When the Docker container is started, if you want to mount a directory of the host, you can specify it with the -v parameter.
For example, if I want to start a centos container, the host's /test directory is mounted to the container's /soft directory, which can be specified in the following ways:
# docker run -it -v /test:/soft centos /bin/bash
In this way, after the container is started, the /soft directory will be automatically created in the container. In this way, we can make it clear that in the -v parameter, the directory before the colon ":" is the host directory, and the directory after the directory is the directory in the container.
It seems simple, but it is not. Let's verify it below:
1. The container directory cannot be a relative path
[root@localhost ~]# docker run -it -v /test:soft centos /bin/bash invalid value "/test:soft" for flag -v: soft is not an absolute path See 'docker run --help'.
A direct error is reported, indicating that soft is not an absolute path. The so-called absolute path must start with the following slash "/".
2. If the host directory does not exist, it will be automatically generated.
If the /test directory exists in the host, delete it first
[root@localhost ~]# rm -rf /test [root@localhost ~]# ls / bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
Start the container
[root@localhost ~]# docker run -it -v /test:/soft centos /bin/bash [root@a487a3ca7997 /]# ls bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin soft srv sys tmp usr var
Check the host and found that a /test directory has been added
[root@localhost ~]# ls / bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys test tmp usr var
3. What if the directory of the host is a relative path?
This time, let's try changing the directory name test1
# docker run -it -v test1:/soft centos /bin/bash
Then go to the host to check whether a /test1 directory has been added. The result is no. Is it because I use a relative path, so the generated test1 directory is in the current directory, but it still does not. Where is the /soft directory in the container mounted? Through the docker inspect command, check the container "Mounts" part and we can get the answer to this question.
"Mounts": [
{
"Name": "test1",
"Source": "/var/lib/docker/volumes/test1/_data",
"Destination": "/soft",
"Driver": "local",
"Mode": "z",
"RW": true
}
],
It can be seen that the /soft directory in the container is mounted on the /var/lib/docker/volumes/test1/_data directory on the host machine.
It turns out that the so-called relative path refers to /var/lib/docker/volumes/, which has nothing to do with the current directory of the host.
4. If only -v specifies a directory, how does this correspond?
Start a container
[root@localhost ~]# docker run -it -v /test2 centos /bin/bash [root@ea24067bc902 /]# ls bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys test2 tmp usr var
Also use the docker inspect command to view the host's mount directory
"Mounts": [
{
"Name": "96256232eb74edb139d652746f0fe426e57fbacdf73376963e3acdb411b3d73a",
"Source": "/var/lib/docker/volumes/96256232eb74edb139d652746f0fe426e57fbacdf73376963e3acdb411b3d73a/_data",
"Destination": "/test2",
"Driver": "local",
"Mode": "",
"RW": true
}
],
It can be seen that the result is similar to that in 3, except that it is not the directory name of the relative path, but a randomly generated directory name.
5. If the owner and group of the directory are modified in the container, will the corresponding mount point be modified?
First, open a container and view the properties of the /soft directory in the container
[root@localhost ~]# docker run -it -v /test:/soft centos /bin/bash [root@b5ed8216401f /]# ll -d /soft/ drwxr-xr-x 2 root root 6 Sep 24 03:48 /soft/
Check the properties of the /test directory in the host
[root@localhost ~]# ll -d /test/ drwxr-xr-x 2 root root 6 Sep 24 11:48 /test/
Create a new user in the container and modify the owner and group of /soft
[root@b5ed8216401f /]# useradd victor [root@b5ed8216401f /]# chown -R /soft/ [root@b5ed8216401f /]# ll -d /soft/ drwxr-xr-x 2 victor victor 6 Sep 24 03:48 /soft/
Let’s take a look at whether the owner and group of the /test directory in the host will change?
[root@localhost ~]# ll -d /test/ drwxr-xr-x 2 mycat mycat 6 Sep 24 11:48 /test/
It turned into mycat. . .
It turns out that this is related to UID. UID, that is, "user identification number", is an integer, which is used internally to identify users. Generally, it corresponds to the username one by one.
First check the UID corresponding to the victor in the container.
[root@b5ed8216401f /]# cat /etc/passwd | grep victor victor:x:1000:1000::/home/victor:/bin/bash
The UID of the victor is 1000, so who is the user corresponding to 1000 in the host?
[root@localhost ~]# cat /etc/passwd |grep 1000 mycat:x:1000:1000::/home/mycat:/bin/bash
It can be seen that the corresponding user of UID 1000 in the host is mycat.
6. If the container is destroyed, will the newly created mount directory on the host disappear?
Here, there are two main verification situations: 1. The host directory is specified, that is, -v /test:/soft. 2. There is no specified host directory, i.e. -v /soft
The first case:
[root@localhost ~]# rm -rf /test --First delete the host's /test directory[root@localhost ~]# ls / -- You can see that there is no /test directory on the hostbin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var [root@localhost ~]# docker run -it --name=centos_test -v /test:/soft centos /bin/bash --Start the container. For the convenience of deletion, I used the --name parameter to specify the name of the container[root@82ad7f3a779a /]# exit exit [root@localhost ~]# docker rm centos_test -- delete containercentos_test [root@localhost ~]# ls / --Discover the /test directory still existsbin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys test tmp usr var
It can be seen that even if the container is destroyed, the newly created mount directory will not disappear. It can be further verified that if the owner and group of the host directory change, after the container is destroyed, the owner and group of the host directory will not return to the state before the mount.
In the second case, through the above verification, if there is no directory for the specified host, the container will randomly configure a directory in /var/lib/docker/volumes/. Then let's see if the container destruction in this case will cause the corresponding directory to be deleted.
Start the container first
[root@localhost ~]# docker run -it --name=centos_test -v /soft centos /bin/bash [root@6b75579ec934 /]# exit exit
The docker inspect command to view the mount directory generated by the container on the host machine
"Mounts": [
{
"Name": "b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301",
"Source": "/var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301/_data",
"Destination": "/soft",
"Driver": "local",
"Mode": "",
"RW": true
}
],
The corresponding one is /var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301/_data directory
Destroy the container and see if the directory exists
[root@localhost ~]# docker rm centos_test centos_test [root@localhost ~]# ll /var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301 total 0 drwxr-xr-x 2 root root 6 Sep 24 14:25 _data
I found that the directory still exists. Even if the docker service is restarted, the directory still exists.
[root@localhost ~]# systemctl restart docker [root@localhost ~]# ll /var/lib/docker/volumes/b53164cb1c9f1917788638692fb22ad11994cf1fbbc2461b6c390cd3e10ea301 total 0 drwxr-xr-x 2 root root 6 Sep 24 14:25 _data
7. After the host is mounted, operate it in the container and report "Permission denied".
There are two ways to solve it:
1> Close selinux.
Temporary close: # setenforce 0
Permanently close: Modify /etc/sysconfig/selinux file and set the value of SELINUX to disabled.
2> Start the container in a privileged way
Specify --privileged parameter
like:
# docker run -it --privileged=true -v /test:/soft centos /bin/bash
The above is all the content of this article. I hope it will be helpful to everyone's study and I hope everyone will support me more.