Docker Interview Questions for DevOps Engineer
#90DaysofDevOps Challenge - Day 21
▶ What is the difference between an Image, Container and Engine?
An Image is a pre-configured file system containing all required files, libraries, and dependencies to run an application.
A Container is a running instance of an Image, which runs in an isolated environment with its own file system, networking, and resources.
An Engine is a platform for running containers, it provides a layer of abstraction between the host system and containers, managing containers' lifecycle, networking, storage, and resource allocation. The most popular engine is Docker.
▶What is the Difference between the Docker command COPY vs ADD?
COPY copies a file/directory from your host to your image.
Dockerfiles can contain several different instructions, one of which is COPY. The COPY instruction lets us copy a file (or files) from the host system into the image. This means the files become a part of every container that is created from that image.
ADD copies a file/directory from your host to your image, but can also fetch remote URLs, extract TAR files, etc.
The ADD command is used to copy files/directories into a Docker image. It can copy data in three ways: Copy files from the local storage to a destination in the Docker image. Copy a tarball from the local storage and extract it automatically inside a destination in the Docker image.
▶What is the Difference between the Docker command CMD vs RUN?
CMD is the command the container executes by default when you launch the built image.
RUN is an image build step, the state of the container after a RUN command will be committed to the container image. A Dockerfile can have many RUN steps that layer on top of one another to build the image.
▶How Will you reduce the size of the Docker image?
A Docker image serves as the base of a container. Docker images are created by writing Dockerfiles – lists of instructions automatically executed for creating a specific Docker image. When building a Docker image, you may want to make sure to keep it light. Avoiding large images speed up the build and deployment of containers and hence, it is critical to reduce the image size of images to a minimum.
By following the bests practices below, you can reduce the size of a Docker image and improve its performance.
Use a smaller base image
Multistage builds
Minimizing the number of layers
Understanding caching
Using Dockerignore
Beware of Updates and Unnecessary Packages and Dependencies
▶Why and when to use Docker?
Docker containers make it easy to put new versions of software, with new business features, into production quickly—and to quickly roll back to a previous version if you need to. They also make it easier to implement strategies like blue/green deployments.
So, when to the use of Docker is recommended:
Consistent & Isolated Environment
Rapid Application Deployment
Ensures Scalability & Flexibility
Better Portability
Cost-Effective
In-Built Version Control System
Security
▶ Explain the Docker components and how they interact with each other.
Docker has several components that interact with each other to provide a complete platform for building, deploying, and running containers. The five major components in the Docker architecture are:
Docker Daemon listens to Docker API requests and manages Docker objects such as images, containers, networks and volumes.
Docker Clients: With the help of Docker Clients, users can interact with Docker. Docker client provides a command-line interface (CLI) that allows users to run, and stop application commands to a Docker daemon.
Docker Host provides a complete environment to execute and run applications. It comprises the Docker daemon, Images, Containers, Networks, and Storage.
Docker Registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker is configured to use images on Docker Hub by default. You can run your own registry on it.
Docker Images are read-only templates that you build from a set of instructions written in Dockerfile. Images define both what you want your packaged application and its dependencies to look like and what processes to run when it’s launched.
▶Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?
Docker Compose is a command-line tool and YAML file format with metadata for defining and running multi-container applications. You define a single application based on multiple images with one or more .yml files that can override values depending on the environment. After you've created the definitions, you can deploy the whole multi-container application with a single command (docker-compose up) that creates a container per image on the Docker host.
Dockerfile is a text file that contains instructions for building a Docker image. It's like a batch script, the first line states the base image, to begin with, and then follow the instructions to install required programs, copy files, and so on, until you get the working environment you need.
Docker Image is a package with all the dependencies and information needed to create a container. An image includes all the dependencies (such as frameworks) plus deployment and execution configuration to be used by a container runtime. Usually, an image derives from multiple base images that are layers stacked on top of each other to form the container's filesystem. An image is immutable once it has been created.
Docker Container is an instance of a Docker image. A container represents the execution of a single application, process, or service. It consists of the contents of a Docker image, an execution environment, and a standard set of instructions. When scaling a service, you create multiple instances of a container from the same image. Or a batch job can create multiple containers from the same image, passing different parameters to each instance.
▶In what real scenarios have you used Docker?
Docker use cases in Business are to improve software development, application portability & deployment, and agility.
Adoption of DevOps
App infrastructure isolation
Multi-tenancy support
Improvement in software testing
Smart Disaster Recovery (DR)
Continuous rapid deployment
Creation of microservices architecture
Migration of legacy apps to containers
Simplification of code configuration
Management of development pipeline
Increased developer productivity
Consolidation of server requirements
Porting across cloud providers
▶Docker vs Hypervisor?
Hypervisor allows the users to generate multiple instances of complete operating systems.
While a hypervisor abstracts away hardware for the virtual machines so they can run an operating system.
Dockers can run multiple applications or multiple instances of a single application.
A container engine abstracts away an operating system so containers can run applications.
▶What are the advantages and disadvantages of using docker?
These are some of the Benefits (Advantages) of Docker:
Return on Investment and Cost Savings
Rapid Deployment
Security
Simplicity and Faster Configurations
CI Efficiency
Continuous Integration
These are some of the Limitations (Disadvantages) of Docker:
Missing features
Missing Data in the container
Run applications as fast as a bare-metal serve
Limitation to provide cross-platform compatibility(Windows/Linux)
Run applications without graphical interfaces
Need to solve some security problems
▶What is a Docker namespace?
Namespaces are a feature of the Linux kernel that partitions kernel resources such that one set of processes sees one set of resources and another set of processes sees a different set of resources. Thus Docker uses namespaces to provide this isolation to the containers from the host.
Docker provides several types of namespaces, including the following:
PID namespace: The PID namespace isolates the process tree, allowing each container to have its own process hierarchy.
Network namespace: The network namespace isolates network resources, such as network interfaces and IP addresses, allowing each container to have its own network configuration.
Mount namespace: The mount namespace isolates the file system, allowing each container to have its own file system hierarchy.
User namespace: The user namespace isolates user and group IDs, allowing containers to run with different user and group permissions.
▶What is a Docker registry?
Docker registry is a storage and distribution system for named Docker images. The same image might have multiple different versions, identified by their tags. A Docker registry is organized into Docker repositories, where a repository holds all the versions of a specific image.
▶What is an Entry point?
The entry point is one of the many instructions you can write in a Dockerfile. The entry point instruction is used to configure the executables that will always run after the container is initiated.
▶How to implement CI/CD in Docker?
CI/CD (Continuous Integration and Continuous Deployment) in Docker involves automating the process of building, testing, and deploying Docker applications. Here are the general steps to implement CI/CD in Docker:
Source control: Store the code and related files in a source control repository such as Git. This allows for version control and collaboration between team members.
Continuous Integration (CI): Automate the build process using a CI tool such as Jenkins or TravisCI. The CI tool will build the Docker image from the code in the source control repository and run automated tests on the image.
Automated testing: Automate the testing of the Docker image using a testing framework such as JUnit or TestNG. The tests can be run in parallel on multiple containers to validate the application.
Docker registry: Store the built Docker images in a Docker registry, such as Docker Hub or a private registry. This makes it easy to distribute the images to other environments for deployment.
Continuous Deployment (CD): Automate the deployment process using a CD tool such as Jenkins, TravisCI, or AWS CodeDeploy. The CD tool will deploy the Docker images stored in the registry to the production environment.
Monitoring: Monitor the deployed application and containers to ensure that they are running as expected.
▶Will data on the container be lost when the docker container exits?
When a Docker Container is exited, no data loss occurs as all the data is written to the disk by the application for the sole purpose of preservation. This process is consistently repeated until and unless the container is unequivocally deleted. Moreover, the file system for the Docker container persists even after the Docker container is halted.
▶What is a Docker swarm?
Docker Swarm is a container orchestration tool running the Docker application. It has been configured to join together in a cluster. The activities of the cluster are controlled by a swarm manager, and machines that have joined the cluster are referred to as nodes.
It is a native orchestration solution for Docker containers that makes it easier to manage and deploy containers at scale, offering features such as automatic scaling, load balancing, and high availability.
▶What are the docker commands for the following:
view running containers:
docker pscommand to run the container under a specific name:
docker run –name <name> <image>command to export a docker:
docker export <container> <filename>command to import an already existing docker image:
docker import <filename> <repository:tag>commands to delete a container:
docker rm <container>command to remove all stopped containers, unused networks, build caches, and dangling images:
docker system prune
Thank you for reading! I hope you find this article helpful.