'./' relative paths are allowed in the file
version: '3' ... volumes: - ./://:ro - ./mongo-volume:/data/db ...
The files under the current path will be mounted to // in the container and set to read-only;
The mongo-volume directory under the current path will be mounted to the container /data/db. If mongo-volume does not exist, the directory will be automatically created.
But if it is docker run, you cannot use relative paths like the one above
>>> docker run -d --restart always -p 27017-27019:27017-27019 -e MONGO_INITDB_DATABASE=job -e MONGO_INITDB_ROOT_USERNAME=root -e MONGO_INITDB_ROOT_PASSWORD=root -v $PWD/://:ro -v ./mongo-volume:/data/db --name my-mongo-container mongo docker: Error response from daemon: create ./: "./" includes invalid characters for a local volume name, only "[a-zA-Z0-9][a-zA-Z0-9_.-]" are allowed. If you intended to pass a host directory, use absolute path. See 'docker run --help'.
Need to use $PWD instead of dot '.'
>>> docker run -d --restart always -p 27017-27019:27017-27019 -e MONGO_INITDB_DATABASE=job -e MONGO_INITDB_ROOT_USERNAME=root -e MONGO_INITDB_ROOT_PASSWORD=root -v $PWD/://:ro -v $PWD/mongo-volume:/data/db --name my-mongo-container mongo 3081e25a20fa8b2e95850897b3b32b08da298f73d7e458119fa3f2c85b45f020
Supplement: Docker -v has no permissions to mounted directories Permission denied
1. Problem
Today, when using docker to mount redis, I always report an error
docker run -v /home/redis/:/usr/local/etc/redis/ --name redis2 -p 6378:6379 redis redis-server /usr/local/etc/redis/
Then it keeps reporting errors:
Fatal error, can't open config file '/usr/redis/'
2. Troubleshooting process
The same is true for viewing logs
Then I removed the configuration file
docker run -v /home/redis/:/usr/local/etc/redis/ --name redis2 -p 6378:6379 redis
Then enter the container
docker exec -it redis2 /bin/bash
Then enter the mounted folder
cd /usr/local/etc/redis
An error was found:
cannot open directory '.': Permission denied
That is, no permission
3. Causes and solutions
3.1 Cause
Selinux, security module in centos7, bans permissions
3.2 Solution
There are three ways to solve it:
1. Add --privileged=true at runtime
docker run -v /home/redis/:/usr/local/etc/redis/ --name redis2 --privileged=true redis redis-server /usr/local/etc/redis/
2. Temporarily close selinux and then open it again
[root@localhost tomcat]# setenforce 0 [root@localhost tomcat]# setenforce 1
3. Add linux rules and add the directory to be mounted to the selinux whitelist
Change the format of security text as follows
chcon [-R] [-t type] [-u user] [-r role] file or directory
No parameters for the option:
-R: All directories under this directory are also modified at the same time;
-t: Followed by the type field of security article, such as httpd_sys_content_t;
-u: Identity identification is followed, such as system_u;
-r: back street color, for example system_r
implement:
chcon -Rt svirt_sandbox_file_t /home/redis/
4. Some experiences about docker mounts
4.1 The container directory cannot be a relative path
4.2 If the host directory does not exist, it will be automatically generated.
4.3 What if the host directory is a relative path
You can view the container "Mounts" part through the docker inspect command, and we can get the answer to this question.
The above is personal experience. I hope you can give you a reference and I hope you can support me more. If there are any mistakes or no complete considerations, I would like to give you advice.