In this blog post, I’ll show you how to use the –Volumes-From switch and connect from one Windows Container Volume to another Windows Container volume.
Using –Volumes-From I can create one Container with a volume attached to the host and then create a second container and connect to the attached volume created on the first Container.
In the demo below, I’ll create a container called Demo with a volume attached to it on the host called Data and located on C:\Data Inside the Container.
I’ll then create a second Container called Demo2 and attach the volume created for Demo to it using the
It Is Important to note that the Demo container doesn’t have to be on for Demo2 to use the volume.
Create Demo Container
To get started, I’ll create my first Container called Demo and attach a normal volume to it.
docker run -it --name demo --volume c:/data microsoft/windowsservercore powershell
From the Demo Container, I’ll create a text file with the Get-Date cmdlet, and as you can see below, the file will appear Inside the mounted volume on the Container Host
Create a 2nd Container with –Volumes-From
Now, I’ll create my 2nd Windows Container and attach the volume I created for the Demo Container; This Container will be called Demo2
docker run -it --name demo2 --volumes-from demo microsoft/windowsservercore powershell
From Demo2, I will create another file using the Get-Date cmdlet and placed it in the C:\Data folder, and as you can see below, the file was created In the same volume as the Demo Container.
At this point, both Containers can remain on or can be turned off.
Read-Only Volume Container
At this point, I will create another Container called Demo3 and give it read-only access to the volume using the cmdlet below (using ro next to the source container)
docker run -it --name demo3 --volumes-from demo:ro microsoft/windowsservercore powershell
And when I try to create the file on the volume, I get access deny error message.
But If I try to read there Is no Issue
Overall the process is not complicated and at the same time very flexible on the security side with the ability to use read-only permissions.