Default Bind Mounts

rimelek · December 30, 2023, 12:10pm

I edited your post. Please, use code blocks. Here is a guide for that: How to format your forum posts

It seems the problem is with the understanding what a container is. Everything that the container needs is on the host machine. It is not a virtual machine. So in that sense, yes, the container will “mount” the whole root folder of the container’s filesystem. Which includes the multiple layers of images and the writable filesystem on top of it. /proc and /sys are special folders on Linux for communicating with the kernel, not a regular filesystem.

As I wrote before, a container is not a virtual machine, so it needs the host kernel, although saying “it needs” the kernel doesn’t really make sense, as the container does not “use” the kernel, it would not exist without it.

You still want to run commands in a container. Without part of /proc, you wouldn’t even see the processes in the container fro the container.

If you want to see all the mounts, you can run:

docker run --rm bash cat /proc/self/mounts

You will see (probably) ext4 filesystems like /etc/hosts, but it doesn’t mean that file is mounted from /etc/hosts from the host machine. It is just the destination fro somewhere under /var/lib/docker.

You will see proc and sysfs filesystems which is required, and you will see tmpfs filesystems like:

tmpfs /sys/firmware tmpfs ro,relatime,inode64 0

That is one example of a masked path. The container shouldn’t have it, so it is masked and created empty in the memory. I guess it has to exists somehow. This is what I found as a little explanation

https://renenyffenegger.ch/notes/Linux/fhs/sys/firmware/index

So it is nice to know how exactly a container is created, but it requires deeper linux skills to actually understand what and why is needed to be available in a container and even I don’t know these hundred percent. Kernel capabilities could be mentioned too.

https://docs.docker.com/engine/security/#linux-kernel-capabilities

Now to clarify my statement “a container is not a virtual machine”

You could read and hear a lot that Docker Desktop creates a virtual machine even on Linux. That is true, but the virtual machine is still not the container, containers are running inside the virtual machine.

Topic		Replies	Views
Mount host directory including subdirectories General docker-compose , volumes	5	2805	February 13, 2024
Bind Mount Understanding General aws , docker	1	1394	October 24, 2021
Bind mounts and the "df -h", "mount -t ext4" outputs inside containers General	5	2516	May 7, 2019
From container to host General	14	134	August 21, 2024
Bind Mount Permissions General docker , linux	5	68	February 2, 2025

Default Bind Mounts

Related topics