Shreya Gupta's Blog
Day 21 - Docker Interview Questions and Answers

Day 21 - Docker Interview Questions and Answers

Day 21 of 90daysofdevops

Shreya Gupta's photo
Shreya Gupta
·

14 min read

Table of contents

What is the Difference between an Image, Container and Engine?

Image:

  • An image is a lightweight, stand-alone, and executable package that includes everything needed to run an application, such as code, libraries, and dependencies.

  • An image is usually created from a Dockerfile, which specifies the application's environment and configuration or can be downloaded from a registry such as Docker Hub.

  • An image is designed to be immutable, meaning that it cannot be changed once it is created.

Container:

  • A container is a runtime instance of an image, which is isolated from the host system and other containers.

  • A container includes an operating system, runtime environment, and application code.

  • Containers provide a lightweight and consistent runtime environment, making it easy to move applications between different environments.

Engine:

  • An engine is the core component of a containerization platform, such as Docker or Kubernetes.

  • An engine is responsible for creating and managing containers and images.

  • The engine provides an API for interacting with containers and images, as well as scheduling and scaling applications.

What is the Difference between the Docker command COPY vs ADD?

COPY:

  • COPY is a Dockerfile instruction that is used to copy files and directories from the host machine to the container.

  • It can only copy local files/directories from the host machine, but not remote files/directories.

  • It does not allow any URL or compressed files as a source.

  • It is recommended to use COPY when you only need to copy local files/directories and you want to have a clear and explicit statement of what is being copied.

ADD:

  • ADD is a Dockerfile instruction that is used to copy files and directories from the host machine to the container and also supports a few more features than COPY.

  • It can copy files/directories from a URL and supports extracting tar files automatically during the copy process.

  • It also supports auto-downloading and extracting of compressed files (such as tar, gzip, and bzip2) from URLs.

  • However, the use of ADD can make the Dockerfile less clear and less explicit, as it has additional functionality that may not be needed.

What is the Difference between the Docker command CMD vs RUN?

RUN:

  • RUN is a Dockerfile instruction that is used to run commands during the Docker build process.

  • It executes commands in a new layer on top of the current image and creates a new intermediate image with the result of the execution.

  • Each RUN instruction creates a new intermediate image layer, which increases the size of the final image.

  • It is commonly used to install software packages, update the system, and perform other build-time tasks.

CMD:

  • CMD is a Dockerfile instruction that is used to define the default command that will be executed when a container is run from the image.

  • It specifies the command and any arguments that should be passed to the container at runtime.

  • It can be overridden by passing a command to docker run when starting the container.

  • There can only be one CMD instruction in a Dockerfile. If there are multiple CMD instructions, only the last one will be used.

How Will you reduce the size of the Docker image?

When building a Docker image, you may want to make sure to keep it light. Avoiding large images speed up the build and deployment of containers and hence, it is critical to reduce the image size of images to a minimum. There are several ways to reduce the size of a Docker image:

  1. Use smaller base images: Choose a lightweight base image like Alpine instead of a full-featured OS like Ubuntu.

  2. Use multi-stage builds: Use multi-stage builds to separate build-time dependencies from runtime dependencies. This allows you to copy only the necessary artifacts from the build stage into the final image.

  3. Minimize layer size: Avoid creating too many layers as each layer adds to the overall size of the image. Instead, combine multiple commands into a single RUN instruction.

  4. Use a smaller package manager: If possible, use a smaller package manager like apk (Alpine package manager) instead of apt-get (Debian package manager) to install dependencies.

  5. Optimize caching: Use caching to avoid re-downloading packages and dependencies on each build.

  6. Compress the final image: Use compression tools like gzip to compress the final image. This can significantly reduce the size of the image.

  7. Remove unnecessary files: Only include the files that are required for the application to run. This can be achieved by properly setting up the .dockerignore file to exclude unnecessary files or directories.

Why and when to use Docker?

Why? - Docker is used to containerising an application that can be run in any system with any configuration at any time.

When? - Suppose there are two developers designed a build and one of them want to transfer the new version of applications to their teammate but now it doesnot work. This situation came due to the difference in the dependencies of the their systems. The only way to overcome the situation is by using containers which can be achieved by Docker.

Explain the Docker components and how they interact with each other.

  1. The Docker daemon: This is the background process that manages containers, images, networks, and storage on a host. It listens for API requests and performs the necessary operations.

  2. The Docker client: This is the command-line interface (CLI) that allows users to interact with the Docker daemon. It communicates with the daemon via REST API calls to perform various operations, such as creating and managing containers.

  3. The Docker registry: This is a service that stores and distributes Docker images. It is used to share images with others and to retrieve images for use on a host. The most popular registry is Docker Hub, which is maintained by Docker, Inc.

  4. The Docker engine: The Docker engine is the layer between the host and the container. This is the component that provides the low-level functionality for creating, starting, and stopping containers. It is built on top of the Docker daemon.

  5. The Docker image: An image is a pre-configured file that contains all the necessary dependencies and settings to run a specific application or service. It is used to create and run containers.

The Docker client and daemon interact together, the client sends commands to the daemon, which performs the requested operations. The client and daemon can run on the same host, or the daemon can be running on a remote host and the client can communicate with it via the Docker API.

Users interact with the Docker client to create, start, and stop containers, pull images from a registry and push images to a registry. The Docker daemon uses images to create and run the containers. The Docker registry is used to store and distribute images. The Docker engine is the layer between the host and the container, it provides low-level functionality for creating, starting and stopping containers.

Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?

  1. Docker Compose: Docker Compose is a tool that allows you to define and run multi-container Docker applications. It uses a YAML file to define the services, networks, and volumes required for your application and manages their dependencies and interactions. Docker Compose simplifies the process of managing complex Docker deployments by providing a simple and straightforward way to orchestrate multiple containers that work together.

  2. Docker File: A Dockerfile is a text file that contains instructions for building a Docker image. The Dockerfile defines the base image to use, the dependencies to install, and the commands to run when the container is started. The Dockerfile is used to create a Docker image, which is a read-only template that contains all the necessary files, dependencies, and configurations to create a container.

  3. Docker Image: A Docker image is a lightweight, standalone, and executable package that contains everything needed to run an application, including code, libraries, system tools, and settings. Each image is created from a Dockerfile or pulled from a registry like Docker Hub. Docker images can be easily shared, versioned, and deployed across different environments.

  4. Docker Container: A Docker container is a running instance of a Docker image. Each container is isolated from the host system and other containers and includes its own filesystem, network interface, and process space. Containers are created from Docker images and can be started, stopped, and deleted independently.

In what real scenarios have you used Docker?

Here are some common scenarios where Docker is used:

  1. Application development and testing: Docker is commonly used by developers to create isolated environments for testing and developing their applications. With Docker, developers can easily create and manage containers that have all the dependencies and configurations needed for their application to run.

  2. Continuous integration and deployment: Docker is often used in continuous integration and deployment (CI/CD) pipelines. With Docker, developers can create and deploy containers that have the same configuration and dependencies across different environments, which helps ensure consistency and reliability.

  3. Microservices architecture: Docker is a popular choice for building microservices-based applications. With Docker, developers can create containers for each microservice, which can then be easily scaled and managed independently.

  4. Cloud computing: Docker is commonly used in cloud computing environments, such as Amazon Web Services (AWS) and Google Cloud Platform (GCP). With Docker, developers can create and manage containers that can be easily deployed and scaled in cloud environments.

Docker vs Hypervisor?

Docker:

  • Uses containerization to virtualize applications

  • Shares the host operating system with containers, which makes it lightweight and efficient

  • Runs containers natively on the host operating system, which makes it faster than a Hypervisor

  • Is ideal for running multiple instances of the same application or different microservices on the same host

  • Requires the same operating system for both the host and the container

Hypervisor:

  • Uses hardware virtualization to virtualize entire operating systems

  • Emulates the hardware of a computer, which makes it more resource-intensive than Docker

  • Runs guest operating systems on top of the Hypervisor, which adds a layer of abstraction between the host and guest operating systems

  • Is ideal for running multiple different operating systems on the same host

  • Can run different operating systems and versions than the host operating system.

What are the advantages and disadvantages of using docker?

Advantages of Docker:

  1. Portability: Docker containers are lightweight, portable, and self-contained. This makes it easy to move applications between different environments and deploy them to any platform that supports Docker.

  2. Consistency: Docker containers provide a consistent runtime environment, which helps to avoid issues with dependencies and configuration differences between environments.

  3. Scalability: Docker makes it easy to scale applications horizontally by running multiple containers of the same application on different hosts or nodes.

  4. Isolation: Docker containers provide process-level isolation, which helps to improve security by isolating applications from each other and from the host operating system.

  5. Faster deployment: Docker containers can be deployed quickly and easily, which helps to speed up the development and deployment process.

Disadvantages of Docker:

  1. Learning curve: Docker has a relatively steep learning curve, especially for developers who are new to containerization and virtualization.

  2. Resource overhead: Docker requires additional resources, such as memory and disk space, to run containers. This can impact performance, especially on systems with limited resources.

  3. Complexity: Docker can be complex to set up and manage, especially in large-scale environments with multiple containers and hosts.

  4. Compatibility issues: Docker containers may not work on all platforms or with all applications. This can lead to compatibility issues and additional work to make applications compatible with Docker.

  5. Security concerns: While Docker provides isolation and security features, there are still security concerns associated with running applications in containers, especially if containers are not properly configured and secured.

What is a Docker namespace?

  • Namespaces provide a way to isolate and control the visibility of system resources for processes running inside a container.

  • Each container has its own set of namespaces that isolate its processes from other containers and from the host system.

  • Namespaces are managed by the Linux kernel and are used by Docker to provide container isolation and security.

  • Docker uses several different types of namespaces, including process, network, mount, IPC, and user namespaces.

  • Process namespaces isolate the processes running inside a container, making them appear as if they are the only processes running on the system.

  • Network namespaces isolate network resources such as network interfaces, routing tables, and firewall rules.

  • Mount namespaces isolate the file system mount points, making it possible to mount different file systems inside a container than on the host system.

  • IPC namespaces isolate interprocess communication (IPC) resources such as message queues and shared memory segments.

  • User namespaces isolate user and group IDs, allowing container processes to run with a different set of user and group IDs than on the host system.

What is a Docker registry?

  • A Docker registry is a central location for storing and managing Docker images.

  • Docker images are stored in repositories within a registry, with each repository containing one or more images.

  • A Docker registry can be public or private, with private registries requiring authentication to access.

  • The default public Docker registry is Docker Hub, which contains a large number of publicly available images.

  • Organizations can set up their own private Docker registry to store and distribute their own Docker images.

  • Docker registries can be hosted on-premises or in the cloud, depending on the organization's needs.

  • Docker provides a command-line interface (CLI) for interacting with registries, including pulling and pushing images and managing repositories.

  • Many cloud providers, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), offer managed Docker registries as a service.

What is an entry point?

  • An entry point is a command that specifies the executable to run when a Docker container starts up.

  • The entry point is specified in the Dockerfile using the "ENTRYPOINT" instruction.

  • When a container is started, the entry point is the first command that is executed.

  • The entry point is typically used to specify the main process or application that should be run inside the container.

  • The entry point can be overridden by specifying a new command to run when starting the container, either using the "docker run" command or by using a Docker Compose file.

How to implement CI/CD in Docker?

Implementing CI/CD in Docker involves automating the build, testing, and deployment process of Docker containers.

  1. Create a Dockerfile: A Dockerfile is a script that contains instructions to build a Docker image. You can use this file to specify the base image, add software dependencies, and define the application code.

  2. Set up a Git repository: Use Git to manage your source code and Dockerfile.

  3. Configure a CI/CD tool: Use a CI/CD tool like Jenkins, GitLab CI, or Travis CI to automate the build, test, and deployment process.

  4. Configure the CI/CD pipeline: Define the build, test, and deployment steps in the CI/CD pipeline. For example, you can configure the pipeline to build the Docker image, run tests in the container, and deploy the image to a Docker registry.

  5. Define the environment: Define the environment variables that the Docker container needs to run, such as database credentials, API keys, and server configurations.

  6. Automate the deployment: Use a container orchestration tool like Kubernetes or Docker Swarm to deploy the Docker containers to production.

  7. Monitor the application: Set up monitoring and logging to ensure that the application is running correctly.

Will data on the container be lost when the docker container exits?

It depends on how the container was created and how it was run.

By default, Docker containers are stateless, meaning that any data created or modified inside the container will be lost when the container exits. This is because the container's file system is created from the Docker image, and any changes made inside the container are stored in a writable layer on top of the image's read-only layer. When the container exits, the writable layer is deleted, and any changes made to the container are lost.

However, you can use Docker's data management features to persist data created by a container even after it exits. For example:

  1. Volumes: Docker volumes are a way to store data outside of a container's file system. When you create a volume, Docker creates a directory on the host machine that the container can access and use to store data. Volumes persist even after the container exits, so any data written to the volume will be available the next time the container is started.

  2. Bind mounts: Bind mounts allow you to mount a directory on the host machine into the container's file system. Any changes made to the directory inside the container will be reflected on the host machine, and vice versa. If you use a bind mount to store data, it will persist even after the container exits.

What is a Docker swarm?

Docker Swarm is a container orchestration tool that allows you to manage a cluster of Docker hosts and deploy Docker containers at scale. With Docker Swarm, you can define and deploy a multi-container Docker application across a cluster of machines, and Docker Swarm will handle the scheduling, load balancing, and scaling of the containers.

What are the docker commands for the following:

View running containers
docker ps

Command to run the container under a specific name
docker run --name <container_name> <docker_image>

Command to export a docker
docker export <container_id or name> > <filename>.tar

Command to import an already existing docker image
docker import 'path-to-docker-image' 'image-name'

Commands to delete a container
docker rm <container_name or ID>

Command to remove all stopped containers, unused networks, build caches, and dangling images?
docker system prune -a

Thank you for reading!!
~Shreya Gupta

Great initiative by the #trainwithshubham community. Thank you Shubham Londhe

#devops #90daysofdevops #linux #docker #dockerinterviewquestions

DevopsDevops articlesDockerDocker-Interview-Questions