查看系统默认驱动

Storage Driver: overlay2   默认驱动，这里用的centos7系统
  Backing Filesystem: xfs     底层文件系统
 Docker Root Dir: /var/lib/docker  各层数据存放目录
 

[root@mcw1 ~]$ docker info
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Docker Buildx (Docker Inc., v0.7.1-docker)
  scan: Docker Scan (Docker Inc., v0.12.0)

Server:
 Containers: 19
  Running: 8
  Paused: 0
  Stopped: 11
 Images: 6
 Server Version: 20.10.12
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runtime.v1.linux runc io.containerd.runc.v2
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
 runc version: v1.0.2-0-g52b36a2
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 3.10.0-693.el7.x86_64
 Operating System: CentOS Linux 7 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 976.3MiB
 Name: mcw1
 ID: XBZE:DN6Z:UQMS:2FCM:YSA4:XZFO:EPFV:LVET:UP3V:OJFK:WLGF:7Q64
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  10.0.0.131:5000
  127.0.0.0/8
 Registry Mirrors:
  https://hub-mirror.c.163.com/
 Live Restore Enabled: false

WARNING: API is accessible on http://0.0.0.0:2375 without encryption.
         Access to the remote API is equivalent to root access on the host. Refer
         to the 'Docker daemon attack surface' section in the documentation for
         more informatio: https://docs.docker.com/go/attack-surface/


[root@mcw1 ~]$ ls  /var/lib/docker/
buildkit  containers  image  network  overlay2  plugins  runtimes  swarm  tmp  trust  volumes

bind mount 

,将host目录挂载到容器中使用，容器删除，host目录还存在，数据不被删除，可供下一次使用。还可以设置目录在容器中的读写情况，默认读写，可以设置为ro只读，如果容器中已存在文件的目录被挂载，这些文件会被隐藏起来，使用的是host挂载进来的文件

[root@mcw1 ~]$ mkdir htdocs  #创建挂载目录并创建文件
[root@mcw1 ~]$ echo machangwei>./htdocs/index.html

[root@mcw1 ~]$ docker run -d -p 10002:80 --name=mcw2 -v ~/htdocs:/usr/local/apache2/htdocs httpd  #-v挂载目录到容器
6fc2c03fb2150a37b4d96fcb40f2d2f9d3891dfc42eb1326a2b1ad5ff546a156
[root@mcw1 ~]$ curl 127.0.0.1:10002
machangwei
[root@mcw1 ~]$ docker ps |grep mcw2
6fc2c03fb215   httpd     "httpd-foreground"   32 seconds ago   Up 31 seconds   0.0.0.0:10002->80/tcp, :::10002->80/tcp   mcw2
[root@mcw1 ~]$ docker exec -it 6fc /bin/bash
root@6fc2c03fb215:/usr/local/apache2# ls
bin  build  cgi-bin  conf  error  htdocs  icons  include  logs    modules
root@6fc2c03fb215:/usr/local/apache2# cat htdocs/index.html  #查看容器中指定目录下的文件是挂载后的
machangwei
root@6fc2c03fb215:/usr/local/apache2# exit
[root@mcw1 ~]$ docker stop 6fc2 #将容器停止并删除，host中的数据不随之删除
6fc2
[root@mcw1 ~]$ docker rm 6fc2
6fc2
[root@mcw1 ~]$ cat htdocs/index.html 
machangwei

只读验证
[root@mcw1 ~]$ docker run -d -p 10003:80 --name=mcw3 -v ~/htdocs:/usr/local/apache2/htdocs:ro httpd   #添加ro只读，
e736d8c025152cf06bb1077fdac8e5e5e7a0a0a948fc4bb7523821f1be57dd40
[root@mcw1 ~]$ docker exec -it e736 /bin/bash
root@e736d8c02515:/usr/local/apache2# echo mcw >htdocs/index.html  #进入容器，无法修改只读方式挂载进来的数据
bash: htdocs/index.html: Read-only file system
root@e736d8c02515:/usr/local/apache2#  
exit
[root@mcw1 ~]$ curl 127.0.0.1:10003
machangwei
[root@mcw1 ~]$ echo mcw2>>~/htdocs/index.html #在host中修改挂载目录数据。访问容器时，数据也是修改后的host文件中数据
[root@mcw1 ~]$ curl 127.0.0.1:10003
machangwei
mcw2

[root@mcw1 ~]$ docker run -d -p 10004:80 --name=mcw4 -v ~/htdocs/index.html:/usr/local/apache2/htdocs/index.html httpd #还可以只挂载文件
8ccd479b3d57eda42004e27c3c504019a99a32c234a30f7237b9ed47000865bf
[root@mcw1 ~]$ curl 127.0.0.1:10004
machangwei
mcw2
[root@mcw1 ~]$