tmpfs mounts

tmpfs mounts

tmpfs is a filesystem type in Unix-like operating systems (including Linux) that allows you to create a filesystem in memory, meaning it resides in RAM rather than on disk. It's commonly used for temporary data storage and can be particularly useful in situations where you need fast access to data.

In Docker, you can use tmpfs mounts to create temporary filesystems within containers that are stored in memory. This can be beneficial for certain use cases such as caching, temporary file storage, or for applications that require fast read and write operations.

In the context of Docker, tmpfs mounts allow you to mount a temporary file system into a container’s filesystem, which resides in memory rather than on disk. This can be useful for scenarios where you need a filesystem that is fast and volatile, such as storing temporary files or caches.

Tmpfs mounts in Docker can be particularly useful for improving performance or reducing wear on disk storage in situations where temporary data needs to be quickly accessed and doesn’t need to persist beyond the lifetime of the container.

Volumes and bind mount let you share files between the host machine and container so that you can persist data even after the container is stopped.

If you’re running Docker on Linux, you have a third option: tmpfs mounts. When you create a container with a tmpfs mount, the container can create files outside the container's writable layer.

As opposed to volumes and bind mounts, a tmpfs mount is temporary, and only persisted in the host memory. When the container stops, the tmpfs mount is removed, and files written there won't be persisted.

👉 Limitations of tmpfs mounts

  • Unlike volumes and bind mounts, you can’t share tmpfs mounts between containers.

  • This functionality is only available if you’re running Docker on Linux.

👉 Choose the — tmpfs

In general, --mount is more explicit and verbose. The biggest difference is that the --tmpfs flag does not support any configurable options.

  • --tmpfs: Mounts a tmpfs mount without allowing you to specify any configurable options, and can only be used with standalone containers.

  • The destination takes as its value the path where the tmpfs mount is mounted in the container. May be specified as destination, dst, or target.

  • The tmpfs-size and tmpfs-mode options.

  • --tmpfs in Docker offers a substantial performance boost, particularly for operations requiring rapid I/O access. By storing data entirely in memory, tmpfs minimizes latency associated with disk-based filesystems, enhancing overall system responsiveness and application performance.

  • --tmpfs conserves disk space and reduces disk I/O operations, mitigating wear on storage devices. This not only optimizes resource utilization but also extends the lifespan of storage hardware, reducing the risk of premature failure and enhancing system reliability.

  • --tmpfs reduces the risk of unauthorized access and data exposure.

  • -tmpfs ensures isolation between containers, preventing cross-contamination of temporary files.

  • --tmpfs in Docker environments is straightforward and offers flexibility in resource allocation. With standard Docker commands or Docker Compose configurations, users can easily specify tmpfs mounts, streamlining container deployment and management workflows while ensuring optimal performance and resource utilization.

👉 Differences between — tmpfs and — mount behavior

  • The --tmpfs flag does not allow you to specify any configurable options.

  • The --tmpfs flag cannot be used with swarm services. You must use --mount.

👉 Use a tmpfs mount in a container

To use a tmpfs mount in a container, use the --tmpfs flag, or use the --mount flag with type=tmpfs and destination options. There is no source for tmpfs mounts.

The following example creates a tmpfs mount at /app in a Nginx container.

docker run -d \
  -it \
  --name tmptest \
  --tmpfs /app \
  nginx:latest

OR

The following example uses the --mount flag and the second uses the --tmpfs flag.

docker run -d \
  -it \
  --name tmptest \
  --mount type=tmpfs,destination=/app \
  nginx:latest

Verify that the mount is a tmpfs mount by looking in the Mounts section of the docker inspect output:

$ docker inspect tmptest --format '{{ json .Mounts }}'
[{"Type":"tmpfs","Source":"","Destination":"/app","Mode":"","RW":true,"Propagation":""}]

Stop container:

$ docker stop tmptest

Remove the container:

$ docker rm tmptest

👉 Specify tmpfs options

tmpfs mounts allow for two configuration options, neither of which is required. If you need to specify these options, you must use the --mount flag, as the --tmpfs flag does not support them.

  1. tmpfs-size Size of the tmpfs mount in bytes. Unlimited by default.

  2. tmpfs-modeFile mode of the tmpfs in octal. For instance, 700 or 0770. Defaults to 1777 or world-writable.

The following example sets the tmpfs-mode to 1770, so that it is not world-readable within the container.

docker run -d \
  -it \
  --name tmptest \
  --mount type=tmpfs,destination=/app,tmpfs-mode=1770 \
  nginx:latest

Did you find this article valuable?

Support Megha Sharma's Blog by becoming a sponsor. Any amount is appreciated!