This blog shows how double level softlink can be a good workaround for some situations.
We need to link persistent data to a directory under /
in a container or pod, for example: /data
, this folder is owned by demo
, demo
is also the start user of the container.
在pod中有个/data
folder, owned by demo
,我们想persist这个folder的内容. 在这个pod中有个mount point /mnt
. 于是想把/data
map到 /mnt/data
.
1 | # ln -s <target> <link name> |
这样是不对的,从pod外部的storage provisioner看 /min/data
仅仅是个borken link.
The correct way is first remove /data
then ln -s /mnt/data /data
(/data
变成了快捷方式,所以写入/data
的内容实际上被写入了/mnt/data
), but demo
is a non-root user without super privilege, it cannot remove /data
(/
is owned by root).
Let’s see how double level softlink can help:
- first in docker build time remove
/data
:rm -rf /data
- create a intermediary:
mkdir -p /home/demo/data && chown demo:demo /home/demo/data
- link:
ln -s /home/demo/data /data
then commit the changes into image.
when container start, in the entrypoint:
- first remove
/home/demo/data
:rm -rf /home/demo/data
, this will make link to/data
break. - create another link:
ln -s /mnt/data /home/demo/data
, now link connected and fixed.
So finally the link structure is:
1 | /mnt/data -> /home/demo/data -> /data |
/home/demo/data
is a agent between persistent mount/mnt/data
and /data
.