Docker Interview Questions
Q. What is Docker?
Consider a scenario – You have just joined a new organization as a developer. You will now have to setup the project with the assistance of a fellow developer. He suggests you follow certain steps for setting up the required environment and then start the project deployable like a WAR. You do the same, but keep getting some or other issues regarding environment configuration. May be even your fellow developer has forgot some configuration property he might have set. Well you are stuck in such a situation. This is known as Dependency Hell. Other similar scenario of this dependency hell are – The application is running on my dev machine but not in production. Dont know what issue is. There is also other scenarios like Matrix of Hell. But this is mostly related to DEVOPS people. Docker to the rescue.
Docker is a tool designed to make it easier to create, deploy, and run applications by using containers.
Q. How to deploy Spring Boot WAR to Docker?
Deploying Spring Based WAR Application to Docker
Q. What is the main advantage of containers over a virtual machine?
There are many advantages but the main advantage is that as compared to a virtual machine, containers use less resources and give a saving of around 20%.
Q. Is booting a container slow as compared to a VM?
No, container boots very fast as compared to VM because each VM has its own operating system to boot where as a container uses the host operating system and it just has to initiate container run time.
Q. Who is the original author of Docker?
Solomon Hykes is the principal developer behind Docker.
Q. What is the approximate monthly Docker image download count?
The approximate monthly Docker image download count is around 14 billion per month.
Q. Docker is written in which programming language?
Docker is written in GOLANG.
Q. Name the key components of Docker architecture?
The key components of a Docker system are Docker client, Docker host and Docker registry.
Q. Explain Docker in a single sentence.
Docker is an open source technology agnostic framework to build, transport and run any application.
Q. Explain the Docker container in simple terms.
A Docker container is a unique package of (usually micro services based) an application along with its dependencies that runs under a Docker runtime environment that sits on top of an operating system.
Q. Why is Docker gaining popularity among application developers?
Docker is very important these days because most of the applications are micro services based, with very low coupling and cohesion. Moreover, major software development has gone agile and iterative with quick scaling in and scaling out. Docker makes all these possible.
Q. Which two resources do two Docker containers running on the same system share?
Any two Docker containers running on the same system share OS kernel and binaries or libraries.
Q. Containers existed before Docker came but got major popularity afterwards. Why so?
There were three major problems with containers of pre-Docker time. Firstly, there was no standardized exchange format. Secondly, containers are pretty hard to use for developers since there was no single command to run. Last but not the least, there was no portable mechanism to reuse components such as APIs and tools.
Q. Can you explain the “ship the application” part of Docker?
A modern-day application is structured as a set of independent microservices with well-defined access points. They are converted to images along with their dependencies and shipped. Each image is a set of layers and only changes in layers are shipped (and not the entire layer). This way, we can save on disk usage, reduce network load and minimize memory usage.
Q. Can the same container be passed from a developer to a QA person?
Yes, the developer will write a Docker file for his application. Then he will build the image and push it to a private or public registry. The QA person can pull the same image and run the container.
Q. Assume you are a developer. How will you visualize a container?
I would visualize a container as a collection of the application’s source code, all supporting libraries, required configuration values and relevant data.
Q. Suppose you are a DevOps person. How will you visualize a container?
I would visualize a container as a black box on which I could run operations such as start, stop, kill etc.
Q. What is the easiest way to connect to a VM or a host from a Windows machine?
You could use putty (www.putty.org) to connect a VM/host from a Windows machine. It has a pretty simple and elegant Graphic user Interface.
Q. How does all communication happen internally in Docker?
Internally in Docker, all communication happens over well defined API.
Q. Does the docker user have root-level access?
Yes. docker user by default has root-level access to the host.
Q. Who owns the Docker control socket?
Docker control socket is owned by docker group.
Q. What is the simplest way to print “Hello World” using a docker container?
We can pull and run busybox (it runs a single process printing “hello world”)
$ docker run busybox echo hello world
Also Read: Docker Tutorial
Q. Suppose you are inside a container say container_1. You exit the container by typing exit on the command prompt. What happens to container_1?
Container_1 goes to stop state and all its compute resources get freed. However, it remains on the system’s disk storage.
Q. Explain the typical lifecycle of a docker container?
There can be many combinations of stages in the life cycle of a docker container but here is one of the most common one is given below.
- Pull or create a docker image
- Create a container from the image
- Run the container
- Stop the container
- Restart the container
- Kill the container (if needed)
- Prune or reclaim the resources used by the container
Q. Can an ARG variable be used by the running container?
No, an ARG variable cannot be used by the running container as it is exclusively reserved for use by dockerfile
Q. What is the best way to assign a database password to a container?
The best way to assign a database password to a container is using ENV variable.
Q. What is the best way to determine container dependency?
It is done by specifying the dependent container in the definition part of depending container. Suppose web service is dependent on auth service. So typical dockerfile would like
Q. How is a container named by default?
A container is named as project_dir_container_base_name_<number>. E.g.
Q. How does Docker view foreground and background containers?
Docker does not distinguish between foreground and background containers. For Docker all containers are the same and run in the same way.
Q. What are the 3 name spaces used for the Docker image?
There are 3 types of namespaces used for Docker image.
User and organizations. E.g.
Self-Hosted (Private registry)
Q. What are some typical examples of root namespace images?
Official images maintained by Docker Inc. use root namespace. These include small and focused images such as busybox, common operating system distribution such as ubuntu, redhat and ready to plug in components and services such as mongodb, prometheus, redis, stackstorm etc.
Q. How do you identify a self-hosted namespace image?
This type of images contains the hostname or IP address, and the port (optionally), of the registry server.
Q. Why is stateful application more suitable for Docker Container than stateless?
A stateless application is more suitable for Docker container than a stateful application because in a stateless application we can clearly separate application code (in form of image) and its configurable variables. So, we can create a separate container for development, integration and production environment. This promotes reuse and scalability.
Q. What are the different types of virtualization?
Three types of virtualizations are Paravirtualization, emulation and container-based virtualization.
Q. What is the difference between the commands ‘docker run’ and ‘docker create’?
‘docker run’ and ‘docker create’ both is used for container creation but the end result is different. ‘docker create’ creates the container in a ‘stopped’ state and it stores and output container ID for use later. ‘docker run’ creates and simultaneously execute the container.
Q. Why do we have to map ports in Docker to access web services?
We have to map ports in Docker for variety of reasons:
We are out of IPv4 addresses.
Containers cannot have public IPv4 addresses.
They have private addresses.
Services have to be exposed port by port.
Ports have to be mapped to avoid conflicts
Q. What is the difference between virtualization and containerization?
Virtualization is the process of abstracting a physical machine whereas containerization is the process of abstracting an application.
Q. In the following command, Nginx is which port on the host and which port on the container?
$ docker run -d -p 80:80 nginx
nginx is using port 80 on host and port 8000 on container.
Q. Can a container restart by itself?
Yes, a container restart by itself as per the policy set at time of run/create. The policy type can take one of the following values
Off🡪 container won’t be restarted if it stops or fails,
On-failure🡪 container restarts only when a failure that occurred is not due to the user,
Unless-stopped🡪 container restarts only when a user executes the command to stop it,
Always🡪 the container is always restarted irrespective of error or other issues.
Q. How can you list all the stopped containers?
You can see stopped containers, with the –all option with docker ps command. E.g.
$ docker ps –-all
Q. What is Container Networking Model or CNM?
It is formal container networking specification from Docker. It provides container networking with support for multiple network drivers.
Q. What are the two ways to create a new image?
We can create a new image by using commands commit and build. docker commit tells Docker daemon to save all the changes made to a container into a new layer and then create a new image by copying the container. docker build instructs the Docker daemon to create the new image by building each layer iteratively.
Q. What are the two ways to download the docker images?
There are two ways i.e. explicit and implicit. We can download image explicitly using command ‘docker pull’. Implicitly, when we execute ‘docker run’ then Docker daemon searches the image locally and if not found, it downloads the image.
Q. What do STARS signify in the output of the following command?
$ docker search prometheus
NAME DESCRIPTION STARS…
jplock/zookeeper Builds a docker image … 27
thefactory/zookeeper-exhibitor Exhibitor-managed ZooKeeper… 2
misakai/zookeeper ZooKeeper is a service … 1
ubuntu/prometheus Prometheus is a … 4
Ans. “Stars” indicate the popularity of the image.
Q. When is it advisable to use image tags?
You should use tags in the following scenarios:
When recording a procedure into a script.
When doing work for the production environment.
When you want to ensure that the same version will be used everywhere.
When you want to ensure repeatability.
Q. Can you compare Chef with Docker?
No, it would not be a fair comparison. Chef is basically a Configuration Management tool that is used by system administrators and DevOps team members to manage the application environments, web-server configuration, databases, and load balancers. On the other hand, Docker is a way to package code into independent and portable units of work known as containers. Containers are later deployed to development, QA and production environments with far greater ease and consistency.
Q. Is it correct to say those self-hosted registries are private registries?
No this statement is not correct. A self –hosted self-hosted registry can be public or private. In fact, a registry in the User namespace on Docker Hub can be either public or private.
For more Click Here