Table of contents
- What is the Difference between an Image, Container and Engine?
- What is the Difference between the Docker command COPY vs ADD?
- What is the Difference between the Docker command CMD vs RUN?
- How will you reduce the size of the Docker image?
- Why and when to use Docker?
- Explain the Docker components and how they interact with each other
- Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?
- In what real scenarios have you used Docker?
- Docker vs Hypervisor?
- What are the advantages and disadvantages of using docker?
- What is a Docker namespace?
- What is Docker Registry?
- What is an entry point?
- How to implement CI/CD in Docker?
- Will data on the container be lost when the docker container exits?
- What is Docker swarm?
- What are the common docker practices to reduce the size of Docker Image?
Let's have an overview of important docker questions - mostly theoretical.
What is the Difference between an Image, Container and Engine?
IMAGE :
It contains instructions that are executed when the image is run inside a container.
It often acts as the starting point of Docker as nothing can be done if you don't have the "exportable" program file containing the environment configurations and a set of instructions.
CONTAINER :
It is a special type of process with it's own file system as configured in the image.
It is an enclosement which provides an executable playground for the image to be of any use.
It has it's own ports and interface to interact with other containers of the host machine or any processes running outside the container itself.
ENGINE :
Perhaps when we talk of Docker, it may actually be the Docker engine that we are talking about.
Takes care of the low-level management of docker containers and images - start, stop, networking and resource allocation.
What is the Difference between the Docker command COPY vs ADD?
For copying files and directories from the build context to the image, use
COPY.
When you need to incorporate content from a remote URL or unpack compressed archives use
ADD.
If unsure as to which of the two to use,
COPY
is recommended due to its simplicity.
What is the Difference between the Docker command CMD vs RUN?
RUN
RUN
is used to execute commands during the Docker image build process.These commands are executed in a new layer on top of the current image, and results are committed to the image.
Generally used for installing packages, dependencies, etc i.e. during environment setup for the docker image.
# Install dependencies during building image RUN apt update && apt install -y python3
CMD
CMD
is used to specify the default command to run when a container is started from the Docker image.It specifies what command should be executed when the container session first starts.
It can be overridden with a flag during running a container.
# Specify default command to execute after starting up the container CMD ["python3", "app.py"]
How will you reduce the size of the Docker image?
Use a smaller base image :
Start with a minimal base image that meets your requirements.
For e.g. instead of ubuntu image, try going with alpine image
Try a multi-stage build of the image :
- This ensures that only necessary files are included in the final image, reducing its size.
Minimze number of layers :
- Combine multiple
RUN
commands into a single layer by using&&
for chaining them together.
- Combine multiple
Remove unnecessary files, dependencies and packages :
- Use
apt-get clean
or similar commands to remove unnecessary packages and clear cache.
- Use
Use .dockerignore file :
- Exclude unnecessary files from being included in the docker image by adding them in the
.dockerignore
file.
- Exclude unnecessary files from being included in the docker image by adding them in the
Why and when to use Docker?
Docker is used to simplify the process of creating, deploying, and managing applications in isolated containers. Here's why and when to use Docker :
Isolation :
- Docker containers encapsulate applications and their dependencies, providing isolation from the underlying infrastructure. This allows for better resource utilization and security.
Portability :
- Docker containers can run on any platform that supports Docker, making it easy to move applications between environments, from on-premises servers to the cloud.
Microservices architecture :
- Docker is well-suited for microservices architectures, where applications are broken down into smaller, independently deployable components, each running in its own container.
Resource efficiency :
- Docker containers are lightweight and consume fewer resources compared to traditional virtual machines, leading to improved efficiency and cost savings.
DevOps Practices:
- Docker promotes DevOps practices by enabling developers and operations teams to collaborate more effectively through automated workflows and continuous integration/continuous deployment (CI/CD) pipelines.
Explain the Docker components and how they interact with each other
Docker comprises of several key components that work together to facilitate the creation, deployment, and management of containerized applications. Here's an overview of these components and their interactions :
Docker Engine :
The core component of Docker that runs on the host machine. It consists of docker daemon(dockerd), which is running all the time in the background managing all the docker images, containers, networks, volumes, etc.
It also includes the docker-cli as an interface to interact with the docker daemon.
Docker Images :
They are files containing all the configuration needed to run a container, along with the software package, libraries and all the required dependencies.
It is built using a Dockerfile.
Docker Containers :
Containers are just lightweight processes with a filesystem, network and an executable environment of their own.
This environment is created by the Docker image that is used to run the container.
Docker Compose :
It is a tool used for defining and running multi-container Docker applications using a YAML file.
Simplifies orchestration of all the containers/services.
Docker registeries :
Web-based image-storing database like the dockerhub.
Allows public and private hosting of docker images.
Docker Network :
- Enables communication between containers, host and any other service/device that might need to interact.
Docker volume :
- Used as persistent data storage for the data generated/required in running containers.
These Docker components interact with each other to enable the lifecycle management of containerized applications.
Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?
Docker compose :
๐กUsed to define and run multi-container Docker applicationsDocker Compose is a tool used to define and run multi-container Docker applications.
It uses a yaml file usually named
docker-compose.yaml
to specify the services, networks volumes and other configurations required for the application.We can also specify how the containers/services should interact with each other. Thus, docker-compose eases orchestration of complex applications with a single command -
docker-compose up
.๐
Dockerfile :
๐กA text file containing instructions for building a docker image.Contains fields for - base image, environment creation, dependencies installation, running commands during build process, network configuration and port mappings, etc.
Optimizing the dockerfile can help reduce size of the image.
Docker image :
๐กA lightweight, standalone, and executable package that contains everything needed to run a containerized application.Images are built from Dockerfiles and can include the application code, runtime, libraries, dependencies, and environment variables.
Images are stored in a registry like DockerHub, which can be public or private. If required, these images can be pulled from the dockerhub.
Docker container :
๐A runtime instance of a Docker image, encapsulating the application and its dependencies.A Docker container is a runtime instance of a Docker image. It encapsulates the application code, runtime, dependencies, and other configurations required to run the application.
It is an isolated process with it's own file system, network and environment.
They are controlled by the docker engine and largely by the host machine.
In what real scenarios have you used Docker?
Docker was used in my group project - procfetch.
Docker vs Hypervisor?
Hypervisors :
Hypervisors are of two types โ the bare metal works directly on the hardware while type two hypervisor works on top of the operating system.
A hypervisor allows the users to generate multiple instances of complete operating systems.
They need dedicated resources for any particular instance among the shared hardware which the hypervisor allocates during boot.
Takes longer to boot the OS.
Docker :
Docker works on the host kernel itself. Hence, it does not allow the user to create multiple instances of operating systems.
Can run multiple instances of a single application (with containers).
Can create as many instances as desired.
Up and running in few seconds.
What are the advantages and disadvantages of using docker?
Advantages
Portability: Docker containers can run on any platform that supports Docker, providing consistency across different environments, from development to production.
Isolation: Containers provide process and filesystem isolation, ensuring that applications and their dependencies are encapsulated and do not interfere with each other or the host system.
Scalability: Docker makes it easy to scale applications by spinning up additional containers as needed, either manually or through orchestration tools like Docker Swarm or Kubernetes.
Disadvantages
Complexity: Managing containerized applications at scale requires additional complexity, including orchestration, networking, monitoring, and security considerations.
Security Risks: While containers offer isolation, they share the host system's kernel, which could potentially lead to security vulnerabilities if not properly configured and secured.
Resource Overhead: Although Docker containers are lightweight compared to virtual machines, they still consume additional resources (CPU, memory, disk space) compared to running applications directly on the host system.
What is a Docker namespace?
A Docker namespace refers to the mechanism used to isolate and control access to various system resources within a Docker container. Namespaces provide a way to partition system resources such as process IDs, network interfaces, filesystem mounts, and inter-process communication channels, ensuring that each container operates in its own isolated environment.
Under the hood, docker leverages this feature of linux to its own resource management.
What is Docker Registry?
A Docker registry is a centralized repository for storing and distributing Docker images. It serves as a web-based storage location where Docker users can push and pull images, making them available for deployment on various Docker hosts and environments.
Key characteristics of docker registry :
Storage
Distribution
Versioning
Access control
Examples : DockerHub, Amazon Elastic Container Repository (ECR), etc
What is an entry point?
In Docker, an entry point is a configuration option that specifies the default command to execute when a Docker container starts. It is typically used to define the primary executable or script that runs within the container.
In the dockerfile, it looks like this :
...
# set entrypoint to shell-script
ENTRYPOINT ["/app/entrypoint.sh"]
How to implement CI/CD in Docker?
To implement a CI/CD in Docker :
Use a Version Control software like Git
Choose a CI/CD platform like Jenkins or GitLab CI
Write a Dockerfile for your project
Automate Docker image builds on code changes
Write automated tests and integrate them into the pipeline
Store Docker images in a registry like DockerHub
Publish images after successful builds
Deploy your application considering ease in future version releases
Monitor and log application performance
Continuously improve the pipeline for faster, reliable deployments
Will data on the container be lost when the docker container exits?
By design, docker containers are stateless and the data within them is ephemeral. Thus, it is innate to the nature of docker that data within a container will be lost as soon as the container exits.
However, to preserve data after container is stopped, restarted or removed, one is required to use docker volume or bind mounts. This allows in persistent data storage outside the container's filesystem, either on a host machine or a shared volume managed by docker.
What is Docker swarm?
Docker Swarm is a native container orchestration tool that allows users to manage a cluster of Docker hosts as a single virtual system. It enables you to deploy, scale, and manage containers across multiple nodes in a distributed environment.
Key features include :
service deployment
load balancing
automatic scaling
high availability
security
integration with the Docker CLI
Docker Swarm is lightweight, easy to use, and suitable for a wide range of deployment scenarios, from small-scale development environments to large-scale production deployments.
What are the common docker practices to reduce the size of Docker Image?
Reducing the size of Docker images is crucial for optimizing resource usage, improving performance, and speeding up deployments. Here are some common Docker practices to reduce size of docker image :
Use a Minimal Base Image
Optimize Dockerfile Instructions
Remove Unnecessary Dependencies
Use .dockerignore
Leverage Multi-Stage Builds
Compress Files and Assets
Minimize Layers