Docker Important Interview Questions
Rajat Chauhan
1. What is the difference between an Image, Container, and Engine?
Docker Image: Think of a Docker image as a snapshot of your application and its environment. It’s like a recipe for creating containers. An image includes everything needed to run an application—such as the code, runtime, libraries, and dependencies. Images are immutable, meaning once they’re created, they don’t change.
Docker Container: A Docker container is a running instance of a Docker image. It’s a lightweight, standalone package that includes everything needed to run a piece of software. Containers are isolated from each other and the host system, but they share the same OS kernel. They can be started, stopped, moved, and deleted.
Docker Engine: The Docker Engine is the software that runs and manages Docker containers. It consists of a server (the Docker daemon), a REST API, and a command-line interface (CLI). The engine handles the building, running, and managing of containers and images.
2. What is the difference between the Docker command COPY vs ADD?
COPY: The
COPYcommand in a Dockerfile simply copies files and directories from your host into the Docker image. It’s straightforward and predictable. For example, you might useCOPYit to bring in application code or configuration files.COPY ./src /app/srcADD: The
ADDcommand is similar toCOPY, but with additional functionality. Besides copying files,ADDcan also handle URL downloads and automatically unpack compressed files (like.tar,.gz, etc.). However, these extra features can sometimes introduce unexpected behavior or security issues, so it’s generally recommended to useCOPYunless you needADD's specific capabilities.ADD http://example.com/file.tar.gz /app/
3. What is the Difference between the Docker command CMD vs RUN?
CMD: The
CMDinstruction sets the default command that will be executed when a container is started from the image. It can be overridden by providing a command when you run the container. Think ofCMDas the “default action” for your container.CMD ["python", "app.py"]RUN: The
RUNinstruction executes commands during the image build process. It’s used to install software or make changes to the image. For example, you might useRUNto install packages or create directories.RUN apt-get update && apt-get install -y python3
4. How Will You Reduce the Size of the Docker Image?
Minimize Layers: Each
RUN,COPY, orADDinstruction in a Dockerfile creates a new layer in the image. By combining commands into fewerRUNstatements, you can reduce the total number of layers.RUN apt-get update && \ apt-get install -y python3 && \ rm -rf /var/lib/apt/lists/*Use .dockerignore: Just like
.gitignore,.dockerignorespecifies files and directories to exclude from the build context. This reduces the size of the context sent to the Docker daemon..git node_modulesChoose Smaller Base Images: Opt for minimal base images like
alpinethat have a smaller footprint compared to more comprehensive images likeubuntu.FROM python:3.9-alpineClean Up: Remove temporary files and caches that are no longer needed after package installations or other operations.
RUN apt-get update && \ apt-get install -y build-essential && \ rm -rf /var/lib/apt/lists/*Optimize Application Code: Ensure that your application code and dependencies are as efficient and minimal as possible.
5. Why and When to Use Docker?
Consistency Across Environments: Docker ensures that your application runs the same way in different environments—development, testing, and production. This reduces the "it works on my machine" problem.
Isolation: Containers isolate applications and their dependencies, which helps prevent conflicts. This isolation is particularly useful for testing and debugging.
Portability: Docker containers can run on any system that supports Docker, whether it's a developer’s laptop, a test server, or a production server in the cloud.
Scalability: Docker makes it easier to scale applications horizontally by running multiple instances (containers) and distributing them across multiple hosts.
Integration with CI/CD: Docker integrates seamlessly with continuous integration and continuous deployment pipelines, automating the build, test, and deployment processes.
6. Explain the Docker Components and How They Interact with Each Other
Docker Daemon: This is the heart of Docker. It runs on the host machine and is responsible for building, running, and managing containers. It listens for API requests and handles container orchestration.
Docker CLI: The command-line interface is used to interact with the Docker Daemon. Commands like
docker run,docker build, anddocker psare executed through the CLI.Docker Images: Images are read-only templates used to create containers. They include everything needed to run an application. Images are built using Dockerfiles and stored in Docker registries.
Docker Containers: Containers are instances of Docker images. They provide an isolated environment for applications to run, using the resources and libraries defined in the image.
Docker Registry: A Docker registry stores Docker images. Docker Hub is a public registry, but you can also use private registries to store your images securely.
Docker Compose: Docker Compose is a tool for defining and running multi-container applications. You use a
docker-compose.ymlfile to configure your application’s services, networks, and volumes.
7. Explain the Terminology: Docker Compose, Dockerfile, Docker Image, Docker Container
Docker Compose A tool that simplifies the management of multi-container Docker applications. You define your application’s services, networks, and volumes in a
docker-compose.ymlfile. It helps you start and manage all components of your application with a single command.Dockerfile: A text file with a set of instructions used to build a Docker image. Each instruction in the Dockerfile creates a layer in the image, which is then used to create containers.
Docker Image: A lightweight, standalone package that includes everything needed to run an application—code, runtime, libraries, and environment variables. Images are used to create containers.
Docker Container: A runnable instance of a Docker image. Containers encapsulate the application and its dependencies in an isolated environment, making it easy to deploy and manage applications.
8. In What Real Scenarios Have You Used Docker?
Development Environment: Developers use Docker to create consistent development environments that mirror production systems, eliminating discrepancies between environments.
Microservices Architecture: Docker is ideal for deploying microservices, where each service runs in its own container. This makes it easier to manage, scale, and deploy each microservice independently.
Testing: Docker containers provide isolated environments for running tests, ensuring that tests run consistently and independently of the host system.
Continuous Deployment: Docker is used in CI/CD pipelines to automate the build, test, and deployment processes, ensuring faster and more reliable releases.
9. Docker vs Hypervisor?
Docker (Containerization): Docker uses containers to run applications in isolated environments. Containers share the host OS kernel, making them lightweight and fast. They don’t require a full OS for each instance, which reduces resource usage.
Hypervisor (Virtualization): A hypervisor creates and manages virtual machines (VMs) that run separate operating systems on a single physical machine. Each VM has its own OS, which adds overhead compared to containers. VMs provide strong isolation but are generally heavier and slower than containers.
10. What Are the Advantages and Disadvantages of Using Docker?
Advantages:
Efficiency: Containers are lightweight and use fewer resources than traditional VMs.
Portability: Docker containers can run on any system with Docker installed, making it easy to move applications between different environments.
Fast Deployment: Containers start quickly compared to VMs, improving deployment speed and efficiency.
Consistency: Docker ensures consistent environments, reducing the risk of “it works on my machine” issues.
Disadvantages:
Security: Containers share the host OS kernel, which can pose security risks if not managed properly. Ensuring container security requires best practices and proper configuration.
Complexity: Managing container orchestration, networking, and persistent storage can add complexity to your infrastructure.
Performance Overhead: While containers are generally lightweight, there can be performance overhead for certain types of applications compared to running directly on the host OS.
11. What is a Docker Namespace?
Docker namespaces provide isolation between containers, allowing them to have separate views of system resources. This isolation ensures that containers do not interfere with each other. Key namespaces include:
PID Namespace: Isolates process IDs, so processes in one container cannot see or interact with processes in another.
Network Namespace: Provides isolated network interfaces and configurations, so containers have their own IP addresses and network settings.
Mount Namespace: Isolates filesystem mounts, allowing containers to have their view of the filesystem.
UTS Namespace: Allows containers to have their own hostname and domain name, which is useful for ensuring unique network identities.
12. What is a Docker Registry?
A Docker registry is a service for storing and distributing Docker images. It acts as a repository where you can push and pull images. Docker Hub is the default public registry, but you can also use private registries for more control and security. Private registries are often used for internal company images or sensitive data.
13. What is an Entry Point?
The ENTRYPOINT instruction in a Dockerfile specifies the command that will run when the container starts. It defines the primary executable for the container, which is executed when the container is run. Unlike CMD, ENTRYPOINT cannot be overridden at runtime, making it ideal for setting the main application or service to run.
ENTRYPOINT ["nginx", "-g", "daemon off;"]
14. How to Implement CI/CD in Docker?
Continuous Integration: Set up Docker to build images and run tests automatically when code changes are pushed. Use CI tools like Jenkins, GitLab CI/CD, or GitHub Actions to automate the process.
Continuous Deployment: Automate the deployment of Docker containers to staging and production environments. Use orchestration tools like Kubernetes or Docker Swarm to manage and scale deployments.
Pipeline Example: In a CI/CD pipeline, you might use Docker to build a new image, run tests inside containers, and then deploy the image to a staging environment for further testing before promoting it to production.
15. Will Data on the Container Be Lost When the Docker Container Exits?
Yes, by default, any data stored in a container’s filesystem will be lost when the container exits. To persist data across container restarts or to share data between containers, you should use Docker volumes or bind mounts. Volumes are stored on the host filesystem but managed by Docker, while bind mounts allow you to mount host directories into containers.
16. What is a Docker Swarm?
Docker Swarm is Docker’s native clustering and orchestration tool. It allows you to create and manage a cluster of Docker nodes (machines) and deploy services across multiple containers. Swarm provides features for load balancing, scaling, and ensuring high availability. It is designed to be simple to use and integrates directly with Docker.
17. What Are the Docker Commands for the Following:
View Running Containers:
docker psRun the Container Under a Specific Name:
docker run --name <name> <image>Export a Docker Image:
docker save -o <filename>.tar <image>Import an Already Existing Docker Image:
docker load -i <filename>.tarDelete a Container:
docker rm <container_id>Remove All Stopped Containers, Unused Networks, Build Caches, and Dangling Images:
docker system prune -a
18. What Are the Common Docker Practices to Reduce the Size of Docker Images?
Multi-Stage Builds: Use multi-stage builds to separate the build environment from the runtime environment, ensuring only the final artifacts are included in the image.
Minimize Layers: Combine commands into single
RUNinstructions to reduce the number of layers in the image.Smaller Base Images: Use minimal base images like
alpineto keep your images lean.Clean Up: Remove unnecessary files and package manager caches in the same
RUNinstruction to avoid leaving temporary files in the image.Efficient Dependencies: Include only the necessary dependencies and libraries in your image to reduce its size.
Subscribe to my newsletter
Read articles from Rajat Chauhan directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Rajat Chauhan
Rajat Chauhan
Rajat Chauhan is a skilled Devops Engineer, having experience in automating, configuring, deploying releasing and monitoring the applications on cloud environment. • Good experience in areas of DevOps, CI/CD Pipeline, Build and Release management, Hashicorp Terraform, Containerization, AWS, and Linux/Unix Administration. • As a DevOps Engineer, my objective is to strengthen the company’s applications and system features, configure servers and maintain networks to reinforce the company’s technical performance. • Ensure that environment is performing at its optimum level, manage system backups and provide infrastructure support. • Experience working on various DevOps technologies/ tools like GIT, GitHub Actions, Gitlab, Terraform, Ansible, Docker, Kubernetes, Helm, Jenkins, Prometheus and Grafana, and AWS EKS, DevOps, Jenkins. • Positive attitude, strong work ethic, and ability to work in a highly collaborative team environment. • Self-starter, Fast learner, and a Team player with strong interpersonal skills • Developed shell scripts (Bash) for automating day-to-day maintenance tasks on top of that have good python scripting skills. • Proficient in communication and project management with good experience in resolving issues.