I. Introduction
When we use Docker to create a mysql container, the data is stored in the container
If you accidentally execute docker rm $(docker ps -aq) to delete all container s one day, the data in mysql will also be deleted, which is not safe
We need to persist the data and store it outside the container. Even deleting the container will not delete the original data
II. Defects of containers
The data in the container can be stored in the container layer. However, the following problems exist in storing data in the container layer:
1. Data is not persistent. This means that if the container is deleted, the data will be lost
2. Other processes on the host are not convenient to access these data
3. I/O to these data will go through the storage drive, and then arrive at the host, introducing a layer of indirect layer, so the performance will be reduced
3. data volume can be mounted in two ways:
1) bind mount (user management): mount a directory or file (not a formatted disk file) on the host to the container. By default, the directory has read and write permissions in the container. If you only need to add files to the container and do not want to cover the directory, you need to note that the source file must exist, otherwise it will be treated as a directory bind mount to the container Apparatus.
2) docker manager volume (docker automatic management): you do not need to specify the source file, only the mount point. The directory in the container is mapped to local.
The disadvantage of this method compared with bind mount is that it cannot restrict the permission to the directory or file inside the container.
Using the second mounting method, - v when mounting, do not specify the source file location, then the default mounting path is:
[root@sqm-docker01 _data]# pwd /var/lib/docker/volumes/dd173640edd5b0205bb02f3c4139647be12528b38289b9f93f18123a6b1266a8/_data #When a directory is mounted, a string of hash values will be generated by default under / var/lib/docker/volumes /. There is a directory of_data under the hash value, and the mapped files in the container are in this path.
IV. Storage Driver
Data storage mode
For the Centos7 version of docker, the Storage Driver is: overlay2, Backing Filesystem: xfs
You can use the docker inspection container name to see how the data is stored
V. Data Volume
(Bind mount)
Persistent storage: essentially, it is a directory or file in the DockerHost file system, which can be directly mounted to the container's file system. When you run the container, you can do this with - v.
Characteristic:
**1. Data volume is a directory or file, not a disk (block device) without format.
- The container can read and write data in volume.
- Volume data can be saved permanently, even if the container that uses it has been destroyed. **
Small experiment:
Running a nginx service for data persistence
(1) Data Volume is a directory or file, not a disk (block device) without format.
[root@docker01 ~]# mkdir html //Create test directory [root@docker01 ~]# cd html/ [root@docker01 html]# echo "This is a testfile in dockerHost." > index.html //Create test page [root@docker01 ~]# docker run -itd --name testweb -v /root/html/:/usr/share/nginx/html nginx:latest //Run a nginx container and mount the directory [root@docker01 ~]# docker inspect testweb
[root@docker01 ~]# curl 172.17.0.3
Note: the source file or directory to be mounted on the dockerhost must already exist, otherwise, it will be mounted to the container as a directory.
(2) the container can read and write data in volume.
[root@docker01 ~]# docker exec -it testweb /bin/bash root@ef12d312a94e:/# cd /usr/share/nginx/html/ root@ef12d312a94e:/usr/share/nginx/html# echo "update" > index.html //Update web page in container root@ef12d312a94e:/usr/share/nginx/html# exit [root@docker01 ~]# cat html/index.html //You can see that the mount directory of the host directory is also updated
(3) Volume data can be saved permanently. Even if the container using it has been destroyed, it can be accessed by restarting a container to mount the directory through the host's Mount directory.
[root@docker01 ~]# docker ps -a -q |xargs docker rm -f
//Delete all containers
[root@docker01 ~]# cat html/index.html //After the container is deleted, the test page of the host is also in the
[root@docker01 ~]# docker run -itd --name t1 -P -v /root/html/:/usr/share/nginx/html nginx:latest //Create a container based on the test web page [root@docker01 ~]# docker ps
[root@docker01 ~]# curl 127.0.0.1:32768 //Visit
[root@docker01 ~]# echo "update-new" > html/index.html //Update test page again [root@docker01 ~]# curl 127.0.0.1:32768 //Update the test page on the host, and the test page of the container just created will also be updated
(5) by default, the files attached to the container have read and write permissions. You can add ": ro" after the running container is - v to restrict the write permission of the container
[root@docker01 ~]# docker run -itd --name t2 -P -v /root/html/:/usr/share/nginx/html:ro nginx:latest //Create container set read permission [root@docker01 ~]# docker exec -it t2 /bin/bash //Enter container root@4739c0f5d970:/# cd /usr/share/nginx/html root@4739c0f5d970:/usr/share/nginx/html# echo 1234 > index.html //Modify test page (failed because it is read-only)
[root@docker01 ~]# echo 654321 > html/index.html //Host can be changed [root@docker01 ~]# curl 127.0.0.1:32768
(6) you can also mount individual files inside the container. In general, if you don't want to overwrite the entire directory and just want to add a file, you can mount a single file.
< 1 > Test 1
[root@docker01 ~]# docker run -itd --name v6 -P -v /root/html/index.html:/usr/share/nginx/html/index.html nginx:latest [root@docker01 ~]# docker ps
[root@docker01 ~]# curl 127.0.0.1:32770
< 1 > test2
[root@docker01 ~]# echo test > test.html [root@docker01 ~]# docker run -itd --name t8 -P -v /root/test.html:/usr/share/nginx/html/test.html nginx:latest
[root@docker01 ~]# curl 127.0.0.1:32772/test.html
Vi. Docker Manager Volume
The directory will be automatically generated on the host, so only the directory in the container will be written when the directory is mounted.
[root@docker01 ~]# docker run -itd --name t1 -P -v /usr/share/nginx/html nginx:latest [root@docker01 ~]# docker ps
[root@docker01 ~]# docker inspect t1
[root@docker01 _data]# cd /var/lib/docker/volumes/17c50a065a6b10ccd01ca1ce8091fdf6282dc9dcb77a0f6695906257ecc03a63/_data [root@docker01 _data]# echo "this is a testfile" > index.html [root@docker01 _data]# docker ps
[root@docker01 _data]# curl 127.0.0.1:32777
[root@docker01 _data]# docker volume ls
[root@docker01 _data]# docker rm t1 -f [root@docker01 _data]# cat index.html
1. To delete the container, the source file on dockerhost will not be operated by default. If you want to delete the source file when deleting the container, you can add the - v option when deleting the container (this method is generally not recommended, because the file may be used by other containers)
[root@docker01 _data]# docker run -itd --name t2 -P -v /usr/share/nginx/html nginx:latest [root@docker01 ~]# docker inspect t2
[root@docker01 ~]# cd /var/lib/docker/volumes/2781dbfdc673fc7d149dc4f6217ef277fe72e05ba2e20fcebb617afe97eccb30/_data [root@docker01 _data]# docker rm -v t2 -f t2 [root@docker01 _data]# ls
VII. Container and container data sharing
Volume container: a container that provides volume storage volumes to other containers. It can also provide bind mount or docker manager volume.
Create a VC? Data container
[root@docker01 ~]# docker create --name vc_data -v ~/html:/usr/share/nginx/html -v /other/useful/tools busybox [root@docker01 ~]# docker inspect vc_data
[root@docker01 ~]# docker run -itd --name t3 -P --volumes-from vc_data nginx:latest [root@docker01 ~]# docker ps
[root@docker01 ~]# curl 127.0.0.1:32779