Steps to Manage Data in Docker - By default, all files created in a container are placed on a writable layer. In such a situation, data will also be deleted when the container is deleted and it may be difficult to remove data from the container when other processes need it.
The writable layer is on the host machine where the container runs. We cannot easily divert data elsewhere.
Writing to the writable layer requires a storage driver to take care of the filesystem. The storage driver provides a combined filesystem, using the Linux kernel. This extra abstraction reduces performance compared to using a data volume, which writes directly to the host filesystem.
Docker has two options for storing files on the host machine that can be applied to containers, so the files will still exist even after the container has been deleted.
Step One: Bind Mount
Bind mounts can be placed anywhere on the host system. The data even allows it to take the form of important system files or directories. Non-Docker processes on the Docker host or Docker container can modify that data at any time.
The functionality of bind mounts is limited when compared to volumes. When using a bind mount, the directory on the host machine is mounted to the container. The directory is recommended by full path on the host machine. The directory does not need to exist first on the Docker host, the directory is made the same as you wish if it doesn't exist.
Performance is excellent, but bind mounts depend on the filesystem having a specific directory structure. The Docker CLI can't handle bind mounts.
Bind mount allows it access to sensitive files. One of the effects of using a bind mount is that it can replace files on the host filesystem through processes running in the container. Containers can create, modify, or delete file or directory mechanisms. This power can have security implementations, including affecting non-Docker processes on the host system.
Bind Mount use cases
- Share composition file from the host machine to container. This is how Docker gives it DNS resolution to containers by default, mounting /etc/resolve.conf from the host machine to each container.
- Share source code or build artifacts between the development environment on the Docker host and the container. For example, mount target Maven/ to a container, and each project's Maven build on a Docker host, that container gains access to the artifacts for rebuilding.
- When the file or directory structure of the Docker host is held stable with the bind mount required by the container.
Steps to Use the Bind Mount
Create a container by a bind mounts the web HTML directory to /usr/sharing/Nginx/HTML in the container with the -v option. The directory location (path) must be noted in full, otherwise the -v option will be treated as a volume. If the directory does not exist, it will be created by Docker.
docker run -d -p 80:80 -v /home/user/webhtml:/usr/share/nginx/html --name web nginx:stable-alpine
- The directory location can use PWD (print working directory).
docker run -d -p 80:80 -v "$(pwd)"/webhtml:/usr/share/nginx/html --name web nginx:stable-alpine
- Bind mount directory with read-only permissions by the container.
docker run -d -p 80:80 -v "$(pwd)"/webhtml:/usr/share/nginx/html:ro --name web nginx:stable-alpine
- Bind mount with the –mount option.
docker run -d -p 80:80 --mount type=bind,source="$(pwd)"/webhtml,target=/usr/share/nginx/html --name web nginx:stable-alpine
Second Way: Volume
Volumes are stored on a Docker-managed host filesystem (/var/lib/docker/volumes). Non-Docker processes should not modify this part of the filesystem. Volumes are the best way to store data in Docker.
Volumes are created and managed by Docker. We can create volumes using the docker volume create command, or Docker can create volumes during container or service creation.
When you create a volume, it's stored in a directory on the Docker host. When you mount a volume into a container, it is this directory that is mounted into the container. It works similarly to a bind mount, except that the volume is managed by Docker and isolated from the core functionality of the host machine.
Volumes can be mounted to multiple containers at the same time. When no containers are using the volume, the volume is still available to Docker and is not automatically deleted. We can delete unused volumes with the docker volume prune command.
Volume supports the use of volume drivers, allowing to the storage of data on a remote host or cloud provider.
Volume use case
- Sharing data among multiple running containers. If not already created, the volume will be created the first time it is mounted into the container. When the container is stopped or moved, the volume is still there. Multiple containers can mount volumes simultaneously, either read-write or read-only.
- When we want to store container data on a remote host or cloud provider, not locally.
- When you need to backup, restore, or migrate data from one Docker host to another, volumes are the better choice. We can stop the container using the volume, then back up the volume directory (eg /var/lib/docker/volumes/volume-name).
- When an application requires high-performance I/O on the Docker desktop. Volumes are stored on the Linux VM (virtual machine) rather than on the host, which means that reads and writes have much lower latency and higher throughput.
- When an application requires native filesystem behavior on the Docker desktop. For example, the database engine requires precise control over disk flushing to ensure transaction resilience. Volumes are stored on a Linux VM and can guarantee that, whereas bind mounts are remotely mounted to macOS or Windows, where the filesystem behaves a little differently.
How to Use Volume
Create a container by mounting the vol-web volume to /usr/share/Nginx/HTML in the container with the -v option. If the volume does not exist, it will be created by Docker. The volume directory location is /var/lib/docker/volumes/vol-web, the data is stored in _data.
- Mount the volume with read-only permissions by the container.
docker run -d -p 80:80 -v vol-web:/usr/share/nginx/html:ro --name web nginx:stable-alpine
- Mount the volume with the –mount option
docker run -d -p 80:80 --mount source=vol-web,target=/usr/share/nginx/html --name web nginx:stable-alpine
Docker command to adjust the volume
- Create volume
docker volume create volume-name
- Show volume
docker volume ls
- Displays detailed volume information.
docker volume inspect volume-name
- Delete volumes.
docker volume rm volume-name
- Erase all unused volume
docker volume prune