1DOCKER-NOVOLUME-PLUGIN(8) FEBRUARY 2016 DOCKER-NOVOLUME-PLUGIN(8)
2
6 docker-novolume-plugin - Blocks self provisioned volumes
7
11 docker-novolume-plugin [--cert-path=[=""]]
12 [--host=[=unix:///var/run/docker.sock]] [--tls-verify=[=false]]
13
17 When a volume in provisioned via the VOLUME instruction in a Dockerfile
18 or via docker run -v volumename, host's storage space is used. This
19 could lead to an unexpected out of space issue which could bring down
20 everything. There are situations where this is not an accepted
21 behavior. PAAS, for instance, can't allow their users to run their own
22 images without the risk of filling the entire storage space on a
23 server. One solution to this is to deny users from running images with
24 volumes. This way the only storage a user gets can be limited and PAAS
25 can assign quota to it. This plugin solves this issue by disallowing
26 starting a container with local volumes defined. In particular, the
27 plugin will block docker run with:
28 --volumes-from
31 images that have VOLUME(s) defined
32 volumes early provisioned with docker volume command
33 The only thing allowed will be just bind mounts.
37
41 --cert-path=""
42 Certificates path to connect to Docker (cert.pem, key.pem)
43 --host="unix:///var/run/docker.sock"
44 Specifies the host where to contact the docker daemon.
45 --tls-verify="false"
46 Whether to verify certificates or not
47
51 Antonio Murdaca ⟨runcom@redhat.com⟩
52Antonio Murdaca DOCKER-NOVOLUME-PLUGIN(8)