参考地址:https://blog.csdn.net/weixin_43526371/article/details/126326614
privileged - (一般不推荐)
是否给容器最高权限,这意味着容器内应用将不受权限的控制,一般不推荐
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6a6bdd924693 centos:centos7 "/bin/bash" 11 seconds ago Up 10 seconds on_privileged
2d1cc959f96c centos:centos7 "/bin/bash" 28 seconds ago Up 27 seconds off_privileged
/usr/sbin/init 启动容器之后可以使用systemctl命令
无 privileged (不带 root 权限)
$ docker run -d --name=off_privileged -it centos:centos7 /usr/sbin/init
$ docker exec -it off_privileged /bin/bash
$ systemctl # 不能执行 Failed to get D-Bus connection: Operation not permitted
有 privileged (带 root 权限)
$ docker run -d --name=on_privileged --privileged=true -it centos:centos7 /usr/sbin/init
$ docker exec -it on_privileged /bin/bash
$ systemctl # 可以执行
数据卷
容器内文件夹拷贝到宿主机上
# docker cp 容器ID:容器内路径 宿主机路径
$ docker cp adfc4e3b9652:/tmp/file_dir /tmp/
容器内文件夹映射到宿主机上, 修改数据是同步的(修改主机-容器内随之改变,修改容器-主机内随之改变)
-v 容器内路径:宿主机路径
$ docker run -p 8080:80 -v /tmp/my-nginx/html:/usr/share/nginx/html -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx
# $ docker run
# -p 8080:80
# -v /tmp/my-nginx/html:/usr/share/nginx/html
# -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf
# -d nginx
容器内路径只读 ro (默认为可读写权限rw)
$ docker run -p 8080:80 -v /tmp/my-nginx/html:/usr/share/nginx/html:ro -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx
继承与共享 --volumes-from
$ docker run -v /tmp/my-nginx/html:/usr/share/nginx/html:ro -v /tmp/my-nginx/conf/default.conf:/etc/nginx/conf.d/default.conf -d nginx
$ docker run -p 8080:80 --volumes-from 971ae2240bea -d nginx
$ docker run -p 8081:80 --volumes-from 971ae2240bea -d nginx