Docker容器数据卷

一、概念

1.定义

卷就是目录或文件，存在于一个或多个容器中，由docker挂载到容器，但不属于联合文件系统，因此能够绕过Union File System提供一些用于持续存储或共享数据的特性。
卷的设计目的就是数据的持久化，完全独立于容器的生存周期，因此Docker不会在容器删除时删除其挂载的数据卷

2.作用：

将运用与运行的环境打包镜像，run后形成容器实例运行 ，但是我们对数据的要求希望是持久化的。
 Docker容器产生的数据，如果不备份，那么当容器实例删除后，容器内的数据自然也就没有了。
为了能保存数据在docker中则使用卷。

3.特点：

• 数据卷可在容器之间共享或重用数据
• 卷中的更改可以直接实时生效
• 数据卷中的更改不会包含在镜像的更新中
• 数据卷的生命周期一直持续到没有容器使用它为止

二、添加容器卷

运行一个带有容器卷存储功能的容器实例：
docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录 镜像名

Docker挂载主机目录访问如果出现cannot open directory .: Permission denied
解决办法：在挂载目录后多加一个–privileged=true参数

1.宿主vs容器之间映射添加容器卷

容器操作：

hongcaixia@hongcaixiadeMacBook-Pro ~ % docker run -it --privileged=true -v /Users/hongcaixia/Documents/host_data:/tmp/docker_data --name=my_centos centos
[root@c61d4745b6e8 /]# cd /tmp/docker_data
[root@c61d4745b6e8 docker_data]# ls
[root@c61d4745b6e8 docker_data]# touch docker.txt   
[root@c61d4745b6e8 docker_data]# ls
docker.txt
[root@c61d4745b6e8 docker_data]# ls -- 宿主机在该目录建立了host.txt
docker.txt  host.txt
[root@c61d4745b6e8 docker_data]# echo 'write in docker'>docker.txt
[root@c61d4745b6e8 docker_data]# cat docker.txt
write in docker
[root@c61d4745b6e8 docker_data]# cat docker.txt  -- 宿主机在该文件写入了write in host
write in docker
write in host
[root@c61d4745b6e8 docker_data]# 

主机操作：

hongcaixia@hongcaixiadeMacBook-Pro ~ % cd /Users/hongcaixia/Documents/host_data
hongcaixia@hongcaixiadeMacBook-Pro host_data % ls
docker.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data % touch host.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data % ls
docker.txt	host.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data % vi docker.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data % cat docker.txt
write in docker
write in host
hongcaixia@hongcaixiadeMacBook-Pro host_data % 

使用docker inspect 容器id 命令查看容器挂载信息：

hongcaixia@hongcaixiadeMacBook-Pro ~ % docker ps
CONTAINER ID   IMAGE     COMMAND       CREATED          STATUS          PORTS     NAMES
dd1b08d9fd2a   centos    "/bin/bash"   14 minutes ago   Up 14 minutes             docker_centos
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker inspect dd1b08d9fd2a
[
...
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/Users/hongcaixia/Documents/host_data",
                "Destination": "/tmp/docker_data",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
...
]

如果容器停止了，主机在挂载目录修改内容，当容器启动之后依旧可以同步到信息：
容器操作：

hongcaixia@hongcaixiadeMacBook-Pro ~ % docker ps
CONTAINER ID   IMAGE     COMMAND       CREATED          STATUS          PORTS     NAMES
dd1b08d9fd2a   centos    "/bin/bash"   22 minutes ago   Up 22 minutes             docker_centos
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker stop dd1b08d9fd2a
dd1b08d9fd2a
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker start dd1b08d9fd2a
dd1b08d9fd2a
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker ps
CONTAINER ID   IMAGE     COMMAND       CREATED          STATUS         PORTS     NAMES
dd1b08d9fd2a   centos    "/bin/bash"   24 minutes ago   Up 2 seconds             docker_centos
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker exec -it dd1b08d9fd2a bash
[root@dd1b08d9fd2a /]# cd /tmp/docker_data/
[root@dd1b08d9fd2a docker_data]# ls
docker.txt  docker_in.txt  docker_in.txt~  docker_in.txz~  host.txt  host1.txt
[root@dd1b08d9fd2a docker_data]#

主机操作：在容器停止之后创建host1.txt：

hongcaixia@hongcaixiadeMacBook-Pro host_data % touch host1.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data % ls
docker.txt	docker_in.txt	docker_in.txt~	docker_in.txz~	host.txt	host1.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data % 

2.添加读写映射规则

默认是可读可写

设置只读限制：容器实例内部被限制，只能读取不能写
docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录:ro 镜像名

容器操作：

hongcaixia@hongcaixiadeMacBook-Pro ~ % docker run -it --privileged=true -v /Users/hongcaixia/Documents/host_data2:/tmp/docker_data2:ro --name=hcx_centos2 centos
[root@f12971f08fb1 /]# ls
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
[root@f12971f08fb1 /]# cd /tmp/docker_data2/
[root@f12971f08fb1 docker_data2]# ls -- 在主机中创建的文件
host.txt
[root@f12971f08fb1 docker_data2]# touch docker.txt
touch: cannot touch 'docker.txt': Read-only file system
[root@f12971f08fb1 docker_data2]# 

主机操作：

hongcaixia@hongcaixiadeMacBook-Pro Documents % cd host_data2 
hongcaixia@hongcaixiadeMacBook-Pro host_data2 % ls
hongcaixia@hongcaixiadeMacBook-Pro host_data2 % touch host.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data2 % ls
host.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data2 %

三、卷的继承和共享

docker run -it --privileged=true --volumes-from 父类 --name 容器名 镜像名

第一个容器my_centos3:

hongcaixia@hongcaixiadeMacBook-Pro ~ % docker run -it --privileged=true -v /Users/hongcaixia/Documents/host_data3:/tmp/docker_data3 --name=my_centos3 centos
[root@1e7c088b1b4d /]# cd /tmp/docker_data3
[root@1e7c088b1b4d docker_data3]# ls
[root@1e7c088b1b4d docker_data3]# touch docker3.txt
[root@1e7c088b1b4d docker_data3]# ls
docker3.txt
[root@1e7c088b1b4d docker_data3]# ls
docker3.txt  docker4.txt
[root@1e7c088b1b4d docker_data3]# ls
docker3.txt  docker4.txt  host.txt
[root@1e7c088b1b4d docker_data3]#

-- 停掉父容器，不影响子容器和主机的同步
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker ps
CONTAINER ID   IMAGE     COMMAND       CREATED         STATUS         PORTS     NAMES
671ef51c2961   centos    "/bin/bash"   6 minutes ago   Up 6 minutes             my_centos4
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker stop 671ef51c2961
671ef51c2961
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
hongcaixia@hongcaixiadeMacBook-Pro ~ % 

-- 父容器恢复，主机和子容器的操作可以同步过来
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker start 671ef51c2961
671ef51c2961
hongcaixia@hongcaixiadeMacBook-Pro ~ % docker exec -it 671ef51c2961 /bin/bash
[root@671ef51c2961 /]# cd /tmp/docker_data3/
[root@671ef51c2961 docker_data3]# ls
docker3.txt  docker4.txt  host.txt  host2.txt
[root@671ef51c2961 docker_data3]#

第二个容器my_centos4: 继承3的容器卷

hongcaixia@hongcaixiadeMacBook-Pro ~ % docker run -it --privileged=true --volumes-from my_centos3 --name=my_centos4 centos 
[root@671ef51c2961 /]# cd /tmp/docker_data3
[root@671ef51c2961 docker_data3]# ls
docker3.txt
[root@671ef51c2961 docker_data3]# touch docker4.txt
[root@671ef51c2961 docker_data3]# ls
docker3.txt  docker4.txt  host.txt
[root@671ef51c2961 docker_data3]# 

-- 停掉父容器，不影响子容器和主机的同步
[root@671ef51c2961 docker_data3]# ls
docker3.txt  docker4.txt  host.txt  host2.txt
[root@671ef51c2961 docker_data3]# 

主机：

hongcaixia@hongcaixiadeMacBook-Pro Documents % cd host_data3
hongcaixia@hongcaixiadeMacBook-Pro host_data3 % ls
hongcaixia@hongcaixiadeMacBook-Pro host_data3 % ls
docker3.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data3 % ls
docker3.txt	docker4.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data3 % touch host.txt   
hongcaixia@hongcaixiadeMacBook-Pro host_data3 % ls
docker3.txt	docker4.txt	host.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data3 % 

hongcaixia@hongcaixiadeMacBook-Pro host_data3 % touch host2.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data3 % ls
docker3.txt	docker4.txt	host.txt	host2.txt
hongcaixia@hongcaixiadeMacBook-Pro host_data3 % 

父容器stop，不会影响子容器和主机之间的同步