Shulou(Shulou.com)06/02 Report--

I. Preface

When we use Docker to create a mysql container, the data is stored in container.

If one day you accidentally execute docker rm $(docker ps-aq) to delete all container. Then the data in mysql will also be deleted, which is not safe.

We need to persist the data and store it outside of container. Even if you delete container, the original data will not be deleted.

Second, defects of the container

The data in the container can be stored in the container layer. However, there are the following problems with storing data in the container layer:

1. The data is not persistent. It means that if the container is deleted, the data will be gone.

two。 It is not convenient for other processes on the host to access this data

3. The Ihand O for this data will go through the storage drive and then reach the host, introducing a layer of indirection, so performance will degrade.

3. Data volume can be mounted in two ways:

1) bind mount (user management): Mount a directory or file on the host (cannot be a disk file without formatting) to the container. By default, you have read and write permission to this directory in the container. If you only need to add files to the container and do not want to overwrite the directory, you need to note that the source file must exist, otherwise it will be treated as a directory bind mount to the container.

2) docker manager volume (docker automatic management): you do not need to specify the source file, you only need to specify mount point (mount point). The directory in the container is mapped locally.

The disadvantage of this approach compared with bind mount is that it cannot restrict permissions on directories or files in the container.

Using the second mount method, if you do not specify the source file location when mounting-v, the default mount path is:

[root@sqm-docker01 _ data] # pwd/var/lib/docker/volumes/dd173640edd5b0205bb02f3c4139647be12528b38289b9f93f18123a6b1266a8/_data# when a directory is mounted, a string of hash values is generated under / var/lib/docker/volumes/ by default. There is a directory of _ data under the hash value, and the mapped files in the container are in this path. IV. Storage Driver

Data storage mode

Centos7 version of docker,Storage Driver (data storage method) is: overlay2, Backing Filesystem (file system type): xfs

You can use the docker inspect Container name to view how data is stored

5. Data Volume (Bind mount)

Persistent storage: essentially a directory or file in the DockerHost file system that can be directly Mount to the container's file system. When running the container, it can be done with-v.

Features:

* * 1. Data Volume is a directory or file and cannot be an unformatted disk (block device).

The container can read and write data in volume. Volume data can be saved permanently, even if the container that uses it has been destroyed. * * small experiment:

Run a nginx service to persist the data

(1) Data Volume is a directory or file and cannot be an unformatted disk (block device).

[root@docker01 ~] # mkdir html// create a test directory [root@docker01 ~] # cd html/ [root@docker01 html] # echo "This is a testfile in dockerHost." > index.html// create a test page [root@docker01 ~] # docker run-itd-- name testweb-v / root/html/:/usr/share/nginx/html nginx:latest// run a nginx container and mount the directory [root@docker01 ~] # docker inspect testweb

[root@docker01 ~] # curl 172.17.0.3

Note: the source file or directory that needs to be mounted on the dockerhost must already exist, otherwise, it will be mounted to the container as a directory.

(2) the container can read and write data in volume.

[root@docker01 ~] # docker exec-it testweb / bin/bashroot@ef12d312a94e:/# cd / usr/share/nginx/html/root@ef12d312a94e:/usr/share/nginx/html# echo "update" > update web page in the index.html// container root@ef12d312a94e:/usr/share/nginx/html# exit [root@docker01 ~] # cat html/index.html// you can see that the mount directory of the host directory has also been updated

(3) Volume data can be saved permanently, and even if the container that uses it has been destroyed, it can be accessed by restarting a container to mount this directory through the host's hanging directory.

[root@docker01 ~] # docker ps-a-Q | xargs docker rm-f

/ / Delete all containers

After the [root@docker01 ~] # cat html/index.html// container is deleted, the host's test web page is also available

[root@docker01 ~] # docker run-itd-- name T1-P-v / root/html/:/usr/share/nginx/html nginx:latest// create a container [root@docker01 ~] # docker ps based on the test web page

[root@docker01 ~] # curl 127.0.0.1 purl 32768max / visit

[root@docker01 ~] # echo "update-new" > html/index.html// update the test web page again [root@docker01 ~] # curl 127.0.0.1 update-new 32768 / update the test web page on the host, and the test web page of the container you just created will also be updated

(5) Files are mounted to the container by default. The container has read and write permissions. You can restrict the write permission of the container by adding ": ro" after the running container is-v

[root@docker01 ~] # docker run-itd-- name T2-P-v / root/html/:/usr/share/nginx/html:ro nginx:latest// create container settings refer to read permissions [root@docker01 ~] # docker exec-it T2 / bin/bash// enter container root@4739c0f5d970:/# cd / usr/share/nginx/htmlroot@4739c0f5d970:/usr/share/nginx/html# echo 1234 > index.html// modify the test page (failed because it is read-only)

[root@docker01 ~] # echo 654321 > html/index.html / / Host can change [root@docker01 ~] # curl 127.0.0.1 html/index.html 32768

(6) and individual files can also be mounted into the container. Generally speaking, if you do not want to overwrite the entire directory, but only want to add a file, you can mount a single file.

Test 1

[root@docker01] # docker run-itd-- name v6-P-v / root/html/index.html:/usr/share/nginx/html/index.html nginx:latest [root@docker01 ~] # docker ps

[root@docker01 ~] # curl 127.0.0.1purl 32770

Test 2

[root@docker01 ~] # echo test > test.html [root@docker01 ~] # docker run-itd-- name T8-P-v / root/test.html:/usr/share/nginx/html/test.html nginx:latest

[root@docker01 ~] # curl 127.0.0.1:32772/test.html

Six, Docker Manager Volume

The directory is automatically generated on the host, so when mounting the directory, only the directory in the container is written.

The features are basically the same as the bind mount above.

[root@docker01] # docker run-itd-- name T1-P-v / usr/share/nginx/html nginx:latest [root@docker01] # docker ps

[root@docker01 ~] # docker inspect T1

[root@docker01 _ data] # cd / var/lib/docker/volumes/17c50a065a6b10ccd01ca1ce8091fdf6282dc9dcb77a0f6695906257ecc03a63/_ data [root @ docker01 _ data] # echo "this is a testfile" > index.html [root@docker01 _ data] # docker ps

[root@docker01 _ data] # curl 127.0.0.1:32777

[root@docker01 _ data] # docker volume ls

[root@docker01 _ data] # docker rm T1-f [root@docker01 _ data] # cat index.html

1. The operation of deleting a container will not operate on the source file on the dockerhost by default. If you want to delete the source file when deleting the container, you can add the-v option when deleting the container (this method is generally not recommended because the file may be used by other containers)

[root@docker01 _ data] # docker run-itd-- name T2-P-v / usr/share/nginx/html nginx:latest [root@docker01 ~] # docker inspect T2

[root@docker01 ~] # cd / var/lib/docker/volumes/2781dbfdc673fc7d149dc4f6217ef277fe72e05ba2e20fcebb617afe97eccb30/_ data [root @ docker01 _ data] # docker rm-v T2-ft2 [root@docker01 _ data] # LS7, data sharing between containers and containers

Volume container: a container that provides volume storage volumes to other containers. And it can provide either bind mount or docker manager volume.

Create a vc_data container

[root@docker01] # docker create-- name vc_data-v / html:/usr/share/nginx/html-v / other/useful/tools busybox [root@docker01 ~] # docker inspect vc_data

[root@docker01] # docker run-itd-- name T3-P-- volumes-from vc_data nginx:latest [root@docker01 ~] # docker ps

[root@docker01 ~] # curl 127.0.0.1 purl 32779

Eighth, cross-host data sharing of containers

Experimental environment

Docker01docker02httpdnfs

Requirements: the home directories of docker01 and docker02 are the same.

Preparatory work

[root@localhost ~] # hostnamectl set-hostname nfs [root@localhost ~] # hostnamectl set-hostname docker01 [root@localhost ~] # hostnamectl set-hostname docker02

Nfs operation

[root@localhost ~] # yum-y install nfs-utils// download nfs service [root@nfs ~] # mkdir / datashare// create a shared directory [root@nfs ~] # vim / etc/exports// set permissions as follows: / datashare * (rw,sync,no_root_squash)

Open various services

[root@nfs ~] # systemctl start rpcbind [root@nfs ~] # systemctl enable rpcbind [root@nfs ~] # systemctl start nfs-server [root@nfs ~] # systemctl enable nfs-server

Docker01 and docker02 test nfs

[root@docker01 htdocs] # showmount-e 192.168.1.20 [root@docker02 htdocs] # showmount-e 192.168.1.20

Operation of docker01

[root@docker02 ~] # mkdir / xxx [root@docker01 ~] # mount-t nfs 192.168.1.10:/datashare / xxx// mounts the shared directory [root@docker01 ~] # mount on nfs | tail-1MAC / check whether to mount it

Nfs creates test files

[root@nfs ~] # cd datashare/ [root@nfs datashare] # vim index.html setInterval ("document.getElementById ('datetime') [xss_clean] = new Date (). ToLocaleString ();", 1000); xgp666

Docker01, check it out.

Docker02 operates the same as on docker01

Instead of writing the code to the image, deploy the httpd service in docker01 and docker02 in this way

[root@docker01 ~] # docker run-itd-- name bdqn-web1-P-v / xxx/:/usr/local/apache2/htdocs httpd:latest [root@docker02 ~] # docker run-itd-- name bdqn-web2-P-v / xxx/:/usr/local/apache2/htdocs httpd:latest [root@docker01 ~] # docker ps// View Port 0.0.0.0itd 32775-> 80/tcp bdqn-web [root@docker02 ~] # docker ps// View Port 0 .0.0.0: 32769-> 80/tcp bdqn-web2

At this point, when accessed by a browser, the main interface of the two WEB services is the same. But if the source file on the NFS server is missing

Then both web services will be abnormal.

Find a way to write metadata into the image and create a vc_data container based on the image. Here, since you don't have access to docker orchestration tools such as docker-compose and docker-swarm, you need to create an image manually!

Nfs operation

[root@nfs datashare] # echo xgp666 > index.html / / change the test file

Docker02 operation

[root@docker02 ~] # cd / xxx/ [root@docker02 xxx] # vim Dockerfile// write DockerFile [root @ docker02 xxx] # cat Dockerfile FROM busyboxADD index.html / usr/local/apache2/htdocs/index.htmlVOLUME / usr/local/apache2/htdocs

Create an image and run a container

[root@docker02 xxx] # docker build-t back_data. / / create an image based on Dockerfile [root@docker02 xxx] # docker create-- name back_container1 back_data:latest / / create a container based on the image you just created

Run the container and export the image

[root@docker02 xxx] # docker run-itd-- name bdqn-web3-P-- volumes-from back_container1 httpd:latest / / run a container [root@docker02 xxx] # docker save > back_data.tar back_data:latest// export image. Because it is in a shared directory, docker01 can also see it.

Docker01

[root@docker01 xxx] # docker load-I back_data.tar / / go to the shared directory, import the image [root@docker01 xxx] # docker create-- name back_container2 back_data:latest// runs a container based on the image just created [root@docker01 xxx] # docker run-itd-- name bdqn-web4-P-- volumes-from back_container2 httpd:latest// runs a container

Browser access

[root@docker01 ~] # docker ps// View Port 0.0.0.0 80/tcp bdqn-web4 32776-> 80/tcp bdqn-web4 [root@docker02 ~] # docker ps// View Port 0.0.0.0 80/tcp bdqn-web4 32770-> 80/tcp bdqn-web3

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.