Day 21 - Docker Important Interview Questions

Day 21 - Docker Important Interview Questions

ยท

10 min read

Let's have an overview of important docker questions - mostly theoretical.

What is the Difference between an Image, Container and Engine?

  1. IMAGE :

    • It contains instructions that are executed when the image is run inside a container.

    • It often acts as the starting point of Docker as nothing can be done if you don't have the "exportable" program file containing the environment configurations and a set of instructions.

  2. CONTAINER :

    • It is a special type of process with it's own file system as configured in the image.

    • It is an enclosement which provides an executable playground for the image to be of any use.

    • It has it's own ports and interface to interact with other containers of the host machine or any processes running outside the container itself.

  3. ENGINE :

    • Perhaps when we talk of Docker, it may actually be the Docker engine that we are talking about.

    • Takes care of the low-level management of docker containers and images - start, stop, networking and resource allocation.

What is the Difference between the Docker command COPY vs ADD?

  • For copying files and directories from the build context to the image, use COPY.

  • When you need to incorporate content from a remote URL or unpack compressed archives use ADD.

  • If unsure as to which of the two to use, COPY is recommended due to its simplicity.

What is the Difference between the Docker command CMD vs RUN?

RUN

  • RUN is used to execute commands during the Docker image build process.

  • These commands are executed in a new layer on top of the current image, and results are committed to the image.

  • Generally used for installing packages, dependencies, etc i.e. during environment setup for the docker image.

      # Install dependencies during building image
      RUN apt update && apt install -y python3
    

CMD

  • CMD is used to specify the default command to run when a container is started from the Docker image.

  • It specifies what command should be executed when the container session first starts.

  • It can be overridden with a flag during running a container.

      # Specify default command to execute after starting up the container
      CMD ["python3", "app.py"]
    

How will you reduce the size of the Docker image?

  1. Use a smaller base image :

    • Start with a minimal base image that meets your requirements.

    • For e.g. instead of ubuntu image, try going with alpine image

  2. Try a multi-stage build of the image :

    • This ensures that only necessary files are included in the final image, reducing its size.
  3. Minimze number of layers :

    • Combine multiple RUN commands into a single layer by using && for chaining them together.
  4. Remove unnecessary files, dependencies and packages :

    • Use apt-get clean or similar commands to remove unnecessary packages and clear cache.
  5. Use .dockerignore file :

    • Exclude unnecessary files from being included in the docker image by adding them in the .dockerignore file.

Why and when to use Docker?

Docker is used to simplify the process of creating, deploying, and managing applications in isolated containers. Here's why and when to use Docker :

  1. Isolation :

    • Docker containers encapsulate applications and their dependencies, providing isolation from the underlying infrastructure. This allows for better resource utilization and security.
  2. Portability :

    • Docker containers can run on any platform that supports Docker, making it easy to move applications between environments, from on-premises servers to the cloud.
  3. Microservices architecture :

    • Docker is well-suited for microservices architectures, where applications are broken down into smaller, independently deployable components, each running in its own container.
  4. Resource efficiency :

    • Docker containers are lightweight and consume fewer resources compared to traditional virtual machines, leading to improved efficiency and cost savings.
  5. DevOps Practices:

    • Docker promotes DevOps practices by enabling developers and operations teams to collaborate more effectively through automated workflows and continuous integration/continuous deployment (CI/CD) pipelines.

Explain the Docker components and how they interact with each other

Docker comprises of several key components that work together to facilitate the creation, deployment, and management of containerized applications. Here's an overview of these components and their interactions :

  1. Docker Engine :

    • The core component of Docker that runs on the host machine. It consists of docker daemon(dockerd), which is running all the time in the background managing all the docker images, containers, networks, volumes, etc.

    • It also includes the docker-cli as an interface to interact with the docker daemon.

  2. Docker Images :

    • They are files containing all the configuration needed to run a container, along with the software package, libraries and all the required dependencies.

    • It is built using a Dockerfile.

  3. Docker Containers :

    • Containers are just lightweight processes with a filesystem, network and an executable environment of their own.

    • This environment is created by the Docker image that is used to run the container.

  4. Docker Compose :

    • It is a tool used for defining and running multi-container Docker applications using a YAML file.

    • Simplifies orchestration of all the containers/services.

  5. Docker registeries :

    • Web-based image-storing database like the dockerhub.

    • Allows public and private hosting of docker images.

  6. Docker Network :

    • Enables communication between containers, host and any other service/device that might need to interact.
  7. Docker volume :

    • Used as persistent data storage for the data generated/required in running containers.

These Docker components interact with each other to enable the lifecycle management of containerized applications.

Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?

  1. Docker compose :

    ๐Ÿ’ก
    Used to define and run multi-container Docker applications
    • Docker Compose is a tool used to define and run multi-container Docker applications.

    • It uses a yaml file usually named docker-compose.yaml to specify the services, networks volumes and other configurations required for the application.

    • We can also specify how the containers/services should interact with each other. Thus, docker-compose eases orchestration of complex applications with a single command - docker-compose up .๐Ÿ˜‰

  2. Dockerfile :

    ๐Ÿ’ก
    A text file containing instructions for building a docker image.
    • Contains fields for - base image, environment creation, dependencies installation, running commands during build process, network configuration and port mappings, etc.

    • Optimizing the dockerfile can help reduce size of the image.

  3. Docker image :

    ๐Ÿ’ก
    A lightweight, standalone, and executable package that contains everything needed to run a containerized application.
    • Images are built from Dockerfiles and can include the application code, runtime, libraries, dependencies, and environment variables.

    • Images are stored in a registry like DockerHub, which can be public or private. If required, these images can be pulled from the dockerhub.

  4. Docker container :

    ๐Ÿ’Œ
    A runtime instance of a Docker image, encapsulating the application and its dependencies.
    • A Docker container is a runtime instance of a Docker image. It encapsulates the application code, runtime, dependencies, and other configurations required to run the application.

    • It is an isolated process with it's own file system, network and environment.

    • They are controlled by the docker engine and largely by the host machine.

In what real scenarios have you used Docker?

Docker was used in my group project - procfetch.

Docker vs Hypervisor?

Hypervisors :

  • Hypervisors are of two types โ€“ the bare metal works directly on the hardware while type two hypervisor works on top of the operating system.

  • A hypervisor allows the users to generate multiple instances of complete operating systems.

  • They need dedicated resources for any particular instance among the shared hardware which the hypervisor allocates during boot.

  • Takes longer to boot the OS.

Docker :

  • Docker works on the host kernel itself. Hence, it does not allow the user to create multiple instances of operating systems.

  • Can run multiple instances of a single application (with containers).

  • Can create as many instances as desired.

  • Up and running in few seconds.

What are the advantages and disadvantages of using docker?

Advantages

  1. Portability: Docker containers can run on any platform that supports Docker, providing consistency across different environments, from development to production.

  2. Isolation: Containers provide process and filesystem isolation, ensuring that applications and their dependencies are encapsulated and do not interfere with each other or the host system.

  3. Scalability: Docker makes it easy to scale applications by spinning up additional containers as needed, either manually or through orchestration tools like Docker Swarm or Kubernetes.

Disadvantages

  1. Complexity: Managing containerized applications at scale requires additional complexity, including orchestration, networking, monitoring, and security considerations.

  2. Security Risks: While containers offer isolation, they share the host system's kernel, which could potentially lead to security vulnerabilities if not properly configured and secured.

  3. Resource Overhead: Although Docker containers are lightweight compared to virtual machines, they still consume additional resources (CPU, memory, disk space) compared to running applications directly on the host system.

What is a Docker namespace?

A Docker namespace refers to the mechanism used to isolate and control access to various system resources within a Docker container. Namespaces provide a way to partition system resources such as process IDs, network interfaces, filesystem mounts, and inter-process communication channels, ensuring that each container operates in its own isolated environment.

Under the hood, docker leverages this feature of linux to its own resource management.

What is Docker Registry?

A Docker registry is a centralized repository for storing and distributing Docker images. It serves as a web-based storage location where Docker users can push and pull images, making them available for deployment on various Docker hosts and environments.

Key characteristics of docker registry :

  • Storage

  • Distribution

  • Versioning

  • Access control

Examples : DockerHub, Amazon Elastic Container Repository (ECR), etc

What is an entry point?

In Docker, an entry point is a configuration option that specifies the default command to execute when a Docker container starts. It is typically used to define the primary executable or script that runs within the container.

In the dockerfile, it looks like this :

...
# set entrypoint to shell-script
ENTRYPOINT ["/app/entrypoint.sh"]

How to implement CI/CD in Docker?

To implement a CI/CD in Docker :

  1. Use a Version Control software like Git

  2. Choose a CI/CD platform like Jenkins or GitLab CI

  3. Write a Dockerfile for your project

  4. Automate Docker image builds on code changes

  5. Write automated tests and integrate them into the pipeline

  6. Store Docker images in a registry like DockerHub

  7. Publish images after successful builds

  8. Deploy your application considering ease in future version releases

  9. Monitor and log application performance

  10. Continuously improve the pipeline for faster, reliable deployments

Will data on the container be lost when the docker container exits?

  • By design, docker containers are stateless and the data within them is ephemeral. Thus, it is innate to the nature of docker that data within a container will be lost as soon as the container exits.

  • However, to preserve data after container is stopped, restarted or removed, one is required to use docker volume or bind mounts. This allows in persistent data storage outside the container's filesystem, either on a host machine or a shared volume managed by docker.

What is Docker swarm?

Docker Swarm is a native container orchestration tool that allows users to manage a cluster of Docker hosts as a single virtual system. It enables you to deploy, scale, and manage containers across multiple nodes in a distributed environment.

Key features include :

  • service deployment

  • load balancing

  • automatic scaling

  • high availability

  • security

  • integration with the Docker CLI

Docker Swarm is lightweight, easy to use, and suitable for a wide range of deployment scenarios, from small-scale development environments to large-scale production deployments.

What are the common docker practices to reduce the size of Docker Image?

Reducing the size of Docker images is crucial for optimizing resource usage, improving performance, and speeding up deployments. Here are some common Docker practices to reduce size of docker image :

  • Use a Minimal Base Image

  • Optimize Dockerfile Instructions

  • Remove Unnecessary Dependencies

  • Use .dockerignore

  • Leverage Multi-Stage Builds

  • Compress Files and Assets

  • Minimize Layers

Happy Learning ;)

ย