Docker Filesystem Internals (AdvancEd)

Docker Filesystem Internals (Advanced)

Docker Filesystem Internals (Advanced)

This post is for readers who already understand Docker basics and want to learn how Docker manages files internally. If you are new to Docker, read the beginner guide first.

Containers Do NOT Have Their Own Disk

A common misunderstanding is that Docker containers have their own disk. In reality:

Containers do not have a separate physical filesystem. Docker creates a filesystem view using layers stored on the host machine.

This layered filesystem is implemented using a Union Filesystem, most commonly OverlayFS on Linux.

Docker Images Are Read-Only Layers

A Docker image is made up of multiple read-only layers. Each instruction in a Dockerfile creates a new layer. 

FROM python:3.11
RUN pip install flask
COPY app.py .

This results in layers like:

Layer 1: Base OS + Python
Layer 2: Flask installed
Layer 3: app.py copied
  • Layers are read-only
  • Layers are cached
  • Layers are shared across containers

Containers Add a Writable Layer

When a container starts, Docker adds one writable layer on top of the image: 

Writable Container Layer
------------------------
Read-Only Image Layers

Any file changes made by the container go into this writable layer. The original image layers never change.

Copy-On-Write Explained

Docker uses a mechanism called Copy-On-Write.

Example:

  • An image contains /app/config.yml
  • The container modifies this file

What Docker does:

  1. Copies the file from the image layer
  2. Places it in the writable layer
  3. Modifies the copy

The original image layer remains untouched.

What Happens When a Container Stops?

Action Result
Stop container Data remains
Restart container Data remains
Delete container Writable layer is deleted

This is why containers are called ephemeral.

Why Containers Are Stateless by Default

Containers are designed to be stateless because:

  • The writable layer belongs to the container
  • Deleting the container deletes the data
  • This enables easy scaling and safe restarts

Volumes: Persistent Data Outside Containers

To store data permanently, Docker provides volumes. 

docker run -v mydata:/data my-container

Volumes live outside the container lifecycle and survive container deletion.

Bind Mounts vs Volumes

  • Bind mounts: map a host directory into the container
  • Volumes: managed by Docker and portable

Both bypass the container’s writable layer.

OverlayFS: One View, Many Layers

OverlayFS merges multiple layers into a single filesystem view. To the container, everything looks like one normal filesystem. 

/
├── app/
├── bin/
├── lib/
└── tmp/

Internally, files may exist in different layers, but the container does not know this.

Why This Knowledge Matters

  • Debugging missing files
  • Understanding data loss after container deletion
  • Correct use of volumes
  • Kubernetes persistent storage decisions

Final Mental Model

Images are immutable layers.
Containers add a temporary writable layer.
Volumes store persistent data outside containers.

Remembering this model means you understand Docker filesystem internals.

Comments

Post a Comment

Popular posts from this blog

What’s Inside EKS? A Beginner’s Guide to Its Core Components

Image
 EKS (Elastic Kubernetes Service) EKS is a managed service by AWS that runs Kubernetes for you. It takes care of setting up and managing the Kubernetes control plane so you can focus on running your applications. Kubernetes  Kubernetes is an open-source system for automating the deployment, scaling, and management of containerized applications. It helps run apps reliably across a cluster of machines, automatically handling scheduling, scaling, updates, and recovery. Pod A Pod is the smallest unit in Kubernetes. It can hold one or more containers that share the same network and storage. All containers in a pod are scheduled and managed together. Container A Container is a lightweight, standalone package that includes everything an app needs to run — code, runtime, libraries, and dependencies. It ensures the app runs the same no matter where it’s deployed. đź‘€1 pod can have multiple containers but 1 container cannot belongs to multiple pods.
Read more

Aurora MySQL Default Authentication Plugin,mysql_native_password,

MySQL default authentication plugin- mysql_native_password, caching_sha2_password AWS RDS for MySQL version 8.0.34 and higher 8.0 versions use the  mysql_native_password plugin. You can't change the default_authentication_plugin  setting. RDS for MySQL version 8.4 and higher versions use the  caching_sha2_password  plugin as the default authentication plugin.You can change the default authentication plugin for MySQL 8.4. The  mysql_native_password plugin still works with MySQL 8.4, but support of this plugin ends with MySQL 8.4 To change the default authentication plugin, create a custom parameter group and modify the value of the authentication_policy  parameter MySQL’s mysql_native_password plugin is deprecated starting from MySQL 8.0.34 , disabled by default in MySQL 8.4 , and removed entirely in MySQL 9.0 . Amazon RDS for MySQL has switched to caching_sha2_password as the default authentication plugin for improved security and performance Examp...
Read more

My First Cruise to the Bahamas: What to Pack & What to Expect – A 4-Night Adventure!

Image
This was my very first trip to the Bahamas—and even better, it was by cruise! Our journey started in North Carolina, and we drove down to Orlando, Florida, to board the ship. Excitement? Through the roof! But let me be honest—when it came to packing, especially as a girl, I had no idea what to wear each day. Swimsuits? Dresses? Nightwear? It’s always confusing! 🌍Day 1 – Port of Entry & Cruise🛳️ Kickoff Once you check in, you’ll notice that rooms and luggage take a little while to be ready—so plan your outfit accordingly! What to wear: A comfortable cover-up or dress/skirt that’s easy to remove. Underneath, wear your swimsuit or swim dress—you’ll want to head straight to the water deck. Don’t forget sunglasses, sunscreen, and comfy đź©´ ! What to do: Head to the upper deck to enjoy the pools, water slides, and hot tubs. Explore the ship—it’s massive! Enjoy unlimited food, drinks, and good vibes. Take it slow and soak in that you’re officially on vacation! Day 2 – Exploring Nassau, B...
Read more