Menu
I run a simple docker container with sudo docker run -it ubuntu:latest /bin/bash
When I examine mounted file system, with: df -h, one
Filesystem Size Used Avail Use% Mounted on
overlay 63G 4.3G 56G 8% /
tmpfs 64M 0 64M 0% /dev
tmpfs 1000M 0 1000M 0% /sys/fs/cgroup
/dev/sda1 63G 4.3G 56G 8% /etc/hosts
....
I fail to understand the last line, i.e. /dev/sda1 -> /etc/hosts, when I run df -h on the host machine, I get the mount /dev/sda1 -> /.
So /dev/sda1 is actually my hard drive, why is it mounted to /etc/hosts on the container, and how come /etc/hosts on the container is a file with correct content.
Any explanation of what is going on here? how does this work?
908
These mean 'mount specific directory on your container'. For example, VOLUME /data and -v /data is exactly same meaning. If you run the image that have VOLUME /data or with -v /data option, /data directory is mounted your container.
Basically, there are 3 types of mounts which you can use in your Docker container viz. Volumes, Bind mount and tmpfs mounts.
Mountpoint When you use a bind mount, a file or directory on the host machine is mounted into a container. The file or directory is referenced by its absolute path on the host machine. The file or directory does not need to exist on the Docker host already. It is created on demand if it does not yet exist.
You have two questions in your post, let me cover them sequentially.
1) Why /etc/{hosts,hostname,resolv.conf} files are mounted from outside?
I see at least one reason for this.
Imagine what would happen if the container engine would simply write these files to the container's filesystem and the user would decide to mount /etc as a volume (which is perfectly legal and pretty useful - mounting /etc would allow the user to provide the container with multiple config files in one -v argument for docker run):
/etc directory;/etc).After launching this container, the user tries to launch one more with the same /etc volume (again, this is perfectly legal and useful - e.g. the user scales up some service and shares config files in /etc among instances), and... The second container overwrites hostname, hosts and resolv.conf files on the volume, affecting the first container.
Now consider what happens when bind-mounting is used instead of direct writes:
/etc directory;/etc/{hosts,hostname,resolv.conf} from somewhere on the host to the container's filesystem;2) Why I see /dev/sda1 as the source of these mounts?
Check findmnt(8) instead of df(1):
$ docker run -it ubuntu
root@5a8ab4d6e716:/# findmnt
TARGET SOURCE
...
|-/etc/resolv.conf /dev/sda1[/var/lib/docker/containers/5a8ab4d6e71691f279cbbcf5a295b5fa90fd138f10418c996ad7ea4440452816/resolv.conf]
|-/etc/hostname /dev/sda1[/var/lib/docker/containers/5a8ab4d6e71691f279cbbcf5a295b5fa90fd138f10418c996ad7ea4440452816/hostname]
`-/etc/hosts /dev/sda1[/var/lib/docker/containers/5a8ab4d6e71691f279cbbcf5a295b5fa90fd138f10418c996ad7ea4440452816/hosts]
Actually, each line of output here shows three fields (mount target /etc/hosts, mount source /dev/sda1 and FS root /var/lib/<...>/hosts), and the third one is not shown by df(1).
According to man procfs paragraph about /proc/PID/mountinfo file (which is the source of information about mounts for utilities):
(4) root: the pathname of the directory in the filesystem which forms the root of this mount.
(5) mount point: the pathname of the mount point relative to the process's root directory.
...
(10) mount source: filesystem-specific information or "none".
For most mounts, FS root is / (because you mount whole filesystem), so you don't loose too much information when you look at the df(1) output. However, this is not the case for bind-mounts of specific files.
192
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
