For more efficient use of storage drivers, it is critical to understand how Docker builds and stores images and containers to optimally retain program data in use and avoid further problems.

Docker uses storage drivers to store the image layer, storing data in the container's writable layer. The container writable layer is not retained after the container is deleted. However, it can be used to store temporary data that is temporarily generated at run time. Storage drivers have some optimization of space utilization efficiency, but the write speed is lower than the native system performance, especially for storage drivers that copy the file system when using write. Writing-intensive applications suffer from performance overhead, especially if there is pre-existing data in the read-only layer.

Docker volumes can store writing-intensive data that must exist outside the container lifecycle and be shared between containers.

A Docker image is composed of a system layer, each layer represents an instruction in the image Dockerfile, and each layer is read-only except for the last layer:

# syntax=docker/dockerfile:1

FROM ubuntu:22.04

LABEL org.opencontainers.image.authors="org@example.com"

COPY . /app

RUN make /app

RUN rm -r $HOME/.cache

CMD python /app/app.py

The above dockerfile contains four commands. The command to modify the file system creates a layer, and the change FROM statement first creates a layer with the ubuntu:22.04 image. The LABEL command only modifies the metadata of the image and does not generate a new layer. The COPY command adds some files from the current directory of the Docker client. The first RUN command uses this command to build the application make and write the results to the new layer. The second RUN command deletes the cache directory and writes the results to the new layer. Finally, the CMD command specifies what command to run inside the container. This command only modifies the image metadata and does not generate the image layer.

Above each layer is a set of differences from the previous layer. Adding or deleting files creates a new layer, such as $HOME/.cache is removed, but will still be available in the previous layer and added to the total size of the mirror.

These layers are stacked on top of each other, and when a new container is created, a new writable layer is added on top of the underlying layer. These layers are often referred to as the container layer. All changes made to a running container, such as writing new files, modifying existing files, and deleting files, are written to this thin writable container layer.

Different storage drivers have their own advantages and disadvantages in different situations when dealing with the details of how these layers interact.

The main difference between containers and images is in the top writable layer. All writes to the container, adding new data, or modifying existing data are stored in this writable layer. When a container is deleted, the writable layer is also removed and the underlying image remains unchanged. However, each container can share access to the same underlying image, but also have its own data state.

If you want to see the approximate size of the container you are running, you can use the docker ps -s command to list the sizes of the two different columns.

Size is the amount of data (on disk) used in the writable layer of each container.

virtual size is the size of the read-only image data used by the container plus the size of the data in the container's writable layer. Multiple containers may share some or all of the read-only image data. Two containers booted from the same image share 100% read-only data, while two containers with different images but common layers share these common layers. Therefore, you cannot just add the virtual sizes. This overestimates the total disk usage, possibly by a lot.

The total disk space used by all running containers on disk is some combination of the size and virtual size values of each container. When multiple containers are booted from the same image, the total size of these containers on disk will be the sum of the number of containers plus the size of an image. This does not account for other ways that containers take up disk space.

以上翻译结果来自有道神经网络翻译（YNMT）· 通用场景