Understanding AUFS: Union File System Basics, Usage, and Performance

AUFS (Another/Alternative/Advance Union File System) is a UnionFS implementation originally created by Junjiro Okajima in 2006 to improve reliability and performance over earlier UnionFS versions. It allows multiple directories (branches) to be merged into a single mount point, supporting writable branches and load‑balancing.

Typical usage involves creating two directories (e.g., fruits and vegetables ) with files, then mounting them together:

mkdir mnt
sudo mount -t aufs -o dirs=./fruits:./vegetables none ./mnt

After mounting, the combined view shows files from both branches. Modifying a file in the mount point updates the file in the first (left‑most) writable branch, while read‑only branches remain unchanged.

Branch permissions are specified in the dirs= option. The first branch is writable by default; subsequent branches are read‑only unless explicitly marked rw . Example with explicit read‑write permissions:

sudo mount -t aufs -o dirs=./fruits=rw:./vegetables=rw none ./mnt

AUFS also supports special concepts such as whiteout (hiding files from lower read‑only branches) and opaque directories. A whiteout is created by adding a hidden file named .wh.<filename> in a writable branch, causing the file to disappear from the merged view.

Relevant terminology includes:

Branch : each directory participating in the union; ordered as a stack with the topmost branch typically writable.

Whiteout : a hidden file that masks a lower‑layer file or directory.

Opaque : a marker that prevents any lower‑layer directory from being visible.

AUFS offers several mount parameters:

udba (User’s Direct Branch Access) with values none , reval , and notify to control synchronization of out‑of‑mount changes.

create to define where new files are placed when multiple writable branches exist, e.g., create=rr for round‑robin, create=mfs for most‑free‑space, etc.

In Docker, AUFS is one of the storage drivers (alongside btrfs, devicemapper, and vfs) used to implement layered images. Docker’s AUFS layers reside under /var/lib/docker/aufs/diff/ , and the mount information can be inspected via /sys/fs/aufs/ directories.

Performance-wise, AUFS incurs extra overhead when locating files because it must search each branch (O(n) complexity). Read/write operations on found inodes are comparable to native filesystems, but a large number of branches can degrade lookup speed. Benchmarks from IBM show minimal impact on sequential I/O and modest impact on random reads.

Overall, AUFS provides a flexible way to combine read‑only and writable directories, useful for live CDs, container images, and ad‑hoc snapshots of source code.