APFS- Apple file system

As I was reading the book “macOS Installation” by Armin Briegel, I realized I need to learn more about APFS, here is a summary of what I found.

Why APFS is here

  • HFS is 30 years old, was designed when there were no permission, no hard links, no extended attributes and checksum in mind. Apple added and corrected many times over the years which cause the system to become less efficient and …. kinda crashy. The biggest issue with that is that files on HFS could get corrupted over time and you would lose your precious photos after all those years.
  • Apple needed a file system for its newer devices like Apple watch and AppleTV
  • The increasing use of SSD technology. APFS is optimized for flash and solid-state drives and leverages their high seek and access speeds, much faster than spinning drives.
  • Improving the encryption and making it hog less CPU.

The benefits of APFS

  • Optimise the space of the HDD used and increase free space by using clones for file copying and using deltas.
  • Improve the write speed by removing the need for journaling and switch to “write on copy” and by changing the way file are stored and pointed to on the disk. This is efficient on SSD. When you make a copy of a file no blocks are copied and a pointer is added from the new file to the previous file’s data. If you make changes to the original file, APFS created new records in the file system with the changes that you made. This is possible due to the low access time of SSD vs HDD that take time to spin the drive.
  • 64-bit file system that helps with space savings and performance improvements
  • Snapshots – they are allowed by the “write on copy” that enables you to “copy” a huge chunk of data within seconds
  • End users can store up to nine quintillion files on a single volume, boom! (only 4 billion today))
  • Natively support encryption vs Filevault 2 which was part of the OS and not the filesystem. This allows encrypting parts of the files for different purposes or users.
    You can create a separate encrypted partition for your personal files.
    Also possible to encrypt specific files or metadata.
  • Apple also changed the way to decrypt the APFS partition. The Preboot volume has the data needed to boot to the FileVault preboot login screen and to decrypt the volume (Using the T2 chip to verify integrity, more on that in future posts)

APFS container

  • With APFS an abstraction level called “containers” was added. Volumes now reside in containers and those volumes can “share the free space” meaning they can change without repartitioning. Yey!


The downside of APFS

  • Not compatible with HFS+ or NTFS . MacOS 10.12 and before will not be able to access it.
  • Should not be used on HDDs due to “write on copy” and the “fragmentation” of copied files. HDDs have low seak speed and will be slowed down by this feature
  • Does not support direct hard link, will be converted to soft links during the conversion (During an upgrade to a new OS)

What can we do with it

  • Take a snapshot of your Mac APFS container during testing and revert to its original state instead of reinstalling. Read this article by the awesome Emily to get some info.

Here are some of the commands:

tmutil     - make snapshots on apfs command (old time machine control)

Ctrl+Option+Command+T    - Open terminal during Setup Assistant and Mac installation.

tmutil snapshot - take the snapshot

tmutil listlocalsnapshots / - list the snapshots

tmutil deletelocalsnapshots 2018-12-12-083439 - delete specified snapshot

tmutil thinlocalsnapshots / 1000000000 1 - remove older snapshots based on priority
  • Take a snapshot before a major upgrade or add this to you scripts or Jamf self service before upgrading the OS.
  • Snapshots are kept locally for up to 24 hours and also erased based upon free disk space. You could create a script or use launchctl (or crontab) to take a snapshot every X amount of time without having the Time Machine drive connected for local

Resources used:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s