Shulou(Shulou.com)06/02 Report--

Docker provides two kinds of resources for containers to store data:

Mirror layer and container layer managed by storage driver. Data Volume . Storage driver

The mirror hierarchy of docker, as shown below:

The concept of layer layer is introduced into Docker mirror. every step in the process of making the mirror will generate a new mirror layer.

The container consists of the top writable container layer and several read-only mirror layers in which the container's data is stored. The biggest feature of such a hierarchical structure is Copy-on-Write:

The new data is stored directly in the top container layer. Modifying the existing data first copies the data from the mirror layer to the container layer, and the modified data is directly stored in the container layer, and the mirror layer remains unchanged. If there are files with the same name in multiple layers, the user can only see the files in the top layer.

The hierarchical structure makes the creation, sharing, and distribution of images and containers very efficient, thanks to Docker storage driver. It is storage driver that implements the stacking of multi-tier data and provides users with a single merged unified view.

Docker supports a variety of storage driver, including AUFS, Device Mapper, Btrfs, OverlayFS, VFS and ZFS. They can all implement hierarchical architecture and have their own characteristics at the same time.

Docker will give priority to the default storage driver of the Linux distribution.

When Docker is installed, the default driver is selected based on the configuration of the current system. The default driver has the best stability because the default driver has been rigorously tested on the release.

Run Docker info to view the Storage driver currently used by the system

The default driver of centos is overlay2, the underlying file system is xfs, and the data of each layer is stored in / var/lib/docker

For some containers, such as busybox, it is just a toolbox, so you do not need to save the data for later use. You can exit directly after the use is completed, and the working data stored in the container layer when the container is deleted will also be deleted.

Docker data management

Persistent data in docker containers is generally stored in two ways:

Volume

Bind mount

Whether it is volume or bind mount, it is essentially a directory or file in the host file system

Whether it is volume or bind mount, the life cycle of the data stored on it is opposite to that of the container, that is, after the container is deleted, the data on volume or bind mount still exists.

Volume

A Volume is essentially a directory or file in a Docker Host file system that can be mount directly into the container's file system. Volume has the following characteristics:

Volume is a directory or file, not an unformatted disk (block device). The container can read and write data in volume. Volume data can be saved permanently, even if the container that uses it has been destroyed.

Because volume is actually part of the docker host file system, the capacity of volume depends on the space that the file system is currently not using.

Considerations for using volume:

The content of volume exists outside the lifecycle of the container. If the volume is still mounted after deletion, you do not need to specify a mount source, but you can specify mount point. Docker will generate a directory for each volume under the / var/lib/docker/volumes path. As a mount source, if mount point points to an existing directory in the container, the data under this directory will be copy to volume. If mount point points to an empty directory in the container, the required directory will be created automatically. If you start a container that mounts a volume that does not exist on it, Dokcer will automatically create the volume Volume for reuse. You can set the permission of the container stamp volume to read-only bind mount through the ro parameter.

Bind mount is to mount a directory or file that already exists on the host into a container.

Bind mount is actually a process of inode replacement.

The main function of the bind mount mechanism is to allow a directory or file (not the whole device) to be mounted to a specified directory, and any operation on the mount point occurs only on the mounted directory or file, while the contents of the original mount point will be hidden from being affected.

Considerations for using bind mount:

During the operation of the container, the data changed in the bind mount directory will be saved, and the data in the bind mount will still exist after the container is deleted. Bind mount can be mounted in a directory to the container or a file to the container, but you must specify the directory or the path to the file, that is, the mount source, and of course, you must specify mount point. This also limits the portability of the container. If you bind bind mount to a non-empty directory on the container, the existing contents in the container directory will be hidden. If you do not want the entire directory of the container to be overwritten. You can mount a file separately. If the file or directory pointed to by the mount source does not exist on the host machine, the bind mount will be created automatically. You can set the container's permission to data to read-only through the ro parameter. After setting the ro parameter, the container cannot modify the data, but the host still has the right to modify its content.

The use of bind mount is to use the-v option to mount directories or files that already exist in host to the container

As follows:

The format of-v is:. / usr/local/apache2/htdocs is the place where apache server stores static files. Because / usr/local/apache2/htdocs already exists, the original data is hidden and replaced by the data in host $HOME/htdocs/, which is consistent with the behavior of the linux mount command.

Data sharing

Data sharing is a key feature of volume. Host and container share data:

Bind mount: mount directories or files on host to container volume: copy data on Host to container volume

Data sharing between containers:

Bind mount: mount directories or files on host into multiple containers

Volume: Mount volume to multiple containers

Volume container: first mount the data to a container through volume or bind mount, and then refer to the data in this container by other containers

Volume container is a container that specifically provides volume for other containers.

Volume Lifecycle Management backup

Because volume is actually directories and files in the host file system, the backup of volume is actually a backup of the file system

Restore

The recovery of volume is also very simple. If the data is corrupted, use the previously backed up data copy directly.

Transfer

If you use a newer version of Registry, this involves data migration by:

Docker stop current Registry container. Start the new version container and mount the old volume. Destroy

The data cannot be found after volume deletion. Pay attention.

Docker will not destroy the bind mount, and host can only delete the data. You can delete the container with the-v parameter when performing docker rm. Docker will delete the volume used by the container, but only if there are no other containers to mount the volume.

Operation experiment volume mount operation

Create a volume and mount a httpd container

Docker run-d-p 8080 80-v / usr/local/apache2/htdocs httpd

-v mount it to the httpd container

-v format is:. / usr/local/apache2/htdocs is the place where Apache Server stores static files

Since / usr/local/apache2/htdocs already exists, the original data will be hidden and replaced by the data in host $HOME/htdocs/.

Check volume information

Docker volume ls

Check the volume mount information of the container, and get the volume path, Type=volume

Docker inspect d5db6a048612

View data in volume

Cd / var/lib/docker/volumes/6189c90831d019229a2e8593453fe1c334faec1fcc56db80b9f99773d21c9c55/_data

View the corresponding data in the container, and the result: data in the container = data in volume

Enter the container to update the contents of index.html file

Docker exec-it d5db6a048612 bashcd htdocs & & echo "update the index" > index.html

Check the contents of the volume again, and have synchronized with the new

As a result, the data sharing between container and Host is realized.

Force the container to be deleted, and then look at the data in the volume to see that it still exists.

Docker rm-f d5db6a048612

Bind mount

Mount the / root/htdocs directory of the host as read-only to a httpd container named httpd1, mapping port 8081

Docker run-- name httpd1-d-p 8081 80-v / root/htdocs:/usr/local/apache2/htdocs:ro httpd

View container mount information. Type=bind

Docker inspect httpd1

Follow the new index.html file data on the host host to verify that the data in the httpd1 container is also the same as the new

As a result, the container and Host realize the data sharing.

Enter the httpd1 container to update the index.html file data and prompt Read-only

Mount the host / root/htdocs to a http container named httpd2, map port 8082, and do not set ro

Docker run-- name httpd2-d-p 8082 80-v / root/htdocs/:/usr/local/apache2/htdocs httpd

Enter the httpd2 container to update index.html

Docker exec-it httpd2 bash

Check the data in the host and http1,http2 respectively, and the data of the three are the same.

At this time, it is confirmed that the data between containers can be shared.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.