creating unique environments – chroot snapshots – using aufs2

What if you decided that you wanted to experiment and test within a chroot(ed) environment? And then something went wrong and you had to start all over again from scratch? Big headache, too much pain, especially with RPM based distributions.

Well don’t do that then, here’s an interesting approach. Use aufs2, a stackable filesystem. An actual filesystem with “RAID-like” support.

chroot layers, using aufs2

You can inherit different environmental settings from various bases, much like the concept of object oriented programming.

Aufs is a stackable unification filesystem such as Unionfs, which unifies several directories and provides a merged single directory.(from

Setup aufs2. You need to patch your kernel. For gentoo, you can just merge sys-fs/aufs2 with the following flags: “fuse inotify kernel-patch kernel_linux ramfs -debug -hardened -hfs -nfs”. The patch will be automatically applied, you just need to recompile it after merging. For other distributions, take a look at the homepage of aufs2.

Setup your chroot as you normally do. Let’s say you’ve setup centos in a chroot environment, for developing. You’ve done yum groupinsall “Development Libraries” “Development Tools”. Let’s create a snapshot here of this environment.

# mkdir env1
# mount -t aufs -o br=/home/jude/env1/:/home/jude/centos-dev=ro none wor
# chroot work-dir

What does this do? As you can see, your first centos-dev has been branched as RO, read-only. Which means, any changes now made, are transparently written into env1 directory, with the very same structuring. Say, you’ve structured env1 as you want it to be, now you need a second environment, based on the first env1, you can simple do:

# mkdir env2
# mount -t aufs -o br=/home/jude/env2/:/home/jude/env1/=ro:/home/jude/ce
ntos-dev=ro none work-dir
# chroot work-dir

Now, env1 is RO, any changes now are further written to env2, keeping the structuring of every little change intact, just as the first. If you want to suddenly use env1, don’t add env2 to the RW branch, any branch that doesn’t have anything in front of it, is assumed to be RW, read-write.

What happens when you delete a file/directory from a branch mounted as RO? A file called .wh.filename is created in the RW branch, indicating to the overlaying filesystem to NOT index that file anymore.

In this way, you could create several different environments, each being inheriting a base, and then depending on the needs, the other environments created.

You can comment if you get any errors, I’d be glad to help you out.


3 responses to “creating unique environments – chroot snapshots – using aufs2”

  1. As of what I’ve just read, you cant directly look into a snapshot with zfs fuse, using aufs2, you can directly take a peek into the RW directory.

  2. Will have to take a look into zfs again, last I saw it, it had some issues running inside of a QEMU virtual machine. It made the virtual machine consume much resources.
    Thanks Leho.

  3. agreeing with the strategy. i’m doing the same thing with zfs-fuse so far, zfs snapshot, clone etc are quite good friends for this stuff.