绑定挂载¶
启动容器并执行绑定挂载¶
将HOME目录下的target文件夹挂载到容器的/app文件夹
# --mount
$ docker run -d \
-it \
--name devtest \
--mount type=bind,source="$(pwd)"/target,target=/app \
nginx:latest
# -v
$ docker run -d \
-it \
--name devtest \
-v "$(pwd)"/target:/app \
nginx:latest
错误¶
docker: Error response from daemon: invalid mount config for type "bind": bind source path does not exist: /home/zj/target.
注意:主机目录必须已存在
查询¶
使用docker inspect查询挂载结果
...
"Mounts": [
{
"Type": "bind",
"Source": "/home/zj/target",
"Destination": "/app",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
...
挂载到容器非空目录¶
如果将安装程序绑定到容器上的非空目录,则目录的现有内容被绑定挂载所遮蔽
极端示例如下,将主机/tmp目录挂载到容器/usr目录,会导致容器无法工作
$ docker run -d \
> -it \
> --name broken-container \
> --mount type=bind,source=/tmp,target=/usr \
> nginx:latest
ac23f23344be2ead4a9e86704e987b5f3bfd077d079637f3abfed5e1f0d0291d
docker: Error response from daemon: OCI runtime create failed: container_linux.go:345: starting container process caused "exec: \"nginx\": executable file not found in $PATH": unknown.
只读绑定挂载¶
如果容器只需读取主机内容,可以设置绑定挂载为只读,需要添加选项readonly
# --mount
$ docker run -d \
-it \
--name devtest \
--mount type=bind,source="$(pwd)"/target,target=/app,readonly \
nginx:latest
# -v
$ docker run -d \
-it \
--name devtest \
-v "$(pwd)"/target:/app:ro \
nginx:latest
通过docker inspect可以查询是否只读
"Mounts": [
{
"Type": "bind",
"Source": "/home/zj/target",
"Destination": "/app",
"Mode": "ro",
"RW": false, // 在这里
"Propagation": "rprivate"
}
],