Home > Enterprise >  Docker volumes in different containers and system paths
Docker volumes in different containers and system paths

Time:11-14

I have access to a centos 7.9 machine with Docker installed. For this example I will be playing with the nginx image and the directories /usr/share/xml/fontconfig and /usr/share/nginx/html. You can see that these directories contain some important files for nginx:

root@f7990388c7d0:/# ls /usr/share/nginx/html/
50x.html  index.html
root@f7990388c7d0:/# ls /usr/share/xml/fontconfig/
fonts.dtd

Let's create a volume, attach it to an nginx container at /usr/share/nginx/html and make sure we can see the files both on the server and on the container:

[cloud_user@eb993010811c ~]$ docker volume create my_volume
my_volume
[cloud_user@eb993010811c ~]$ docker container run -d --name container1 -v my_volume:/usr/share/nginx/html nginx
f7990388c7d0302db7f1135549bf0bb1a024256d9a89ebead306a6d775449514
[cloud_user@eb993010811c ~]$ docker volume inspect my_volume
[
    {
        "CreatedAt": "2022-11-09T14:46:38Z",
        "Driver": "local",
        "Labels": {},
        "Mountpoint": "/var/lib/docker/volumes/my_volume/_data",
        "Name": "my_volume",
        "Options": {},
        "Scope": "local"
    }
]
[cloud_user@eb993010811c ~]$ sudo ls /var/lib/docker/volumes/my_volume/_data
50x.html  index.html
[cloud_user@eb993010811c ~]$ docker container exec -it container1 ls /usr/share/nginx/html
50x.html  index.html
[cloud_user@eb993010811c ~]$ docker container exec -it container1 ls /usr/share/xml/fontconfig
fonts.dtd

All good so far. Now, let's suppose that we mount the same volume on a different container, and on a different filesystem path:

[cloud_user@eb993010811c ~]$ docker container run -d --name container2 -v my_volume:/usr/share/xml/fontconfig nginx
7ceec36b8c4d7d0eb172c1926d273d4e2e18b2cf509c8c5a18bf1302e98aedfc
[cloud_user@eb993010811c ~]$ sudo ls /var/lib/docker/volumes/my_volume/_data
50x.html  index.html
[cloud_user@eb993010811c ~]$ docker container exec -it container2 ls /usr/share/xml/fontconfig
50x.html  index.html
[cloud_user@eb993010811c ~]$ docker container exec -it container1 ls /usr/share/xml/fontconfig
fonts.dtd
[cloud_user@eb993010811c ~]$ docker container exec -it container1 /bin/bash
root@f7990388c7d0:/# ls /usr/share/nginx/html/
50x.html  index.html
root@f7990388c7d0:/# ls /usr/share/xml/fontconfig/
fonts.dtd

We can see that the Docker server does NOT see the fonts.dtd file, and container2's directory contents have been effectively usurped by those contained in the /usr/share/nginx/html directory of container1. Additionally, container1 s directory contents are UNaffected by this process.

From a security / stability standpoint, I can understand that it would probably make little sense to have a volume with files corresponding to different filesystem paths. But is it possible to do this through some different means? There will have to be use-cases for this, there's a use-case for everything.

CodePudding user response:

Answered in comments of question.

Page link:https//www.codepudding.com/Enterprise/608814.html

Prev:Wysiwyg image is showing up in media/wysiwy not inside pub/media/wysiwyg. How do I fix this?
Next:Two proxy servers on NGINX are not working simultaneously
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding