Skip to content

Best-Of-Practices Strategies For Backing Up Containers

1. What Needs Backup?

Docker data tipically lives in: - Volumes - Bind mounts (linked directly to host paths) - Container configurations (metadata, images, compose files)

What would be usually necessary to back up are volumes + configuration (not the containers themselves, those can be re-created from images)

2. Backup Approaches

Option A - Volume Snapshot via docker run

Quick, portable approach using tar: 

docker run --rm \
  -v my_volume:/data \
  -v $(pwd):/backup \
  alpine tar czf /backup/my_volume_$(date +%F).tar.gz -C /data .

PROS 😎: - Simple and portable - Works on any host - Can be automated via cron

Cons 🥶: - Requires downtime or at least quiescence (Pause State?) for active write-heavy volumes

Option B - Filesystem-Level Snapshots (LVM. ZFS, Btrfs)

For production systems with dedicated storage: - If your /var/lib/docker lives on LVM/ZFS/Btrfs, use snapshots. - This gives atomic, consistent backups, even for running containers. Example for LVM:

bash lvcreate --snapshot --name docker_backup_snap -L 50G /dev/vg0/docker mount /dev/vg0/docker_backup_snap /mnt/docker_snap tar czf /backups/docker_snap_$(date +%F).tar.gz -C /mnt/docker_snap . umount /mnt/docker_snap lvremove /dev/vg0/docker_backup_snap PROS 😎: - Fast, consistent backups with minimal downtime - Can integrate into scheduled jobs

Cons 🥶: - Needs underlying storage configured properly - Slightly more complex to restore

Option C - Use docker-backup or docker-volume-backup Utilities

Purpose-built tools that make backups cleaner.

Example: docker-volume-backup

It can: - Compress backups - Encrypt with GPG - Upload to S3, WebDAV, Azure Blob Storage, Dropbox, Google Drive or SSH compatible storage (Also just locally) - Keep retention policies (e.g., 7 daily, 4 weekly)

Option D - Cloud or NAS Sync

If we have a backup server or object storage: - Combine with rclone or restic for incremental, encrypted backups: 

restic -r s3:s3.amazonaws.com/my-bucket backup /var/lib/docker/volumes
- Can integrate into cron for daily runs

PROS 😎: - Off-site or cloud redundancy - Incremental = efficient - Restores are straightforward

Discussion

After reviewing all of the proposed options I came up with one alternative:

  • Using a combination of snapshot + incremental

This is done by using a bash script to take a snapshot of the volumes, databases, config files, etc... then create the respective backups with restic (incremental behaviour is handled by restic).