This content originally appeared on DEV Community and was authored by Harsh Raj
Ever wondered how Docker can launch a new container from a multi-gigabyte image in just a fraction of a second? If you were to copy all that data, it would take ages. The magic behind this speed and efficiency is a clever strategy known as Copy-on-Write (COW).
It’s one of the foundational concepts that makes Docker so powerful. Let’s break down what it is and how it works.
So, What is Copy-on-Write?
At its core, Copy-on-Write is a resource-management technique. The name says it all: you delay or defer the copying of data until the very first time you need to write or modify it.
Think of it like working with a master template in a team.
Imagine a master document (the template). Instead of everyone making their own full copy to work on, they all view the same master template. When someone needs to make a change, they don’t edit the master. Instead, they take a transparent sheet, place it over the original, and write their changes on the sheet.
Everyone can still read the original, but edits are personal and stored separately. This approach saves a massive amount of space because you only have one master template, and the “changes” (the transparent sheets) are very small.
This is exactly the principle Docker uses.
How Docker Uses COW with Images and Containers
Docker’s architecture is built around this idea, specifically with its use of image layers and container layers.
1. Immutable Image Layers
A Docker image isn’t one giant, monolithic file. It’s actually a collection of multiple, read-only layers stacked on top of each other. Each instruction in your Dockerfile (like FROM, RUN, COPY) creates a new layer.
For example, a simple Dockerfile:
# This is our base layer(s) from the official Ubuntu image
FROM ubuntu:22.04
# This command creates a new layer on top
RUN apt-get update && apt-get install -y nginx
# This command creates another layer
COPY ./my-website /var/www/html
These layers are stacked. The ubuntu image is the base, the nginx installation is a layer on top of that, and your website files are another layer on top of that. Importantly, these image layers are read-only. They cannot be changed.
2. The Writable Container Layer
When you execute docker run, Docker doesn’t copy the whole image. Instead, it does something far more clever:
It creates a new, thin, writable layer right on top of the immutable image layers. This is often called the “container layer”.
When Reading:
If your container needs to read a file (e.g., the nginx executable), Docker looks down through the layers, starting from the top. It finds the file in the nginx layer and serves it.
When Writing/Modifying:
This is where the COW magic happens. If your container tries to modify an existing file (say, /etc/nginx/nginx.conf), the storage driver first copies that file from the read-only image layer up into the writable container layer. The container then modifies this new copy. The original file in the image layer remains untouched.
When Deleting:
If you delete a file, it isn’t actually removed from the read-only image layer. Instead, Docker places a “whiteout” marker in the writable container layer, which simply hides the file from the container’s view.
The Big Benefits of COW 
This layered, copy-on-write approach is the secret sauce behind Docker’s efficiency.
Insanely Fast Startup:Containers launch in milliseconds because there’s no time-consuming data copying involved. Docker just needs to create that thin, empty writable layer.
Incredible Space Savings: If you run 10 containers from the same nginx image, you don’t have 10 full copies of the image on your disk. You have one shared, read-only image and 10 separate, small, writable container layers. This is a huge win for disk space.
Efficient Versioning: Since layers are immutable, they can be easily shared and tracked, making image builds and versioning highly efficient.
In conclusion, the Copy-on-Write strategy is a fundamental reason why Docker is so fast, lightweight, and beloved by developers. It intelligently avoids unnecessary work, ensuring that resources are used in the most efficient way possible. So next time you see a container spin up instantly, you’ll know it’s not magic—it’s the COW.
This content originally appeared on DEV Community and was authored by Harsh Raj