Browse code
Merge pull request #40341 from thaJeztah/restore_mount_options_info
swagger: restore bind options information
Sebastiaan van Stijn authored on 2020/01/10 05:06:51Showing 1 changed files
| ... | ... |
@@ -693,12 +693,44 @@ definitions: |
| 693 | 693 |
Binds: |
| 694 | 694 |
type: "array" |
| 695 | 695 |
description: | |
| 696 |
- A list of volume bindings for this container. Each volume binding is a string in one of these forms: |
|
| 697 |
- |
|
| 698 |
- - `host-src:container-dest` to bind-mount a host path into the container. Both `host-src`, and `container-dest` must be an _absolute_ path. |
|
| 699 |
- - `host-src:container-dest:ro` to make the bind mount read-only inside the container. Both `host-src`, and `container-dest` must be an _absolute_ path. |
|
| 700 |
- - `volume-name:container-dest` to bind-mount a volume managed by a volume driver into the container. `container-dest` must be an _absolute_ path. |
|
| 701 |
- - `volume-name:container-dest:ro` to mount the volume read-only inside the container. `container-dest` must be an _absolute_ path. |
|
| 696 |
+ A list of volume bindings for this container. Each volume binding |
|
| 697 |
+ is a string in one of these forms: |
|
| 698 |
+ |
|
| 699 |
+ - `host-src:container-dest[:options]` to bind-mount a host path |
|
| 700 |
+ into the container. Both `host-src`, and `container-dest` must |
|
| 701 |
+ be an _absolute_ path. |
|
| 702 |
+ - `volume-name:container-dest[:options]` to bind-mount a volume |
|
| 703 |
+ managed by a volume driver into the container. `container-dest` |
|
| 704 |
+ must be an _absolute_ path. |
|
| 705 |
+ |
|
| 706 |
+ `options` is an optional, comma-delimited list of: |
|
| 707 |
+ |
|
| 708 |
+ - `nocopy` disables automatic copying of data from the container |
|
| 709 |
+ path to the volume. The `nocopy` flag only applies to named volumes. |
|
| 710 |
+ - `[ro|rw]` mounts a volume read-only or read-write, respectively. |
|
| 711 |
+ If omitted or set to `rw`, volumes are mounted read-write. |
|
| 712 |
+ - `[z|Z]` applies SELinux labels to allow or deny multiple containers |
|
| 713 |
+ to read and write to the same volume. |
|
| 714 |
+ - `z`: a _shared_ content label is applied to the content. This |
|
| 715 |
+ label indicates that multiple containers can share the volume |
|
| 716 |
+ content, for both reading and writing. |
|
| 717 |
+ - `Z`: a _private unshared_ label is applied to the content. |
|
| 718 |
+ This label indicates that only the current container can use |
|
| 719 |
+ a private volume. Labeling systems such as SELinux require |
|
| 720 |
+ proper labels to be placed on volume content that is mounted |
|
| 721 |
+ into a container. Without a label, the security system can |
|
| 722 |
+ prevent a container's processes from using the content. By |
|
| 723 |
+ default, the labels set by the host operating system are not |
|
| 724 |
+ modified. |
|
| 725 |
+ - `[[r]shared|[r]slave|[r]private]` specifies mount |
|
| 726 |
+ [propagation behavior](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt). |
|
| 727 |
+ This only applies to bind-mounted volumes, not internal volumes |
|
| 728 |
+ or named volumes. Mount propagation requires the source mount |
|
| 729 |
+ point (the location where the source directory is mounted in the |
|
| 730 |
+ host operating system) to have the correct propagation properties. |
|
| 731 |
+ For shared volumes, the source mount point must be set to `shared`. |
|
| 732 |
+ For slave volumes, the mount must be set to either `shared` or |
|
| 733 |
+ `slave`. |
|
| 702 | 734 |
items: |
| 703 | 735 |
type: "string" |
| 704 | 736 |
ContainerIDFile: |