Docker Storage¶
24 cards — 🟢 4 easy | 🟡 9 medium | 🔴 4 hard
🟢 Easy (4)¶
1. You stopped a running container but, it still uses the storage in case you ever resume it. How to reclaim the storage of a container?
Show answer
In order to reclaim the storage of a container, you have to remove it.Under the hood: stopped containers keep their writable layer on disk. Only docker rm frees it. Check: docker system df.
2. How to create a new volume?
Show answer
```\nCONTAINER_BINARY=podman\n$CONTAINER_BINARY volume create some_volume\n```Under the hood: named volumes are preferred — managed by Docker, portable, survive removal. Better than anonymous volumes.
3. True or False? podman diff works only on the container filesystem and not mounted files
Show answer
True. For mounted files you can use `podman inspect CONTAINER_NAME/ID`Under the hood: volumes exist outside the overlay filesystem. podman diff only sees the container's own writable layer.
4. What are Docker "volumes"?
Show answer
Storage used to persist data outside of containers.Under the hood: volumes live at /var/lib/docker/volumes/ and survive container removal.
Example: docker run -v mydata:/app/data nginx — data persists across container restarts.
🟡 Medium (9)¶
1. Explain the difference between "docker volume ls" and "docker volume rm."
Show answer
`docker volume ls:`Lists all Docker volumes, including named and anonymous volumes.
`docker volume rm:`
Removes one or more specified volumes.
While docker volume ls provides an overview of all volumes on the system, docker volume rm is used to remove specific volumes. It's important to note that removing a volume also removes any data stored in that volume. projects/knowledge/interview/docker/172-explain-the-difference-between-docker-volume-ls-an.txt
2. What is a Docker volume?
Show answer
A volume is a mechanism for persistent data storage outside of the container's layered filesystem. It's a designated folder that can be mounted into containers, allowing data to persist and be shared among containers or between host and container. (E.g., docker run -v /host/path:/container/path ...).Under the hood: Docker volumes live at /var/lib/docker/volumes/ on the host. They bypass the union filesystem, giving better I/O performance than the writable container layer.
Remember: three types of storage: volumes (Docker-managed), bind mounts (host path), tmpfs (RAM only). Volumes are preferred for persistent data.
3. How can you persist data in a Docker container using volumes?
Show answer
To persist data in a Docker container using volumes, you can follow these steps:Create a Volume:
```docker volume create my_data_volume```
Run a Container with the Volume:
```docker run -v my_data_volume:/path/in/container my_image```
This ensures that the data in /path/in/container is stored in the my_data_volume volume. Even if the container is removed, the data persists in the volume.
4. What is a Docker volume, and how is it different from a bind mount?
Show answer
A Docker volume is a persistent data storage mechanism that allows data to be shared between containers and persisted even if the containers are stopped or removed. Volumes are managed by Docker and are stored outside the container filesystem.**Key differences from a bind mount:**
* Persistence: Data in volumes persists even if the container is removed, while bind mounts depend on the host filesystem and are subject to host changes.
* Managed by Docker: Volumes are managed by Docker and are more suitable for long-term data storage. Bind mounts are simply references to a path on the host.
* Performance: Volumes are typically more performant than bind mounts, especially in scenarios with large amounts of data.
5. True or False? Containers have ephemeral storage layer
Show answer
True. The ephemeral storage layer is added on top of the base image layer and is exclusive to the running container. This way, containers created from the same base image, don't share the same storage.Under the hood: the ephemeral layer uses a copy-on-write filesystem (overlay2 by default). Writes go to the thin writable layer; reads fall through to the image layers below.
Gotcha: writing heavily to the ephemeral layer is slow and bloats the container. Use volumes for any significant I/O.
6. What is the significance of named volumes in Docker?
Show answer
Named volumes in Docker provide a way to assign a human-readable name to a volume, making it easier to manage and reference. Unlike anonymous volumes, named volumes persist even if no containers are using them, allowing for better organization and data retention.Example of creating a named volume:
```docker volume create my_named_volume```
This creates a named volume named my_named_volume. You can then use this volume with the docker run command or other Docker-related operations.
7. Container storage is said to be ephemeral. What does it mean?
Show answer
It means the contents of the container and the data generated by it, is gone when the container is removed.Analogy: a container's storage is like a whiteboard — you can write on it while it's in use, but when you erase the board (remove the container), everything is gone.
Remember: 'Ephemeral = temporary.' Containers are designed to be disposable. Persist important data with volumes, not the container's writable layer.
Gotcha: docker stop preserves the writable layer (data survives restart). Only docker rm destroys it.
8. How do you create a Docker volume?
Show answer
To create a Docker volume, you can use the docker volume create command:```docker volume create my_volume```
This command creates a named volume named my_volume. You can then use this volume when running containers to share and persist data.
```docker run -v my_volume:/path/in/container my_image```
This mounts the my_volume volume to a specified path inside the container.
9. True or False? Applications running on containers, should use the container storage to store persistent data
Show answer
False. Containers are not built to store persistent data and even if it's possible with some implementations, it might not perform well in case of applications with intensive I/O operations.Remember: 'Containers for compute, volumes for data.' The container writable layer uses copy-on-write, which adds overhead for write-heavy workloads.
Example: a database should write to a Docker volume (or bind mount), not to the container filesystem. The volume bypasses the overlay driver for better I/O.
🔴 Hard (4)¶
1. Explain the purpose of the "-v" option in the "docker run" command.
Show answer
The -v (or --volume) option in the docker run command is used to create a bind mount or associate a container path with a volume. It allows you to share data between the host machine and the container.Example of using a bind mount:
```docker run -v /host/path:/container/path image_name```
Example of using a volume:
```docker run -v volume_name:/container/path image_name```
This option is versatile and can be used to connect a container to either a host path or a named volume.
2. How to mount a directory from the host to a container?
Show answer
```\nCONTAINER_BINARY=podman\nmkdir /tmp/dir_on_the_host\n\n$CONTAINER_BINARY run -v /tmp/dir_on_the_host:/tmp/dir_on_the_container IMAGE_NAME\n```In some systems you'll have also to adjust security on the host itself:
```\npodman unshare chown -R UID:GUID /tmp/dir_on_the_host\nsudo semanage fcontext -a -t container_file_t '/tmp/dir_on_the_host(/.*)?'\nsudo restorecon -Rv /tmp/dir_on_the_host\n```
3. How does Docker handle storage drivers, and what are some commonly used drivers?
Show answer
Docker uses storage drivers to manage how container filesystems are stored and managed. Storage drivers interface with the underlying storage infrastructure to provide container filesystem capabilities.**Commonly used Docker storage drivers include:**
* Overlay2: Default on most Linux distributions, provides a good balance of performance and functionality.
* aufs: Older driver, historically used on Ubuntu systems.
4. How do you backup and restore data from Docker volumes?
Show answer
To backup and restore data from Docker volumes, you can use standard filesystem backup tools or Docker-specific utilities. Here's a general approach:Backup:
* Use a backup tool to copy the contents of the volume to a backup location. For example:
```docker run --rm -v source_volume:/backup -v /local/path:/restore alpine tar cvf /backup/data.tar /data```
Restore:
* Use the backup tool to restore the contents to a named volume:
```docker run --rm -v target_volume:/target -v /local/path:/restore alpine tar xvf /restore/data.tar -C /target```