Docker storage
Docker provides two types of data storage resources for containers :(1) image layer and container layer managed by the storage driver (2) data volume
A container consists of the top writable container layer and several read-only mirror layers in which the container’s data is stored. The biggest feature of container hierarchies is copy-on-write:
(1) New data is directly stored in the topmost container layer. (2) Modifying existing data Copies data from the image layer to the container layer. The modified data is directly stored in the container layer without changing the data at the image layer
The hierarchical structure makes the creation, sharing, and distribution of images and containers very efficient, thanks to the Docker Storage driver. Storage Driver implements multiple layers of data stacking without providing users with a single consolidated view of the data
Docker supports a variety of storage drivers. Next, let’s take a look at overlay2. Overlay 2 is an updated version of overlay
Docker info Queries the local storage driver
You can see that the storage driver on my machine is the overlay, the native file system is XFS, and the overlay is created on XFS. The data for each layer is stored in /var/lib/docker-overlay2.
Blkid Displays the type and number of local disks
You can see that there are two types of local disk partitions, XFS and ISO9660. Docker data is also stored in /dev/vda1 disk
Check the usage of the disk where the Docker resides
Overlay in /dev/vda1 disk space
Second, the overlay2
The following figure shows the structure of Overlay2, which is mainly divided into two layers. The upperdir file system and the lowerdir file system are the container and image layers of docker respectively. The mirror layer is the read-only layer, the container layer is the writeable layer, and the merged layer is displayed to the user
Next step: /var/lib/docker-overlay Overlay overlay overlay overlay overlay overlay overlay overlay layer < lower-id, merged, upper, work
The lower-id file holds the topmost UUID of the current container dependent image. The upper file is the read/write layer of the container. Changes to the container are stored in this folder. Merged folder is the mount point of the container file system. The merged folder provides a unified view to the customer, and any changes to the container are displayed in this folder. Work is the working directory used to support coW.
Docker inspect containersId looks at the relationships between containers and these layers.
Overlay read and write operations
(1) The file to be read is not in the Container Layer. Then read from lowerdir. (2) The file to read is stored in the Container Layer: read directly from upperdir; (3) The file to be read exists in both the Container layer and the image layer: Read from upperdir;
Modifying a file (1) Modifying a file for the first time: When the file is not in the Container Layer (upperdir), the overlay driver calls copy-up to read the file from lowerdir to upperdir and then changes the copy of the file. Note that the copy-up operation for overlay works at the file level, not the block level, which means that changes to a file require copying the entire file to upperdir.
The overhead of this operation is minimal because copy-up only happens when the file is first modified, and all subsequent reads and writes to the file are done directly in upperdir. There are only two layers in Overlayfs, which makes file lookup very efficient (compared to AUFS)
3. Case Study – Overlay2 occupies large disk space
1. Analyze the disk space occupied by Overlay2
(1) Problem analysis and description
Large disk footprint is a common problem with Docker
We know that Docker is stored in disk in the form of files, so the basic image and container will occupy a certain amount of disk space. The disk space occupied by overlay2 is the disk space where the Docker resides
#Query the disk where the docker resides
df -h /var/lib/docker
Copy the code
#Check the disk size occupied by the Docker
du -sh /var/lib/docker
Copy the code
#Docker disk usage
docker system df
Copy the code
(2) What causes the disk on which Overlay2 resides to keep growing
In Docker, containers, images, data volumes take up disk space, in addition to the container’s log files. Some containers print logs all the time, which keeps the log files growing and keeps the disk space growing.
The native uses the jSON-file log driver. Json – log path to log file storage: / var/lib/docker/containers/container_id/container_id – json. The log
The default size of jSON-file log files in Docker is unlimited, and log files will be large and occupy disk space as long time service execution. The system cannot run properly
2. Solutions
(1) Clean up the disk, delete closed containers, useless data volumes, and suspended mirrors (untagged mirrors).
docker system prune
Copy the code(2) Clear the disk and delete closed containers, useless data volumes, suspended mirrors, and unused mirrors
docker system prune -a
Copy the code(3) Delete all logs printed by the container. Log files account for a large proportion
cd /var/lib/docker/containerId
cat /dev/null > *-json.log
Copy the code(4) Limit the log size
# sudo
cd /etc/docker/
vi daemon.json
# Increase log size limit
The units here could be k,m,g
{
"log-driver":"json-file"."log-opts": {"max-size":"10m"}}Copy the codeIn this case, the configuration of the daemon file takes effect for the new container. You need to perform the following operations:
#Loading Daemon Configurations
systemctl daemon-reload
#Restart the Docker to make the daemon configuration take effect
systemctl restart docker
Copy the codeCheck whether the log configuration of the new container takes effect:
docker inspect -f '{{.HostConfig.LogConfig}}' containersId
Copy the codeFor example, you can see that there is a limit on the log size in the configuration item
