Docker overlay2 Storage Driver Explained
overlay2 is the default and most widely used Docker storage driver in modern Linux-based container environments.
It is considered the industry-standard storage driver for:
- Docker
- Kubernetes
- Microservices platforms
- Cloud-native infrastructure
- CI/CD systems
- Production container platforms
Why overlay2 is Important
Containers share image layers.
Docker must:
- Reuse layers efficiently
- Save disk space
- Start containers quickly
- Support writable containers
- Optimize filesystem operations
overlay2 solves these problems efficiently.
βStore shared image layers once and add lightweight writable layers per container.β
What is OverlayFS?
overlay2 is based on Linux OverlayFS.
OverlayFS is a union filesystem that merges multiple directories into one unified filesystem view.
OverlayFS Architecture
+------------------------------------+
| Upper Writable Layer |
+------------------------------------+
| Lower Read-only Layer 3 |
+------------------------------------+
| Lower Read-only Layer 2 |
+------------------------------------+
| Lower Read-only Layer 1 |
+------------------------------------+
overlay2 uses this concept internally for Docker containers.
Docker Image Layering Concept
Docker images are built using multiple read-only layers.
Example Dockerfile
FROM ubuntu
RUN apt install java
COPY app.jar app.jar
Generated Layers
Layer 1 -> Ubuntu Base
Layer 2 -> Java Installed
Layer 3 -> app.jar Added
These layers are immutable (read-only).
Container Filesystem Structure
+------------------------------------+
| Writable Container Layer |
+------------------------------------+
| app.jar Layer |
+------------------------------------+
| Java Layer |
+------------------------------------+
| Ubuntu Base Layer |
+------------------------------------+
overlay2 merges all layers into one virtual filesystem.
How overlay2 Works Internally
overlay2 creates:
- Lower directories (read-only image layers)
- Upper directory (writable container layer)
- Work directory
- Merged mount point
overlay2 Internal Structure
LowerDir -> Read-only image layers
UpperDir -> Writable container changes
WorkDir -> OverlayFS internal operations
MergedDir -> Unified filesystem view
overlay2 Internal Flow
Image Layers
|
OverlayFS Merge
|
Writable Layer Added
|
Container Sees Unified Filesystem
Real-Time Production Example
Consider a global learning platform serving users from USA, UK, and India.
100 Spring Boot Microservices
|
Same Java Base Image
|
overlay2 Shares Layers
|
Massive Disk Savings
Instead of storing Java runtime 100 times:
Store Once -> Share Everywhere
How overlay2 Saves Disk Space
Shared image layers are stored only once.
Ubuntu Base Layer
|
+-------------------------+
| |
Container A Container B
Both containers reuse same read-only layers.
Copy-on-Write (CoW) in overlay2
overlay2 uses Copy-on-Write for efficiency.
Scenario
Container modifies:
/app/config.properties
Internal Copy-on-Write Flow
Read-only File
|
Container Modifies File
|
overlay2 Copies File
|
Stored in Writable Upper Layer
Original image layer remains unchanged.
overlay2 Read Operation
When container reads a file:
- overlay2 checks upper writable layer first
- If file not found, checks lower layers
Read Flow
Container Requests File
|
Check Upper Layer
|
Found?
| Yes -> Return File
|
No
|
Check Lower Layers
overlay2 Write Operation
When writing:
- File copied from lower layer
- Stored in upper writable layer
- Container uses copied version
Write Flow
Container Writes File
|
Copy Existing File
|
Move to Upper Layer
|
Apply Changes
Where overlay2 Stores Data
Docker stores overlay2 data under:
/var/lib/docker/overlay2/
Example Structure
/var/lib/docker/overlay2/
|
+-- layer1/
+-- layer2/
+-- layer3/
+-- merged/
+-- work/
Important overlay2 Directories
| Directory | Purpose |
|---|---|
| diff | Layer contents |
| merged | Unified mounted view |
| work | OverlayFS internal operations |
| lower | References lower layers |
overlay2 and Container Startup
overlay2 improves startup performance because:
- Layers are already cached
- No full filesystem copy needed
- Only lightweight writable layer created
Container Startup Flow
Docker Pulls Image
|
Layers Stored Once
|
Container Starts
|
Writable Layer Added
|
Container Ready Quickly
overlay2 and CI/CD Pipelines
overlay2 dramatically improves build performance.
CI/CD Layer Cache Example
Previous Docker Build
|
Layer Cache Exists
|
Rebuild Uses Existing Layers
|
Fast Build
Build Performance Example
Layer 1 -> Ubuntu
Layer 2 -> Maven Dependencies
Layer 3 -> Application Code
If only application code changes:
Reuse Layers 1 and 2
Rebuild Only Layer 3
overlay2 Advantages
- Excellent performance
- Very efficient storage usage
- Fast container startup
- Low memory overhead
- Production stability
- Efficient layer caching
overlay2 Limitations
- Linux only
- Requires modern kernel support
- Some inode limitations
- Performance overhead for very write-heavy workloads
overlay2 vs aufs
| Feature | overlay2 | aufs |
|---|---|---|
| Performance | Better | Good |
| Kernel Support | Native | External patches |
| Maintainability | Excellent | Complex |
| Industry Usage | Very High | Legacy |
overlay2 vs devicemapper
| Feature | overlay2 | devicemapper |
|---|---|---|
| Storage Level | Filesystem level | Block level |
| Performance | Excellent | Moderate |
| Complexity | Lower | Higher |
| Production Preference | Recommended | Legacy |
How to Check Current Storage Driver
docker info
Example Output
Storage Driver: overlay2
How overlay2 Works with Kubernetes
Kubernetes nodes commonly use overlay2 underneath container runtimes.
Kubernetes Pod
|
Container Runtime
|
overlay2 Storage Driver
|
OverlayFS
overlay2 and Microservices
Modern microservices architectures heavily depend on overlay2.
100 Containers
|
Shared Java Base Layer
|
Huge Storage Optimization
overlay2 Performance Best Practices
- Use SSD storage
- Use multi-stage builds
- Reduce image layers
- Use small base images
- Clean unused images regularly
- Optimize Dockerfile ordering
Security Best Practices
- Use immutable images
- Use minimal base images
- Regularly patch kernels
- Restrict container privileges
- Encrypt host storage disks
Common overlay2 Problems
- Disk space exhaustion
- inode exhaustion
- Large layer accumulation
- Slow builds due to poor Dockerfile design
How to Clean overlay2 Storage
Remove Unused Images
docker image prune
Remove Everything Unused
docker system prune -a
overlay2 Workflow Summary
Docker Image Pulled
|
Read-only Layers Stored
|
Container Starts
|
Writable Layer Added
|
OverlayFS Merges Layers
|
Container Uses Unified Filesystem
Interview Answer
overlay2 is Dockerβs default and recommended storage driver that uses Linux OverlayFS to manage layered container filesystems efficiently.
It works by combining multiple read-only image layers with a writable container layer into a unified filesystem view. overlay2 uses copy-on-write mechanisms so containers only store changed files, reducing storage usage and improving performance.
overlay2 provides fast container startup, efficient layer sharing, excellent build caching, and high production stability, making it the preferred storage driver for Docker, Kubernetes, and cloud-native platforms.
Quick Summary Table
| Component | Purpose |
|---|---|
| OverlayFS | Union filesystem |
| Lower Layers | Read-only image layers |
| Upper Layer | Writable container layer |
| Copy-on-Write | Efficient file modifications |
| Merged Directory | Unified filesystem view |
Useful Internal Links
- Docker Interview Questions
- DevOps Interview Questions
- Kubernetes Interview Questions
- Microservices Interview Questions
- AWS Interview Questions
- Linux Interview Questions
Final Conclusion
overlay2 is one of the most critical internal technologies powering modern Docker and Kubernetes environments. By leveraging Linux OverlayFS and copy-on-write mechanisms, it provides efficient layered storage, high performance, fast container startup, and excellent scalability.
Understanding overlay2 is essential for production-grade DevOps engineering, cloud-native architecture design, CI/CD optimization, and large-scale container platform management.