Dockerfile:理解 VOLUME 指令 [英] Dockerfile: understanding VOLUME instruction

问题描述

举个例子吧.

以下是nginx图片的VOLUME指令:

VOLUME ["/etc/nginx/sites-enabled", "/etc/nginx/certs", "/etc/nginx/conf.d", "/var/log/nginx", "/var/www/html"]

这是我的问题:

1. 当你启动容器时，这些目录会出现在我的主机上吗?当我停止容器时，目录会保留吗?

1. When you start the container, will these directories show up on my host? And when I stop my container, the directories will stay?

如果这些目录中的一些(或全部)已经存在于我的主机中，会发生什么?例如，假设图像在容器的 /etc/nginx 目录中带有一个默认配置文件，而我在 /etc/nginx 中也有一个配置文件在我的主机上.当容器启动时，这些文件中的哪一个会获得优先权?

If some (or all) of these directories already exist in my host, what will happen? For example, let's say the image comes with a default config file within the /etc/nginx directory of the container, and I also have a config file within /etc/nginx on my host. When the container starts, which of these files will get priority?

-v/host/dir:container/dir 和 VOLUME 的主要区别是什么?

What's the key difference between -v /host/dir:container/dir and VOLUME?

参考资料:

• https://github.com/dockerfile/nginx/blob/master/Dockerfile
• http://www.tech-d.net/2014/11/03/docker-indepth-volumes/
• 如何挂载主机卷在构建期间进入 Dockerfile 中的 docker 容器
• http://jpetazzo.github.io/2015/01/19/dockerfile-and-data-in-volumes/

推荐答案

容器的卷只是主机上的目录，无论它们是由什么方法创建的.如果你没有在主机上指定目录，Docker 将为卷创建一个新目录，通常在 /var/lib/docker/vfs 下.

A container's volumes are just directories on the host regardless of what method they are created by. If you don't specify a directory on the host, Docker will create a new directory for the volume, normally under /var/lib/docker/vfs.

无论卷是如何创建的，使用 docker inspect 命令很容易找到它在主机上的位置，例如:

However the volume was created, it's easy to find where it is on the host by using the docker inspect command e.g:

$ ID=$(docker run -d -v /data debian echo "Data container")
$ docker inspect -f {{.Mounts}} $ID
[{0d7adb21591798357ac1e140735150192903daf3de775105c18149552a26f951 /var/lib/docker/volumes/0d7adb21591798357ac1e140735150192903daf3de775105c18149552a26f951/_data /data local  true }]
 

我们可以看到 Docker 在 /var/lib/docker/volumes/0d7adb21591798357ac1e140735150192903daf3de775105c18149552a26f951/_data 处为该卷创建了一个目录.

We can see that Docker has created a directory for the volume at /var/lib/docker/volumes/0d7adb21591798357ac1e140735150192903daf3de775105c18149552a26f951/_data.

您可以从主机上随意修改/添加/删除该目录中的文件，但请注意，您可能需要使用 sudo 获取权限.

You are free to modify/add/delete files in this directory from the host, but note that you may need to use sudo for permissions.

Docker只会在两种情况下删除卷目录:

Docker will only delete volume directories in two circumstances:

• 如果 --rm 选项被赋予 docker run，容器退出时所有卷都将被删除
• 如果使用 docker rm -v CONTAINER 删除容器，所有卷都将被删除.

• If the --rm option is given to docker run, any volumes will be deleted when the container exits
• If a container is deleted with docker rm -v CONTAINER, any volumes will be removed.

在这两种情况下，只有在没有其他容器引用它们时才会删除卷.Docker 永远不会删除映射到特定主机目录的卷(-v HOST_DIR:CON_DIR 语法).但是，如果您删除卷的容器，命名方案意味着您将很难确定哪个目录包含该卷.

In both cases, volumes will only be deleted if no other containers refer to them. Volumes mapped to specific host directories (the -v HOST_DIR:CON_DIR syntax) are never deleted by Docker. However, if you remove the container for a volume, the naming scheme means you will have a hard time figuring out which directory contains the volume.

所以，具体问题:

1. 是的，是的，但有上述注意事项.
2. 每个 Docker 托管卷都会在主机上获得一个新目录
3. VOLUME 指令与 -v 相同，但不指定主机目录.指定主机目录时，Docker 不会为卷创建任何目录，不会从映像中复制文件并且永远不会删除卷(docker rm -v CONTAINER 不会删除映射到的卷)用户指定的主机目录).

1. Yes and yes, with above caveats.
2. Each Docker managed volume gets a new directory on the host
3. The VOLUME instruction is identical to -v without specifying the host dir. When the host dir is specified, Docker does not create any directories for the volume, will not copy in files from the image and will never delete the volume (docker rm -v CONTAINER will not delete volumes mapped to user-specified host directories).

更多信息在这里:

https://blog.container-solutions.com/understanding-volumes-docker

这篇关于Dockerfile:理解 VOLUME 指令的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！