Small knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”.

This article has participated in the “Digitalstar Project” and won a creative gift package to challenge the creative incentive money.

Docker Ovrlay2 driver

Introduction to the

OverlayFS is a file system similar to AUFS. Compared with AUFS, OverlayFS has the following features:

  • Design more simply
  • As of 3.18, it has entered the Linux kernel mainline
  • It might be faster

Docker image is lowdir and docker container is upperdir. The unified view layer is the merged layer

The container uses overlay reads and writes

There are three scenarios where containers use overlay read-only access to files.

  • File that does not exist in container layer. If the container is read-only and a file is not upperdir, it is read from lowerdir. This causes a small performance loss.
  • Files that exist only in the container layer. If the container read-only opens a file and the container exists only at the container layer (upperdir) and not the image layer (lowerdir), then the file is read directly from the image layer with no additional performance cost.
  • Files exist in both the container and image layers. The container layer (upperdir) hides the image layer (lowerdir) file of the same name. Therefore, there is no additional performance loss.
  • There are the following scenarios for container modification files.
    • Write a file for the first time. The first time the container writes to an existing file, the file does not exist in the container layer. Overlay/Overlay2 The driver performs copy-up to copy files from the image layer to the container layer. The container then modifies the newly copied file in the container layer.
    • However, OverlayFS works at the file level rather than the block level. This means that all OverlayFS copy-ups copy the entire file, even if the file is very large but only changes a small part, which has a significant impact on container write performance. However, there are two aspects worth noting:
      • Copy-up occurs only when the file is written for the first time. Subsequent writes to the same file are directed to the new file copied to the container layer.
      • OverlayFS only works on two layers. This is better than when AUFS is looking in multi-tier images.
    • Delete files and directories. When a file is deleted, the container creates a whiteout file in the mirror layer, but the mirror file is not deleted. However, the Whiteout file hides it.
    • When a directory is deleted from the container, the container layer creates an opaque directory. This is similar to files in the Whiteout file hiding mirror layer.
    • Rename the directory. The rename operation is allowed only when both the source and destination paths are in the top container layer. Otherwise, EXDEV is returned. Therefore, your application needs to be able to handle EXDEV and roll back operations to implement alternative “copy and delete” policies.

The resources

  • www.runoob.com/docker/dock…
  • docker.com
  • docs.docker.com/get-docker/
  • zhuanlan.zhihu.com/p/54512286