Table of contents
#Day 21 Task of #90DaysofDevops challenge🚀
let's start 🚗
Docker Interview
Docker is a good topic to ask in DevOps Engineer Interviews, mostly for freshers. One must surely try these questions to be better in Docker
What is the Difference between an Image, Container, and Engine?
Ans :
Image: An image is a file that contains the code, runtime, system tools, system libraries, and settings needed to run an application. Images are typically built using a tool like Docker. Once an image is built, it can be stored and shared with others.
Container: A container is a running instance of an image. When you run a container, the image is copied to your computer, and the application is started. Containers are isolated from each other, so they do not interfere with each other. This makes them a good way to deploy and run multiple applications on the same machine.
Engine: Docker Engine is the underlying client-server technology that builds and runs containers using Docker's components and services. An engine is a software that is responsible for creating and managing containers. The component handles the low-level details of container creation, networking, storage, and other operations.
What is the Difference between the Docker command COPY vs ADD?
Ans :
The
COPYandADDcommands in Dockerfiles are both used to copy files and directories into a Docker image. However, there are some key differences between the two commands.COPYonly supports copying files from the local build context into the Docker image. TheADDcommand, on the other hand, can also copy files from a remote URL.COPYdoes not extract tar files, whileADDcan extract tar files and other compressed formats. This can be useful if you want to copy a pre-built application into your Docker image.COPYis generally considered to be more reliable thanADD. This is becauseCOPYdoes not have any unexpected behaviour, such as extracting tar files.As a general rule, you should use
COPYunless you need one of the features thatADDprovides. For example, if you are copying a pre-built application into your Docker image, you should useADD.Here is an example of how to use the
COPYcommand:COPY . /appThis command will copy all of the files and directories from the current directory into the
/appdirectory in the Docker imageHere is an example of how to use the
ADDcommand:ADDhttps://example.com/my-app.tar.gz/appThis command will download the
my-app.tar.gzfile from theexample.comwebsite and extract it into the/appdirectory in the Docker image.
What is the Difference between the Docker command CMD vs RUN?
Ans :
The
CMDandRUNcommands in Dockerfiles are both used to run commands during the build process or when the container is running. However, there are some key differences between the two commands.CMDis used to specify the default command that will be executed when the container starts. TheRUNcommand, on the other hand, is used to run a command during the build process and the output of the command is committed to the image.CMDcan be overridden when the container is started with thedocker runcommand. TheRUNcommand cannot be overridden.CMDcan contain multiple commands, separated by spaces. TheRUNcommand can only contain one command.As a general rule, you should use
CMDto specify the default command that will be executed when the container starts. You should useRUNto run commands during the build process that you want to be committed to the image
How Will you reduce the size of the Docker image?
Ans :
There are several ways to reduce the size of a Docker image:
1. Use a Smaller Base Image(Alpine)
Alpine Linux is a lightweight Linux distribution that is popular for creating small Docker images. It is smaller than most other Linux distributions and has a smaller attack surface.
2. Use a .dockerignore file
A .dockerignore file allows you to specify files and directories that should be excluded from the build context sent to the Docker daemon. This helps to exclude unnecessary files from the build context, which in turn reduces the size of the image.
3. Utilize the Multi-Stage Builds Feature in Docker
It allows users to divide the Dockerfile into multiple stages. Multi-stage builds allow you to use multiple FROM statements in your Dockerfile. This allows you to use one image as a builder image and then copy only the necessary files to a smaller image.
4. Avoid Adding Unnecessary Layers
A Docker image takes up more space with every layer you add to it. Therefore, the more layers you have, the more space the image requires. Each RUN instruction in a Dockerfile adds a new layer to your image. Remove unnecessary files and dependencies from the image by using the RUN apt-get autoremove, RUN apt-get clean and RUN rm commands in your Dockerfile
5. Use Squash
Squash is a technique that allows you to combine all the layers of an image into a single layer. This can significantly reduce the size of an image.
6. Use official images
Official images are images that are maintained by the upstream software maintainers. These images are usually smaller in size and more secure than images built by other parties.
7. Keep Application Data Elsewhere
Storing application data in the image will unnecessarily increase the size of the images. It’s highly recommended to use the volume feature of the container runtimes to keep the image separate from the data.
Why and when to use Docker?
Ans :
Docker is a containerization platform that allows you to package your application and its dependencies into a single image. This image can then be run on any machine that has Docker installed, regardless of the underlying operating system.
There are many reasons to use Docker, including:
Portability: Docker images are portable, meaning they can be run on any machine that has Docker installed. This makes it easy to deploy your application to different environments, such as development, staging, and production.
Consistency: Docker images are consistent, meaning that they will always contain the same set of dependencies and configurations. This makes it easier to debug and troubleshoot your application, and it also makes it easier to roll back to a previous version of your application if necessary.
Security: Docker containers are isolated from each other, meaning that a security vulnerability in one container will not affect other containers. This makes Docker a more secure way to run applications.
Speed: Docker images are lightweight, meaning they can be downloaded and started quickly. This makes Docker a good choice for applications that need to be deployed quickly.
Here are some specific examples of when you might want to use Docker:
You are developing a new application and you want to make sure that it works on different operating systems.
You are deploying an application to a cloud environment and you want to make sure that it is portable and consistent.
You are running a web application and you want to make sure that it is secure and scalable.
You are running a batch-processing application and you want to make sure that it is fast and efficient.
If you are working on any kind of application development or deployment, Docker is a valuable tool that can help you to improve the portability, consistency, security, and speed of your applications.
Explain the Docker components and how they interact with each other.
Ans :
Docker client: The Docker client is a command-line tool that you use to interact with Docker. You can use the Docker client to build images, run containers, and manage your Docker environment.
Docker daemon: The Docker daemon is a server-side program that manages Docker images and containers. The Docker daemon is responsible for creating, starting, and stopping containers, as well as for storing and distributing images.
Docker image: A Docker image is a file that contains the instructions for creating a Docker container. An image includes the operating system, application software, and any other files that your application needs to run.
Docker container: A Docker container is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries, and settings.
Docker registry: A Docker registry is a repository for storing and distributing Docker images. Docker Hub is a public Docker registry that hosts millions of Docker images.
The Docker client and daemon interact with each other using a REST API. The Docker client sends commands to the Docker daemon, and the Docker daemon performs the requested operations. For example, if you use the
docker runcommand to start a container, the Docker client sends a request to the Docker daemon to start the container. The Docker daemon then creates the container and starts it running.The Docker image is the source of truth for a Docker container. When you start a container, the Docker daemon uses the image to create the container. The image contains the operating system, application software, and any other files that the container needs to run.
The Docker container is the actual running instance of an application. When you start a container, the Docker daemon creates a new process that runs the application code. The container also has its own isolated filesystem, network, and process namespace. This isolation makes containers very secure and reliable.
The Docker registry is a repository for storing and distributing Docker images. Docker Hub is a public Docker registry that hosts millions of Docker images. You can use Docker Hub to store your own images, or you can search and download images from other users.
Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?
Ans :
Docker Compose: Docker Compose is a tool for defining and running multi-container Docker applications. With Compose, you can use a single file to define all of the services that make up your application. You can then use the
docker-compose upcommand to start all of the services in your application.Docker File: A Dockerfile is a text file that contains the instructions for building a Docker image. A Dockerfile includes a series of commands that are used to install software, copy files, and configure settings. When you build a Docker image, the Docker daemon uses the instructions in the Dockerfile to create the image.
Docker Image: A Docker image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries, and settings. Docker images are built from a Dockerfile and can be run on any machine that has Docker installed.
Docker Container: A Docker container is a running instance of a Docker image. When you run a Docker image, the Docker daemon creates a container from the image and starts it running. The container includes all of the files and settings from the image, and it runs in its own isolated environment.
In what real scenarios have you used Docker?
Ans :
Developing and testing applications: I have used Docker to develop and test applications on my local machine. This allows me to quickly and easily set up the environment that my application needs to run, without having to worry about installing and configuring software on my machine.
Deploying applications: I have used Docker to deploy applications to production environments. This allows me to deploy applications to different environments with ease, and to ensure that my applications are consistent across all environments.
Running batch processing jobs: I have used Docker to run batch processing jobs. This allows me to run jobs on a variety of machines, without having to worry about the underlying operating system or hardware.
Creating development environments: I have used Docker to create development environments for my team. This allows my team to work on the same codebase, without having to worry about installing and configuring software on their machines.
Hosting services: I have used Docker to host services, such as web servers and databases. This allows me to easily scale my services up or down, and to move them between different environments.
Docker vs Hypervisor?
Ans :
Docker and hypervisors are both virtualization technologies, but they work in different ways.
Docker is a containerization platform that allows you to package your application and its dependencies into a single image. This image can then be run on any machine that has Docker installed, regardless of the underlying operating system.
Hypervisors are software that creates and runs virtual machines (VMs). VMs are isolated operating systems that run on top of a physical host machine. Hypervisors can be used to run multiple VMs on a single host machine, which can improve resource utilization and scalability.
Here are some examples of when you might want to use Docker:
You are developing a new application and you want to make sure that it works on different operating systems.
You are deploying an application to a cloud environment and you want to make sure that it is portable and consistent.
You are running a web application and you want to make sure that it is secure and scalable.
You are running a batch-processing application and you want to make sure that it is fast and efficient.
Here are some examples of when you might want to use a hypervisor:
You are running a mission-critical application and you need to ensure that it is isolated from other applications.
You are running an application that requires a specific operating system.
You are running an application that needs to be highly secure.
You are running an application that needs to be scalable to a large number of users.
What are the advantages and disadvantages of using docker?
Ans :
Docker is a containerization platform that allows you to package your application and its dependencies into a single image. This image can then be run on any machine that has Docker installed, regardless of the underlying operating system.
Here are some of the advantages of using Docker:
Portability: Docker images are portable and can be run on any machine that has Docker installed. This makes it easy to deploy your application to different environments, such as development, staging, and production.
Consistency: Docker images are consistent, meaning that they will always contain the same set of dependencies and configurations. This makes it easier to debug and troubleshoot your application, and it also makes it easier to roll back to a previous version of your application if necessary.
Security: Docker containers are isolated from each other, meaning that a security vulnerability in one container will not affect other containers. This makes Docker a more secure way to run applications.
Speed: Docker images are lightweight, meaning they can be downloaded and started quickly. This makes Docker a good choice for applications that need to be deployed quickly.
Scalability: Docker containers can be scaled up or down easily. This makes Docker a good choice for applications that need to be scaled to handle a large number of users.
Here are some of the disadvantages of using Docker:
Complexity: Docker can be complex to learn and use, especially for beginners.
Security: Docker containers can be vulnerable to security attacks, if not properly configured.
Vendor lock-in: Docker is a proprietary technology, which means that you are dependent on Docker, Inc. for support and updates.
Resource usage: Docker containers can use more resources than traditional applications, especially if they are not properly optimized.
What is a Docker namespace?
Ans :
A Docker namespace is a way of isolating resources from each other. There are 7 types of namespaces in Docker:
PID namespace: Isolates process IDs. Each container has its own PID namespace, so processes in one container cannot see processes in other containers.
Network namespace: Isolates networking. Each container has its own network namespace, so containers cannot see each other's network interfaces or communicate with each other directly.
Mount namespace: Isolates filesystem mounts. Each container has its own mount namespace, so containers cannot see each other's filesystems.
UTS namespace: Isolates hostname and domain name. Each container has its own UTS namespace, so containers cannot see each other's hostname or domain name.
IPC namespace: Isolates inter-process communication (IPC). Each container has its own IPC namespace, so processes in one container cannot communicate with processes in other containers using IPC mechanisms such as shared memory or semaphores.
User namespace: Isolates user accounts. Each container has its own user namespace, so users in one container cannot see users in other containers.
Cgroup namespace: Isolates resource constraints. Each container has its own Cgroup namespace, so containers cannot affect each other's resource usage.
What is a Docker registry?
Ans :
A Docker registry is a repository for storing and distributing Docker images. Docker images are a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries, and settings.
Docker registries are typically hosted on servers, but they can also be run locally. There are many different Docker registries available, including:
Docker Hub: Docker Hub is the official Docker registry. It is a public registry that hosts millions of Docker images.
Quay.io: Quay.io is a public registry that is owned by Red Hat. It offers a number of features that are not available on Docker Hub, such as a built-in vulnerability scanner.
Artifactory: Artifactory is a private registry that can be deployed on-premises or in the cloud. It offers a wide range of features, including version control, auditing, and security.
Nexus: Nexus is another private registry that can be deployed on-premises or in the cloud. It offers a similar range of features to Artifactory.
To use a Docker registry, you first need to create an account. Once you have an account, you can search for and browse images. You can also upload your own images to the registry.
When you run a Docker container, you specify the image that you want to use. The Docker client will then download the image from the registry and start the container.Docker registries are a vital part of the Docker ecosystem. They allow you to store, share, and reuse Docker images. This makes it easy to deploy applications and to scale your infrastructure.
What is an entry point?
Ans :
In a Dockerfile, an entrypoint is a command that is run when a container is started. The
entrypointcan be a single command or a list of commands. Theentrypointis always run as the root user.The
entrypointis different from the CMD instruction in a Dockerfile. The CMD instruction specifies the default command that is run when a container is started. However, the CMD instruction can be overridden by the user when the container is started. Theentrypointcannot be overridden.How to implement CI/CD in Docker?
Ans :
**
CI/CD** stands for continuous integration/continuous delivery. It is a software development practice that aims to improve the quality and speed of software delivery by automating the process of building, testing, and deploying code.CI/CD can be implemented in Docker using a variety of tools and workflows. Here are some of the most common approaches:
Docker Hub automated builds: Docker Hub offers a built-in CI/CD service that can be used to automate the build and deploy of Docker images. To use this service, you first need to create a Docker Hub account and then create a repository for your project. Once you have created a repository, you can configure automated builds to run whenever you push new changes to your code.
Jenkins: Jenkins is a popular open-source CI/CD server that can be used to automate the build and deploy of Docker images. To use Jenkins, you first need to install Jenkins on a server. Once you have installed Jenkins, you can create a job that will automate the build and deploy of your Docker images.
Travis CI: Travis CI is a hosted CI/CD service that can be used to automate the build and deploy of Docker images. To use Travis CI, you first need to create a Travis CI account and then create a project for your application. Once you have created a project, you can configure Travis CI to automate the build and deploy of your Docker images whenever you push new changes to your code.
GitLab CI/CD: GitLab CI/CD is a CI/CD service that is integrated with GitLab. To use GitLab CI/CD, you first need to install GitLab on a server. Once you have installed GitLab, you can configure GitLab CI/CD to automate the build and deploy of your Docker images whenever you push new changes to your code.
Will data on the container be lost when the docker container exits?
Ans :
Yes, data on a Docker container will be lost when the container exits. This is because Docker containers are ephemeral by default. This means that they are designed to be created and destroyed quickly and easily. As a result, any data that is stored in a container will be lost when the container is destroyed.
There are a few ways to avoid losing data when a Docker container exits. One way is to use a volume. A volume is a persistent storage space that is not tied to any specific container. This means that data that is stored in a volume will not be lost when the container that created it exits.
Another way to avoid losing data is to use a data container. A data container is a container that is specifically designed to store data. Data containers are typically not interactive, and they are not meant to be run directly. Instead, they are used to store data that can be accessed by other containers.Finally, you can also use a Docker registry to store your Docker images. A Docker registry is a repository for storing and distributing Docker images. When you push an image to a registry, it will be stored in a persistent location and can be accessed by any other container that needs it.
What is a Docker swarm?
Ans :
A Docker swarm is a group of Docker hosts that are managed as a single unit. Swarms can be used to deploy and manage applications across multiple hosts.
To create a swarm, you first need to create a swarm manager. The swarm manager is a Docker host that is responsible for managing the swarm. Once you have created a swarm manager, you can add other Docker hosts to the swarm.
When you add a Docker host to a swarm, the swarm manager will assign the host a role. The role of a Docker host can be either manager or worker. Manager hosts are responsible for managing the swarm. Worker hosts are responsible for running applications.
Once you have added all of the Docker hosts to the swarm, you can deploy applications to the swarm. To deploy an application to the swarm, you first need to create a Docker compose file. A Docker compose file is a YAML file that defines the applications that you want to deploy to the swarm.
Once you have created a Docker compose file, you can deploy the application to the swarm using the
docker swarm deploycommand.What are the docker commands for the following :
Ans :
1)view running containers
docker ps
2)command to run the container under a specific name
docker run --name <container_name> <docker_image>
3)command to export a docker
docker export <container_id or name> > <filename>.tar
4)command to import an already existing docker image
docker import <options> file|URL|- <repository>:<tag>
5)commands to delete a container
docker rm <container_name or ID>
6)command to remove all stopped containers, unused networks, build caches, and dangling images?
docker system prune -a
Thank you very much for giving your valuable time for reading this article !!☺😊
Arijit Manna