Union File System in Container Technology
Introduction
The union file system in container technology is a way to layer file systems on top of each other to form a single coherent file system.
When a container engine pulls an image to create a container, it layers the image’s read-only layers one on top of the other. Then, it adds a thin writable layer on top. This writable layer allows the container to modify files or create new ones at runtime, even though the underlying image layers remain unchanged because they are immutable.
This behavior contrasts with a traditional virtual machine setup, where the entire file system can be modified persistently. In the container world, only the top writable layer is ephemeral and specific to each container instance, promoting immutability and consistency across environments.
Sample Scenarios
Consider you have a Podman container running an Apache web server. The image layers contain the Apache software and its dependencies, which are read-only.
When the container starts, Podman adds a writable layer where the server can write logs, cache data, or handle any file modifications required during its operation. These changes exist only as long as the container is running.
Common Misconceptions
Ephemerality vs. Persistence: While the container’s writable layer is ephemeral, it’s crucial to understand that any data you need to persist should be stored on mounted volumes or external storage, which remain intact beyond the container’s lifecycle.
Immutability of Layers: The immutability of image layers doesn’t mean you can’t update the software within a container. Instead, it means that such updates are done by rebuilding the container image with the changes or by storing data that needs to persist outside the immutable layers.
Additional Resources
The official Podman documentation provides a deep dive into how Podman manages container filesystems: Podman documentation.
A Wikipedia article explaining union file systems and their application in containers: Understanding Union File Systems.