Docker Interview Questions

Now that I am almost pulling the curtains for the DOCKER topic in the 90 days challenge, here’s the final nail in the coffin. The most exciting part for those who have interviews lined up!

The Docker Interview Questions Blog. Along with the answers!

1. What is Docker?

Docker is a lightweight, open-source containerization platform, written in "Go" language which allows developers to package app into containers that can be easily shared or deployed across different environments.

2. Why and when to use Docker?

We use Docker:

1. Package applications and dependencies to containers making them isolated which makes it easier to deploy and run consistently across different environments.

2. Docker supports scaling allowing multiple containers to run on a single host machine.

3. Docker integrates well with CI/CD pipeline allowing to automate through the stages.

4. Docker Hub, registry, allows us to share and discover images publicly.

5. Docker is valuable when we want to achieve application isolation, portability, scalability, simplified deployment, CI/CD automation, microservices architecture, reproducible environments, and collaboration in software development and deployment.

3. What are the disadvantages of using docker?

Docker introduces additional security considerations like kernel sharing, tampered images, and secret sharing.

1. Docker can add complexity when managing distributed systems with multiple containers and networking requirements.

2. Docker containers are designed to be ephemeral, which means they are not intended for long-term storage or managing stateful applications.

3. Although Docker containers have lower resource overhead compared to virtual machines, there is still a slight performance impact due to the additional layer of abstraction and the shared kernel.

4. What is the basic architecture behind Docker?

Docker is built on the client-server model.

5. Explain the Docker architecture.

Docker architecture consists of three main components: -

1. Docker Engine is a service which allows you to run any container be it Linux, Windows, MacOS or any kind of host OS, with Docker installed on it.

2. Docker Client: It is the primary way that may Docker users interact with Docker.
   Example: When we use "docker run" command, the client sends this command to the Docker Daemon, which carries them out. The docker command uses the Docker API. The Docker client can communicate with more than one daemon.

3. Docker Registry: It is a central repository for all the Docker images where all the images are stored. Docker Hub is the public registry that anyone can use and docker is configured to look for images on Docker Hub by default.

6. Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?

1. Docker Compose is a tool you can use to define and share multi-container applications. This means you can run a project with multiple containers using a single source.

2. Dockerfile is a text file written in a specific format i.e., instructions and arguments format that contains all the commands a user could call on the command line to assemble an image.

3. Docker Image is a package or read-only template which is used to create one or more docker containers.

4. Docker Containers are lightweight and is loosely isolated environment and contain everything needed to run the application, so we do not use need to rely on what is currently installed on the host.

7. Can you tell the difference between Docker and Hypervisor?

Docker and a hypervisor are both technologies used for virtualization.

8. What is the difference between an Image, a Container, and an Engine?

1. Image: An image is a lightweight, standalone, and executable software package that includes everything needed to run a piece of software.

2. Container: A container is an instance of an image that runs as a separate and isolated process on a host operating system.

3. Engine: The engine often referred to as a container runtime or container engine, is responsible for managing the lifecycle of containers. The engine interacts with the underlying operating system’s kernel to create and manage isolated environments for containers, including resource allocation, networking, and storage.

9. What is a Docker namespace?

In Docker, namespaces are a key feature of the Linux kernel that enables process isolation and provide separate and independent environments for various system resources. Docker leverages namespaces to create lightweight and isolated containers. Some commonly used Docker namespaces are pid, net, mnt, uts, ipc.

10. What is a Docker Registry?

A Docker Registry is a central repository for storing and distributing Docker images. The most commonly used Docker registry is Docker Hub.

11. What is the difference between the Docker command COPY vs ADD?

1. COPY command copies files or directories from the host machine to the container.

2. ADD command also copies files or directories from the host machine to the container, but it has additional features like handling automatic extraction of compressed archives (such as tar, gzip, and bzip2) and retrieving files from remote URLs.

12. What is the Difference between the Docker command CMD vs RUN?

1. CMD command specifies the default command to be executed when a container is run and can be overwritten.

2. Whereas, RUN executes commands during the image build process.

13. What is an ENTRYPOINT?

The ENTRYPOINT instruction in a Dockerfile is used to specify the command or script that should be executed when a container is run from the Docker image. It sets the primary command that will be executed within the container.

14. How is ENTRYPOINT different from the CMD command of Docker?

ENTRYPOINT gets executed post-container launch and cannot be overwritten. But a new command can be attached(appended).

15. Why do we use EXPOSE in the docker file?

The EXPOSE instruction in a Dockerfile is used to specify the ports on which a container will listen for connections. It does not publish or expose those ports to the host or the outside world. It is more like a documentation mechanism to inform users of the intended network ports used by the container.

16. How Will you reduce the size of the Docker image?

1. Choosing lightweight base images.

2. Installing only necessary dependencies.

3. Combining multiple RUN commands in the docker file into a single command.

4. Removing temporary and unnecessary files.

17. In what real scenarios have you used Docker?

This you can explain from your project experience. I have used Docker in a few real scenarios:

1. While working with CI/CD pipeline, to automate the build, testing, and deployment of applications. Docker containers provide a lightweight and portable unit that can be easily deployed to various platforms.

2. During the migration of applications to the cloud and supports hybrid cloud deployments. Docker’s portability and consistency helps in achieving flexibility and scalability in cloud deployments.

18. How to implement CI/CD in Docker?

Explain the full process to the interviewer.

The full implementation can be understood through the documentation from docker: CI/CD in Docker

19. What is the lifecycle of a docker container?

The stages of the lifecycle of a docker container are as follows:

1. Create: The container is created based on an image, but not running.

2. Start: The container is started using the docker start command.

3. Run: The container is running and continues to execute the commands or services specified in the image.

4. Pause/Unpause: Pausing a container temporarily suspends its processes while unpausing resumes its execution without starting the container from scratch.

5. Stop: The container is gracefully stopped using the docker stop command.

6. Remove: The container is removed using the docker rm command.

20. Will data on the container be lost when the docker container exits?

By default, no data is preserved when the container exits.

21. If so, how do you preserve data when the container exits?

1. Docker volumes are a way to store and manage persistent data independently of the container’s lifecycle.

2. With bind mounts, data is stored on the host’s file system and remains available even after the container exits.

3. By using external storage solutions like NAS.

22. How do you view running containers?

By using the command:

docker ps

23. What is the command to run the container under a specific name?

By using — name with the docker run command:

docker run --name container_name image_name

24. How do you save a docker?

There are multiple ways to save or export a docker:

1. We can use the docker save command to save the container or image as a tar file.

    docker save imagename > image.tar
   

2. We can use the docker export command to export the container or image as a tar file.

    docker export image_name > image.tar
   

25. How do you create a docker container based on an existing container?

By using the docker commit command:

docker commit existing_container new_container

26. What is the command to import an already existing docker image?

By using the docker load command, we can import an already existing command which was saved using the docker save command:

docker load -i <image.tar>

27. What is the command to delete a container?

We use the docker rm command:

docker rm container1_id container2_id

To delete all stopped containers, we can use the prune command:

docker container prune

28. What is the command to remove all stopped containers, unused networks, build caches, and dangling images?

The command is:

docker system prune -f
Where, -f is used to bypass the confirmation prompt.

29. How can you monitor Docker containers and collect metrics for performance analysis?

By using the docker stats command, the real-time performance metrics for running containers can be obtained. It provides information on CPU usage, memory consumption, network I/O, and more.

30. How do you share Docker images with others?

1. We can use Docker Hub or any container registry as the central repository to share the docker images with our team members.

2. Or else we can export the docker image as a tar file and share it with others.

31. How do you remove a docker image and docker volume?

To delete an image:

docker rmi image_name

To delete a volume:

docker volume rm volume_name

32. How do you link multiple Docker containers together?

1. By using the docker network.

2. By setting environment variables.

3. By using docker-compose.

33. Explain the purpose of Docker Compose. How is it used?

Docker Compose is a tool that allows you to define and manage multi-container Docker applications. It simplifies the process of running multiple containers together, enabling you to define their configuration, dependencies, and network connections in a declarative YAML file.

The main purposes of Docker Compose are to define services, manage dependencies, create networks, simplify configurations, and help in development workflows.

To use Docker Compose, you define your application stack in a docker-compose.yaml file, and then use commands like docker-compose up and docker-compose down to manage the lifecycle of the containers.

34. Can we use JSON instead of YAML while developing a docker-compose file in Docker?

Yes. By using:

docker-compose -f docker-compose.json up

35. What features are provided by Docker Enterprise Edition instead of Docker Community Edition?

Docker Enterprise Edition provides certified Docker images and plugins. It also provides Active Directory or LDAP user integration, continuous vulnerability and security scans, and container app and image management features.

36. What are the security best practices when working with Docker?

1. Use officially certified images.

2. Regularly update images.

3. Do not provide all privileges to non-root use. Limit the privileges.

4. Secure the docker host.

5. Keep logging and monitoring the container activities.

6. Don’t store secure keys and configuration in a file or directory. Store them as environment variables.

7. Perform up-to-date security checks and keep updating the security vulnerabilities.

37. Which is Docker Volume and Docker Network?

If we are creating docker containers and adding data to that containers then the data will be there when containers are running, that data can go away anytime or can get destroyed anytime when our docker container get exited or get crashed. So, we need to persist that data from that crash, we need "Docker Volumes".

Container networking refers to the ability for containers to connect to and communicate with each other, or to non-Docker workloads.

38. What is a Docker swarm?

Docker Swarm is an orchestration management tool that runs on Docker applications. It helps end-users in creating and deploying a cluster of Docker nodes.
Docker Swarm provides a simple and efficient way to orchestrate containers, offering features like service discovery, load balancing, and fault tolerance.

It uses master-slave architecture.

In this blog, I have put my heart to collect interview questions on Docker. If you have any questions or would like to share your experiences, feel free to leave a comment below. Don’t forget to read my blogs and connect with me on LinkedIn and let’s have a conversation.

👆The information presented above is based on my interpretation. Suggestions are always welcome.😊

~Smriti Sharma✌