The primary purpose of Docker volumes is to keep data outside of the container so it may be backed up or shared. Docker volumes rely on Docker’s file system and are the recommended means of preserving data for Docker containers and services.
You never realize how vague this is, until you imagine all the ways to mis-use a volume.
1. Use it to save space on the container host
This will save space on the container cost, but how do you get the data from the newly spun-up image to the volume? B/c the volume overlays on top of the image file system, it doesn’t copy the data from the mount point to the volume. Ie. what if you made image of wordpress, then wanted to spin up a copy connecting to nfs share? You need to manually copy the wordpress data to nfs share, then make a different image for wordpress with NFS share for data.
2. Use it to make images easier to back up and portable.
They seem to be the same, but not in case of volumes for containers. NFS volumes, make it that committing the image, doesn’t save the volume data. It needs to be backed up, or made redundant separately. Commmitting and saving image, doesn’t include the volume, so you can’t spin up a new image, without having access to the data in the NFS volume.
Ie. you want to backup mysql by committing and pushing the image to repo. But the mysql database file is on NFS share. So the data is on NFS share. Is the NFS share backed up?
3. A place to store keys and passwords, so that the image can’t start or connect to anything, without the passwords and keys in the share.
You can make spinning up a new image, need a file in volume, thereby it can only start in your network. Way to mis-use it as a security feature.
4. So #2 can be seen as a security feature to make images difficult to be portable with data in it. Another way to misuse NFS volumes.