亚洲国产日韩欧美一区二区三区,精品亚洲国产成人av在线,国产99视频精品免视看7,99国产精品久久久久久久成人热,欧美日韩亚洲国产综合乱

directory search
Compose About versions and upgrading (Compose) ASP.NET Core + SQL Server on Linux (Compose) CLI environment variables (Compose) Command-line completion (Compose) Compose(組成) Compose command-line reference(組合命令行參考) Control startup order (Compose) Django and PostgreSQL (Compose) Docker stacks and distributed application bundles (Compose) docker-compose build(docker-compose構(gòu)建) docker-compose bundle docker-compose config docker-compose create docker-compose down docker-compose events docker-compose exec docker-compose help docker-compose images docker-compose kill docker-compose logs docker-compose pause docker-compose port docker-compose ps docker-compose pull docker-compose push docker-compose restart docker-compose rm docker-compose run docker-compose scale docker-compose start docker-compose stop docker-compose top docker-compose unpause docker-compose up Environment file (Compose) Environment variables in Compose Extend services in Compose Frequently asked questions (Compose) Getting started (Compose) Install Compose Link environment variables (deprecated) (Compose) Networking in Compose Overview of Docker Compose Overview of docker-compose CLI Quickstart: Compose and WordPress Rails and PostgreSQL (Compose) Sample apps with Compose Using Compose in production Using Compose with Swarm Engine .NET Core application (Engine) About images, containers, and storage drivers (Engine) Add nodes to the swarm (Engine) Apply custom metadata (Engine) Apply rolling updates (Engine) apt-cacher-ng Best practices for writing Dockerfiles (Engine) Binaries (Engine) Bind container ports to the host (Engine) Breaking changes (Engine) Build your own bridge (Engine) Configure container DNS (Engine) Configure container DNS in user-defined networks (Engine) CouchDB (Engine) Create a base image (Engine) Create a swarm (Engine) Customize the docker0 bridge (Engine) Debian (Engine) Default bridge network Delete the service (Engine) Deploy a service (Engine) Deploy services to a swarm (Engine) Deprecated Engine features Docker container networking (Engine) Docker overview (Engine) Docker run reference (Engine) Dockerfile reference (Engine) Dockerize an application Drain a node (Engine) Engine FAQ (Engine) Fedora (Engine) Get started (Engine) Get started with macvlan network driver (Engine) Get started with multi-host networking (Engine) How nodes work (Engine) How services work (Engine) Image management (Engine) Inspect the service (Engine) Install Docker (Engine) IPv6 with Docker (Engine) Join nodes to a swarm (Engine) Legacy container links (Engine) Lock your swarm (Engine) Manage nodes in a swarm (Engine) Manage sensitive data with Docker secrets (Engine) Manage swarm security with PKI (Engine) Manage swarm service networks (Engine) Migrate to Engine 1.10 Optional Linux post-installation steps (Engine) Overview (Engine) PostgreSQL (Engine) Raft consensus in swarm mode (Engine) Riak (Engine) Run Docker Engine in swarm mode Scale the service (Engine) SDKs (Engine) Select a storage driver (Engine) Set up for the tutorial (Engine) SSHd (Engine) Storage driver overview (Engine) Store service configuration data (Engine) Swarm administration guide (Engine) Swarm mode key concepts (Engine) Swarm mode overlay network security model (Engine) Swarm mode overview (Engine) Understand container communication (Engine) Use multi-stage builds (Engine) Use swarm mode routing mesh (Engine) Use the AUFS storage driver (Engine) Use the Btrfs storage driver (Engine) Use the Device mapper storage driver (Engine) Use the OverlayFS storage driver (Engine) Use the VFS storage driver (Engine) Use the ZFS storage driver (Engine) Engine: Admin Guide Amazon CloudWatch logs logging driver (Engine) Bind mounts (Engine) Collect Docker metrics with Prometheus (Engine) Configuring and running Docker (Engine) Configuring logging drivers (Engine) Control and configure Docker with systemd (Engine) ETW logging driver (Engine) Fluentd logging driver (Engine) Format command and log output (Engine) Google Cloud logging driver (Engine) Graylog Extended Format (GELF) logging driver (Engine) Journald logging driver (Engine) JSON File logging driver (Engine) Keep containers alive during daemon downtime (Engine) Limit a container's resources (Engine) Link via an ambassador container (Engine) Log tags for logging driver (Engine) Logentries logging driver (Engine) PowerShell DSC usage (Engine) Prune unused Docker objects (Engine) Run multiple services in a container (Engine) Runtime metrics (Engine) Splunk logging driver (Engine) Start containers automatically (Engine) Storage overview (Engine) Syslog logging driver (Engine) tmpfs mounts Troubleshoot volume problems (Engine) Use a logging driver plugin (Engine) Using Ansible (Engine) Using Chef (Engine) Using Puppet (Engine) View a container's logs (Engine) Volumes (Engine) Engine: CLI Daemon CLI reference (dockerd) (Engine) docker docker attach docker build docker checkpoint docker checkpoint create docker checkpoint ls docker checkpoint rm docker commit docker config docker config create docker config inspect docker config ls docker config rm docker container docker container attach docker container commit docker container cp docker container create docker container diff docker container exec docker container export docker container inspect docker container kill docker container logs docker container ls docker container pause docker container port docker container prune docker container rename docker container restart docker container rm docker container run docker container start docker container stats docker container stop docker container top docker container unpause docker container update docker container wait docker cp docker create docker deploy docker diff docker events docker exec docker export docker history docker image docker image build docker image history docker image import docker image inspect docker image load docker image ls docker image prune docker image pull docker image push docker image rm docker image save docker image tag docker images docker import docker info docker inspect docker kill docker load docker login docker logout docker logs docker network docker network connect docker network create docker network disconnect docker network inspect docker network ls docker network prune docker network rm docker node docker node demote docker node inspect docker node ls docker node promote docker node ps docker node rm docker node update docker pause docker plugin docker plugin create docker plugin disable docker plugin enable docker plugin inspect docker plugin install docker plugin ls docker plugin push docker plugin rm docker plugin set docker plugin upgrade docker port docker ps docker pull docker push docker rename docker restart docker rm docker rmi docker run docker save docker search docker secret docker secret create docker secret inspect docker secret ls docker secret rm docker service docker service create docker service inspect docker service logs docker service ls docker service ps docker service rm docker service scale docker service update docker stack docker stack deploy docker stack ls docker stack ps docker stack rm docker stack services docker start docker stats docker stop docker swarm docker swarm ca docker swarm init docker swarm join docker swarm join-token docker swarm leave docker swarm unlock docker swarm unlock-key docker swarm update docker system docker system df docker system events docker system info docker system prune docker tag docker top docker unpause docker update docker version docker volume docker volume create docker volume inspect docker volume ls docker volume prune docker volume rm docker wait Use the Docker command line (Engine) Engine: Extend Access authorization plugin (Engine) Docker log driver plugins Docker network driver plugins (Engine) Extending Engine with plugins Managed plugin system (Engine) Plugin configuration (Engine) Plugins API (Engine) Volume plugins (Engine) Engine: Security AppArmor security profiles for Docker (Engine) Automation with content trust (Engine) Content trust in Docker (Engine) Delegations for content trust (Engine) Deploying Notary (Engine) Docker security (Engine) Docker security non-events (Engine) Isolate containers with a user namespace (Engine) Manage keys for content trust (Engine) Play in a content trust sandbox (Engine) Protect the Docker daemon socket (Engine) Seccomp security profiles for Docker (Engine) Secure Engine Use trusted images Using certificates for repository client verification (Engine) Engine: Tutorials Engine tutorials Network containers (Engine) Get Started Part 1: Orientation Part 2: Containers Part 3: Services Part 4: Swarms Part 5: Stacks Part 6: Deploy your app Machine Amazon Web Services (Machine) Digital Ocean (Machine) docker-machine active docker-machine config docker-machine create docker-machine env docker-machine help docker-machine inspect docker-machine ip docker-machine kill docker-machine ls docker-machine provision docker-machine regenerate-certs docker-machine restart docker-machine rm docker-machine scp docker-machine ssh docker-machine start docker-machine status docker-machine stop docker-machine upgrade docker-machine url Driver options and operating system defaults (Machine) Drivers overview (Machine) Exoscale (Machine) Generic (Machine) Get started with a local VM (Machine) Google Compute Engine (Machine) IBM Softlayer (Machine) Install Machine Machine Machine CLI overview Machine command-line completion Machine concepts and help Machine overview Microsoft Azure (Machine) Microsoft Hyper-V (Machine) Migrate from Boot2Docker to Machine OpenStack (Machine) Oracle VirtualBox (Machine) Provision AWS EC2 instances (Machine) Provision Digital Ocean Droplets (Machine) Provision hosts in the cloud (Machine) Rackspace (Machine) VMware Fusion (Machine) VMware vCloud Air (Machine) VMware vSphere (Machine) Notary Client configuration (Notary) Common Server and signer configurations (Notary) Getting started with Notary Notary changelog Notary configuration files Running a Notary service Server configuration (Notary) Signer configuration (Notary) Understand the service architecture (Notary) Use the Notary client
characters

可以將數(shù)據(jù)存儲(chǔ)在容器的可寫(xiě)層中,但有一些缺點(diǎn):

  • 當(dāng)容器不再運(yùn)行時(shí),數(shù)據(jù)將不會(huì)持續(xù)存在,并且如果其他進(jìn)程需要數(shù)據(jù),則很難從容器中獲取數(shù)據(jù)。

  • 容器的可寫(xiě)層緊密耦合到容器運(yùn)行的主機(jī)。您無(wú)法輕松地將數(shù)據(jù)移到其他地方。

  • 寫(xiě)入容器的可寫(xiě)層需要存儲(chǔ)驅(qū)動(dòng)程序來(lái)管理文件系統(tǒng)。存儲(chǔ)驅(qū)動(dòng)程序使用Linux內(nèi)核提供聯(lián)合文件系統(tǒng)。與使用數(shù)據(jù)體積直接寫(xiě)入主機(jī)文件系統(tǒng)。

Docker提供了三種不同的方式將數(shù)據(jù)從Docker主機(jī)裝載到容器中:,綁定掛載tmpfs。如有疑問(wèn),卷幾乎總是正確的選擇。請(qǐng)繼續(xù)閱讀以獲取更多關(guān)于將數(shù)據(jù)安裝到容器中的機(jī)制的信息。

選擇正確的安裝類型

無(wú)論您選擇使用哪種類型的掛載,容器中的數(shù)據(jù)看起來(lái)都是一樣的。它被公開(kāi)為容器文件系統(tǒng)中的目錄或單個(gè)文件。

一個(gè)簡(jiǎn)單的方法來(lái)顯示卷之間的差異,綁定掛載和tmpfs掛載是考慮數(shù)據(jù)在Docker主機(jī)上的位置。

  • Volumes存儲(chǔ)在由Docker管理的主機(jī)文件系統(tǒng)的一部分中(/var/lib/docker/volumes/在Linux上)。非Docker進(jìn)程不應(yīng)該修改這部分文件系統(tǒng)。卷是在Docker中保留數(shù)據(jù)的最佳方式。

  • 綁定安裝可以存儲(chǔ)在主機(jī)系統(tǒng)的任何位置。他們甚至可能是重要的系統(tǒng)文件或目錄。Docker主機(jī)或Docker容器上的非Docker進(jìn)程可以隨時(shí)修改它們。

  • tmpfs 裝載僅存儲(chǔ)在主機(jī)系統(tǒng)的內(nèi)存中,而不會(huì)寫(xiě)入主機(jī)系統(tǒng)的文件系統(tǒng)。有關(guān)裝載類型的更多詳細(xì)信息

  • Volumes:由Docker創(chuàng)建和管理。您可以使用該docker volume create命令顯式創(chuàng)建一個(gè)卷,或者在創(chuàng)建容器或服務(wù)期間Docker可以創(chuàng)建一個(gè)卷。

創(chuàng)建卷時(shí),它將存儲(chǔ)在Docker主機(jī)的一個(gè)目錄中。將卷裝入容器時(shí),此目錄是裝入容器的內(nèi)容。這與綁定掛載的工作方式類似,區(qū)別在于卷由Docker管理,并與主機(jī)的核心功能隔離。

給定的體積可以同時(shí)安裝到多個(gè)容器中。當(dāng)沒(méi)有正在運(yùn)行的容器正在使用卷時(shí),該卷仍然可用于Docker,并且不會(huì)自動(dòng)刪除。您可以使用docker volume prune刪除未使用的卷。

在安裝卷時(shí),可能會(huì)命名匿名。首次將匿名卷掛載到容器時(shí),匿名卷沒(méi)有被賦予明確的名稱,因此Docker會(huì)為它們提供一個(gè)隨機(jī)名稱,該名稱在給定的Docker主機(jī)中保證是唯一的。除名稱外,命名和匿名卷的行為方式相同。

卷還支持使用卷驅(qū)動(dòng)程序,這些卷驅(qū)動(dòng)程序可讓您將數(shù)據(jù)存儲(chǔ)在遠(yuǎn)程主機(jī)或云提供程序中,以及其他可能性。

  • 綁定裝載:自Docker早期開(kāi)始提供。與卷相比,綁定安裝具有有限的功能。當(dāng)您使用綁定掛載時(shí),主機(jī)上的文件或目錄被掛載到容器中。文件或目錄由主機(jī)上的完整路徑引用。該文件或目錄不需要已經(jīng)存在于Docker主機(jī)上。如果它尚不存在,它會(huì)根據(jù)需求創(chuàng)建。綁定掛載非常高效,但它們依賴于具有特定目錄結(jié)構(gòu)的主機(jī)的文件系統(tǒng)。如果您正在開(kāi)發(fā)新的Docker應(yīng)用程序,請(qǐng)考慮使用命名卷。您不能使用Docker CLI命令直接管理綁定掛載。 警告:無(wú)論好壞,使用綁定掛載的一個(gè)副作用是您可以通過(guò)容器中運(yùn)行的進(jìn)程更改主機(jī)文件系統(tǒng),包括創(chuàng)建,修改或刪除重要的系統(tǒng)文件或目錄。這是一個(gè)強(qiáng)大的能力,可能會(huì)對(duì)安全產(chǎn)生影響,包括影響主機(jī)系統(tǒng)上的非Docker進(jìn)程。

  • tmpfs掛載tmpfs在Docker主機(jī)上或容器中,掛載不會(huì)永久保存在磁盤(pán)上。它可以在容器的生命周期內(nèi)由容器使用,以存儲(chǔ)非持久狀態(tài)或敏感信息。例如,在內(nèi)部,群集服務(wù)使用tmpfs掛載將秘密裝入服務(wù)的容器中。

使用-vor --volume標(biāo)志可將綁定掛載和卷掛載到容器中,但每種語(yǔ)法的語(yǔ)法稍有不同。對(duì)于tmpfs坐騎,您可以使用該--tmpfs標(biāo)志。但是,在Docker 17.06及更高版本中,我們建議將--mount容器和服務(wù)的標(biāo)志用于綁定掛載,卷或tmpfs掛載,因?yàn)檎Z(yǔ)法更清晰。

volumes的良好用例

volumes是在Docker容器和服務(wù)中保持?jǐn)?shù)據(jù)的首選方式。volumes

的一些用例包括:

  • 在多個(gè)運(yùn)行容器之間共享數(shù)據(jù)。如果您沒(méi)有明確創(chuàng)建它,則會(huì)在第一次將其裝入容器時(shí)創(chuàng)建volumes。當(dāng)該容器停止或被移除時(shí),該volumes仍然存在。多個(gè)容器可以同時(shí)安裝相同的卷,無(wú)論是讀寫(xiě)還是只讀。僅當(dāng)您明確刪除volumes時(shí)才會(huì)刪除volumes。

  • 當(dāng)不能保證Docker主機(jī)具有給定的目錄或文件結(jié)構(gòu)時(shí)。卷幫助您將Docker主機(jī)的配置與容器運(yùn)行時(shí)分離開(kāi)來(lái)。

  • 當(dāng)您想要將容器的數(shù)據(jù)存儲(chǔ)在遠(yuǎn)程主機(jī)或云提供商上而不是本地時(shí)。

  • 當(dāng)需要備份,還原或?qū)?shù)據(jù)從一臺(tái)Docker主機(jī)遷移到另一臺(tái)時(shí),卷是更好的選擇。您可以使用卷停止容器,然后備份卷的目錄(如/var/lib/docker/volumes/<volume-name>)。

綁定安裝的良好用例

通常,您應(yīng)該在可能的情況下使用volumes。綁定掛載適用于以下類型的用例:

  • 將配置文件從主機(jī)共享到容器。這就是Docker默認(rèn)情況下通過(guò)掛載向容器提供dns解析的方式。/etc/resolv.conf從主機(jī)進(jìn)入每個(gè)容器。

  • 在Docker主機(jī)上的開(kāi)發(fā)環(huán)境和容器之間共享源代碼或構(gòu)建構(gòu)件。例如,您可以掛載一個(gè)Maventarget/目錄到容器中,每次在Docker主機(jī)上構(gòu)建Maven項(xiàng)目時(shí),容器都可以訪問(wèn)重建的工件。

如果您以這種方式使用Docker進(jìn)行開(kāi)發(fā),那么生產(chǎn)Dockerfile將直接將生產(chǎn)準(zhǔn)備好的工件復(fù)制到映像中,而不是依賴綁定掛載。

  • 當(dāng)Docker主機(jī)的文件或目錄結(jié)構(gòu)保證與容器需要的綁定安裝一致tmpfs時(shí)。對(duì)于不希望數(shù)據(jù)保存在主機(jī)上的情況,最好使用tmpfs安裝掛載的良好用例,或者在容器內(nèi)。這可能出于安全原因,或者在應(yīng)用程序需要編寫(xiě)大量非持久狀態(tài)數(shù)據(jù)時(shí)保護(hù)容器的性能。使用綁定掛載或卷的提示如果使用綁定掛載或卷,請(qǐng)記住以下幾點(diǎn):

  • 如果容器的映像在裝入點(diǎn)包含數(shù)據(jù),則該數(shù)據(jù)將傳播到綁定裝入或卷。這是預(yù)先填充Docker主機(jī)需要的數(shù)據(jù)(在綁定掛載的情況下)或另一個(gè)容器需要(對(duì)于卷的情況)的好方法。

  • 如果您將綁定掛載或卷掛載到已經(jīng)寫(xiě)入文件或目錄的容器中的某個(gè)目錄中,則這些文件或目錄會(huì)被掛載遮擋,就像您將文件保存到/mntLinux主機(jī)中一樣,然后掛載USB開(kāi)車(chē)進(jìn)入/mnt/mnt在USB驅(qū)動(dòng)器卸下之前,內(nèi)容將被USB驅(qū)動(dòng)器的內(nèi)容遮蓋。接下來(lái)的步驟為

  • 詳細(xì)了解volumes。

  • 了解有關(guān)綁定掛載的更多信息。

  • 了解關(guān)于tmpfs裝載的更多信息。

  • 了解更多關(guān)于存儲(chǔ)驅(qū)動(dòng)程序,它們與綁定掛載或卷無(wú)關(guān),但允許您將數(shù)據(jù)存儲(chǔ)在容器的可寫(xiě)層中。

Previous article: Next article: