Day 21: 90DaysOfChallenge

Day 21: 90DaysOfChallenge

Docker Important interview Questions

Let's dive into some important interview questions-

  • What is the Difference between an Image, Container and Engine?

Image- Docker images are a set of instructions used for creating a 'n' number of Docker containers. Often, an image is based on another image, with some additional customization. You might create your own images or you might only use those created by others and published in a registry like DockerHub. To build your own image, you create a Dockerfile with a simple syntax for defining the steps needed to create the image and run it.

Container- A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI. You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state. A container is defined by its image as well as any configuration options you provide to it when you create or start it. When a container is removed, any changes to its state that aren’t stored in persistent storage disappear.

Engine- Docker Engine is a service that allows you to run any containers on any host Operating System. It has 3 main components: docker d**(service that manages Docker objects such as images, containers, networks, and volumes in the background),** docker CLI**(Operations like create, start, stop, move, or delete a container are performed using the Command Line Interface) and container d(manages the container lifecycle, and provides image and filesystem management).**

  • What is the Difference between the Docker command COPY vs ADD?

    COPY command is used to copy the local files into the container. It's syntax is: COPY <src> … <dest>

    ADD command is also used to copy the local files into the container along with some extra features like downloading an external file and copying it to the wanted destination. An additional feature is that it copies compressed files, automatically extracting the content to the given destination. This feature only applies to locally stored compressed files/directories.It's syntax is: ADD <src> … <dest>

  • What is the Difference between the Docker command CMD vs RUN?

    RUN is an image build step, the state of the container after a RUN command will be committed to the container image. A Dockerfile can have many RUN steps that layer on top of one another to build the image.

    CMD is the command the container executes by default when you launch the built image. A Dockerfile will only use the final CMD defined. The CMD can be overridden when starting a container with docker run $image $other_command.

  • How Will you reduce the size of the Docker image?

The following are the methods by which we can reduce the size of the Docker image-

  1. Using smaller/minimal base images

  2. Multistage builds

  3. Minimizing the number of layers

  4. Storing cache

  5. Using Dockerignore

  6. Keeping application data elsewhere

  • Why and when to use Docker?

Docker is a containerization platform that enables you to create, deploy, and run applications conveniently with the help of containers. It is basically concerned with the packaging of applications with all their required libraries and other dependencies in a container by the developer.

Several major advantages of using Docker are:

  1. Consistent & Isolated Environment - It takes the responsibility of isolating and segregating the apps and resources in such a way that each container can access all the required resources in an isolated manner.

  2. Rapid Application Deployment - The docker containers come up with the minimal runtime requirements of the application that allow them to deploy faster by downloading the Docker image to run it on different environments.

  3. Ensures Scalability & Flexibility - Due to the consistent environment – the Docker images can be easily sorted across multiple physical servers, data servers, or cloud platforms.

  4. Better Portability - The applications created with Docker containers are immensely portable. The Docker containers can run on any platform whether it be Amazon EC2, Google Cloud Platform, VirtualBox, Rackspace server, or any other – though the host OS should support Docker.

  5. Cost-effective - As Docker reduces the need for more infrastructure resources for development and the container created for individual processes can be shared with other apps with instances of these containerized apps using less memory compared to virtual machines – it makes the development and deployment process more cost-effective.

  6. In-Built Version Control System - The Docker containers allow you to commit changes to the Docker images and version control them conveniently.

  7. Security - A particular container cannot access the data of another container without having authorized access. Other than that, each container is assigned a particular set of resources for itself.

  • Explain the Docker components and how they interact with each other.

Docker has three main components. They are:

  • Docker d- Here, d stands for daemon. Docker daemon is a service that manages Docker objects such as images, containers, networks, and volumes in the background. It helps to start, stop, move, or delete a container using low-level service called container d.

  • Docker CLI- You can access everything like create, start, stop, move, or delete a container using the Command Line Interface.

  • Container d- It manages the container lifecycle, and provides image and filesystem management. It’s a low-level building block, designed to be integrated into other systems, such as Docker and Kubernetes. It is used as the default runtime for Docker.

  • Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container.

    Docker Compose - Docker Compose is a tool that is used for making multiple containers and by using YAML file connections can be established amongst these multiple containers.

    DockerFile - A Dockerfile is a simple text file that contains instructions on how to build your images. These instructions are executed successively to perform actions on the base image to create a new container.

    Docker Image - Docker images are a set of instructions used for creating a 'n' number of Docker containers. Often, an image is based on another image, with some additional customization.

    Docker Container - A container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI.

  • In what real scenarios have you used Docker?

    A few real scenarios where Docker is used are:

    1. Environment Standardization: Since instructions to create an environment are written inside a Dockerfile, the inconsistency between different environments can be minimized. One can ensure that every team member is working in the same environment.

    2. Faster configuration with consistency: One can just put the configurations into code and deploy it. we can also standardize the Docker configuration, which can save a lot of time from preparing the setup and deployment documentation about the procedures and processes.

3. Better disaster recovery: One can backup a Docker image for the state of the container at that backup moment, and retrieve it later when serious issues happen. With Docker, you can easily replicate the file to the new hardware and recover from disaster.

  • Docker vs Hypervisor?

HypervisorDocker
Hypervisor is a layer that acts as an interface for multiple Operating System to interact with the Operating System of host.Docker, on the other hand, works on the host kernel itself. It creates containers that act as virtual application environments for the user to work on.
A hypervisor allows the users to generate multiple instances of complete operating systems.Dockers can run multiple applications or multiple instances of a single application. It does this with containers.
Since, multiple OS require resources of host OS, this makes them resource hungry.Dockers, however, do not have any such requirements. One can create as many containers as needed.
  • What are the advantages and disadvantages of using docker?

    Several major advantages of using Docker are:

    1. Consistent & Isolated Environment - It takes the responsibility of isolating and segregating the apps and resources in such a way that each container can access all the required resources in an isolated manner.

    2. Rapid Application Deployment - The docker containers come up with the minimal runtime requirements of the application that allow them to deploy faster by downloading the Docker image to run it on different environments.

    3. Ensures Scalability & Flexibility - Due to the consistent environment – the Docker images can be easily sorted across multiple physical servers, data servers, or cloud platforms.

    4. Better Portability - The applications created with Docker containers are immensely portable. The Docker containers can run on any platform whether it be Amazon EC2, Google Cloud Platform, VirtualBox, Rackspace server, or any other – though the host OS should support Docker.

    5. Cost-effective - As Docker reduces the need for more infrastructure resources for development and the container created for individual processes can be shared with other apps with instances of these containerized apps using less memory compared to virtual machines – it makes the development and deployment process more cost-effective.

Several major disadvantages of using Docker are:

1. Missing features

There are a ton of feature requests are under progress, like container self-registration, and self-inspects, copying files from the host to the container, and many more.

2. Data in the container

There are times when a container goes down, so after that, it needs a backup and recovery strategy, although we have several solutions for that they are not automated or not very scalable yet.

3. Run applications as fast as a bare-metal serve

In comparison with the virtual machines, Docker containers have less overhead but not zero overhead. If we run, an application directly on a bare-metal server we get true bare-metal speed even without using containers or virtual machines. However, Containers don’t run at bare-metal speeds.

4. Provide cross-platform compatibility

The one major issue is if an application designed to run in a Docker container on Windows, then it can’t run on Linux or vice versa. However, Virtual machines are not subject to this limitation.

So, this limitation makes Docker less attractive in some highly heterogeneous environments which are composed of both Windows and Linux servers.

5. Run applications with graphical interfaces

In general, Docker is designed for hosting applications which run on the command line. Though we have a few ways (like X11 forwarding) by which we can make it possible to run a graphical interface inside a Docker container, however, this is clunky.

  • What is a Docker namespace?

    Docker uses a technology called namespaces to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container. These namespaces provide a layer of isolation. Each aspect of a container runs in a separate namespace and its access is limited to that namespace.

  • What is a Docker registry?

    A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use, and Docker looks for images on Docker Hub by default. You can even run your private registry.

  • What is an entry point?

    ENTRYPOINT is one of the many instructions you can write in a dockerfile. The ENTRYPOINT instruction is used to configure the executables that will always run after the container is initiated. For example, you can mention a script to run as soon as the container is started. Note that the ENTRYPOINT commands cannot be overridden or ignored, even when you run the container with command line arguments.

  • How to implement CI/CD in Docker?

    1. Create a Dockerfile: A Dockerfile is a script that contains instructions for building a Docker image. It is a simple text file that contains commands such as FROM, RUN, COPY, EXPOSE, ENV, etc. These commands are executed by the Docker daemon during the build process to create an image.

    2. Create a build pipeline: Set up a build pipeline that automatically builds the image from the Dockerfile whenever there is a change in the source code. This can be done using tools like Jenkins, CircleCI, etc.

    3. Automate testing: Set up automated testing for the image, such as unit tests, integration tests, and acceptance tests, to ensure that the image is working as expected.

    4. Push the image to a registry: Once the image is built and tested, it can be pushed to a Docker registry, such as Docker Hub, so that it can be easily distributed to other systems.

    5. Deploy the image to production: Use a container orchestration tool like Kubernetes, Docker Swarm, or Amazon ECS to deploy the image to a production environment.

6. Monitor and scale: Monitor the deployed image and scale it as needed to handle increased.

  • Will data on the container be lost when the docker container exits?

    Yes, data on the container will be lost when the docker container exits as the data stored within a container is not persistent. However, data generated or stored by the container can be persisted outside of the container by many ways-

    1. Use Docker volumes: Docker volumes provide a way to store data outside of the container, ensuring that the data is not lost if the container is deleted or recreated. To use volumes, you can specify a named volume or a host-mounted volume when running the container.

    2. Use Docker bind mounts: Docker bind mounts allow you to mount a file or directory from the host into a container. This is useful when you want to share data between the host and the container. When you use a bind mount, the data is stored on the host, so it is not lost if the container is deleted or recreated.

3. Use Docker named volumes with backup services: You can also use a backup service like AWS S3, Google Cloud Storage, or Azure Blob Storage with Docker named volumes to create automated backups of your data. This way, even if your container crashes or gets deleted, you can still recover your data from the backup service.

  • What is a Docker swarm?

    A Docker Swarm is a container orchestration tool running the Docker application. It has been configured to join together in a cluster. The activities of the cluster are controlled by a swarm manager, and machines that have joined the cluster are referred to as nodes.

    There are two types of nodes in Docker Swarm:

    1. Manager node= Maintains cluster management tasks

    2. Worker node= Receives and executes tasks from the manager node

  • What are the docker commands for the following:

    view running containers

    docker ps

  • command to run the container under a specific name

    docker run --name <container-name> <image-name>

  • command to export a docker

    docker export <container_id or name> > <filename>.tar

  • command to import an already existing docker image

    docker import <options> file|URL|- <repository>:<tag>

  • commands to delete a container

    docker rm <container-id>

  • command to remove all stopped containers, unused networks, build caches, and dangling images

    docker system prune -a

  • What are the common docker practices to reduce the size of Docker Image?

The best practices to reduce the size of Docker Image are as follows-

  • USE A SMALLER BASE IMAGE - Consider using smaller base images. For example, by using an alpine base image, the size of the image will get reduced to 5MB from 128MB.

  • MINIMIZE LAYERS - Try to minimize the number of layers to install the packages in the Dockerfile. Otherwise, this may cause each step in the build process to increase the size of the image.

      FROM debian
      RUN apt-get install -y<packageA>
      RUN apt-get install -y<packageB>
    

    Try to install all the packages on a single RUN command to reduce the number of steps in the build process and reduce the size of the image.

      FROM debian
      RUN apt-get install -y<packageA><packageB>
    

    Note: Using this method, you will need to rebuild the entire image each time you add a new package to install.

  • MULTI-STAGE BUILDS IN DOCKER - The multi-stage build divides Dockerfile into multiple stages to pass the required artifact from one stage to another and eventually deliver the final artifact in the last stage. This way, our final image won’t have any unnecessary content except the required artifact.


Thanks for reading!

Happy Learning!

~Shilpi