com/article/128
The deployment and management of a large number of data files (such as MySQL database files) is a less-than-easy issue in the cloud platform area, and there are a number of factors that need to be considered, such as network bandwidth, such as the disk IO speed limit, such as bandwidth control across the room, for example, compared to packages. The volume concept of docker separates programs and data to achieve the purpose of on-demand management. This article explains the usage and usage scenarios of Docker volume.
In-depth understanding of Docker Volume (i) "Editor's words" This article mainly introduces the principle of Docker Volume and how to use it, which is an extension of the Docker starter tutorial. The author introduces the working principle of volume from the data sharing, data container, backup, permission and delete Volume Five, and helps the reader to understand volume from the actual combat.
From the Docker IRC channel and StackOverflow, many people don't quite understand how Docker volume works. In this article, I'll try my best to explain how volume works, and show some of the greatest practices. This article is intended for Docker users who do not know about volume, and certainly experienced users can learn some of the volume details in this article.
If you want to learn about Docker Volume, first we need to know how Docker's file system works. Docker images are overlaid by multiple file systems (read-only layers). When we start a container, Docker loads the read-only mirror layer and adds a read-write layer on top of it (the translator's note: Mirror stack). If a running container modifies an existing file that already exists, it is copied from the read-only layer below the read-write layer to the read-write layer, and the read-only version of the file still exists, but is hidden by a copy of the file in the read-write layer. When you delete a Docker container and restart it through the mirror, the previous changes are lost. In Docker, the combination of read-only and top-level read-write layers is called the Union file System (federated filesystem).
To be able to save (persist) data and share data between containers, Docker presents the concept of volume. Simply put, volume is a directory or file that bypasses the default federated file system and is present on the host in the form of a normal file or directory.
There are two ways to initialize volume, and there are some small and important differences between the two ways. We can use it at run time
-v
To declare Volume:
$ docker run-it--name container-test-h container-v/data debian/bin/bash[email protected]:/# ls/data[email protected ]:/#
The above command will
/data
Mount to the container and bypass the federated file system, we can manipulate the directory directly on the host. Any in this image
/data
The path of the file will be copied to volume. We can use
docker inspect
command to find the location where the volume is stored on the host:
$ docker inspect-f {{. Volumes}} container-test
You will see a similar output:
MAP[/DATA:/VAR/LIB/DOCKER/VFS/DIR/CDE167197CCC3E138A14F1A4F...B32CEC92E79059437A9]
This shows that Docker is putting
/var/lib/docker
is attached to a directory in the container.
/data
Directory. Let's add files from the host to this folder:
$ sudo touch/var/lib/docker/vfs/dir/cde167197ccc3e13814f...b32ce9059437a9/test-file
into our container you can see:
$ [Email protected]:/# ls/datatest-file
As long as the directory of the host is attached to the directory of the container, the change takes effect immediately. We can use the dockerfile in the
VOLUME
directives to achieve the same purpose:
From Debian:wheezyvolume/data
But there's another thing that's only
-v
Parameters can be done and dockerfile is not the thing is to mount the specified host directory on the container. For example:
$ docker run-v/home/adrian/data:/data Debian Ls/data
The command will mount the host's
/home/adrian/data
Directory to the inside of the container
/data
The directory. Any in
/home/adrian/data
The files for the directory will appear inside the container. This is useful for sharing files between hosts and containers, such as mounting source code that needs to be compiled. To ensure portability (not all of the system's host directories are available), the Mount host directory does not need to be specified from Dockerfile. When using
-v
parameter, any files under the mirror directory are not copied to volume. (Translator Note: Volume will be copied to the mirror directory, the image will not be copied to the volume)
Data sharing if you want to authorize a container to access the volume of another container, we can use the
-volumes-from
Parameters to perform
docker run
。
$ docker run-it-h newcontainer--volumes-from container-test debian/bin/bash[email protected]:/# Ls/datatest-file[emai L protected]:/#
It is important to note that it works regardless of whether the container-test is running. As long as the container is connected to the volume, it will not be deleted.
A common usage scenario for data containers is to use a pure data container to persist databases, configuration files, or data files. The official documentation is explained in detail. For example:
$ docker Run--name dbdata postgres echo "Data-only container for Postgres"
The command will create a postgres image containing the volume already defined in the Dockerfile, running
echo
Command and then exit. When we run
docker ps
Command,
echo
Can help us identify the purpose of an image. We can use
-volumes-from
command to volume of other containers:
$ docker run-d--volumes-from dbdata--name db1 postgres
Two points of note using the data container:
- Do not run the data container, which is purely a waste of resources.
- Do not use "minimal mirroring" for data containers, such as
busybox
or scratch
, use only database mirroring itself. You already have the image, so you don't need to take up extra space.
Backup if you're using a data container, that's pretty easy to do:
$ docker Run--RM--volumes-from dbdata-v $ (PWD):/backup Debian tar cvf/backup/backup.tar/var/lib/postgresql/data
The example should compress everything in volume into a tar package (the official Postgres Dockerfile defines a volume in the/var/lib/postgresql/data directory)
Permissions and licensing typically you need to set volume permissions or initialize some default data or configuration files for volume. The key point to note is that the Dockerfile
VOLUME
Any thing after the instruction cannot change the volume, for example:
From Debian:wheezyrun useradd foovolume/datarun touch/data/xrun chown-r foo:foo/data
The Docker file runs as expected, and we would have liked to
touch
The command runs on the mirrored file system, but in fact it runs on the volume of a temporary container. As shown below:
From Debian:wheezyrun useradd foorun mkdir/data && touch/data/xrun chown-r foo:foo/datavolume/data
Docker can mount the files under volume in the Mirror to volume and set the correct permissions. This behavior does not occur if you specify the host directory for volume.
If you don't pass
RUN
command to set permissions, you need to use it when the container starts
CMD
Or
ENTRYPOINT
Instruction to execute (Translator Note: The cmd command is used to specify the commands to run when a container starts, similar to run, except that run is the command to run when the image is built).
Deleting volumes This feature may be more important if you have already used
docker rm
To remove your container, there may be a lot of isolated volume still occupying space.
Volume can only be deleted if the following conditions are available:
- The container can be
docker rm -v
removed and no other container is connected to the volume (and the host directory is also not specified as volume). Attention, -v
is essential.
docker run
Use rm
parameters in
Unless you are already very careful, always run the container like this, otherwise you will be in
/var/lib/docker/vfs/dir
Directory to get some zombie files and directories, and it's not easy to say what they represent.
Read more about the following resources explore the volumes mechanism in more depth:
- Crazy Docker's Pure data container
- Deep Docker:volumes (translated)
- Container Data Management
In addition, we can expect more tools to deal with volumes in the near future:
[Reprint] In-depth understanding of Docker volume