Docker Interview Question And Answer

Latest Docker Interview Question And Answer

Most Recently Asked Docker Interview Question And Answer

Docker Interview Question And Answer are as follows-

  1. What is Docker?

Docker is an open-source lightweight containerization technology. It has gained widespread popularity in the cloud and application packaging world. It allows you to automate the deployment of applications in lightweight and portable containers.

  1. What are the advantages of using Docker container?

Here, are a major advantage of using Docker.

  • Offers an efficient and easy initial set up
  • Allows you to describe your application lifecycle in detail
  • Simple configuration and interacts with Docker Compose.
  • Documentation provides every bit of information.
  1. What are the important features of Docker?

Here are the essential features of Docker:

  • Easy Modeling
  • Version control
  • Placement/Affinity
  • Application Agility
  • Developer Productivity
  • Operational Efficiencies
  1. What are the main drawbacks of Docker?

Some notable drawbacks of Docker are:

  • Doesn’t provide a storage option
  • Offer a poor monitoring option.
  • No automatic rescheduling of inactive Nodes
  • Complicated automatic horizontal scaling set up
  1. What is Docker image?

The Docker image help to create Docker containers. You can create the Docker image with the build command. Due to this, it creates a container that starts when it begins to run. Every docker images are stored in the Docker registry.

  1. What is Docker Engine?

Docker daemon or Docker engine represents the server. The docker daemon and the clients should be run on the same or remote host, which can communicate through command-line client binary and full RESTful API.

  1. Explain Registries

There are two types of registry is

  • Public Registry
  • Private Registry

Docker’s public registry is called Docker hub, which allows you to store images privately. In Docker hub, you can store millions of images.

  1. What command should you run to see all running container in Docker?

$ docker ps

  1. Write the command to stop the docker container

$ sudo docker stop container name

  1. What is the command to run the image as a container?

$ sudo docker run -i -t alpine /bin/bash

  1. What are the common instruction in Dockerfile?

The common instruction in Dockerfile are: FROM, LABEL, RUN, and CMD.

  1. What is memory-swap flag?

Memory-swap is a modified flag that only has meaning if- memory is also set. Swap allows the container to write express memory requirements to disk when the container has exhausted all the RAM which is available to it.

  1. Explain Docker Swarm?

Docker Swarm is native gathering for docker which helps you to a group of Docker hosts into a single and virtual docker host. It offers the standard docker application program interface.

  1. How can you monitor the docker in production environments?

Docker states and Docker Events are used to monitoring docker in the production environment.

  1. What the states of Docker container?

Important states of Docker container are:

  • Running
  • Paused
  • Restarting
  • Exited
  1. What is Docker hub?

Docker hub is a cloud-based registry that which helps you to link to code repositories. It allows you to build, test, store your image in Docker cloud. You can also deploy the image to your host with the help of Docker hub.

  1. What is Virtualization?

Virtualization is a method of logically dividing mainframes to allow multiple applications to run simultaneously.

However, this scenario changed when companies and open source communities were able to offer a method of handling privileged instructions. It allows multiple OS to run simultaneously on a single x86 based system.

  1. What is Hypervisor?

The hypervisor allows you to create a virtual environment in which the guest virtual machines operate. It controls the guest systems and checks if the resources are allocated to the guests as necessary.

  1. Explain Docker object labels

Docker object labels is a method for applying metadata to docker objects including, images, containers, volumes, network, swam nodes, and services.

  1. Write a Docker file to create and copy a directory and built it using python modules?

FROM pyhton:2.7-slim WORKDIR /app COPY . /app docker build –tag

  1. Where the docker volumes are stored?

You need to navigate:

/var/lib/docker/volumes

  1. List out some important advanced docker commands
Command Description
docker info Information Command
docker pull Download an image
docker stats Container information
Docker images List of images downloaded
  1. How does communication happen between Docker client and Docker Daemon?

You can communicate between Docker client and Docker Daemon with the combination of Rest API, socket.IO, and TCP.

  1. Explain Implementation method of Continuous Integration(CI) and Continues Development (CD) in Docker?

You need to do the following things:

  • Runs Jenkins on docker
  • You can run integration tests in Jenkins using docker-compose
  1. What are the command to control Docker with Systemd?

systemctl start/stop dockerservice docker start/stop

  1. How to use JSON instead of YAML compose file?

docker-compose -f docker-compose.json up

  1. What is the command you need to give to push the new image to Docker registry?

docker push myorg/img

  1. How to include code with copy/add or volumes?

In docker file, we need to use COPY or ADD directive. This is useful to relocate code. However, we should use a volume if we want to make changes.

  1. Explain the process of scaling your Docker containers

The Docker containers can be scaled to any level starting from a few hundred to even thousands or millions of containers. The only condition for this is that the containers need the memory and the OS at all times, and there should not be a constraint when the Docker is getting scaled.

  1. What is the method for creating a Docker container?

You can use any of the specific Docker images for creating a Docker container using the below command.

docker run -t -i command name

This command not only creates the container but also start it for you.

  1. What are the steps for the Docker container life cycle?

Below are the steps for Docker life cycle:

  • Build
  • Pull
  • Run
  1. How can you run multiple containers using a single service?

By using docker-compose, you can run multiple containers using a single service. All docker-compose files uses yaml language.

  1. What is CNM?

CNM stands for Container Networking Model. It is a standard or specification from Docker, Inc. that forms the basis of container networking in a Docker environment. This docker’s approach provides container networking with support for multiple network drivers.

  1. Does Docker offer support for IPV6?

Yes, Docker provides support IPv6. IPv6 networking is supported only on Docker daemons runs on Linux hosts. However, if you want to enable IPv6 support in the Docker daemon, you need to modify /etc/docker/daemon.json and set the ipv6 key to true.

  1. Can you lose data when the container exits?

No, any data that your application writes to disk get stored in container. The file system for the contain persists even after the container halts.

  1. What are a different kind of volume mount types available in Docker?

Bind mounts- It can be stored anywhere on the host system

  1. How to configure the default logging driver under Docker?

To configure the Docker daemon to default to a specific logging driver. You need to set the value of log-driver to the name of the logging drive the daemon.jason.fie.

  1. Explain Docker Trusted Registry?

Docker Trusted Registry is the enterprise-grade image storage toll for Docker. You should install it after your firewall so that you can securely manage the Docker images you use in your applications.

  1. What are Docker Namespaces?

The Namespace in Docker is a technique which offers isolated workspaces called the Container. Namespaces also offer a layer of isolation for the Docker containers.

  1. What are the three components of Docker Architecture
  • Client
  • Docker-Host
  • Registry
  1. What is client?

Docker provides Command Line Interface tools to the client to interact with Docker daemon.

  1. What is the purpose of Docker_Host?

It contains container, images, and Docker daemon. It offers a complete environment to execute and run your application.

  1. How do I run multiple copies of Compose file on the same host?

Compose uses the project name which allows you to create unique identifiers for all of a project’s containers and other resources. To run multiple copies of a project, set a custom project name using the -a command-line option or using COMPOSE_PROJECT_NAME environment variable.

  1. What is containerization?

Let me explain this is with an example. Usually, in the software development process, code developed on one machine might not work perfectly fine on any other machine because of the dependencies. This problem was solved by the containerization concept. So basically, an application that is being developed and deployed is bundled and wrapped together with all its configuration files and dependencies. This bundle is called a container. Now when you wish to run the application on another system, the container is deployed which will give a bug-free environment as all the dependencies and libraries are wrapped together. Most famous containerization environments are Docker and Kubernetes.

 

  1. Difference between virtualization and containerization.

Containers provide an isolated environment for running the application. The entire user space is explicitly dedicated to the application. Any changes made inside the container is never reflected on the host or even other containers running on the same host. Containers are an abstraction of the application layer. Each container is a different application.

 

Whereas in Virtualization, hypervisors provide an entire virtual machine to the guest(including Kernal). Virtual machines are an abstraction of the hardware layer. Each VM is a physical machine.

 

 

  1. What is a Docker Container?

Docker containers include the application and all of its dependencies. It shares the kernel with other containers, running as isolated processes in user space on the host operating system. Docker containers are not tied to any specific infrastructure: they run on any computer, on any infrastructure, and in any cloud. Docker containers are basically runtime instances of Docker images.

 

  1. Explain Docker Architecture?

Docker Architecture consists of a Docker Engine which is a client-server application with three major components:

 

A server which is a type of long-running program called a daemon process (the docker command).

A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do.

A command line interface (CLI) client (the docker command).

The CLI uses the Docker REST API to control or interact with the Docker daemon through scripting or direct CLI commands. Many other Docker applications use the underlying API and CLI.

 

  1. What is the lifecycle of a Docker Container?

This is one of the most popular questions asked in Docker interviews. Docker containers have the following lifecycle:

 

  • Create a container
  • Run the container
  • Pause the container(optional)
  • Un-pause the container(optional)
  • Start the container
  • Stop the container
  • Restart the container
  • Kill the container
  • Destroy the container

 

  1. What is Docker Machine?

Docker machine is a tool that lets you install Docker Engine on virtual hosts. These hosts can now be managed using the docker-machine commands. Docker machine also lets you provision Docker Swarm Clusters.

 

  1. How to check for Docker Client and Docker Server version?

The following command gives you information about Docker Client and Server versions:

 

$ docker version

 

  1. How do you get the number of containers running, paused and stopped?

You can use the following command to get detailed information about the docker installed on your system.

 

$ docker info

 

If you vaguely remember the command and you’d like to confirm it, how will you get help on that particular command?

The following command is very useful as it gives you help on how to use a command, the syntax, etc.

$ docker –help

 

The above command lists all Docker commands. If you need help with one specific command, you can use the following syntax:

 

$ docker <command> –help

 

 

  1. How to login into docker repository?

You can use the following command to login into hub.docker.com:

$ docker login

 

You’ll be prompted for your username and password, insert those and congratulations, you’re logged in.

 

If you wish to use a base image and make modifications or personalize it, how do you do that?

You pull an image from docker hub onto your local system

 

It’s one simple command to pull an image from docker hub:

 

$ docker pull <image_name>

 

 

  1. How do you create a docker container from an image?

Pull an image from docker repository with the above command and run it to create a container. Use the following command:

 

$ docker run -it -d <image_name>

 

Most probably the next question would be, what does the ‘-d’ flag mean in the command?

 

-d means the container needs to start in the detached mode.

 

 

  1. How to start, stop and kill a container?

 

The following command is used to start a docker container:

 

$ docker start <container_id>

 

and the following for stopping a running container:

 

$ docker stop <container_id>

 

kill a container with the following command:

 

$ docker kill <container_id>

 

  1. Can you use a container, edit it, and update it? Also, how do you make it a new and store it on the local system?

Of course, you can use a container, edit it and update it. This sounds complicated but its actually just one command.

 

$ docker commit <conatainer id> <username/imagename>

 

  1. How to delete an image from the local storage system?

The following command lets you delete an image from the local system:

 

$ docker rmi <image-id>

 

  1. How to build a Dockerfile?

Once you’ve written a Dockerfile, you need to build it to create an image with those specifications. Use the following command to build a Dockerfile:

 

$ docker build <path to docker file>

 

The next question would be when do you use “.dockerfile_name” and when to use the entire path?

 

Use “.dockerfile_name” when the dockerfile exits in the same file directory and you use the entire path if it lives somewhere else.

 

 

  1. Do you know why docker system prune is used? What does it do?

$ docker system prune

 

The above command is used to remove all the stopped containers, all the networks that are not used, all dangling images and all build caches. It’s one of the most useful docker commands.

 

  1. Where all do you think Docker is being used?

When asked such a question, respond by talking about applications of Docker. Docker is being used in the following areas:

 

Simplifying configuration: Docker lets you put your environment and configuration into code and deploy it.

Code Pipeline Management: There are different systems used for development and production. As the code travels from development to testing to production, it goes through a difference in the environment. Docker helps in maintaining the code pipeline consistency.

Developer Productivity: Using Docker for development gives us two things – We’re closer to production and development environment is built faster.

Application Isolation: As containers are applications wrapped together with all dependencies, your apps are isolated. They can work by themselves on any hardware that supports Docker.

Debugging Capabilities: Docker supports various debugging tools that are not specific to containers but work well with containers.

Multi-tenancy: Docker lets you have multi-tenant applications avoiding redundancy in your codes and deployments.

Rapid Deployment: Docker eliminates the need to boost an entire OS from scratch, reducing the deployment time.

 

  1. How is Docker different from other containerization methods?

Docker containers are very easy to deploy in any cloud platform. It can get more applications running on the same hardware when compared to other technologies, it makes it easy for developers to quickly create, ready-to-run containerized applications and it makes managing and deploying applications much easier. You can even share containers with your applications.

 

If you have some more points to add you can do that but make sure the above explanation is there in your answer.

 

 

  1. Can I use JSON instead of YAML for my compose file in Docker?

You can use JSON instead of YAML for your compose file, to use JSON file with compose, specify the JSON filename to use, for eg:

 

$ docker-compose -f docker-compose.json up

 

  1. How far do Docker containers scale? Are there any requirements for the same?

Large web deployments like Google and Twitter and platform providers such as Heroku and dotCloud, all run on container technology. Containers can be scaled to hundreds of thousands or even millions of them running in parallel. Talking about requirements, containers require the memory and the OS at all the times and a way to use this memory efficiently when scaled.

 

  1. Will cloud overtake the use of Containerization?

Docker containers are gaining popularity but at the same time, Cloud services are giving a good fight. In my personal opinion, Docker will never be replaced by Cloud. Using cloud services with containerization will definitely hype the game. Organizations need to take their requirements and dependencies into consideration into the picture and decide what’s best for them. Most of the companies have integrated Docker with the cloud. This way they can make the best out of both the technologies.

 

  1. How many containers can run per host?

There can be as many containers as you wish per host. Docker does not put any restrictions on it. But you need to consider every container needs storage space, CPU and memory which the hardware needs to support. You also need to consider the application size. Containers are considered to be lightweight but very dependent on the host OS.

 

  1. Is it a good practice to run stateful applications on Docker?

The concept behind stateful applications is that they store their data onto the local file system. You need to decide to move the application to another machine, retrieving data becomes painful. I honestly would not prefer running stateful applications on Docker.

 

  1. How will you monitor Docker in production?

Docker provides functionalities like docker stats and docker events to monitor docker in production. Docker stats provides CPU and memory usage of the container. Docker events provide information about the activities taking place in the docker daemon.

 

  1. What changes are expected in your docker compose file while moving it to production?

These are the following changes you need make to your compose file before migrating your application to the production environment:

 

Remove volume bindings, so the code stays inside the container and cannot be changed from outside the container.

Binding to different ports on the host.

Specify a restart policy

Add extra services like log aggregator

 

  1. What is the benefit of using a Docker over a Hypervisor?

Though Docker and Hypervisor might do the same job overall, there are many differences between them in terms of how they work. Docker can be thought of as lightweight since it uses very fewer resources and also the host kernel rather than creating it like a Hypervisor.

 

  1. What are the unique features of Docker over other containerization technologies?

Some of the most important and unique features of Docker are as follows:

 

We can run our Docker container either on our PC or on our enterprise IT system.

Along with the Docker Hub, which is a repository of all containers, we can deploy and download all our applications from a central location.

We can even share our applications with the containers that we create.

 

  1. Name the essential Docker commands and what they do.

The most critical Docker commands are:

 

Build. Builds a Docker image file

Commit. Creates a new image from container changes

Create. Creates a new container

Dockerd. Launches Docker daemon

Kill. Kills a container

 

  1. Difference between Docker Image and container?

 

Docker container is the runtime instance of docker image.

Docker Image doesnot have a state and its state never changes as it is just set of files whereas docker container has its execution state.

 

  1. How to build environment-agnotic systems with Docker?

Answer: There are three main features

 

  • Volumes
  • Environment Variable Injection
  • Read Only file systems

 

  1. Where does the docker daemon store the Docker images?

Answer: Docker Registry

 

  1. Explain about configure networking in Docker?

Answer:

bridge: The default network driver

host:  For stand alone containers , remove network isolation between the container and the docker host

Overlay: Overlay networks connect multiple docker daemons

macvlan: for assigning MAC address for container

none: disable all neworking

 

  1. What is Docker object labels?

Answer: These are the mechanism for applying metadata to docker objects including, images, containers, Local daemons, volumes, network, swam nodes,swarm services.

 

  1. How to cleanup Docker image?

Answer:

docker container stop name

docker container rm name

docker image rm name

 

 

  1. Explain about Docker security?

Answer: 4 aspects

  1. Kernal namespaces
  2. control groups
  3. docker daemon attack surface
  4. Linux kernal capabilities

 

 

  1. How to develop new apps on Docker?

Answer:

1.build an image file to docker file

2.use multistage builds

3.manage application data using and bind mounts

4.scale app as a swarm

 

  1. What is the difference between the `COPY` and `ADD` commands in a Dockerfile?

Answer:

Although ADD and COPY are functionally similar, generally speaking, COPY is preferred.

 

That’s because it’s more transparent than ADD. COPY only supports the basic copying of local files into the container, while ADD has some features (like local-only tar extraction and remote URL support) that are not immediately obvious. Consequently, the best use for ADD is local tar file auto-extraction into the image, as in ADD rootfs.tar.xz /.

 

 

 

  1. What are the various states that a Docker container can be in at any given point in time?

Answer: There are four states that a Docker container can be in, at any given point in time. Those states are as given as follows:

 

  1. Running
  2. Paused
  3. Restarting
  4. Exited

 

  1. What are the most common instructions in Dockerfile?

Answer: Some of the common instructions in Dockerfile are as follows:

FROM: We use FROM to set the base image for subsequent instructions. In every valid Dockerfile, FROM is the first instruction.

LABEL: We use LABEL to organize our images as per project, module, licensing etc. We can also use LABEL to help in automation. In LABEL we specify a key value pair that can be later used for programmatically handling the Dockerfile.

RUN: We use RUN command to execute any instructions in a new layer on top of the current image. With each RUN command we add something on top of the image and use it in subsequent steps in Dockerfile.

CMD: We use CMD command to provide default values of an executing container. In a Dockerfile, if we include multiple CMD commands, then only the last instruction is used.

 

  1. What type of applications – Stateless or Stateful are more suitable for Docker Container?

Answer: It is preferable to create Stateless application for Docker Container. We can create a container out of our application and take out the configurable state parameters from application. Now we can run same container in Production as well as QA environments with different parameters. This helps in reusing the same Image in different scenarios. Also a stateless application is much easier to scale with Docker Containers than a stateful application.

 

 

  1. What is the difference between Docker Image and Layer?

Answer: Image: A Docker image is built up from a series of read-only layers

Layer: Each layer represents an instruction in the image’s Dockerfile.

The below Dockerfile contains four commands, each of which creates a layer.

 

FROM ubuntu:15.04

COPY . /app

RUN make /app

CMD python /app/app.py

Importantly, each layer is only a set of differences from the layer before it.

 

  1. when is .dockerignore is being used?

Answer:  A typical Dockerfile contains one or more COPY commands to copy files and/or folders from the developer machine to the docker image, which eventually become part of the container. While copying folders to a docker image, it is quite possible that some unwanted files are also copied to the image. This may create a bulky image and hence cause performance issues in the container.

 

In order to avoid this, we can create a file named .dockerignore along with Dockerfile in the same directory. This file is used to list all the files and directories that need to be excluded while copying folders onto the image. It contains a pattern and none of the files matching it is added to the image. This helps to avoid unnecessarily sending large or sensitive files and directories to the daemon and potentially adding them to images.

 

  1. What is docker-compose?

Answer: Compose is a tool provided by Docker for defining and running multi-container applications together in an isolated environment. Either a YAML or JSON file can be used to configure all the required services like Database, Messaging Queue along with the application server. Then, with a single command, we can create and start all the services from the configuration file.

 

It comes handy to reproduce the entire application along with its services in various environments like development, testing, staging and most importantly in CI as well.

 

Typically the configuration file is named as docker-compose.yml.

 

  1. What are the steps involved while using docker for application development?

Answer: All the steps below are based on the prerequisite that Docker is already installed on the machine:

 

  1. Create Dockerfile:

The initial step is to create a Dockerfile file using a suitable base image along with all the required steps/commands, like setting environment variables, adding application jar, etc. This creates several layers on the existing base image.

 

  1. Build image:

Once the Dockerfile is ready, we can either use docker command or via a Gradle task to generate a docker image. This image contains all the application dependencies required to run the application in a container.

 

  1. docker build -t-test/security tool.

Run the image:

Once the docker image is built, we can create and start the container using command.

 

  1. docker run –name rest_tool test/security tool.

Start Containers using Compose:

In case we have multiple containers constituting an application like database, messaging queue, etc.; then it is advisable to use docker-compose to run multiple containers simultaneously. It is also useful in the CI pipeline for running the application and performing tests.

 

  1. docker-compose up

Test the Application:

After the containers are up and running, the application is ready for Integration or Acceptance tests to be performed. Ideally, it is integrated into the CI pipeline for determining if the new code changes are affecting the existing flows.

 

  1. Push image:

Typically in a container-based development environment, the deliverable artifact is a docker image. This image needs to be published to an internal Registry like Artifactory so that it can be propagated to next levels like Continuous Delivery and Deployment pipelines.

 

  1. docker push test/securityTool

Production orchestration:

Ideally, organizations need to use orchestration tools like Kubernetes to run the containers in a Pod to perform load balancing, service discovery, etc in a production environment. It also helps in providing scalability and high availability of the application.

 

  1. What is Voulme in docker ?

Answer: A data volume is a specially-designated directory that is located outside of the root filesystem of a container (i.e. created on the host), designed to persist data, independent of the container’s life cycle. This allows sharing data within containers by importing volume directory in other containers.

 

Data volumes provide several useful features:

  • Data volumes persist even if the container itself is deleted.
  • Data volumes can be shared and reused among containers.
  • Changes to a data volume can be made directly.
  • Volumes can be initialized when a container is created.

 

  1. How is docker different from standard virtualization using VMs?

Answer: Virtual Machines (VMs) virtualize the underlying hardware. They run on physical hardware via an intermediation layer known as a hypervisor. They require additional resources are required to scale-up VMs.

 

They are more suitable for monolithic applications. Whereas, Docker is operating system-level virtualization. Docker containers user spaceace on top the of host kernel, making them lightweight and fast. Up-scaling is simpler, just need to create another container from an image.

Generally, Docker is more suitable for Microservices-based cloud applications.

  1. What is termed as Docker Objects?

Answer: Docker Images, Services and Containers are termed as Docker Objects.

  • Images: A read-only template with instructions for creating a Docker container
  • Containers: A runnable instance of an image
  • Services: It allows the scaling of containers across a variety of Docker Daemons, which all work together as a swarm.
Related Posts:

For more Interview Questions And Answers click here