AUFS (Another Union File System)

Home / Glossary / AUFS (Another Union File System)

Introduction

AUFS, or Another Union File System, is a multi-layered union filesystem developed for Linux. It provides an advanced mechanism to merge multiple directories into a single virtual filesystem. Initially created as an improvement over the UnionFS system, AUFS became widely used in container technologies such as Docker, prior to OverlayFS becoming the mainstream choice.

This in-depth glossary entry explores Another Union File System in detail, focusing on its role in modern IT systems, particularly in software development environments, virtual machines, containerization platforms, and Linux distributions.

What is AUFS (Another Union File System)?

AUFS stands for Another Union File System. It is a union mount filesystem that allows the contents of multiple directories to appear as a single directory. Unlike standard filesystems, which store files flatly or hierarchically, AUFS combines files and directories from multiple sources.

The core idea is to provide a layered approach, where each layer represents a directory or branch. This layered architecture offers benefits such as copy-on-write functionality, space savings, and efficient file access management.

Historical Background

AUFS was developed by Junjiro Okajima as an improved successor to UnionFS. UnionFS had several performance and reliability issues. Another Union File System addressed these issues by:

Supporting writable branches
Reducing overhead in copy-on-write operations
Enabling advanced features like whiteouts and opaque directories

AUFS gained popularity in the early stages of containerization technologies, especially in Docker.

How AUFS Works

Another Union File System works by layering multiple branches (directories) into a single unified mount point. These branches can be read-only or writable. AUFS presents these as a single coherent view.

Example Layers:

Layer 1: Base Operating System (read-only)
Layer 2: Application Libraries (read-only)
Layer 3: Writable Application Data

Another Union File System maintains metadata about each file, including its location across layers. When a file is modified, AUFS uses copy-on-write: the file is copied from a read-only layer into the writable layer, where changes are made.

Key Features of AUFS

Union Mounting: Combine multiple directories into one mount point.
Copy-on-Write (COW): Efficient storage for changes.
Whiteouts and Opaque Dirs: Allows hiding files or directories from lower layers.
Branch Permissions: Support for read-only or writable branches.
Multi-branch Support: Can include more than two layers, unlike traditional UnionFS.

AUFS Architecture Explained

AUFS’s architecture is built on three main concepts:

Branches: Physical directories can be read-only or read-write.
Union Mount Point: A virtual directory that combines branches.
Whiteout Markers: Used to hide or remove files from lower layers.

This layered approach allows for dynamic filesystem manipulation, which is particularly useful in containerized environments.

AUFS in Containerization and Docker

Before Docker switched to OverlayFS, another Union File System was the default storage driver. Its ability to provide COW and layered storage made it ideal for Docker images and containers.

Docker Image Storage Flow with AUFS:

Each Docker image layer becomes an AUFS branch.
The container runtime combines these into a union mount.
Writes go to the topmost writable layer.

While Another Union File System is still used in legacy Docker setups, it has been mostly replaced due to kernel integration challenges and the rise of OverlayFS.

AUFS vs OverlayFS

Feature	AUFS	OverlayFS
Kernel Support	Out-of-tree, a patch is needed	In-tree since Linux 3.18
Performance	Slightly lower	Better in newer kernels
Complexity	High	Simpler design
Docker Support	Legacy	Preferred by Docker now
Whiteouts/Opaques	Supported	Supported

OverlayFS is now favored for its simplicity and native kernel support, while AUFS is more complex but feature-rich.

Use Cases in Modern Environments

Docker Containers (legacy setups)
Live CD systems
Virtualized Environments
Read-only Root Filesystems with writable overlays
Development Sandboxes

AUFS’s union mount capability simplifies testing, container builds, and system recovery.

Limitations of AUFS

Not included in the mainline Linux kernel
Requires kernel patches for installation
Performance degradation with many branches
Complex configuration compared to alternatives
Difficult to maintain in production environments

Security Considerations

Proper isolation is needed when multiple containers share branches
Whiteout manipulation could lead to hidden malware if not validated
Kernel patches for AUFS may lag behind security updates
Writable layers must be carefully managed to avoid data leaks

AUFS and Performance Impacts

Another Union File System introduces a performance overhead due to its metadata management and copy-on-write behavior. File reads might traverse multiple layers, and writing to files involves copying entire files to writable branches.

Optimizing performance in AUFS involves:

Limiting the number of branches
Using SSDs for the underlying layers
Reducing frequent write operations

Best Practices for Using AUFS

Use AUFS in non-production or legacy setups
Limit writable branches
Perform regular cleanup of unused layers
Monitor I/O performance
Ensure kernel compatibility and patching

Deprecation and Current Status

Another Union File System is considered deprecated in many distributions. Most container runtimes now default to OverlayFS or Btrfs due to better support and maintenance.

Popular Linux distributions such as Ubuntu and Debian have removed AUFS from their kernel packages. Developers are encouraged to migrate to newer alternatives unless AUFS is specifically required.

Conclusion

Another Union File System has played a critical role in the evolution of Linux-based filesystems and container technologies. By offering a flexible and powerful union filesystem mechanism, it enabled advanced storage layering, copy-on-write capabilities, and system-level virtualization.

Despite its deprecation in mainstream distributions, understanding Another Union File System remains valuable for IT professionals dealing with legacy systems, older Docker environments, and specialized virtualization use cases. Its design laid the groundwork for more modern union filesystems like OverlayFS and influenced best practices in container storage management.

AUFS continues to offer insight into the complex relationship between storage abstraction and high-performance computing, particularly in the containerization era.

Frequently Asked Questions

What does AUFS stand for?

AUFS stands for Another Union File System.

Is AUFS part of the Linux kernel?

No, AUFS is not included in the mainline kernel. It requires patching.

What replaced AUFS in Docker?

Docker now defaults to OverlayFS for storage layering.

Can AUFS support writable layers?

Yes, AUFS allows both read-only and writable branches.

What is copy-on-write in AUFS?

It’s a mechanism where files are copied to a writable layer before being modified.

Why was AUFS deprecated?

Due to kernel complexity, lack of in-tree support, and better alternatives like OverlayFS.

Is AUFS still used in production?

Rarely. It is mostly used in legacy systems.

Are there alternatives to AUFS?

Yes, including OverlayFS, Btrfs, and ZFS.