一、具名挂载和匿名挂载是什么?
具名挂载的顾名思义就是有名字,这个名字是我们自己给取的,使用了具名挂载之后,我们可以通过命令查看自己制定的这个名字。
匿名挂载的意思就是不指定名字,让系统给他默认生成一个长长的字符串作为名字。
两者都可以实现把docker容器内部的目录挂载到主机上来,以防止数据的丢失,然后也可以通过宿主机操作容器内部的数据,这样的话,会更加方便,不过最主要的还是体现在第一点,确保安全性。
二、使用步骤
1.具名挂载
#以具名挂载的方式启动容器,需要注意的是,p需要大写,没有写端口的话,就是随机分配端口
# 格式:-v 具名名称:/容器内路径
[root@iZbp10d5h2h0qbsabf055iZ ~]# docker run -d -P --name nginx02 -v juming-nginx:/etc/nginx nginx
e056ecd764d8d96c97d4b8bb3172fc569151fd60ff897195d5a6d813113487e8
nginx容器已经成功运行起来了
[root@iZbp10d5h2h0qbsabf055iZ ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e056ecd764d8 nginx "/docker-entrypoint.…" 10 seconds ago Up 9 seconds 0.0.0.0:49153->80/tcp nginx02
接下来通过docker volume ls
查看卷挂载的情况,可以看到确实有一个叫做juming-nginx的卷挂载。
[root@iZbp10d5h2h0qbsabf055iZ ~]# docker volume ls
DRIVER VOLUME NAME
local d4eea76262dd14ccdf40faae90d916a98f2e97241c9faa463ed8e2e1c057eecd
local e8db426c1ca6978fabeaae31c88a9285a8ee009e2422ef36d2969bf243f8f09e
local juming-nginx
[root@iZbp10d5h2h0qbsabf055iZ ~]#
查看juming-nginx这个具体的卷
#Mountpoint代表宿主机路径,默认情况下,在容器内的路径全部挂载这宿主机的这个位置。
[root@iZbp10d5h2h0qbsabf055iZ ~]# docker volume inspect juming-nginx
[
{
"CreatedAt": "2021-02-23T18:55:44+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/juming-nginx/_data",
"Name": "juming-nginx",
"Options": null,
"Scope": "local"
}
]
[root@iZbp10d5h2h0qbsabf055iZ ~]#
查看一下宿主机上对应的位置。
[root@iZbp10d5h2h0qbsabf055iZ ~]# cd /var/lib/docker/volumes/
[root@iZbp10d5h2h0qbsabf055iZ volumes]# ls #显示所有的卷信息
backingFsBlockDev juming-nginx
d4eea76262dd14ccdf40faae90d916a98f2e97241c9faa463ed8e2e1c057eecd metadata.db
e8db426c1ca6978fabeaae31c88a9285a8ee009e2422ef36d2969bf243f8f09e
[root@iZbp10d5h2h0qbsabf055iZ volumes]# cd juming-nginx/
[root@iZbp10d5h2h0qbsabf055iZ juming-nginx]# ls
_data
[root@iZbp10d5h2h0qbsabf055iZ juming-nginx]# cd _data/
[root@iZbp10d5h2h0qbsabf055iZ _data]# ls
conf.d fastcgi_params koi-utf koi-win mime.types modules nginx.conf scgi_params uwsgi_params win-utf
[root@iZbp10d5h2h0qbsabf055iZ _data]# cat nginx.conf #查看这个配置文件
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
[root@iZbp10d5h2h0qbsabf055iZ _data]#
2.匿名挂载
以匿名的方式启动了一个容器,同样是挂载容器内容的/etc/nginx
目录
[root@iZbp10d5h2h0qbsabf055iZ _data]# docker run -d -P --name nginx03 -v /etc/nginx nginx
ade532db323816d8de574ca694fb4c493a9a84afbfc35f9ccc3c8323d2fc7d68
[root@iZbp10d5h2h0qbsabf055iZ _data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ade532db3238 nginx "/docker-entrypoint.…" 8 seconds ago Up 7 seconds 0.0.0.0:49154->80/tcp nginx03
e056ecd764d8 nginx "/docker-entrypoint.…" 11 minutes ago Up 11 minutes 0.0.0.0:49153->80/tcp nginx02
[root@iZbp10d5h2h0qbsabf055iZ _data]#
因为是匿名挂载,那么卷的名字就是一串随机的字符串。
[root@iZbp10d5h2h0qbsabf055iZ _data]# docker volume ls
DRIVER VOLUME NAME
local d4eea76262dd14ccdf40faae90d916a98f2e97241c9faa463ed8e2e1c057eecd
local e8db426c1ca6978fabeaae31c88a9285a8ee009e2422ef36d2969bf243f8f09e
local f35392c7f10e8984efe460f77c0a9db1fc5a5aab995e674659f31c82a357bdbf
local juming-nginx
[root@iZbp10d5h2h0qbsabf055iZ _data]#
查看一下这个卷,docker inspect 卷名称
[root@iZbp10d5h2h0qbsabf055iZ _data]# docker inspect f35392c7f10e8984efe460f77c0a9db1fc5a5aab995e674659f31c82a357bdbf
[
{
"CreatedAt": "2021-02-23T19:06:52+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/f35392c7f10e8984efe460f77c0a9db1fc5a5aab995e674659f31c82a357bdbf/_data",
"Name": "f35392c7f10e8984efe460f77c0a9db1fc5a5aab995e674659f31c82a357bdbf",
"Options": null,
"Scope": "local"
}
]
[root@iZbp10d5h2h0qbsabf055iZ _data]#
3.指定路径挂载
#-v 宿主机路径:容器内路径
[root@iZbp10d5h2h0qbsabf055iZ _data]# docker run -d -P --name nginx04 -v /test/a:/etc/nginx nginx
1d3a4675e6b55b39365bb723be684492e84a762a677f64ab9a6b0fe035b234f0
我们可以看到,nginx确实也启动了。
[root@iZbp10d5h2h0qbsabf055iZ _data]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1d3a4675e6b5 nginx "/docker-entrypoint.…" 3 minutes ago Exited (1) 3 minutes ago nginx04
ade532db3238 nginx "/docker-entrypoint.…" 8 minutes ago Up 8 minutes 0.0.0.0:49154->80/tcp nginx03
e056ecd764d8 nginx "/docker-entrypoint.…" 19 minutes ago Up 19 minutes 0.0.0.0:49153->80/tcp nginx02
去查看一下指定的目录。
[root@iZbp10d5h2h0qbsabf055iZ /]# cd test/
[root@iZbp10d5h2h0qbsabf055iZ test]# ls
a
[root@iZbp10d5h2h0qbsabf055iZ test]# cd a
[root@iZbp10d5h2h0qbsabf055iZ a]# l
-bash: l: command not found
[root@iZbp10d5h2h0qbsabf055iZ a]# ls
[root@iZbp10d5h2h0qbsabf055iZ a]#
4.扩展
ro代表read only ,它的意思是一旦使用了ro,那么就只能读,也就是容器内容只能读,不能写数据,而宿主机可以进行读写的操作。
#增加权限,-v 具名名称:容器内路径:容器权限
[root@iZbp10d5h2h0qbsabf055iZ a]# docker run -d -P --name nginx06 -v jumpming1-nginx:/etc/nginx:ro nginx
eb8582385154f0ee7be529b7b8fb175d3283f1782254b63b1816b694b0e21e1f
[root@iZbp10d5h2h0qbsabf055iZ a]#
rw代表可读可写,容器内部可以读也可以写,宿主机可以读也可以写。默认就是rw模式。
[root@iZbp10d5h2h0qbsabf055iZ a]# docker run -d -P --name nginx07 -v jumpming1-nginx:/etc/nginx:rw nginx
8197eed6941c349f50e8d054e62d36e342a861b6a5317e274514a94dfe87d004
[root@iZbp10d5h2h0qbsabf055iZ a]#
总结
- 具名挂载:
-v 具名名称:/容器内路径
- 匿名挂载:
-v /容器内路径
- 指定路径:
-v /宿主机路径:/容器内路径
一些命令
docker volume ls
查看所有的卷docker inspect
查看指定的卷
默认容器权限是rw可读可写模式,默认路径挂载目录为"/var/lib/docker/volumes/xxxxxx/_data"