Understand what an OverlayFS is and how it works
February 01, 2016
Union file systems are a creative solution to allow a virtual merge of multiple folders, while keeping their actual contents separate. The Overlay fil...
Union file systems are a creative solution to allow a virtual merge of multiple folders, while keeping their actual contents separate. The Overlay file system (OverlayFS) is one example of these, though it is more of a mounting mechanism than a file system.
Brought into the Linux kernel mainline with version 3.18, OverlayFS lets you overlay the contents (both files and directories) of one directory onto another. The source directories can be on different volumes and can even be different file systems, which creates an interesting mechanism for allowing temporary modification of read-only files and folders.
The simplest case, which is shown in the image below, involves two directories, each containing files and folders. We can think of them as upper and lower, with the rest of kernel and applications positioned above that. The lower directory is read-only. File access through the OverlayFS retrieves data from the upper directory first, and then defaults to the lower directory if a file doesn’t exist. Note that the two original upper and lower directories are still directly accessible to the Linux kernel, but this access could be limited by the application.
Modifications to files in the upper directory will occur as usual. Any modification to a file from the lower folder will create a copy in the upper, and that file will be the one modified. This leaves the base files untouched and available through direct access to the lower folder.
Interestingly, a second task could copy modified files from the upper folder to the lower when modifications are complete. In this way, an OverlayFS setup could simulate some of the functionality of transaction points within the Reliance Nitro file system.
A file removed from the OverlayFS directory would directly remove a file from the upper directory, and simulate that removal from the lower directory by creating a “whiteout” file. This file exists only within the OverlayFS directory, without physically appearing in either the upper or lower directories. When the OverlayFS is dismounted, this state information will be lost, so care should be taken to reflect any necessary changes to the lower directory.
A subdirectory can also be deleted from the lower directory, which creates an “opaque” directory in the OverlayFS directory. Behind the scenes, OverlayFS uses the “trusted” extended attribute class or namespace to record whiteouts and opaque directories. Linux file systems that support the trusted namespace can be used for either, and Reliance Nitro is among that set.
Thom Denholm is a Technical Product Manager with Datalight. He’s also an embedded software engineer with more than 20 years of experience, combining a strong focus on operating system and file system internals with a knowledge of modern flash devices. He holds a BS in Mathematics and Computer Science from Gonzaga University. Though he has lived in and around Seattle all his life, he has never had a cup of coffee.