고정 헤더 영역
상세 컨텐츠
본문
작업 1. 볼륨 기본 테스트
[root@docker105 ~]# docker pull mysql
Using default tag: latest
latest: Pulling from library/mysql
be8881be8156: Pull complete
c3995dabd1d7: Pull complete
9931fdda3586: Pull complete
bb1b6b6eff6a: Pull complete
a65f125fa718: Pull complete
2d9f8dd09be2: Pull complete
37b912cb2afe: Pull complete
54242fcd8eaa: Pull complete
0a9d4d211511: Pull complete
270ae5bd02c2: Pull complete
9b55b8e72e70: Pull complete
68083f7985cd: Pull complete
Digest: sha256:e42cbb3afa80aa210aa1245b930619c12641a8de57a486e6f1b11858307bd378
Status: Downloaded newer image for mysql:latest
-- internal volume 정의 확인
[root@docker105 ~]# docker inspect -f '{{.Config.Volumes}}' mysql
map[/var/lib/mysql:{}]
[root@docker105 ~]# docker run --name db -d -e MYSQL_ALLOW_EMPTY_PASSWORD=yes mysql
256a13344e310d48326b93f9f31475a2ee3ca7e5de080dfda2441c1d788d3218
[root@docker105 ~]# docker volume ls
DRIVER VOLUME NAME
local c7660306cbce7bdd30a357e4dd71a209a8183893fb8d7bea59d28e4afa7db971
[root@docker105 ~]# docker inspect db | grep -A10 Mounts
"Mounts": [ |
[root@docker105 ~]# ls -l /var/lib/docker/volumes/c7660306cbce7bdd30a357e4dd71a209a8183893fb8d7bea59d28e4afa7db971/_data
total 170044 |
-- 컨테이너 볼륨 삭제
[root@docker105 ~]# docker rm -fv db
db
[root@docker105 ~]# docker volume ls
DRIVER VOLUME NAME
- persistent external data volume 갖는 컨테이너 생성
[root@docker105 ~]# docker run --name data1 -it -v /data busybox
/ # df /data
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/centos-root
8374272 6760672 1613600 81% /data
/ # echo "persistent data" > /data/file
/ # exit
-- 컨테이너 재실행시 파일 확인 가능 함.
[root@docker105 ~]# docker start -i data1
/ # ls /data
file
/ # cat /data/file
persistent data
-- 호스트 서버에서 파일 확인
[root@docker105 ~]# cat /var/lib/docker/volumes/e1ec8272f667250992399b49e9315b2d83eea0f6c26a5fe9de30b5d212a94f7d/_data/file
persistent data
-- 새로운 컨테이너에서 data1 컨테이너에서 정의한 볼륨 데이터 확인
[root@docker105 ~]# docker run --name data2 --volumes-from data1 busybox cat /data/file
persistent data
[root@docker105 ~]# docker volume ls
DRIVER VOLUME NAME
local e1ec8272f667250992399b49e9315b2d83eea0f6c26a5fe9de30b5d212a94f7d
[root@docker105 ~]# docker rm -v data1
Error response from daemon: You cannot remove a running container 4ca1f6c1ed7f7a16878f98a222dc90c4bf451786ab49a7298b354cc860b6276b. Stop the container before attempting removal or force remove
[root@docker105 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4ca1f6c1ed7f busybox "sh" 4 minutes ago Up 3 minutes data1
[root@docker105 ~]# docker start -i data2
persistent data
[root@docker105 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4ca1f6c1ed7f busybox "sh" 4 minutes ago Up 3 minutes data1
[root@docker105 ~]# docker rm -v data2
data2
[root@docker105 ~]# docker volume ls
DRIVER VOLUME NAME
local e1ec8272f667250992399b49e9315b2d83eea0f6c26a5fe9de30b5d212a94f7d
작업 2 Host 디렉터리를 볼륨으로 마운트
[root@docker105 ~]# mkdir -p /webapp/content
[root@docker105 ~]# cd /webapp/
[root@docker105 webapp]# echo "container web content" > content/index.html
[root@docker105 webapp]#
[root@docker105 webapp]# docker run --name web1 -dP -v /webapp/content:/usr/share/nginx/html nginx
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
be8881be8156: Already exists
32d9726baeef: Pull complete
87e5e6f71297: Pull complete
Digest: sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424
Status: Downloaded newer image for nginx:latest
1e2bd2bbceea64e99ddd0f0ad2b1dcc335810147800faa0dedb8ae39ee753159
[root@docker105 webapp]# curl $(docker inspect -f '{{.NetworkSettings.IPAddress}}' web1)
container web content
[root@docker105 webapp]# vi /etc/docker/daemon.json
{
"insecure-registries" : ["10.100.0.0/24"],
"selinux-enabled": true
}
[root@docker105 webapp]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker105 webapp]# docker start web1
web1
[root@docker105 webapp]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e2bd2bbceea nginx "nginx -g 'daemon of…" 7 minutes ago Up 2 seconds 0.0.0.0:32768->80/tcp web1
[root@docker105 webapp]# docker inspect web1 | egrep '(Mount|Process)Label'
"MountLabel": "",
"ProcessLabel": "",
[root@docker105 webapp]# docker run --name web2 -dP -v /webapp/content:/usr/share/nginx/html nginx
25b63170e627f90de9d5ea0a5cd171519db0ee5a5f0637778dc874dd26f552c9
- selinux 관계 확인 가능
[root@docker105 webapp]# docker inspect web2 | egrep '(Mount|Process)Label'
"MountLabel": "system_u:object_r:svirt_sandbox_file_t:s0:c30,c569",
"ProcessLabel": "system_u:system_r:svirt_lxc_net_t:s0:c30,c569",
[root@docker105 webapp]#
[root@docker105 webapp]# curl $(docker inspect -f '{{.NetworkSettings.IPAddress}}' web2)
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.15.2</center>
</body>
</html>
[root@docker105 webapp]# docker stop web2
web2
[root@docker105 webapp]# docker run --name web3 -dP -v /webapp/content:/usr/share/nginx/html:z nginx
6e56a5bc9cec64384169c39ef7af2e9c66d4def5a828c51e7b5d0c5a79d26c41
[root@docker105 webapp]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e56a5bc9cec nginx "nginx -g 'daemon of…" 5 seconds ago Up 3 seconds 0.0.0.0:32770->80/tcp web3
1e2bd2bbceea nginx "nginx -g 'daemon of…" About an hour ago Up About an hour 0.0.0.0:32768->80/tcp web1
[root@docker105 webapp]# docker inspect web3 | egrep '(Mount|Process)Label'
"MountLabel": "system_u:object_r:svirt_sandbox_file_t:s0:c587,c823",
"ProcessLabel": "system_u:system_r:svirt_lxc_net_t:s0:c587,c823",
[root@docker105 webapp]# ls -lZ /webapp/content
-rw-r--r--. root root system_u:object_r:container_file_t:s0 index.html
[root@docker105 webapp]# curl $(docker inspect -f '{{.NetworkSettings.IPAddress}}' web3)
container web content
[root@docker105 webapp]# docker stop web3
web3
[root@docker105 webapp]# docker run --name web4 -dp 8000:80 -v /webapp/content:/usr/share/nginx/html:z nginx
4101e37f08fe17be29e2ebd66b75507f8bcdf92b418e2a7c5997eb333cb353da
[root@docker105 webapp]# docker run --name web5 -dp 8001:80 -v /webapp/content:/usr/share/nginx/html:ro,z nginx
aa7be140451736aba8bc8eba6133304717b622f717808660897e495499cf2ba2
[root@docker105 webapp]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa7be1404517 nginx "nginx -g 'daemon of…" 10 seconds ago Up 9 seconds 0.0.0.0:8001->80/tcp web5
4101e37f08fe nginx "nginx -g 'daemon of…" 22 seconds ago Up 20 seconds 0.0.0.0:8000->80/tcp web4
[root@docker105 webapp]# curl localhost:8000
container web content
[root@docker105 webapp]# curl localhost:8001
container web content
[root@docker105 webapp]# docker exec web4 bin/sh -c "echo web4 > /usr/share/nginx/html/web4"
[root@docker105 webapp]# docker exec web5 bin/sh -c "echo web5 > /usr/share/nginx/html/web5"
bin/sh: 1: cannot create /usr/share/nginx/html/web5: Read-only file system
[root@docker105 webapp]# for i in web{1..5}; do docker inspect -f '{{json .Mounts}}' $i; done
[{"Type":"bind","Source":"/webapp/content","Destination":"/usr/share/nginx/html","Mode":"","RW":true,"Propagation":"rprivate"}]
[{"Type":"bind","Source":"/webapp/content","Destination":"/usr/share/nginx/html","Mode":"","RW":true,"Propagation":"rprivate"}]
[{"Type":"bind","Source":"/webapp/content","Destination":"/usr/share/nginx/html","Mode":"z","RW":true,"Propagation":"rprivate"}]
[{"Type":"bind","Source":"/webapp/content","Destination":"/usr/share/nginx/html","Mode":"z","RW":true,"Propagation":"rprivate"}]
[{"Type":"bind","Source":"/webapp/content","Destination":"/usr/share/nginx/html","Mode":"ro,z","RW":false,"Propagation":"rprivate"}]
[root@docker105 webapp]# docker rm -fv web{1..5}
web1
web2
web3
web4
web5
[root@docker105 webapp]# ls /webapp/content/
index.html web4
[root@docker105 webapp]# cd content/
[root@docker105 content]# ls
index.html web4
[root@docker105 webapp]# cd
[root@docker105 ~]# rm -rf /webapp/content/
'Cloud > Docker' 카테고리의 다른 글
| Docker Day3. Docker 명령어 정리 (0) | 2018.08.08 |
|---|
댓글 영역