✦ For everyone, free.

Practical knowledge for real and everyday life

Home

2.3.3.2 Copy On Write Model

A focused guide to Copy On Write Model, connecting core concepts with practical Docker and container operations.

The copy-on-write model is the strategy underlying a container's writable layer: rather than copying an entire underlying image's filesystem before a container can modify it, the underlying layers remain shared and read-only, and a copy of any specific file is only made at the moment that file is actually modified.

Why Copying Everything Upfront Would Be Wasteful

If starting a container required copying its entire image's filesystem first, starting many containers from the same image would be slow and would consume disk space proportional to the number of containers, even if none of them ever modified most of their files.

docker run -d myapp:1.0
docker run -d myapp:1.0
docker run -d myapp:1.0

Despite starting three separate containers from the same image, copy-on-write means none of the image's actual layer data is duplicated for any of them at startup.

Copying Only What Changes

When a container modifies a file that originates from one of its read-only image layers, the underlying filesystem first copies that specific file up into the container's own writable layer, and the modification is then applied to that copy — the original file in the image layer remains untouched.

docker run -d --name myapp myapp:1.0
docker exec myapp sh -c "echo modified >> /etc/config.yaml"
docker diff myapp

docker diff reports /etc/config.yaml as modified specifically within this container's own layer, while the original file in the underlying image is unaffected and still shared with any other container started from the same image.

Performance Characteristics

The first modification to any given file incurs the cost of copying it into the writable layer, but subsequent modifications to that same file are fast, since they operate directly on the already-copied version — this is most noticeable for very large files that are modified for the first time inside a container.

time docker exec myapp sh -c "cp /usr/share/large-file.bin /tmp/"
Why Copy-on-Write Matters

Copy-on-write is what allows many containers based on the same image to start almost instantly and consume disk space proportional only to what they actually change, rather than to the full size of their underlying image, which is essential to making container density and startup speed practical at scale.

Related content