5

we have a docker container (mongodb) we are using, with volume mount to store data persistently.

I would like to protect the container and\or volume from accidental deletion by commands 'docker volume prune' or even just 'docker volume rm'

any suggestion?

GKman
  • 503
  • 1
  • 5
  • 19
  • A hacky way would be `chattr +i /path/to/docker/volume/on/host` – Robert Jul 04 '19 at 14:00
  • Secure your docker engine correctly, only give access to entitled and capable ops, and make regular backups. @Robert unless I missed something, your solution would also prevent the volume from being written to (which is probably quite annoying for a db). – Zeitounator Jul 04 '19 at 14:12
  • 1
    @Zeitounator - it's myself I'm afraid of. :\ – GKman Jul 04 '19 at 14:51

2 Answers2

3

Create a function / alias in the bash profile or bashrc.

function docker {
  docker_vol_res="Y"
  [[ $1 == vol* ]] && [[ $2 == prune || $2 == rm ]] && echo -n "Do you want to \"$2\" the volume (Y/N)? " && read docker_vol_res
  [[ $docker_vol_res == "Y" ]] && /usr/bin/docker $*
}
Prakash Krishna
  • 1,239
  • 6
  • 12
3

To prevent accidental deletion of container/volume, there is no any in-built way provided by docker for it.

Check this out.

Also there was a code change to have this feature as mentioned here but it was voted against by solomon hykes because of few reasons.

But there is way to prevent accidental volume deletion while using docker volume prune.

Check this out.

Hope this helps.

mchawre
  • 10,744
  • 4
  • 35
  • 57
  • Hi. I am reading about how I can apply prune filters. seems I can configure only by creating a $HOME/.docker/config.json file (meaning configure per user). is there a way to have a config file like that for all users? – GKman Jul 08 '19 at 12:02
  • @GKman https://docs.docker.com/engine/reference/commandline/cli/#configuration-files this should help. – mchawre Jul 08 '19 at 16:33