Friday, 28 December 2018

Docker interview questions | Part - 1


What is Docker?
Docker is a containerization platform which packages your application and all its dependencies together in the form of containers so as to ensure that your application works seamlessly in any environment be it development or test or production.

What is Docker image?

Docker image is the source of Docker container. In other words, Docker images are used to create containers. Images are created with the build command, and they’ll produce a container when started with run. Images are stored in a Docker registry.

What is Docker container?

Docker containers are basically runtime instances of Docker images.

Docker containers include the application and all of its dependencies, but share the kernel with other containers, running as isolated processes in user space on the host operating system. Docker containers are not tied to any specific infrastructure: they run on any computer, on any infrastructure, and in any cloud.

 

What is Docker hub?
Docker hub is a cloud-based registry service which allows you to link to code repositories, build your images and test them, stores manually pushed images, and links to Docker cloud so you can deploy images to your hosts. It provides a centralized resource for container image discovery, distribution and change management, user and team collaboration, and workflow automation throughout the development pipeline.
 What is Dockerfile used for?
A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image. Using docker build users can create an automated build that executes several command-line instructions in succession.
Can I use json instead of yaml for my compose file in Docker?
You can use json instead of yaml for your compose file, to use json file with compose, specify the filename to use for
docker-compose -f docker-compose.json up
What are the various states that a Docker container can be in at any given point in time?
There are four states that a Docker container can be in, at any given point in time. Those states are as given as follows:
§  Running
§  Paused
§  Restarting
§  Exited

 

Is there a way to identify the status of a Docker container?

We can identify the status of a Docker container by running the command

docker  ps –a

which will in turn list down all the available docker containers with its corresponding statuses on the host. From there we can easily identify the container of interest to check its status correspondingly.

 

What are the most common instructions in Dockerfile?

Some of the common instructions in Dockerfile are as follows:
§  FROM: We use FROM to set the base image for subsequent instructions. In every valid Dockerfile, FROM is the first instruction.
§  LABEL: We use LABEL to organize our images as per project, module, licensing etc. We can also use LABEL to help in automation. In LABEL we specify a key value pair that can be later used for programmatically handling the Dockerfile.
§  RUN: We use RUN command to execute any instructions in a new layer on top of the current image. With each RUN command we add something on top of the image and use it in subsequent steps in Dockerfile.
§  CMD: We use CMD command to provide default values of an executing container. In a Dockerfile, if we include multiple CMD commands, then only the last instruction is used.

What type of applications - Stateless or Stateful are more suitable for Docker Container?

It is preferable to create Stateless application for Docker Container. We can create a container out of our application and take out the configurable state parameters from application. Now we can run same container in Production as well as QA environments with different parameters. This helps in reusing the same Image in different scenarios. Also a stateless application is much easier to scale with Docker Containers than a stateful application.

 

Explain basic Docker usage workflow

1.     Everything starts with the Dockerfile. The Dockerfile is the source code of the Image.
2.     Once the Dockerfile is created, you build it to create the image of the container. The image is just the "compiled version" of the "source code" which is the Dockerfile.
3.     Once you have the image of the container, you should redistribute it using the registry. The registry is like a git repository -- you can push and pull images.
4.     Next, you can use the image to run containers. A running container is very similar, in many aspects, to a virtual machine (but without the hypervisor).

What is the difference between the COPY and ADD commands in a Dockerfile?

COPY only supports the basic copying of local files into the container, while ADD has some features (like local-only tar extraction and remote URL support) that are not immediately obvious. Consequently, the best use for ADD is local tar file auto-extraction into the image, as in ADD rootfs.tar.xz /.

What is the difference between Docker Image and Layer?

§  Image: A Docker image is built up from a series of read-only layers
§  Layer: Each layer represents an instruction in the image’s Dockerfile.

Difference between Docker Image and container?

Docker container is the runtime instance of docker image.
Docker Image does not have a state and its state never changes as it is just set of files whereas docker container has its execution state.

What is an orphant volume and how to remove it?

An orphant volume is a volume without any containers attached to it. 

How is Docker different from a virtual machine?

Docker isn't a virtualization methodology. It relies on other tools that actually implement container-based virtualization or operating system level virtualization. For that, Docker was initially using LXC driver, then moved to libcontainer which is now renamed asrunc. Docker primarily focuses on automating the deployment of applications inside application containers. Application containers are designed to package and run a single service, whereas system containers are designed to run multiple processes, like virtual machines. So, Docker is considered as a container management or application deployment tool on containerized systems.

§  Unlike a virtual machine, a container does not need to boot the operating system kernel, so containers can be created in less than a second. This feature makes container-based virtualization unique and desirable than other virtualization approaches.
§  Since container-based virtualization adds little or no overhead to the host machine, container-based virtualization has near-native performance
§  For container-based virtualization, no additional software is required, unlike other virtualizations.
§  All containers on a host machine share the scheduler of the host machine saving need of extra resources.
§  Container states (Docker or LXC images) are small in size compared to virtual machine images, so container images are easy to distribute.
§  Resource management in containers is achieved through cgroups. Cgroups does not allow containers to consume more resources than allocated to them. However, as of now, all resources of host machine are visible in virtual machines, but can't be used. This can be realized by running top or htop on containers and host machine at the same time. The output across all environments will look similar.

Can you explain Dockerfile ONBUILD instruction?

The ONBUILD instruction adds to the image a trigger instruction to be executed at a later time, when the image is used as the base for another build. This is useful if you are building an image which will be used as a base to build other images, for example an application build environment or a daemon which may be customized with user-specific configuration.

Is it good practice to run stateful applications on Docker? What are the scenarios where Docker best fits in?

The problem with statefull docker aplications is that they by default store their state (data) in the containers filesystem. Once you update your software version or want to move to another machine its hard to retrieve the data from there.
What you need to do is bind a volume to the container and store any data in the volume.
if you run your container with: docker run -v hostFolder:/containerfolder any changes to /containerfolder will be persisted on the hostfolder. Something similar can be done with a nfs drive. Then you can run you application on any host machine and the state will be saved in the nfs drive.

 

What are the differences between Docker and Hypervisors?

Features
Hypervisors
Docker
Default Security Support
To a great degree
To a slightly less degree
Memory on disk required
Complete OS plus apps
App requirement only
Time Taken to start up
Substantially longer as it requires boot of OS plus app loading
Substantially shorter as apps only need to start as the kernel is already running
Portability
Portable with proper preparation
Portable within image format; typically smaller
Operating System
Supports multiple OS
It uses the host OS