Hi hope everyone’s having a good day.

Conceptual question around docker’s writeable layer. I’m noticing that writing to topmost writeable layer is being recognized as container’s size rather than memory (shown in docker ps -s). I am also seeing that writing does not impact docker cgroup memory limits (in docker stats).

Am I correct in saying that thin writeable layer does not contribute to overall cgroup memory limits? Does this mean memory belongs to docker daemon? Am conceptually trying to understand why?

Any help is appreciated. Thanks

Details:

• Centos7 release 7.9.2009
• Kernel Version: 3.10.0-1160.76.1.el7.x86_64
• Cgroup version 1
• Server: Docker Engine - Community Version 19.03.13
• Client: Docker Engine - Community Version 20.10.21
• Storage Driver - overlay2 with xfs backing

I assume with writable layer, you mean the writable layer of the containers file system?

You can find the GraphDriver details for a container by running this command:

 docker inspect ${container name or id} --format '{{json .GraphDriver}}' | jq

Note: replace ${container name or id} with an existing container name or id; remove | jq if the jq command is not available on your host.

It will show the relevant details about the container file system. In case of overlay2, the “MergeDir” represents the file system the container uses, which is a unified view of the “LowerDir” folders (~=read-only image layers) and the “UpperDir” folder (write folder).