docker实际案例之在centOS7.4上用docker部署mysql服务
简书地址
一、使用docker run命令直接启动一个mysql容器
1.1 下载官方tomcat镜像
[root@dev ~]# docker search mysql
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/mysql MySQL is a widely used, open-source relati... 6589 [OK]
docker.io docker.io/mariadb MariaDB is a community-developed fork of M... 2086 [OK]
docker.io docker.io/mysql/mysql-server Optimized MySQL Server Docker images. Crea... 484 [OK]
docker.io docker.io/zabbix/zabbix-server-mysql Zabbix Server with MySQL database support 107 [OK]
docker.io docker.io/hypriot/rpi-mysql RPi-compatible Docker Image with Mysql 90
docker.io docker.io/zabbix/zabbix-web-nginx-mysql Zabbix frontend based on Nginx web-server ... 61 [OK]
docker.io docker.io/centurylink/mysql Image containing mysql. Optimized to be li... 60 [OK]
docker.io docker.io/1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 38 [OK]
docker.io docker.io/tutum/mysql Base docker image to run a MySQL database ... 32
docker.io docker.io/centos/mysql-57-centos7 MySQL 5.7 SQL database server 31
docker.io docker.io/mysql/mysql-cluster Experimental MySQL Cluster Docker images. ... 31
docker.io docker.io/schickling/mysql-backup-s3 Backup MySQL to S3 (supports periodic back... 20 [OK]
docker.io docker.io/bitnami/mysql Bitnami MySQL Docker Image 15 [OK]
docker.io docker.io/zabbix/zabbix-proxy-mysql Zabbix proxy with MySQL database support 15 [OK]
docker.io docker.io/linuxserver/mysql A Mysql container, brought to you by Linux... 14
docker.io docker.io/centos/mysql-56-centos7 MySQL 5.6 SQL database server 8
docker.io docker.io/circleci/mysql MySQL is a widely used, open-source relati... 6
docker.io docker.io/openshift/mysql-55-centos7 DEPRECATED: A Centos7 based MySQL v5.5 ima... 6
docker.io docker.io/dsteinkopf/backup-all-mysql backup all DBs in a mysql server 4 [OK]
docker.io docker.io/frodenas/mysql A Docker Image for MySQL 2 [OK]
docker.io docker.io/mysql/mysql-router MySQL Router provides transparent routing ... 2
docker.io docker.io/openzipkin/zipkin-mysql Mirror of https://quay.io/repository/openz... 1
docker.io docker.io/ansibleplaybookbundle/mysql-apb An APB which deploys RHSCL MySQL 0 [OK]
docker.io docker.io/cloudfoundry/cf-mysql-ci Image used in CI of cf-mysql-release 0
docker.io docker.io/cloudposse/mysql Improved `mysql` service with support for ... 0 [OK]
[root@dev mysql]# docker pull mysql:5.7.19
Trying to pull repository docker.io/library/mysql ...
5.7.19: Pulling from docker.io/library/mysql
85b1f47fba49: Pull complete
27dc53f13a11: Pull complete
095c8ae4182d: Pull complete
0972f6b9a7de: Pull complete
1b199048e1da: Pull complete
159de3cf101e: Pull complete
963d934c2fcd: Pull complete
f4b66a97a0d0: Pull complete
f34057997f40: Pull complete
ca1db9a06aa4: Pull complete
0f913cb2cc0c: Pull complete
Digest: sha256:bfb22e93ee87c6aab6c1c9a4e7cdc68e9cb9b64920f28fa289f9ffae9fe8e173
Status: Downloaded newer image for docker.io/mysql:5.7.19
[root@dev mysql]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
marvin/tomcat latest 098f61ab6f8b 22 hours ago 489 MB
nginx_image1 latest c4d5f5accc06 24 hours ago 109 MB
docker.io/tomcat latest 2d43521f2b1a 6 days ago 463 MB
docker.io/nginx latest 8b89e48b5f15 7 days ago 109 MB
docker.io/mysql 5.7.19 3e3878acd190 9 months ago 412 MB
[root@dev mysql]#
1.2 创建用于挂载的目录
[root@dev local]# pwd
/usr/local
[root@dev local]# mkdir mysql
[root@dev local]# mkdir mysql/data
[root@dev local]# mkdir mysql/conf.d
[root@dev local]# cd mysql/
[root@dev mysql]# ll
total 8
drwxr-xr-x 2 root root 4096 Jul 24 14:18 conf.d
drwxr-xr-x 2 root root 4096 Jul 24 14:18 data
[root@dev mysql]#
命令解析:
mkdir /usr/local/mysql/data #用于挂载mysql数据文件
mkdir /usr/local/mysql/conf.d #用于挂载mysql配置文件
1.3 启动容器
[root@dev mysql]# docker run --name mysql5.7 -p 3306:3306 -v /usr/local/mysql/data:/var/lib/mysql -v /usr/local/mysql/conf.d:/etc/mysql/conf.d -e MYSQL_ROOT_PASSWORD=112233 -d mysql:5.7.19
10151eef645f8621441585354ad11d1f98514cdb253c5d1b77db6c0c50327420
[root@dev mysql]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
10151eef645f mysql:5.7.19 "docker-entrypoint..." 3 seconds ago Up 2 seconds 0.0.0.0:3306->3306/tcp mysql5.7
6f189daf5880 marvin/tomcat "catalina.sh run" 22 hours ago Up 22 hours 0.0.0.0:8080->8080/tcp tomcat8
[root@dev mysql]#
其他参数:
–restart always:开机启动
–privileged=true:提升容器内权限
-e MYSQL_USER=”marvin”:添加用户marvin
-e MYSQL_PASSWORD=”pwd123”:设置marvin的密码伟pwd123
-e MYSQL_ROOT_PASSWORD=”rootpwd123”:设置root的密码伟rootpwd123
–character-set-server=utf8:设置字符集为utf8
–collation-server=utf8_general_ci:设置字符比较规则为utf8_general_ci
注意:如果运行时添加了marvin用户,用root登录后执行用户授权ALTER USER 'marvin'@'%' IDENTIFIED WITH mysql_native_password BY 'password123';,才能用远程客户端访问数据库。
1.4 检查结果
[root@dev mysql]# docker exec -it mysql5.7 mysql -uroot -p112233
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.11 MySQL Community Server - GPL
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.01 sec)
mysql>
成功安装mysql
1.5 设置远程客户端登录
mysql> grant all privileges on *.* to root@"%" identified by "root.123" with grant option;
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql>
通过客户端创建数据一个数据库,创建一张表
在server端用命令行查看:
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| demo |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)
mysql> use demo;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+----------------+
| Tables_in_demo |
+----------------+
| test |
+----------------+
1 row in set (0.00 sec)
mysql> select * from test;
Empty set (0.00 sec)
mysql>
再看宿主机文件目录:
[root@dev data]# pwd
/usr/local/mysql/data
[root@dev data]# ll
total 188480
-rw-r----- 1 polkitd ssh_keys 56 Jul 24 16:46 auto.cnf
-rw------- 1 polkitd ssh_keys 1675 Jul 24 16:46 ca-key.pem
-rw-r--r-- 1 polkitd ssh_keys 1074 Jul 24 16:46 ca.pem
-rw-r--r-- 1 polkitd ssh_keys 1078 Jul 24 16:46 client-cert.pem
-rw------- 1 polkitd ssh_keys 1675 Jul 24 16:46 client-key.pem
drwxr-x--- 2 polkitd ssh_keys 4096 Jul 24 16:52 demo
-rw-r----- 1 polkitd ssh_keys 1321 Jul 24 16:46 ib_buffer_pool
-rw-r----- 1 polkitd ssh_keys 79691776 Jul 24 16:52 ibdata1
-rw-r----- 1 polkitd ssh_keys 50331648 Jul 24 16:52 ib_logfile0
-rw-r----- 1 polkitd ssh_keys 50331648 Jul 24 16:46 ib_logfile1
-rw-r----- 1 polkitd ssh_keys 12582912 Jul 24 16:52 ibtmp1
drwxr-x--- 2 polkitd ssh_keys 4096 Jul 24 16:46 mysql
drwxr-x--- 2 polkitd ssh_keys 4096 Jul 24 16:46 performance_schema
-rw------- 1 polkitd ssh_keys 1675 Jul 24 16:46 private_key.pem
-rw-r--r-- 1 polkitd ssh_keys 451 Jul 24 16:46 public_key.pem
-rw-r--r-- 1 polkitd ssh_keys 1078 Jul 24 16:46 server-cert.pem
-rw------- 1 polkitd ssh_keys 1675 Jul 24 16:46 server-key.pem
drwxr-x--- 2 polkitd ssh_keys 12288 Jul 24 16:46 sys
[root@dev data]#
完美!
二、 使用dockerfile启动mysql容器
2.1、编写docker file
在当前目录(/usr/local/mysql/)创建dockerfile文件,编辑内容如下:
FROM docker.io/mysql:5.7.19
#设置免密登录
ENV MYSQL_ALLOW_EMPTY_PASSWORD yes
#将所需文件放到容器中
COPY setup.sh /mysql/setup.sh
COPY schema.sql /mysql/schema.sql
COPY privileges.sql /mysql/privileges.sql
COPY conf.d /etc/mysql/conf.d
RUN chmod 755 /mysql/*.sh
# 设置可以允许挂载的卷,可以用来备份数据库和配置文件
# VOLUME /usr/local/mysql/data
# 设置可以映射的端口
EXPOSE 3306
#设置容器启动时执行的命令
CMD ["sh", "/mysql/setup.sh"]
2.2、写容器启动脚本setup.sh和配置文件。
setup.sh内容如下:
#!/bin/bash
set -e
#查看mysql服务的状态,方便调试,这条语句可以删除
echo `service mysql status`
echo '1.启动mysql....'
#启动mysql
service mysql start
sleep 3
echo `service mysql status`
echo '2.开始导入数据....'
#导入数据
mysql < /mysql/schema.sql
echo '3.导入数据完毕....'
sleep 3
echo `service mysql status`
#重新设置mysql密码
echo '4.开始修改密码....'
mysql < /mysql/privileges.sql
echo '5.修改密码完毕....'
#sleep 3
echo `service mysql status`
echo `mysql容器启动完毕,且数据导入成功`
tail -f /dev/null
设置可执行权限:
chmod u+x setup.sh
这里是先导入数据,然后才是设置用户和权限,是因为mysql容器一开始为免密登录,Dockerfile中有如下设置:ENV MYSQL_ALLOW_EMPTY_PASSWORD yes,此时执行导入数据命令不需要登录验证操作,如果是先执行权限操作,那么导入数据则需要登录验证,整个过程就麻烦了许多。
conf.d目录下创建配置文件my.cnf,内容如下:
[client]
default-character-set=utf8mb4
[mysqld]
character-set-client-handshake = FALSE
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
init_connect=’SET NAMES utf8mb4'
max_allowed_packet=100M
[mysql]
default-character-set=utf8mb4
2.3、需要导入数据的mysql脚本命令schema.sql:
-- 创建数据库
create database `docker_mysql` default character set utf8 collate utf8_general_ci;
use docker_mysql;
-- 建表
DROP TABLE IF EXISTS `user`;
CREATE TABLE `user` (
`id` bigint(20) NOT NULL,
`created_at` bigint(40) DEFAULT NULL,
`last_modified` bigint(40) DEFAULT NULL,
`email` varchar(255) DEFAULT NULL,
`first_name` varchar(255) DEFAULT NULL,
`last_name` varchar(255) DEFAULT NULL,
`username` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
-- 插入数据
INSERT INTO `user` (`id`, `created_at`, `last_modified`, `email`, `first_name`, `last_name`, `username`)
VALUES
(0,1490257904,1490257904,'john.doe@example.com','John','Doe','user');
因为是测试,所以随便写了一个建表语句,如果是真实项目肯定不止这一张表,直接将建表语句覆盖过来就好。
2.4、mysql权限设置命令privileges.sql:
use mysql;
select host, user from user;
-- 因为mysql版本是5.7,因此新建用户为如下命令:
create user docker identified by '123456';
-- 将docker_mysql数据库的权限授权给创建的docker用户,密码为123456:
grant all on docker_mysql.* to docker@'%' identified by '123456' with grant option;
-- 创建root用户,设置密码
create user root identified by 'root.123';
-- 授权root用户所有数据库密码
grant all privileges on *.* to root@"%" identified by "root.123" with grant option;
-- 这一条命令一定要有:
flush privileges;
2.5、创建镜像docker build -t marvin/docker-mysql:5.7.19 .
[root@dev mysql]# ll
total 28
drwxr-xr-x 2 root root 4096 Jul 24 19:16 conf.d
drwxr-xr-x 6 polkitd ssh_keys 4096 Jul 26 09:52 data
drwxr-xr-x 2 root root 4096 Jul 26 12:02 datadir
-rw-r--r-- 1 root root 504 Jul 26 12:41 dockerfile
-rw-r--r-- 1 root root 578 Jul 24 18:38 privileges.sql
-rw-r--r-- 1 root root 713 Jul 24 17:59 schema.sql
-rwxr--r-- 1 root root 592 Jul 24 18:02 setup.sh
[root@dev mysql]# rm -rf datadir/
[root@dev mysql]# ll
total 24
drwxr-xr-x 2 root root 4096 Jul 24 19:16 conf.d
drwxr-xr-x 6 polkitd ssh_keys 4096 Jul 26 09:52 data
-rw-r--r-- 1 root root 504 Jul 26 12:41 dockerfile
-rw-r--r-- 1 root root 578 Jul 24 18:38 privileges.sql
-rw-r--r-- 1 root root 713 Jul 24 17:59 schema.sql
-rwxr--r-- 1 root root 592 Jul 24 18:02 setup.sh
[root@dev mysql]# docker build -t marvin/docker-mysql:5.7.19 .
Sending build context to Docker daemon 219.8 MB
Step 1/9 : FROM docker.io/mysql:5.7.19
---> 3e3878acd190
Step 2/9 : ENV MYSQL_ALLOW_EMPTY_PASSWORD yes
---> Running in 12565f8c0c75
---> c3603b8b0ce0
Removing intermediate container 12565f8c0c75
Step 3/9 : COPY setup.sh /mysql/setup.sh
---> 25f810745d6e
Removing intermediate container c87437761955
Step 4/9 : COPY schema.sql /mysql/schema.sql
---> 6336d1ec2e5c
Removing intermediate container d18c0faf05e2
Step 5/9 : COPY privileges.sql /mysql/privileges.sql
---> 909fd9a0147e
Removing intermediate container 597ba357c5dd
Step 6/9 : COPY conf.d /etc/mysql/conf.d
---> 0df0b1a8419a
Removing intermediate container 5495b6697f5a
Step 7/9 : RUN chmod 755 /mysql/*.sh
---> Running in 648c99da183d
---> 9637b6b5e125
Removing intermediate container 648c99da183d
Step 8/9 : EXPOSE 3306
---> Running in 0b4514d7ffcc
---> 0acd4a3a39a6
Removing intermediate container 0b4514d7ffcc
Step 9/9 : CMD sh /mysql/setup.sh
---> Running in 9cc069e6e6aa
---> effcf5bab4c1
Removing intermediate container 9cc069e6e6aa
Successfully built effcf5bab4c1
[root@dev mysql]#
[root@dev mysql]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
marvin/docker-mysql 5.7.19 effcf5bab4c1 27 seconds ago 412 MB
marvin/tomcat latest 098f61ab6f8b 2 days ago 489 MB
nginx_image1 latest c4d5f5accc06 2 days ago 109 MB
docker.io/tomcat latest 2d43521f2b1a 8 days ago 463 MB
docker.io/nginx latest 8b89e48b5f15 9 days ago 109 MB
docker.io/mysql 5.7.19 3e3878acd190 9 months ago 412 MB
[root@dev mysql]#
2.6、启动容器docker run -d -p 13306:3306 -v /usr/local/mysql/datadir:/var/lib/mysql marvin/docker-mysql:5.7.19
[root@dev mysql]# docker run -d -p 13306:3306 -v /usr/local/mysql/datadir:/var/lib/mysql marvin/docker-mysql:5.7.19
e55a41a9ace4fb09db5af3e77fab257764f938ffe2f7221ec312bf624f41543e
[root@dev mysql]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e55a41a9ace4 marvin/docker-mysql:5.7.19 "docker-entrypoint..." 4 seconds ago Up 3 seconds 0.0.0.0:13306->3306/tcp inspiring_bassi
831da6f83e21 mysql:5.7.19 "docker-entrypoint..." 2 hours ago Up 2 hours 0.0.0.0:3306->3306/tcp mysql5.7
6f189daf5880 marvin/tomcat "catalina.sh run" 2 days ago Up 2 days 0.0.0.0:8080->8080/tcp tomcat8
[root@dev mysql]#
2.7、检查结果docker exec -it e55a41a9ace4 mysql -udocker -p123456
[root@dev mysql]# docker exec -it e55a41a9ace4 mysql -udocker -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.7.19 MySQL Community Server (GPL)
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| docker_mysql |
+--------------------+
2 rows in set (0.01 sec)
mysql> use docker_mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+------------------------+
| Tables_in_docker_mysql |
+------------------------+
| user |
+------------------------+
1 row in set (0.01 sec)
mysql>
2.8、远程登录
用客户端链接后创建了数据库,然后重新启动docker,数据仍然在。完美~~~
美中不足
1、找不到mysql.sock
在实践过程中也碰到了比较恶心的问题,就是启动时老是找不到mysql.sock,最开始在my.cnf里没有配置socket的路径,这样没问题。
但是不知道默认的mysql.sock的容器里是在什么路径上;
于是在my.cnf配置文件里加上这个配置socket=/var/lib/mysql/mysql.sock;
启动的时候就怎么都会报错了
错误信息大概是这样:
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
然后将配置改为socket=/tmp/mysql.sock
启动的时候又变成这样了:
[root@dev mysql]# docker run -p 13306:3306 -v /usr/local/mysql/datadir:/var/lib/mysql marvin/docker-mysql
MySQL Community Server 5.7.19 is not running.
1.启动mysql....
..
MySQL Community Server 5.7.19 is started.
MySQL Community Server 5.7.19 is running.
2.开始导入数据....
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
docker stop docker rm docker rmi docker build 又重新docker run
反复了一上午。
最后还是没办法,把配置文件中的sock的配置给删除了。
正常启动后查知sock的路径默认的原来是/var/run/mysqld
root@63d3f0b5ea07:/var/run/mysqld# pwd
/var/run/mysqld
root@63d3f0b5ea07:/var/run/mysqld# ls
mysqld.pid mysqld.sock mysqld.sock.lock
root@63d3f0b5ea07:/var/run/mysqld#
应该能修改,不过不想折腾了。
2、如果挂载了数据持久化的数据卷,再次build容器,启动时会报创建用户失败等,因为已有用户了。
因此如果是二次运行,要么删除掉持久化的数据,要么修改setup.sh脚本,不要再执行privileges.sql和schema.sql。
扩展
生产环境中可能数据库要做主从、读写分离等等,但是因为数据是要共享的,所以有可能用到下知识.
数据共享
如果要授权一个容器访问另一个容器的Volume,我们可以使用-volumes-from参数来执行docker run。
$ docker run -it -h NEWCONTAINER --volumes-from container-test debian /bin/bash
root@NEWCONTAINER:/# ls /data
test-file
root@NEWCONTAINER:/#
值得注意的是不管container-test是否运行,它都会起作用。只要有容器连接Volume,它就不会被删除。
数据容器
常见的使用场景是使用纯数据容器来持久化数据库、配置文件或者数据文件等。官方的文档上有详细的解释。例如:
docker run -it -v /dbdata:/dbdata --name dbdata centos
该命令将会创建一个已经包含在Dockerfile里定义过Volume的postgres镜像,运行echo命令然后退出。当我们运行docker ps命令时,echo可以帮助我们识别某镜像的用途。我们可以用-volumes-from命令来识别其它容器的Volume:
创建db1和db2两个容器,并使用–volumes-from挂载dbdata容器中的数据卷
[root@wls12c /]$ docker run -it --volumes-from dbdata --name db1 centos
[root@wls12c /]$ docker run -it --volumes-from dbdata --name db2 centos
这样三个容器任何一个容器在该目录下写入,其它容器都能看见。
使用数据容器的两个注意点:
- 不要运行数据容器,这纯粹是在浪费资源。
- 不要为了数据容器而使用“最小的镜像”,如
busybox或scratch,只使用数据库镜像本身就可以了。你已经拥有该镜像,所以并不需要占用额外的空间。
备份
备份dbdata数据卷容器中的数据到主机的当前目录。
[root@wls12c /]$ docker run --volumes-from dbdata -v $(pwd):/backup --name worker centos tar zcf /backup/backup.tar.gz /dbdata
tar: Removing leading `/' from member names
[root@wls12c /]$ ls
b2b boot dev lib media net root srv tmp
backup.tar.gz cgroup etc lib64 misc opt sbin sys usr
bin dbdata home lost+found mnt proc selinux test var
[root@wls12c /]$ tar -tvf backup.tar.gz
drwxr-xr-x root/root 0 2016-08-26 10:51 dbdata/
-rw-r--r-- root/root 0 2016-08-26 10:40 dbdata/demo
-rw-r--r-- root/root 6 2016-08-26 10:48 dbdata/test.txt
-rw-r--r-- root/root 0 2016-08-26 10:51 dbdata/hello
恢复
创建一个带有数据卷的容器
[root@wls12c /]$ docker run -v /dbdata/dbdata --name db centos /bin/bash
恢复
[root@wls12c /]$ docker run --volumes-from db -v $(pwd):/backup centos tar xf /backup/backup.tar.gz
权限与许可
通常你需要设置Volume的权限或者为Volume初始化一些默认数据或者配置文件。要注意的关键点是,在Dockerfile的VOLUME指令后的任何东西都不能改变该Volume,比如:
FROM debian:wheezy
RUN useradd foo
VOLUME /data
RUN touch /data/x
RUN chown -R foo:foo /data
该Docker file不能按预期那样运行,我们本来希望touch命令在镜像的文件系统上运行,但是实际上它是在一个临时容器的Volume上运行。如下所示:
FROM debian:wheezy
RUN useradd foo
RUN mkdir /data && touch /data/x
RUN chown -R foo:foo /data
VOLUME /data
Docker可以将镜像中Volume下的文件挂载到Volume下,并设置正确的权限。如果你指定Volume的主机目录将不会出现这种情况。
如果你没有通过RUN指令设置权限,那么你就需要在容器启动时使用CMD或ENTRYPOINT指令来执行(译者注:CMD指令用于指定一个容器启动时要运行的命令,与RUN类似,只是RUN是镜像在构建时要运行的命令)。
删除Volumes
这个功能可能会更加重要,如果你已经使用docker rm来删除你的容器,那可能有很多的孤立的Volume仍在占用着空间。
Volume只有在下列情况下才能被删除:
- 该容器是用
docker rm -v命令来删除的(-v是必不可少的)。 -
docker run中使用了--rm参数
即使用以上两种命令,也只能删除没有容器连接的Volume。连接到用户指定主机目录的Volume永远不会被docker删除。
除非你已经很小心的,总是像这样来运行容器,否则你将会在/var/lib/docker/vfs/dir目录下得到一些僵尸文件和目录,并且还不容易说出它们到底代表什么。
参考
详解利用Dockerfile构建mysql镜像并实现数据的初始化及权限设置
基于Dockerfile构建mysqld服务镜像
dockerfile 实例
找不到mysql.sock的错误详解
