Day 21 : Docker Important interview Questions

Q1. What is the Difference between an Image, Container and Engine?

Docker Image : A docker image is a read-only template that contains the application code, dependencies, configurations, and all required binaries for an application to run. It is immutable i.e. it cant be changed after creation. It is stored in public or private repositories such as docker hub, aws ecr.

Docker Container : A Docker Container is a runtime instance of a Docker Image. A container is an isolated environment where an application runs without affecting the rest of the system and without the system impacting the application.

Docker Engine : The Docker Engine is the underlying software that enables the use of containers and images. It’s a client-server application consisting of:

Docker Daemon (dockerd): Runs on the host and manages containers, images, networks, and volumes. Docker CLI (Command Line Interface): Allows users to interact with the daemon using commands like docker build, docker run, etc.

Docker engine provides all the core functionality of Docker, including container orchestration and image management.

Q2. What is the Difference between the Docker command COPY vs ADD?

In Docker, both "COPY" and "ADD" are used to copy files and directories into a Docker image during the build process, but the key difference is that "COPY" only copies files from the local system, while "ADD" has additional functionalities like downloading files from URLs and automatically extracting archives, making "COPY" the preferred option for most cases due to its simplicity and security benefits

Q3. What is the Difference between the Docker command CMD vs RUN?

RUN is used to execute commands during the build process of a Docker image, while CMD is used to specify the default command to run when a Docker container is started from the image.

Q4. How Will you reduce the size of the Docker image?

Techniques for reducing Docker image size to the minimum include choosing the right base image and excluding unnecessary files and layers

1. Use Slim Image Base

2. Create .dockerignore to exclude unnecessary files during final image build

3. Using multi-stage builds to divide docker file into multiple stages

4. Avoid unnecessary layer as docker image requires more space with each layer

5. Remove unnecessary packages and dependencies

6. Organize layers for caching

Q5. Why and when to use Docker?

You should use Docker when you want to ensure consistent application environments across development, testing, and production, enabling faster software delivery by providing portability and isolation for your applications, especially when dealing with complex systems that run on different environments or require frequent scaling; essentially, Docker helps eliminate the "it works on my machine" problem by packaging your application with all its dependencies within a container that can run anywhere with the same behavior.

Q6. Explain the Docker components and how they interact with each other.

Key Docker components and their interactions:

Docker Client (docker): This is the user interface used to interact with Docker. When you run commands like docker run, the client sends these instructions to the Docker daemon via the REST API.

Docker Daemon (dockerd): The core component responsible for managing Docker objects like images, containers, networks, and volumes. It listens for requests from the client and performs the necessary actions.

Docker Images: Read-only templates that serve as the blueprint for creating containers. They contain the necessary files, libraries, and configurations to run an application.

Dockerfile: A text file that specifies the instructions for building a Docker image.

Docker Containers: Running instances of a Docker image, essentially isolated environments where applications run.

Docker Registry: A repository where Docker images are stored and shared publicly or privately.

Docker Networks: Virtual networks that allow containers to communicate with each other.

How they interact:

Building an image: When a user writes a Dockerfile and runs docker build in the client, the client sends the instructions to the Docker daemon which then builds the image based on the Dockerfile.

Running a container: When a user runs docker run with an image name, the client sends this command to the Docker daemon, which pulls the image from the registry if needed, and then creates and starts a container based on that image.

Managing containers: The Docker client can use commands like docker start, docker stop, docker ps to interact with running containers, with the daemon executing these actions on the host system.

Q7. Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?

Docker Compose : Docker Compose is a tool for defining and managing multi-container applications using a YAML file. It simplifies the process of running multiple containers that are interconnected and part of a single application. It’s main purpose is to run the container with a single command

Docker file : A text file containing a set of instructions to build a Docker image. The Docker file specifies the base image, dependencies, application code, and configurations needed for the image.

Docker Image : A read-only, standalone package that contains everything needed to run an application. It includes the application code, runtime, libraries, environment variables, and system tools.

Docker Container : A runtime instance of a Docker image. Containers are lightweight, isolated environments where applications run.

Q8. Explain docker use cases in real world scenarios

Microservices Architecture : Each microservice runs in its own container with the required runtime and dependencies. Docker Compose or Kubernetes is used to manage the deployment of all services. Containers ensure isolation, so updates to one service (e.g., payment) don’t affect others

Continuous Integration/Continuous Deployment (CI/CD) :Build Docker images in CI pipelines to ensure consistent environments for testing. Use containers to run tests in isolated environments. Deploy Docker containers to production as part of the CD pipeline

Legacy Application Modernization : Containerize the legacy application by packaging it along with its dependencies. Deploy the containerized app on modern infrastructure or in the cloud. Reduces costs of maintaining old hardware and makes the app portable.

Scalable Web Hosting : Package the web server (e.g., Nginx) and application in containers. Use orchestration tools (e.g., Kubernetes, Docker Swarm) to scale containers up or down based on traffic. Simplifies updates by rolling out new container versions.

Q9. Docker vs Hypervisor?

Docker : Docker is a containerization platform that uses OS-level virtualization to create lightweight, portable, and isolated environments called containers. Containers share the host operating system's kernel, making them more efficient.

Hypervisor : A Hypervisor is a virtualization platform that allows multiple operating systems (called Virtual Machines or VMs) to run on a single physical machine by abstracting the underlying hardware. Each VM has its own OS, kernel, and dependencies.

Q10. What are the advantages and disadvantages of using docker?

Advantages :

1. Portability : Docker containers are platform-independent. They can run on any system with Docker installed, regardless of the underlying OS (Linux, Windows, macOS).

2. Lightweight : Containers share the host OS kernel, so they are much smaller than virtual machines (VMs).

3. Consistency and Isolation : Applications run in isolated environments, ensuring they work consistently regardless of the host environment.

4. Efficiency : Containers use fewer system resources (CPU, memory, and disk) compared to VMs because they share the host OS.

5. Scalability : Easy to scale containers horizontally by deploying multiple instances of an application.

Disadvantages :

1. Security Concerns : Containers share the host OS kernel, so a vulnerability in the kernel can potentially affect all containers on the host.

2. Complexity in Orchestration : Managing many containers can become challenging without orchestration tools like Kubernetes.

3. Limited Performance for Some Workloads : Containers are less suitable for heavy workloads that require full hardware isolation.

4. Storage Management : Containers can quickly consume storage if old images, unused volumes, and dangling containers are not cleaned up regularly.

5. Networking Overhead : Docker's networking model introduces a slight overhead, which may impact network performance for some applications.

Q11. What is a Docker namespace?

A Docker namespace is a feature of the Linux kernel that provides isolation for resources and processes within a container. Namespaces allow containers to operate independently of one another and the host system by creating a virtualized environment. Each namespace provides an isolated view of system resources for the container.

Q12. What is a Docker registry?

A Docker Registry is a storage and distribution system for Docker images. It acts as a centralized location where Docker images are stored, managed, and distributed to developers or other environments. The registry allows you to push and pull container images, enabling collaboration and deployment of applications. There are 3 types of registries: Public (ex- docker registry), Private(aws ecr,azure container registry, google container registry), Self Hosted (created and managed by you)

Q13. What is an entry point?

An entry point in Docker refers to the command or script that runs when a container starts. It is a way to define the main process that runs within the container. The entry point is specified in the Docker file using the ENTRYPOINT instruction, which ensures that the specified command will always execute when the container is launched.

Q14. How to implement CI/CD in Docker?

1. Write a docker file

2. Configure a CI/CD pipeline

3. Use github action/gitlab CI/CD

4. Push docker image to registry

5. Deploy the docker container using Kubernetes manifest file

Q15. Will data on the container be lost when the docker container exits?

Yes the data on the container will be lost if we haven’t created docker volume to store data

Q16. What is a Docker swarm?

Docker Swarm is a tool that manages and schedules Docker containers across a cluster of machines. It's an open-source platform built and maintained by Docker.

Q17. What are the docker commands for the following:

a. view running containers : docker ps

b. command to run the container under a specific name : docker run --name <container_name> <image_name>

c. command to export a docker : command to export a docker

d. command to import an already existing docker image : docker import/docker load

e. commands to delete a container : docker rm <container_id_or_name>

f. command to remove all stopped containers, unused networks, build caches, and dangling images? : docker system prune/docker system prune -f