docker-image-container-on-disk

Posted on Edited on In ,

Image and Container Concept

The major difference between a container(runtime) and an image(static) is the top writable layer. All writes to the container that add new or modify existing data are stored in this writable layer. When the container is deleted, the writable layer is also deleted. The underlying image layers remain unchanged.

Because each container has its own writable container layer, and all changes are stored in this container layer, multiple containers can share access to the same underlying image and yet have their own data state.

  • Image layers
  • Init layer(there is Init layer between image layer and container layer on ubuntu actually) which is system related info like /dev host etc.
  • Container layer(R/W layer)

Image on disk /var/lib/docker

Let’s see what’s the file layout for image and container. here is the layout for it
image layout

Below output is the file layout after create a container(official ubuntu image)

docker/aufs directory

1
2
$ ls /var/lib/docker/aufs
diff  layers  mnt
  • diff/: content of each layer(image layer and init layer and container layer)
  • layers/: As layer has relationship, file in it shows all layers it based on
  • mnt/: As in diff/, it only shows content of each layer, here it shows content of all layers it based on(actually it’s aufs mount point(single dir)).

Note: without container runs, all are empty!
when container runs only the contain layer mount point has content!!!

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
root@dev:/var/lib/docker# tree -L 2 aufs
aufs
|-- diff
|   |-- 268f3ca66142b2b9791504df67c604a5f0bf331064f4e1f899fcdd33686b602d
|   |-- 38fd587650e8a0befc2a177395a2afa380abcd32ac78316c6a38ea6b01bdadd7
|   |-- 39d5b8fbe7446545c8e982bc3c2e0a0e955a81c99a88a85121252800406c88cf
|   |-- 9bd9ca976269998def585a7848e180207f88cdec9e95b11e930532cfe84780e6
|   |-- afc8986c55fb3ec896070d3f475a61ababf6e5e458107e7d8d449df6b53055cf
|   `-- afc8986c55fb3ec896070d3f475a61ababf6e5e458107e7d8d449df6b53055cf-init
|-- layers
|   |-- 268f3ca66142b2b9791504df67c604a5f0bf331064f4e1f899fcdd33686b602d
|   |-- 38fd587650e8a0befc2a177395a2afa380abcd32ac78316c6a38ea6b01bdadd7
|   |-- 39d5b8fbe7446545c8e982bc3c2e0a0e955a81c99a88a85121252800406c88cf
|   |-- 9bd9ca976269998def585a7848e180207f88cdec9e95b11e930532cfe84780e6
|   |-- afc8986c55fb3ec896070d3f475a61ababf6e5e458107e7d8d449df6b53055cf
|   `-- afc8986c55fb3ec896070d3f475a61ababf6e5e458107e7d8d449df6b53055cf-init
`-- mnt
    |-- 268f3ca66142b2b9791504df67c604a5f0bf331064f4e1f899fcdd33686b602d
    |-- 38fd587650e8a0befc2a177395a2afa380abcd32ac78316c6a38ea6b01bdadd7
    |-- 39d5b8fbe7446545c8e982bc3c2e0a0e955a81c99a88a85121252800406c88cf
    |-- 9bd9ca976269998def585a7848e180207f88cdec9e95b11e930532cfe84780e6
    |-- afc8986c55fb3ec896070d3f475a61ababf6e5e458107e7d8d449df6b53055cf
    `-- afc8986c55fb3ec896070d3f475a61ababf6e5e458107e7d8d449df6b53055cf-init

docker/containers directory

1
2
3
4
5
6
7
8
9
10
11
root@dev:/var/lib/docker# tree -L 2 containers/
containers/
`-- 1eb906e718d8271061ac894972533234af4c563364bd7522f482b1d427095270
    |-- 1eb906e718d8271061ac894972533234af4c563364bd7522f482b1d427095270-json.log
    |-- config.v2.json
    |-- hostconfig.json
    |-- hostname
    |-- hosts
    |-- resolv.conf
    |-- resolv.conf.hash
    `-- shm
  • containers/: includes the config and runtime info about this container etc

docker/image

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
image/
`-- aufs
    |-- imagedb
    |   |-- content
    |   |   `-- sha256
    |   |       `-- 2ca708c1c9ccc509b070f226d6e4712604e0c48b55d7d8f5adc9be4a4d36029a --->image id
    |   `-- metadata
    |       `-- sha256
    |-- layerdb
    |   |-- mounts
    |   |   `-- 1eb906e718d8271061ac894972533234af4c563364bd7522f482b1d427095270   ---->container id
    |   |       |-- init-id
    |   |       |-- mount-id                                                       ---->mount point for this container
    |   |       `-- parent
    |   |-- sha256
    |   |   |-- 5308e2e4a70bd4344383b8de54f8a52b62c41afb5caa16310326debd1499b748
    |   |   |   |-- cache-id                                                       --->local id for this layer aufs/diff/cache-id
    |   |   |   |-- diff                                                           --->id of this layer
    |   |   |   |-- parent
    |   |   |   |-- size
    |   |   |   `-- tar-split.json.gz                                              -->content for this layer
    |   |   |-- a1aa3da2a80a775df55e880b094a1a8de19b919435ad0c71c29a0983d64e65db
    |   |   |   |-- cache-id
    |   |   |   |-- diff
    |   |   |   |-- size
    |   |   |   `-- tar-split.json.gz
    |   |   |-- bd416bed302bc2f061a2f6848a565483a5f265932d2d4fa287ef511b7d1151c8
    |   |   |   |-- cache-id
    |   |   |   |-- diff
    |   |   |   |-- parent
    |   |   |   |-- size
    |   |   |   `-- tar-split.json.gz
    |   |   `-- dab02287e04c8b8207210b90b4056bd865fcfab91469f39a1654075f550c5592
    |   |       |-- cache-id
    |   |       |-- diff
    |   |       |-- parent
    |   |       |-- size
    |   |       `-- tar-split.json.gz
    |
    `-- repositories.json
  • imagedb/content/sha256/$image_id: content of the image like env, volume, layers used by this image etc
  • imagedb/content/metadata/sha256/$image_id: metadata for this image
  • layerdb/mounts/$container_id: mount point for this container
  • layerdb/sha256/$chain_id: content of this layer(layer id is stored at $cache_id/diff), content is compressed,

The uncompressed data is stored at /var/lib/docker/aufs/diff/sha256/$cache_id for this layer, cache_id at $chain_id/cache-id

file changes when create a container

what changes happens when create a container, please refer to storage driver