1. mount -t overlay overlay -o lowerdir=/lower,upperdir=/upper,workdir=/work /merged


  • The lower directory can be read-only or could be an overlay itself.
  • The upper directory is normally writable.
  • The workdir is used to prepare files as they are switched between the layers.

The lower directory can actually be a list of directories separated by :, all changes in the merged directory are still reflected in upper.
Example:

  1. # mount -t overlay overlay -o lowerdir=/lower1:/lower2:/lower3,upperdir=/upper,workdir=/work /merged

Note: The order of lower directories is the rightmost is the lowest, thus the upper directory is on top of the first directory in the left-to-right list of lower directories; NOT on top of the last directory in the list, as the order (or logic) might seem to suggest.
The above example will have the order:
/upper
/lower1
/lower2
/lower3
To add an overlayfs entry to /etc/fstab use the following format:

  1. /etc/fstab
  2. overlay /merged overlay noauto,x-systemd.automount,lowerdir=/lower,upperdir=/upper,workdir=/work 0 0

The noauto and x-systemd.automount mount options are necessary to prevent systemd from hanging on boot because it failed to mount the overlay. The overlay is now mounted whenever it is first accessed and requests are buffered until it is ready. See fstab#Automount with systemd.

Read-only overlay

Sometimes, it is only desired to create a read-only view of the combination of two or more directories. In that case, it can be created in an easier manner, as the directories upper and work are not required:
# mount -t overlay overlay -o lowerdir=/lower1:/lower2 /merged
When upperdir is not specified, the overlay is automatically mounted as read-only.


l目录

overlay2目录有一个 l (小写 L ) 目录,包含缩短标识符作为软链接,这些标识符用于避免 mount 命令参数页面大小限制。

每个lower层,包含一个名为 link 的文件,其中包含缩短标识符的名称,以及一个包含镜像内容的名为 diff 的目录。

diff目录

每一层有一个包含镜像内容的名为 diff 的目录

lower文件

包含所有父级的缩短标识符

overlay缺陷:

overlay 驱动仅适用于两层,这意味着多层镜像不能实现多个 OverlayFS 层。取而代之,每个镜像层都在 /var/lib/docker/overlay 下实现自己的目录。通过硬链接引用与底层共享数据的方式来节省空间。从 Docker 1.10 开始,镜像层 IDs 不再对应于 /var/lib/docker 中的目录名。

每个镜像层都在 /var/lib/docker/overlay/ 目录下有自己的目录。

  1. $ ls -l /var/lib/docker/overlay/
  3. total 20
  4. drwx------ 3 root root 4096 Jun 20 16:11 38f3ed2eac129654acef11c32670b534670c3a06e483fce313d72e3e0a15baa8
  5. drwx------ 3 root root 4096 Jun 20 16:11 55f1e14c361b90570df46371b20ce6d480c434981cbda5fd68c6ff61aa0a5358
  6. drwx------ 3 root root 4096 Jun 20 16:11 824c8a961a4f5e8fe4f4243dab57c5be798e7fd195f6d88ab06aea92ba931654
  7. drwx------ 3 root root 4096 Jun 20 16:11 ad0fe55125ebf599da124da175174a4b8c1878afe6907bf7c78570341f308461
  8. drwx------ 3 root root 4096 Jun 20 16:11 edab9b5e5bf73f2997524eebeac1de4cf9c8b904fa8ad3ec43b3504196aa3801

镜像层的目录包含该层唯一的文件以及与较低层共享数据的硬链接,以此来高效利用磁盘空间。
$ ls -i 

  1. $ ls -i /var/lib/docker/overlay/38f3ed2eac129654acef11c32670b534670c3a06e483fce313d72e3e0a15baa8/root/bin/ls
  2. 19793696 /var/lib/docker/overlay/38f3ed2eac129654acef11c32670b534670c3a06e483fce313d72e3e0a15baa8/root/bin/ls
  3. $ ls -i /var/lib/docker/overlay/55f1e14c361b90570df46371b20ce6d480c434981cbda5fd68c6ff61aa0a5358/root/bin/ls
  4. 19793696 /var/lib/docker/overlay/55f1e14c361b90570df46371b20ce6d480c434981cbda5fd68c6ff61aa0a5358/root/bin/ls

overlay2

overlay2驱动程序本身最多支持128个较低的镜像层