“This is the 20th day of my participation in the Gwen Challenge in November. Check out the details: The Last Gwen Challenge in 2021.”

AUFS (Advanced Multi-Layered Unification Filesystem) is used for joint mounting of Linux file systems. When it comes to federated mounts, we need to solve the Union File System first.

Union File System

Union File System, or UnionFS for short, is a File System designed for Linux, FreeBSD, and NetBSD operating systems that can be mounted by combining multiple other File systems in one place. In other words, directories are merged into the same directory. It has two core principles:

  • Branch management: It uses branch to transparently overwrite files and directories from different file systems into a single, consistent file system. These branches are either read-only or read-write, so when writing to the virtual federated file system, the system is actually writing to a new file.
  • Copy-on-write, short for CoW, or implicit sharing, is a resource management technology that improves resource utilization efficiency. The idea is that if a resource is duplicated, there is no need to copy a new instance of the resource immediately before making changes to the resource, which is shared by different owners. When an owner wants to modify the resource, a new resource instance is copied to the owner for modification. The modified resource becomes the owner’s private resource. This method of resource sharing significantly reduces the cost of copying the same resource, but it also increases the cost of modifying the resource.

AUFS

AUFS was called Another UnionFS, and then Alternative UnionFS, and then, maybe not too aggressive, Advance UnionFS. Developed by Junjiro Okajima in 2006, AUFS completely rewrote the earlier UnionFS 1.x for reliability and performance, and introduced some new features, such as load balancing for writable branches. AUFS is fully compatible with UnionFS in use, and is much better in stability and performance than the previous UnionFS. Later UnionFS 2.x began to copy the functions in AUFS.

Actual combat AUFS

In Ubuntu, we can create AUFS manually by using the mount command to experience the subtleties of AUFS.

Create experiment directories and files

  1. Create the experiment directory aufs
$ mkdir aufs
Copy the code
  1. Create the MNT target in the AUFS directory as the mount point for the file system
$ mkdir aufs/mnt
Copy the code
  1. Create a container-layer folder in the aufs directory to simulate the read/write layer of the container
$ mkdir aufs/container-layer
#At the same time, create the file container-layer. TXT and initialize the contents
$ echo "I am container layer" > aufs/container-layer/container-layer.txt
Copy the code
  1. Create three files image-layer1, image-layer2, and image-layer3 under auFS to simulate the image layer of the container
$ mkdir aufs/{image-layer1,image-layer2,image-layer3}
$ echo "I am image layer 1" > aufs/image-layer1/image-layer1.txt
$ echo "I am image layer 2" > aufs/image-layer2/image-layer2.txt
$ echo "I am image layer 3" > aufs/image-layer3/image-layer3.tx
Copy the code

The prepared experiment directory and file structure are as follows:

Create the AUFS file system

  1. Run the mount command to mount the container-layer, image-layer1, image-layer2, and image-layer3 to the MNT directory as AUFS
$ cd aufs
$ sudo mount -t aufs -o dirs=./container-layer:./image-layer1:./image-layer2:./image-layer3 none ./mnt
Copy the code

After mounting, view the file structure of the MNT directory as follows:In the mount command, we do not specify permissions for the four folders to be mounted. The default behavior is: the first directory from the left specified by dirs is read-write permission, and subsequent directories are read-only permission. We can view the details in the following ways:The si_F7DD5867FE18e716 directory is created by the system for the MNT mount point. From the figure above, we can clearly see the mount permissions of each directory.

Verify copy-on-write

Next we write data to the MNT /image-layer3.txt file:

$ echo "I changed mnt/image-layer3.txt" >> mnt/image-layer3.txt
Copy the code

MNT /image-layer3.txtImage-layer3 /image-layer3.txt = image-layer3/image-layer3.txt = image-layer3.txt = image-layer3.txtSo where is the changed content stored? Go to the container-layer directory:TXT to MNT /image-layer3. TXT, the system copies the image-layer3. TXT file to the container-layer directory on the read-write layer. Then write to the image-layer3. TXT file in the container-layer directory. This process is how AUFS actually works.

Here, we have completed the AUFS experiment, from which also learned the AUFS write copy technology principle. When the experiment is over, don’t forget to recycle the experiment environment:

$ sudo umount aufs/mnt
Copy the code

Docker by UnionFS

Although the current docker default storage driver has evolved to Overlay2, learning AUFS can still help us understand the file system in Docker. When we use the Docker container in the future, when we build the image, copy-on-write will come into play.