Docker Container’s Filesystem Demystified

Image Source and Credits (Fabio Ferrari):

In this blog, we’ll discuss about the Filesystem of Docker Containers in particular. Docker container is created from a readonly template called docker image.

Docker Image

Each Docker image references a list of read-only layers that represent filesystem differences. Layers are stacked on top of each other to form a base for a container’s root filesystem. The Docker storage driver is responsible for stacking these layers and providing a single unified view.

When we create a new container, we add a new & thin writable layer on top of the underlying stack of layers present in the base docker image. All changes made to the running container, such as creating new files, modifying existing files or deleting files, are written to this thin writable container layer.

Image Source and Credits (Rohit Jnagal):

Containers and Layers

The major difference between a container and an image is the top writable layer. All writes to the container that add new or modify existing data are stored in this writable layer. When the container is deleted the writable layer is also deleted. The underlying image remains unchanged.

Because each container has its own thin writable container layer, and all changes are stored in this container layer, this means that multiple containers can share access to the same underlying image and yet have their own data state.

The Docker storage driver is responsible for enabling and managing both the image layers and the writable container layer. Two key technologies behind Docker image and container management are stackable image layers and copy-on-write (CoW).

Image Source and Credits (Hiroki Endo):

Copy on Write Strategy

Copy-on-write is a similar strategy of sharing and copying, in which the system processes that need access to the same data share the same instance of that data rather than having their own copy. At some point, if any one process wants to modify or write to the data, only then does the operating system make a copy of the data for that process to use. Only the process that needs to write has access to the data copy. All other processes continue to use the original data.

Docker makes use of copy-on-write technology with both images and containers. This CoW strategy optimizes both image disk space usage and the performance of container start times.

Image Source and Credits:
Docker’s copy-on-write strategy not only reduces the amount of space consumed by containers, instead also reduces the time required to start a container. At start time, Docker only has to create the thin writable layer for each container.

Source: ~ Docker Docs

Disclaimer: Content and image source has been mentioned. Special Credit to concerned folks.

Show your support

Clapping shows how much you appreciated Nitin Agarwal’s story.