什么是容器数据卷

容器之间数据共享的技术, 将容器内的目录挂载到宿主机上面
容器之间也可以数据共享

使用数据卷

方式一:直接使用命令挂载

1
docker run -it -v /home/test:/home centos /bin/bash

实战:MySQL数据同步

1
2
3
4
5
mac@MacdeMacBook-Pro ~ %  docker pull mysql:5.7

mac@MacdeMacBook-Pro ~ % docker run -d -p 3310:3306 -v /var/mysql/conf:/etc/mysql/conf.d -v /var/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql001 mysql:5.7
580d5a355e0b915775a0a2af5c5213a5793607f707fee061f0b040bd6eea82f1

具名和匿名挂载

1
2
3
4
5
6
7
8
9
10
11
#匿名挂载
-v 容器内路径
docker run -d -p --name nginx01 -v /etc/nginx nginx
#查看所有的volume的情况
mac@MacdeMacBook-Pro % docker volume ls
DRIVER VOLUME NAME
local 301a47b705a04d43c2e4b18b75ac718565cb85ac0cf01aea00cce3a9f2b7f735
local 9813bf99ab12abe5d2f03654592cbd611aae2a971e95006c7969b07d03644f76
#具名挂载
docker run -d -p --name nginx02 -v 卷名:/etc/nginx nginx
所有的docker容器内的卷,没有指定目录的情况下都是在 /var/lib/docker/volumes/xxx/_data里
1
2
3
4
5
6
7
8
9
-v 容器内路径 #匿名挂载
-v 卷名:容器内路径 #具名挂载
-v 宿主机路径:容器内路径 #指定路径挂载

#通过-v容器内路径:ro rw改变读写权限
ro readonly #只读
rw readwrite #可读可写
#ro只能在宿主机操作当前目录 容器内无权限

Dockerfile

Dockerfile是来构建docker镜像的构建文件

方式二:通过dockerfile构建容器数据卷

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
FROM ubuntu

VOLUME ["volume1","volume2"]

CMD echo "-----build success--------"

CMD /bin/bash

mac@MacdeMacBook-Pro /var % sudo docker build -f dockerfile1 -t ccczg/ubuntu:1.0 .
[+] Building 22.7s (5/5) FINISHED
=> [internal] load build definition from dockerfile1 0.0s
=> => transferring dockerfile: 139B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:latest 15.9s
=> [1/1] FROM docker.io/library/ubuntu@sha256:cf31af331f38d1d7158470e095 6.6s
=> => resolve docker.io/library/ubuntu@sha256:cf31af331f38d1d7158470e095 0.0s
=> => sha256:5e9250ddb7d0fa6d13302c7c3e6a0aa40390e42424caed1 187B / 187B 0.4s
=> => sha256:cf31af331f38d1d7158470e095b132acd126a7180a5 1.20kB / 1.20kB 0.0s
=> => sha256:86ac87f73641c920fb42cc9612d4fb57b5626b56ea2a19b 943B / 943B 0.0s
=> => sha256:7e0aa2d69a153215c790488ed1fcec162015e973e49 3.31kB / 3.31kB 0.0s
=> => sha256:345e3491a907bb7c6f1bdddcf4a94284b8b6ddd77 28.54MB / 28.54MB 4.5s
=> => sha256:57671312ef6fdbecf340e5fed0fb0863350cd806c92b1fd 851B / 851B 0.3s
=> => extracting sha256:345e3491a907bb7c6f1bdddcf4a94284b8b6ddd77eb7d93f 1.7s
=> => extracting sha256:57671312ef6fdbecf340e5fed0fb0863350cd806c92b1fdd 0.0s
=> => extracting sha256:5e9250ddb7d0fa6d13302c7c3e6a0aa40390e42424caed1e 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:7e08dd3dc897dc40f94af5b0ba23bb58eb184488de7c3 0.0s
=> => naming to docker.io/ccczg/ubuntu:1.0 0.0s

Use 'docker scan' to run Snyk tests against images to find vulnerabilities and learn how to fix them

root@8df24d2efec4:/# ls
bin dev home lib32 libx32 mnt proc run srv tmp var volume2
boot etc lib lib64 media opt root sbin sys usr volume1
mac@MacdeMacBook-Pro ~ % docker inspect 8df24d2efec4
[
//...
#挂载目录
"Mounts": [
{
"Type": "volume",
"Name": "edb15e1990a049d68c736759bbd96e452cc9f4c9186248f4ff9885875da53326",
"Source": "/var/lib/docker/volumes/edb15e1990a049d68c736759bbd96e452cc9f4c9186248f4ff9885875da53326/_data",
"Destination": "volume1",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
},
{
"Type": "volume",
"Name": "94a8cd9f0323f08bb912acfc60c46e57ee2c277b499805376f094eb02c3b3906",
"Source": "/var/lib/docker/volumes/94a8cd9f0323f08bb912acfc60c46e57ee2c277b499805376f094eb02c3b3906/_data",
"Destination": "volume2",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
//...
]

数据卷容器

容器间数据共享

1
docker run --volumes-from