docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove obsolete file sharing information

This commit is contained in:
Mathieu Champlon 2020-02-26 12:11:50 +01:00
parent f6b590cbb3
commit 8b58bcc00a
2 changed files with 2 additions and 142 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
docker-for-windows/index.md
View File

@ -232,12 +232,7 @@ Choose the local directories you'd like to share with your Linux containers. Fil
not for Windows containers. For Linux containers, you need to share the drive
where the Dockerfile and volume are located. Otherwise, you get `file not found` or `cannot start service` errors at runtime. See [Volume mounting requires shared drives for Linux containers](troubleshoot.md#volume-mounting-requires-shared-drives-for-linux-containers).
File sharing permissions are tied to the credentials you provide here. If
you run `docker` commands under a different username than the one configured
here, your containers cannot access the mounted volumes.
When you select a local drive to share with your containers, Docker Desktop prompts you for your Windows system (domain)
username and password. Enter your credentials and then click **Apply & Restart**.
**Apply & Restart** makes the directory available to containers using Docker's bind mount (`-v`) feature.
> Tips on shared drives, permissions, and volume mounts
>
@ -248,30 +243,11 @@ username and password. Enter your credentials and then click **Apply & Restart**
>
* Docker Desktop sets permissions to read/write/execute for users, groups and others [0777 or a+rwx](http://permissions-calculator.org/decode/0777/).
This is not configurable. See [Permissions errors on data directories for shared volumes](troubleshoot.md#permissions-errors-on-data-directories-for-shared-volumes).
>
* Ensure the domain user has access to shared drives, as described in [Verify domain user has permissions for shared drives](troubleshoot.md#verify-domain-user-has-permissions-for-shared-drives-volumes).
>
* You can share local drives with your _containers_ but not with Docker Machine
nodes. See the FAQ, [Can I share local drives and filesystem with my Docker Machine VMs?](faqs.md#can-i-share-local-drives-and-filesystem-with-my-docker-machine-vms).
>
#### Firewall rules for shared drives
Shared drives require port 445 to be open between the host machine and the
virtual machine that runs Linux containers. Docker detects if port 445 is closed
and shows the following message when you try to add a shared drive:
![Port 445 blocked](images/shared-drive-firewall-blocked.png){:width="600px"}
To share the drive, allow connections between the Windows host machine and the
virtual machine in Windows Firewall or your third party firewall software. You
do not need to open port 445 on any other network.
By default, allow connections to `10.0.75.1` on port 445 (the Windows host) from
`10.0.75.2` (the virtual machine). If your firewall rules seem correct, you may
need to toggle or
[reinstall the File and Print sharing service on the Hyper-V virtual network card](http://stackoverflow.com/questions/42203488/settings-to-windows-firewall-to-allow-docker-for-windows-to-share-drive/43904051#43904051)
#### Shared drives on demand
You can share a drive "on demand" the first time a particular mount is requested.

118
docker-for-windows/troubleshoot.md
View File

@ -117,15 +117,10 @@ volume defaults at container runtime, you need to either use non-host-mounted
volumes or find a way to make the applications work with the default file
permissions.
Docker Desktop currently implements host-mounted volumes based on [Microsoft SMB
protocol](https://msdn.microsoft.com/en-us/library/windows/desktop/aa365233(v=vs.85).aspx), which does not support fine-grained, `chmod` control over these permissions.
See also, [Can I change permissions on shared volumes for container-specific
deployment
requirements?](faqs.md#can-i-change-permissions-on-shared-volumes-for-container-specific-deployment-requirements)
in the FAQs, and for more of an explanation, the GitHub issue, [Controlling
Unix-style perms on directories passed through from shared Windows
drives](https://github.com/docker/docker.github.io/issues/3298).
in the FAQs.
#### inotify on shared drives does not work
@ -153,117 +148,6 @@ containers). Click ![whale menu](images/whale-x.png){: .inline}
and then **Settings** > **Shared Drives** and share the drive that contains the
Dockerfile and volume.
#### Verify domain user has permissions for shared drives (volumes)
> **Tip**: Shared drives are only required for volume mounting [Linux
> containers](index.md#switch-between-windows-and-linux-containers), not Windows
> containers.
Permissions to access shared drives are tied to the username and password you
use to set up [shared drives](index.md#shared-drives). If you run `docker`
commands and tasks under a different username than the one used to set up shared
drives, your containers don't have permissions to access the mounted volumes.
The volumes show as empty.
The solution to this is to switch to the domain user account and reset
credentials on shared drives.
Here is an example of how to debug this problem, given a scenario where you
shared the `C` drive as a local user instead of as the domain user. Assume the
local user is `samstevens` and the domain user is `merlin`.
1. Make sure you are logged in as the Windows domain user (for our example,
`merlin`).
2. Run `net share c` to view user permissions for `<host>\<username>, FULL`.
```
> net share c
Share name C
Path C:\
Remark
Maximum users No limit
Users SAMSTEVENS
Caching Caching disabled
Permission windowsbox\samstevens, FULL
```
3. Run the following command to remove the share.
```
> net share c /delete
```
4. Re-share the drive via the [Shared Drives dialog](index.md#shared-drives),
and provide the Windows domain user account credentials.
5. Re-run `net share c`.
```
> net share c
Share name C
Path C:\
Remark
Maximum users No limit
Users MERLIN
Caching Caching disabled
Permission windowsbox\merlin, FULL
```
See also, the related issue on GitHub, [Mounted volumes are empty in the
container](https://github.com/docker/for-win/issues/25).
#### Volume mounts from host paths use a `nobrl` option to override database locking
You may encounter problems using volume mounts on the host, depending on the
database software and which options are enabled. Docker Desktop for Windows uses
[SMB/CIFS
protocols](https://msdn.microsoft.com/en-us/library/windows/desktop/aa365233(v=vs.85).aspx)
to mount host paths, and mounts them with the `nobrl` option, which prevents
lock requests from being sent to the database server
([docker/for-win#11](https://github.com/docker/for-win/issues/11),
[docker/for-win#694](https://github.com/docker/for-win/issues/694)). This is
done to ensure container access to database files shared from the host. Although
it solves the over-the-network database access problem, this "unlocked" strategy
can interfere with other aspects of database functionality (for example,
write-ahead logging (WAL) with SQLite, as described in
[docker/for-win#1886](https://github.com/Sonarr/Sonarr/issues/1886)).
If possible, avoid using shared drives for volume mounts on the host with
network paths, and instead mount on the MobyVM, or create a [data
volume](/engine/tutorials/dockervolumes.md#data-volumes) (named volume) or [data
container](/engine/tutorials/dockervolumes.md#creating-and-mounting-a-data-volume-container).
See also, the [volumes key under service
configuration](/compose/compose-file/index.md#volumes) and the [volume
configuration
reference](/compose/compose-file/index.md#volume-configuration-reference) in the
Compose file documentation.
#### Local security policies can block shared drives and cause login errors
You need permissions to mount shared drives to use the Docker Desktop for Windows
[shared drives](index.md#shared-drives) feature.
If local policy prevents this, you get errors when you attempt to enable shared
drives on Docker. This is not something Docker can resolve, since you do need
these permissions to use the feature.
Here are snip-its from example error messages:
```none
Logon failure: the user has not been granted the requested logon type at
this computer.
[19:53:26.900][SambaShare ][Error ] Unable to mount C drive: mount
error(5): I/O error Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
mount: mounting //10.0.75.1/C on /c failed: Invalid argument
```
See also, <a href="https://github.com/docker/for-win/issues/98">Docker for
Windows issue #98</a>.
#### Understand symlinks limitations
Symlinks work within and across containers. However, symlinks created outside of