1

I know that in Docker when using the "local" driver a persistent volume is stored in /var/lib/docker/volume/<volume-name>/_data.

To modify data inside the volume must I mount it in a docker container or can I safely add/modify the content of the volume directly from this path?

I don't know if the docker engine adds metadata to the volume to keep track of changes inside it. I suppose that the docker engine is not aware of any change made externally to the volume data, so I'm wondering if this could cause any trouble to the volume.

cannatag
  • 111
  • 5

1 Answers1

2

Safe against what?

The files are just local files on a normal file system, so there should be no problem to modify them.

On the other hand, if the docker instance is running, it may not expect changes to those files. For example a database system may have cached content and not react well to modifications. But that doesn't seem to be what you intend to do.

RalfFriedl
  • 3,108
  • 4
  • 13
  • 17
  • 1
    To clarify my question I'm asking if the docker engine add metadata to the volume or keep track of changes inside it. I suppose that the docker engine is not aware of any change externally made to the volume data, and I'm wondering if this could cause any trouble to the volume. – cannatag Sep 09 '18 at 13:13
  • Exactly, the mysqld running in the container is just like the mysqld running on a system. Containerized processes are just regular processes with more isolation technologies locking them down (SECCOMP, SELinux, cgroups, etc). That said, you can run into trouble if you modify or create files in /var/lib/containers. For example, by default when you start docker (or any other container engine - like CRI-O or Podman) with SELinux enabled, it will relabel all of the content in /var/lib/mysql. – fatherlinux Sep 14 '18 at 18:57
  • If you mount /root, you can definitely break things. There is no tracking, but the Docker Daemon will relabel based on sVirt and break /root. Been there, done that: http://crunchtools.com/what-is-svirt-and-how-does-it-isolate-linux-containers/ – fatherlinux Sep 14 '18 at 18:58