8.1.1.2 Container File Changes
A focused guide to Container File Changes, connecting core concepts with practical Docker and container operations.
Container file changes are the complete set of filesystem modifications — added, modified, or deleted files — that have accumulated within a specific container's writable layer since it was created, viewable directly to understand exactly how a container's filesystem has diverged from its original image.
Viewing a Container's Accumulated Changes
The docker diff command lists every file change recorded in a container's writable layer.
docker run -d --name myapp myapp:1.0
docker exec myapp sh -c "echo 'test' > /tmp/new.txt && rm /app/old-config.yaml"
docker diff myapp
A /tmp/new.txt
D /app/old-config.yaml
A indicates an added file, D indicates a deleted one — docker diff also reports C for a changed (modified) file.
Why This View Is Useful for Understanding Container State
Reviewing exactly what has changed within a specific container provides insight into its current state beyond what the original image alone would suggest, useful for debugging or understanding how a long-running container's filesystem has evolved.
docker diff myapp | wc -l
A surprisingly large number of accumulated changes might prompt investigation into whether the container is behaving as expected, or accumulating unexpected state it shouldn't be.
Distinguishing Changes That Matter From Incidental Ones
Not every recorded change is necessarily significant — temporary files, logs, and caches might appear in this diff without representing anything that genuinely needs attention, requiring some judgment in interpreting the full list.
docker diff myapp | grep -v "/tmp\|/var/log"
Filtering out routine, expected categories of change can help focus on changes that are actually noteworthy.
Why Reviewing Container File Changes Matters
docker diff provides direct visibility into exactly how a specific container's filesystem has diverged from its original image, useful both for general debugging and for confirming whether a container is accumulating only expected, routine changes or something unexpected that warrants further investigation.