10.docker卷

Docker Volume

​Docker Volume 是 docker的数据卷，用于保持数据持久化。MySQL运行在Docker容器中时，一般将数据通过Docker Volume保存在主机上，即使删除MySQL容器，数据不会丢失。

MySQL Dockerfile

找到docker hub上的mysql 5.7官方dockerfile
https://github.com/docker-library/mysql/blob/e0d43b2a29867c5b7d5c01a8fea30a086861df2b/5.7/Dockerfile.debian

#
# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
#
# PLEASE DO NOT EDIT IT DIRECTLY.
#

FROM debian:buster-slim

# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r mysql && useradd -r -g mysql mysql

RUN apt-get update && apt-get install -y --no-install-recommends gnupg dirmngr && rm -rf /var/lib/apt/lists/*

# add gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.14
RUN set -eux; \
	savedAptMark="$(apt-mark showmanual)"; \
	apt-get update; \
	apt-get install -y --no-install-recommends ca-certificates wget; \
	rm -rf /var/lib/apt/lists/*; \
	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
	export GNUPGHOME="$(mktemp -d)"; \
	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
	gpgconf --kill all; \
	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
	apt-mark auto '.*' > /dev/null; \
	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
	chmod +x /usr/local/bin/gosu; \
	gosu --version; \
	gosu nobody true

RUN mkdir /docker-entrypoint-initdb.d

RUN set -eux; \
	apt-get update; \
	apt-get install -y --no-install-recommends \
		bzip2 \
		openssl \
# FATAL ERROR: please install the following Perl modules before executing /usr/local/mysql/scripts/mysql_install_db:
# File::Basename
# File::Copy
# Sys::Hostname
# Data::Dumper
		perl \
		xz-utils \
		zstd \
	; \
	rm -rf /var/lib/apt/lists/*

RUN set -eux; \
# gpg: key 3A79BD29: public key "MySQL Release Engineering " imported
	key='859BE8D7C586F538430B19C2467B942D3A79BD29'; \
	export GNUPGHOME="$(mktemp -d)"; \
	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
	mkdir -p /etc/apt/keyrings; \
	gpg --batch --export "$key" > /etc/apt/keyrings/mysql.gpg; \
	gpgconf --kill all; \
	rm -rf "$GNUPGHOME"

ENV MYSQL_MAJOR 5.7
ENV MYSQL_VERSION 5.7.40-1debian10

RUN echo 'deb [ signed-by=/etc/apt/keyrings/mysql.gpg ] http://repo.mysql.com/apt/debian/ buster mysql-5.7' > /etc/apt/sources.list.d/mysql.list

# the "/var/lib/mysql" stuff here is because the mysql-server postinst doesn't have an explicit way to disable the mysql_install_db codepath besides having a database already "configured" (ie, stuff in /var/lib/mysql/mysql)
# also, we set debconf keys to make APT a little quieter
RUN { \
		echo mysql-community-server mysql-community-server/data-dir select ''; \
		echo mysql-community-server mysql-community-server/root-pass password ''; \
		echo mysql-community-server mysql-community-server/re-root-pass password ''; \
		echo mysql-community-server mysql-community-server/remove-test-db select false; \
	} | debconf-set-selections \
	&& apt-get update \
	&& apt-get install -y \
		mysql-server="${MYSQL_VERSION}" \
# comment out a few problematic configuration values
	&& find /etc/mysql/ -name '*.cnf' -print0 \
		| xargs -0 grep -lZE '^(bind-address|log)' \
		| xargs -rt -0 sed -Ei 's/^(bind-address|log)/#&/' \
# don't reverse lookup hostnames, they are usually another container
	&& echo '[mysqld]\nskip-host-cache\nskip-name-resolve' > /etc/mysql/conf.d/docker.cnf \
	&& rm -rf /var/lib/apt/lists/* \
	&& rm -rf /var/lib/mysql && mkdir -p /var/lib/mysql /var/run/mysqld \
	&& chown -R mysql:mysql /var/lib/mysql /var/run/mysqld \
# ensure that /var/run/mysqld (used for socket and lock files) is writable regardless of the UID our mysqld instance ends up having at runtime
	&& chmod 1777 /var/run/mysqld /var/lib/mysql

VOLUME /var/lib/mysql

COPY docker-entrypoint.sh /usr/local/bin/
RUN ln -s usr/local/bin/docker-entrypoint.sh /entrypoint.sh # backwards compat
ENTRYPOINT ["docker-entrypoint.sh"]

EXPOSE 3306 33060
CMD ["mysqld"]

注意VOLUME /var/lib/mysql

docker volume

docker volume prune

docker image pull mysql

docker image inspect mysql
# "Volumes": {
#     "/var/lib/mysql": {}
# }

# docker image inspect mysql --format '{{ .Config.Volumes }}'

启动mysql

docker container run -d --name mysql -e MYSQL_ALLOW_EMPTY_PASSWORD=True mysql

docker container ls

docker container inspect mysql
# "Mounts": [
#      {
#          "Type": "volume",
#          "Name": "766475a93e0f1e4583f3d6067377451e444c14b15d2450ca349bbe36899f1806",
#          "Source": "/var/lib/docker/volumes/766475a93e0f1e4583f3d6067377451e444c14b15d2450ca349bbe36899f1806/_data",
#          "Destination": "/var/lib/mysql",
#          "Driver": "local",
#          "Mode": "",
#          "RW": true,
#          "Propagation": ""
#      }
#  ],

# docker container inspect mysql --format '{{ .Mounts }}'
ls /var/lib/docker/volumes/

mounts显示了source和destination

docker volume ls
# DRIVER    VOLUME NAME
# local     766475a93e0f1e4583f3d6067377451e444c14b15d2450ca349bbe36899f1806

docker volume inspect 766475a93e0f1e4583f3d6067377451e444c14b15d2450ca349bbe36899f1806
#[
#    {
#        "CreatedAt": "2023-01-15T23:52:38Z",
#        "Driver": "local",
#        "Labels": null,
#        "Mountpoint": "/var/lib/docker/volumes/766475a93e0f1e4583f3d6067377451e444c14b15d2450ca349bbe36899f1806/_data",
#        "Name": "766475a93e0f1e4583f3d6067377451e444c14b15d2450ca349bbe36899f1806",
#        "Options": null,
#        "Scope": "local"
#    }
#]

从volume视角，我们只能看到哪个数据卷挂载在主机上，但是不能得知该数据卷属于哪个容器

比如我们启动第二个mysql容器，再停止所有mysql

docker container run -d --name mysql2 -e MYSQL_ALLOW_EMPTY_PASSWORD=True mysql

docker volume ls

docker container rm -f mysql mysql2

docker volume ls

volume并不会消失，但是很难直观判断属于哪个容器

Named Volume

docker container run -d --name mysql -e MYSQL_ALLOW_EMPTY_PASSWORD=True -v mysql-db:/var/lib/mysql mysql

docker volume ls
# DRIVER    VOLUME NAME
# local     766475a93e0f1e4583f3d6067377451e444c14b15d2450ca349bbe36899f1806
# local     b3b2ab7a9557160a9066bef15c61af2cfc3d7d05dd5323fc51a80cb414ef6799
# local     mysql-db

显示指定数据卷

docker volume inspect mysql-db
# [
#     {
#         "CreatedAt": "2023-01-16T00:13:34Z",
#         "Driver": "local",
#         "Labels": null,
#         "Mountpoint": "/var/lib/docker/volumes/mysql-db/_data",
#         "Name": "mysql-db",
#         "Options": null,
#         "Scope": "local"
#     }
# ]

甚至可以创建新的容器，使用已有的数据卷

docker container run -d --name mysql3 -e MYSQL_ALLOW_EMPTY_PASSWORD=True -v mysql-db:/var/lib/mysql mysql

绑定挂载 volume

Volume的绑定只能使用container run，不能使用Dockerfile

挂载之后主机上的文件会覆盖掉容器内对应位置的文件

mkdir nginx
cd nginx

echo "Nginx Docker" > index.html

docker container run -d --name nginx -p 80:80 -v $(pwd):/usr/share/nginx/html nginx

echo "test" > test.txt

利用这个方式可以将数据库的数据存储在指定位置，然后通过docker更新数据库的版本。