Master Docker Persistence, Networking, and Resource Limits with Practical Examples
This guide explains Docker's three data persistence methods, various network modes, and resource limitation options, providing step‑by‑step commands and visual illustrations to help you configure volumes, bind mounts, tmpfs, custom networks, and CPU/memory constraints effectively.
Docker Data Persistence
Docker provides three mechanisms to mount host data into a container:
Volumes : Managed by Docker under /var/lib/docker/volumes. Recommended for persistent data.
Bind mounts : Directly mount any host directory or file.
tmpfs : Stores data in host memory only; no writes to the host filesystem.
Creating and Using a Volume
docker volume create nginx_vol # create a Docker‑managed volume
ls /var/lib/docker/volumes/nginx_vol/docker run -d --name nginx-ceshi -p 888:80 \
--mount source=nginx_vol,destination=/usr/share/nginx/html nginx
# short syntax
# docker run -d --name nginx-ceshi -p 888:80 -v nginx_vol:/usr/share/nginx/html nginx
docker inspect nginx-ceshiAfter the container starts, the persisted files are located at /var/lib/docker/volumes/nginx_vol/_data. Adding a file demonstrates persistence:
cd /var/lib/docker/volumes/nginx_vol/_data
echo "hello world nginx" > index.html
# Access http://HOST_IP:888/ to verifyBind Mount Example
docker run -d --name nginx-test \
--mount type=bind,src=/app/wwwroot,dst=/usr/share/nginx/html nginx
# equivalent short form
# docker run -d --name nginx-test -v /app/wwwroot:/usr/share/nginx/html nginxKey points:
Using -v with an absolute host path triggers bind mode; a plain name triggers volume mode.
The source path must exist; otherwise the container fails to start.
If the container’s target directory is non‑empty, it is hidden by the mount.
Docker Network Modes
Bridge (default)
Docker creates a docker0 bridge; containers join this network unless another mode is specified.
Host
The container shares the host’s network namespace, using the host’s interfaces directly.
None
The container gets an isolated network namespace with no automatic configuration; manual setup is required.
Container
Shares the network namespace of another container:
docker run -d --name zd -p 99:80 busybox
docker run -d --name nginx-zd --net container:zd nginx
# nginx now uses zd’s network stackCustom Networks
Like the bridge driver but with built‑in DNS discovery, allowing containers to reach each other by name.
docker network create zf-100Docker Resource Limits
Limiting resources prevents a container from exhausting host capacity and adds isolation. -m, --memory: Maximum memory usage (e.g., 500m). --memory-swap: Total memory + swap allowed. --oom-kill-disable: Disable the OOM killer. --cpus: Number of CPU cores (e.g., 1 or .5). --cpuset-cpus: Specific CPU cores (e.g., 0-3). --cpu-shares: Relative CPU weight.
Memory Limit Example
docker run -d --name web03 \
--memory="500m" --memory-swap="600m" \
--oom-kill-disable nginx
# Verify limits
docker stats --no-stream web03CPU Limit Examples
# Limit to one CPU
docker run -d --name web01 --cpus="1" nginx
# Limit to 50% of a CPU
docker run -d --name web01 --cpus=".5" nginxSigned-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Liangxu Linux
Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.