Docker share folders possible?

spenzerx · September 7, 2015, 9:41am

Hi,

i am new to Docker.

I created 10 application containers for 10 users, 1 haproxy container and 1 userdata container with 10 folders for user-data (files).

Is it possible to mount only folder Userdata1 from container userdata to application container1 ?

Application container 1 should have only access to Userdata1 from userdata container. Userdata 2-10 should be hidden.

Is this possible? How can i solve this?

–volumes-from mounts all folders, not OK for me.
Mounting folders from HOST is my current solution, but i want to use a data-container.

programmerq · September 8, 2015, 4:22pm

It is definitely possible to mount only a subset of volumes, but you’ll have to do it by hand.

For example, I have a userdata container I created with the following command:

docker run -d -v /user1 -v /user2 -v /user3 --name userdata busybox false

I can take a look at which folders back these volumes with the docker inspect userdata command. The ‘Mounts’ section has information about the volumes:

...
"Mounts": [
    {
        "Name": "5abebf01528db67ff3e45b64d9ef60701dc562f17ada7319cf7e44e0b2662e32",
        "Source": "/mnt/sda1/var/lib/docker/volumes/5abebf01528db67ff3e45b64d9ef60701dc562f17ada7319cf7e44e0b2662e32/_data",
        "Destination": "/user3",
        "Driver": "local",
        "Mode": "",
        "RW": true
    },
    {
        "Name": "f5957016da92ebebd6c54d87f72f0189bcd3ad8570f1dc2d8c269790284819f0",
        "Source": "/mnt/sda1/var/lib/docker/volumes/f5957016da92ebebd6c54d87f72f0189bcd3ad8570f1dc2d8c269790284819f0/_data",
        "Destination": "/user1",
        "Driver": "local",
        "Mode": "",
        "RW": true
    },
    {
        "Name": "62dd0ebd41698967d0dee3e83c9aac88f3676293f9ca2d6570930b1a7dabc2ea",
        "Source": "/mnt/sda1/var/lib/docker/volumes/62dd0ebd41698967d0dee3e83c9aac88f3676293f9ca2d6570930b1a7dabc2ea/_data",
        "Destination": "/user2",
        "Driver": "local",
        "Mode": "",
        "RW": true
    }
],
...

Now, if I want another container started up with access to /user2, I can create it with the following command:

docker run -d -v /mnt/sda1/var/lib/docker/volumes/62dd0ebd41698967d0dee3e83c9aac88f3676293f9ca2d6570930b1a7dabc2ea/_data:/user2 --name user2 busybox

Another approach might be to split your userdata container into ten separate data containers. Since it is possible to do multiple --volumes-from options when launching a container, you can give access to only the volumes needed:

$ docker run -d -v /userdata1 --name userdata1 busybox
$ docker run -d -v /userdata2 --name userdata2 busybox
$ docker run -d -v /userdata3 --name userdata3 busybox
$ docker run -d -v /userdata4 --name userdata4 busybox

$ docker run --rm \
  --volumes-from userdata2 \
  busybox 'sh' '-c' 'ls -d /userdata*'
/userdata2

$ docker run --rm \
  --volumes-from userdata2 \
  --volumes-from userdata3 \
  busybox 'sh' '-c' 'ls -d /userdata*'
/userdata2
/userdata3