Another type of a bind mount that we did not really cover earlier is a read-only bind mount. This configuration is used when the data mounted into the container needs to remain read-only, which is very useful when passing configuration files into multiple containers from the host. This form of mounting a volume looks a bit like this for both of the two syntax styles:
$ # Old-style
$ docker run <run_params>
-v /path/on/host:/path/on/container:ro
<image>...
$ # New-style
$ docker run <run_params>
--mount source=/path/on/host,target=/path/on/container,readonly
<image>...
As mentioned a bit earlier, something that a read-only volume can provide us as opposed to a regular mount is passing configuration files to the containers from the host. This is generally used when the Docker Engine host has something in their configuration that impacts the containers running code (that is, path prefixes for storing or fetching data, which host we're running on, what DNS resolvers the machine is using from /etc/resolv.conf, and many others) so in big deployments, it is used extensively and expect to see it often.