Table of contents
- What is the Difference between an Image, Container and Engine?
- What is the Difference between the Docker command COPY vs ADD?
- What is the Difference between the Docker command CMD vs RUN?
- How Will you reduce the size of the Docker image?
- Why and when to use Docker?
- Explain the Docker components and how they interact with each other.
- Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container.
- In what real scenarios have you used Docker?
- Docker vs Hypervisor?
- What are the advantages and disadvantages of using docker?
- What is a Docker namespace?
- What is a Docker registry?
- What is an entry point?
- How to implement CI/CD in Docker?
- Will data on the container be lost when the docker container exits?
- What is a Docker swarm?
- What are the docker commands for the following:
- What are the common docker practices to reduce the size of Docker Image?
Let's dive into some important interview questions-
What is the Difference between an Image, Container and Engine?
Image- Docker images are a set of instructions used for creating a 'n' number of Docker containers. Often, an image is based on another image, with some additional customization. You might create your own images or you might only use those created by others and published in a registry like DockerHub. To build your own image, you create a Dockerfile with a simple syntax for defining the steps needed to create the image and run it.
Container- A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state. A container is defined by its image as well as any configuration options you provide to it when you create or start it. When a container is removed, any changes to its state that aren’t stored in persistent storage disappear.
Engine- Docker Engine is a service that allows you to run any containers on any host Operating System. It has 3 main components: docker d**(service that manages Docker objects such as images, containers, networks, and volumes in the background),** docker CLI**(Operations like create, start, stop, move, or delete a container are performed using the Command Line Interface) and container d(manages the container lifecycle, and provides image and filesystem management).**
What is the Difference between the Docker command COPY vs ADD?
COPY command is used to copy the local files into the container. It's syntax is:
COPY <src> … <dest>
ADD command is also used to copy the local files into the container along with some extra features like downloading an external file and copying it to the wanted destination. An additional feature is that it copies compressed files, automatically extracting the content to the given destination. This feature only applies to locally stored compressed files/directories.It's syntax is:
ADD <src> … <dest>
What is the Difference between the Docker command CMD vs RUN?
RUN is an image build step, the state of the container after a
RUN
command will be committed to the container image. A Dockerfile can have manyRUN
steps that layer on top of one another to build the image.CMD is the command the container executes by default when you launch the built image. A Dockerfile will only use the final
CMD
defined. TheCMD
can be overridden when starting a container withdocker run $image $other_command
.How Will you reduce the size of the Docker image?
The following are the methods by which we can reduce the size of the Docker image-
Using smaller/minimal base images
Multistage builds
Minimizing the number of layers
Storing cache
Using Dockerignore
Keeping application data elsewhere
Why and when to use Docker?
Docker is a containerization platform that enables you to create, deploy, and run applications conveniently with the help of containers. It is basically concerned with the packaging of applications with all their required libraries and other dependencies in a container by the developer.
Several major advantages of using Docker are:
Consistent & Isolated Environment - It takes the responsibility of isolating and segregating the apps and resources in such a way that each container can access all the required resources in an isolated manner.
Rapid Application Deployment - The docker containers come up with the minimal runtime requirements of the application that allow them to deploy faster by downloading the Docker image to run it on different environments.
Ensures Scalability & Flexibility - Due to the consistent environment – the Docker images can be easily sorted across multiple physical servers, data servers, or cloud platforms.
Better Portability - The applications created with Docker containers are immensely portable. The Docker containers can run on any platform whether it be Amazon EC2, Google Cloud Platform, VirtualBox, Rackspace server, or any other – though the host OS should support Docker.
Cost-effective - As Docker reduces the need for more infrastructure resources for development and the container created for individual processes can be shared with other apps with instances of these containerized apps using less memory compared to virtual machines – it makes the development and deployment process more cost-effective.
In-Built Version Control System - The Docker containers allow you to commit changes to the Docker images and version control them conveniently.
Security - A particular container cannot access the data of another container without having authorized access. Other than that, each container is assigned a particular set of resources for itself.
Explain the Docker components and how they interact with each other.
Docker has three main components. They are:
Docker d- Here, d stands for daemon. Docker daemon is a service that manages Docker objects such as images, containers, networks, and volumes in the background. It helps to start, stop, move, or delete a container using low-level service called container d.
Docker CLI- You can access everything like create, start, stop, move, or delete a container using the Command Line Interface.
Container d- It manages the container lifecycle, and provides image and filesystem management. It’s a low-level building block, designed to be integrated into other systems, such as Docker and Kubernetes. It is used as the default runtime for Docker.
Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container.
Docker Compose - Docker Compose is a tool that is used for making multiple containers and by using YAML file connections can be established amongst these multiple containers.
DockerFile - A Dockerfile is a simple text file that contains instructions on how to build your images. These instructions are executed successively to perform actions on the base image to create a new container.
Docker Image - Docker images are a set of instructions used for creating a 'n' number of Docker containers. Often, an image is based on another image, with some additional customization.
Docker Container - A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI.
In what real scenarios have you used Docker?
A few real scenarios where Docker is used are:
Environment Standardization: Since instructions to create an environment are written inside a Dockerfile, the inconsistency between different environments can be minimized. One can ensure that every team member is working in the same environment.
Faster configuration with consistency: One can just put the configurations into code and deploy it. we can also standardize the Docker configuration, which can save a lot of time from preparing the setup and deployment documentation about the procedures and processes.
3. Better disaster recovery: One can backup a Docker image for the state of the container at that backup moment, and retrieve it later when serious issues happen. With Docker, you can easily replicate the file to the new hardware and recover from disaster.
Docker vs Hypervisor?
Hypervisor | Docker |
Hypervisor is a layer that acts as an interface for multiple Operating System to interact with the Operating System of host. | Docker, on the other hand, works on the host kernel itself. It creates containers that act as virtual application environments for the user to work on. |
A hypervisor allows the users to generate multiple instances of complete operating systems. | Dockers can run multiple applications or multiple instances of a single application. It does this with containers. |
Since, multiple OS require resources of host OS, this makes them resource hungry. | Dockers, however, do not have any such requirements. One can create as many containers as needed. |
What are the advantages and disadvantages of using docker?
Several major advantages of using Docker are:
Consistent & Isolated Environment - It takes the responsibility of isolating and segregating the apps and resources in such a way that each container can access all the required resources in an isolated manner.
Rapid Application Deployment - The docker containers come up with the minimal runtime requirements of the application that allow them to deploy faster by downloading the Docker image to run it on different environments.
Ensures Scalability & Flexibility - Due to the consistent environment – the Docker images can be easily sorted across multiple physical servers, data servers, or cloud platforms.
Better Portability - The applications created with Docker containers are immensely portable. The Docker containers can run on any platform whether it be Amazon EC2, Google Cloud Platform, VirtualBox, Rackspace server, or any other – though the host OS should support Docker.
Cost-effective - As Docker reduces the need for more infrastructure resources for development and the container created for individual processes can be shared with other apps with instances of these containerized apps using less memory compared to virtual machines – it makes the development and deployment process more cost-effective.
Several major disadvantages of using Docker are:
1. Missing features
There are a ton of feature requests are under progress, like container self-registration, and self-inspects, copying files from the host to the container, and many more.
2. Data in the container
There are times when a container goes down, so after that, it needs a backup and recovery strategy, although we have several solutions for that they are not automated or not very scalable yet.
3. Run applications as fast as a bare-metal serve
In comparison with the virtual machines, Docker containers have less overhead but not zero overhead. If we run, an application directly on a bare-metal server we get true bare-metal speed even without using containers or virtual machines. However, Containers don’t run at bare-metal speeds.
4. Provide cross-platform compatibility
The one major issue is if an application designed to run in a Docker container on Windows, then it can’t run on Linux or vice versa. However, Virtual machines are not subject to this limitation.
So, this limitation makes Docker less attractive in some highly heterogeneous environments which are composed of both Windows and Linux servers.
5. Run applications with graphical interfaces
In general, Docker is designed for hosting applications which run on the command line. Though we have a few ways (like X11 forwarding) by which we can make it possible to run a graphical interface inside a Docker container, however, this is clunky.
What is a Docker namespace?
Docker uses a technology called
namespaces
to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container. These namespaces provide a layer of isolation. Each aspect of a container runs in a separate namespace and its access is limited to that namespace.What is a Docker registry?
A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker looks for images on Docker Hub by default. You can even run your private registry.
What is an entry point?
ENTRYPOINT is one of the many instructions you can write in a dockerfile. The ENTRYPOINT instruction is used to configure the executables that will always run after the container is initiated. For example, you can mention a script to run as soon as the container is started. Note that the ENTRYPOINT commands cannot be overridden or ignored, even when you run the container with command line arguments.
How to implement CI/CD in Docker?
Create a Dockerfile: A Dockerfile is a script that contains instructions for building a Docker image. It is a simple text file that contains commands such as FROM, RUN, COPY, EXPOSE, ENV, etc. These commands are executed by the Docker daemon during the build process to create an image.
Create a build pipeline: Set up a build pipeline that automatically builds the image from the Dockerfile whenever there is a change in the source code. This can be done using tools like Jenkins, CircleCI, etc.
Automate testing: Set up automated testing for the image, such as unit tests, integration tests, and acceptance tests, to ensure that the image is working as expected.
Push the image to a registry: Once the image is built and tested, it can be pushed to a Docker registry, such as Docker Hub, so that it can be easily distributed to other systems.
Deploy the image to production: Use a container orchestration tool like Kubernetes, Docker Swarm, or Amazon ECS to deploy the image to a production environment.
6. Monitor and scale: Monitor the deployed image and scale it as needed to handle increased.
Will data on the container be lost when the docker container exits?
Yes, data on the container will be lost when the docker container exits as the data stored within a container is not persistent. However, data generated or stored by the container can be persisted outside of the container by many ways-
Use Docker volumes: Docker volumes provide a way to store data outside of the container, ensuring that the data is not lost if the container is deleted or recreated. To use volumes, you can specify a named volume or a host-mounted volume when running the container.
Use Docker bind mounts: Docker bind mounts allow you to mount a file or directory from the host into a container. This is useful when you want to share data between the host and the container. When you use a bind mount, the data is stored on the host, so it is not lost if the container is deleted or recreated.
3. Use Docker named volumes with backup services: You can also use a backup service like AWS S3, Google Cloud Storage, or Azure Blob Storage with Docker named volumes to create automated backups of your data. This way, even if your container crashes or gets deleted, you can still recover your data from the backup service.
What is a Docker swarm?
A Docker Swarm is a container orchestration tool running the Docker application. It has been configured to join together in a cluster. The activities of the cluster are controlled by a swarm manager, and machines that have joined the cluster are referred to as nodes.
There are two types of nodes in Docker Swarm:
Manager node= Maintains cluster management tasks
Worker node= Receives and executes tasks from the manager node
What are the docker commands for the following:
view running containers
docker ps
command to run the container under a specific name
docker run --name <container-name> <image-name>
command to export a docker
docker export <container_id or name> > <filename>.tar
command to import an already existing docker image
docker import <options> file|URL|- <repository>:<tag>
commands to delete a container
docker rm <container-id>
command to remove all stopped containers, unused networks, build caches, and dangling images
docker system prune -a
What are the common docker practices to reduce the size of Docker Image?
The best practices to reduce the size of Docker Image are as follows-
USE A SMALLER BASE IMAGE - Consider using smaller base images. For example, by using an alpine base image, the size of the image will get reduced to 5MB from 128MB.
MINIMIZE LAYERS - Try to minimize the number of layers to install the packages in the Dockerfile. Otherwise, this may cause each step in the build process to increase the size of the image.
FROM debian RUN apt-get install -y<packageA> RUN apt-get install -y<packageB>
Try to install all the packages on a single RUN command to reduce the number of steps in the build process and reduce the size of the image.
FROM debian RUN apt-get install -y<packageA><packageB>
Note: Using this method, you will need to rebuild the entire image each time you add a new package to install.
MULTI-STAGE BUILDS IN DOCKER - The multi-stage build divides Dockerfile into multiple stages to pass the required artifact from one stage to another and eventually deliver the final artifact in the last stage. This way, our final image won’t have any unnecessary content except the required artifact.
Thanks for reading!
Happy Learning!
~Shilpi