Technology · Ebook
composefs: Verified, Deduplicated Filesystems
by Shriira Press
A practical, in-depth guide to composefs, the open-source Linux technology for content-addressed, integrity-verified, deduplicated read-only filesystem images. Learn how composefs makes images lean and tamper-proof: the filesystem image problem (duplication, slow extraction, missing integrity), content-addressed storage and deduplication, the composefs architecture (an EROFS metadata image plus a shared objects store, composed via overlayfs), fs-verity and end-to-end integrity (sealed images, a root of trust), mounting images directly (no extraction, lazy content, density), building images (mkcomposefs, digests, sealing), use cases (container storage, OSTree/bootc, immutable OSes, trusted boot), operations/security/best practices, and composefs in practice.
Contents
- 1Preface
- 2Chapter 1 — What composefs Is
- 3Chapter 2 — The Filesystem Image Problem
- 4Chapter 3 — Content-Addressed Storage and Deduplication
- 5Chapter 4 — The composefs Architecture
- 6Chapter 5 — fs-verity and Integrity
- 7Chapter 6 — Mounting composefs Images
- 8Chapter 7 — Building composefs Images
- 9Chapter 8 — Use Cases: Containers, OSTree, and Bootable Systems
- 10Chapter 9 — Operations, Security, and Best Practices
- 11Chapter 10 — composefs in Practice