Q)
What is Docker?
Docker is a containerization platform
which packages your application and all its dependencies together in the form
of containers so as to ensure that your application works seamlessly in any
environment, be it development, test, or production.
Q)
What is Docker Container?
Docker containers include the
application and all of its dependencies. It shares the kernel with other
containers, running as isolated processes in user space on the host operating
system. Docker containers are not tied to any specific infrastructure: they run
on any computer, on any infrastructure, and in any cloud. Docker containers are
basically runtime instances of Docker images.
Q)
What is Docker Image?
Docker image is an executable package
that includes everything needed to run an application – the code, a runtime, libraries,
environment variables and configuration files.
Docker image is the source of the Docker
container. In other words, Docker images are used to create containers. When a
user runs a Docker image, an instance of a container is created. These docker
images can be deployed to any Docker environment.
Q)
What is Docker architecture?
Docker uses a client-server
architecture. The Docker client talks to the Docker daemon,
which does the heavy lifting of building, running, and distributing your Docker
containers. The Docker client and daemon can run on the same system,
or you can connect a Docker client to a remote Docker daemon. The Docker client
and daemon communicate using a REST API, over UNIX sockets or a network
interface.
There are
three components in the Docker Engine.
The
Docker daemon:
The Docker daemon (dockerd) listens
for Docker API requests and manages Docker objects such as images, containers,
networks, and volumes. A daemon can also communicate with other daemons to
manage Docker services.
The
Docker client:
The Docker client (docker) is the
primary way that many Docker users interact with Docker. When you use commands
such as docker run, the client sends these commands to dockerd, which
carries them out. The docker command uses the Docker API. The Docker
client can communicate with more than one daemon.
Docker
registries:
A Docker registry stores
Docker images.
Q) What is Docker Hub?
Docker Hub is cloud based registry service that stores container images. It allows us to pull and push docker images to and from Docker Hub. It stores both types of repositories, i.e., pubic repository as well as the private repository.
Docker Hub is central repository for container image discovery, distribution, change management, workflow automation and team collaboration.
Q)
What is Docker Compose?
Compose is a tool for defining and running multi-container Docker applications. Docker Compose is a YAML file that contains details about the services, networks, and volumes for setting up the Docker application. So, you can use Docker Compose to create separate containers, host them, and get them to communicate with each other. Each container will expose a port for communicating with other containers.
Compose is a tool for defining and running multi-container Docker applications. Docker Compose is a YAML file that contains details about the services, networks, and volumes for setting up the Docker application. So, you can use Docker Compose to create separate containers, host them, and get them to communicate with each other. Each container will expose a port for communicating with other containers.
Q)
What is Docker Stack?
docker stack is a command that's embedded into the Docker CLI. It lets you manage a cluster of Docker containers through Docker Swarm.
docker stack is a command that's embedded into the Docker CLI. It lets you manage a cluster of Docker containers through Docker Swarm.
Q)
What is Docker Swarm?
Docker Swarm is native clustering for
Docker. It turns a pool of Docker hosts into a single, virtual Docker host.
Q)
What are the components of Docker Swarm?
1. Services: Service defines a task that needs to be executed on the manager or worker node.
2. Tasks: Tasks are the Docker container that executes the commands you define in service.
3. Manager Node: The manager node has a few responsibilities like accepting commands to create service objects, allocating the IP addresses to the various tasks, and assigning the tasks to the nodes.
4. Worker Node: It is responsible for checking the tasks assigned and also executing the containers.
1. Services: Service defines a task that needs to be executed on the manager or worker node.
2. Tasks: Tasks are the Docker container that executes the commands you define in service.
3. Manager Node: The manager node has a few responsibilities like accepting commands to create service objects, allocating the IP addresses to the various tasks, and assigning the tasks to the nodes.
4. Worker Node: It is responsible for checking the tasks assigned and also executing the containers.
Ref Link: https://intellipaat.com/community/41375/what-are-the-components-of-docker-swarm
Q) The correct order of service
creation process in swarm mode?
Manager Node:
Ø
Docker
API: Accepts command from the client and creates service object.
Ø
Orchestrator:
Reconciliation loop for service objects and creates tasks.
Ø
Allocator:
Allocates IP address to tasks.
Ø
Scheduler:
Assigns nodes to tasks.
Ø
Dispatcher:
Checks in on workers.
Worker Node:
Ø
Worker:
Connects to the dispatcher to check on assigned tasks.
Ø
Executor:
Executes the tasks assigned to the worker node.
Q)
What is Dockerfile?
Docker images are built from Dockerfile.
A Dockerfile defines all the steps required to create a docker image with your
application configured and ready to be run as a container. A Dockerfile is executed by the docker
build command.
Docker image itself contains
everything from the operating system to dependencies and configuration required to
run your application.
Q)
Docker restart policies?
i) no: This is the default restart policy.
ii) always: Always restart the container if it stops. If it is manually
stopped, it is restarted only when the Docker daemon restarts or the container
itself is manually restarted.
iii) on-failure: Restart the container if it exits due to an error(non-zero
exit code)
iv) unless-stopped: Similar to always, except that when the container is stopped (manually or otherwise), it is not restarted even after
Docker daemon restarts.
Ref Link: https://www.cloudbees.com/blog/ensuring-containers-are-always-running-with-dockers-restart-policy/
Q)
Docker container lifecycle?
1. Create the container.
2. Run the container.
3. Pause the container.
4. Un-Pause the container.
5. Start the container.
6. Stop the container.
7. Restart the Container.
8. Kill the container.
9. Destroy the container.
Q)
What are the various states that a Docker container can be in at any given
point in time?
There are six states that a Docker container can be in, at any given point in time. Those states are as given as
follows:
Ø
Created
Ø
Restarting
Ø
Running
Ø
Paused
Ø
Exited
Ø
Dead
Ref Link: https://roytuts.com/what-are-the-possible-states-of-docker-container/
Q)
What is Containerization?
In the software development process, code
deployed on one machine might not work perfectly fine on any other machine because
of dependencies. This problem was solved by the containerization concept.
Basically, an application that is being developed and deployed is bundled and wrapped together with all its configuration files and dependencies. This bundle is called a container. Containerization is the process of packaging application code with its required libraries, frameworks, and configuration files so that it can be run efficiently and seamlessly in any environment.
The containerization environments are Docker and Kubernetes.
Basically, an application that is being developed and deployed is bundled and wrapped together with all its configuration files and dependencies. This bundle is called a container. Containerization is the process of packaging application code with its required libraries, frameworks, and configuration files so that it can be run efficiently and seamlessly in any environment.
The containerization environments are Docker and Kubernetes.
Q)
Difference between COPY and ADD command.
COPY command copies files/directories
from the host machine to the container’s file system.
ADD command also copies files/directories
from the host machine to the container’s file system, other than this it also copies
files from URL to destination directory under the container file system. ADD command
also copies tar file to destination directory by automatically extracting the content.
Q)
Available Docker Network Drivers?
Docker comes with a built-in network
drivers are known as Native Network Driver and those are:
1. Bridge
2. Host
3. Macvlan
4. Null
5. Overlay
Q)
Difference between CMD and ENTRYPOINT instruction?
CMD instruction allows you to set a
default command and default parameters which will be executed when docker is
run.
ENTRYPOINT instruction should be used
when you need your container to be run as an executable.
Q)
Difference between ENV and ARG?
ENV is for future running containers.
ARG for building your Docker image.
ENV is mainly meant to provide default
values for your future environment variables. Running dockerized applications
can access environment variables. It’s a great way to pass
configuration values to your project.
ARG values are not available after the
image is built. A running container won’t have access to an ARG variable value.
Q) What are the most common
instructions in Dockerfile?
Some of the common instructions in Dockerfile are as follows:
ØFROM: We use FROM to set the base image for subsequent instructions. In every valid Dockerfile, FROM is the first instruction.
ØLABEL: We use LABEL to organize our images as per project, module, licensing etc. We can also use LABEL to help in automation. In LABEL we specify a key-value pair that can be later used for programmatically handling the Dockerfile
ØRUN: We use RUN command to execute any instructions in a new layer on top of the current image. With each RUN command we add something on top of the image and use it in subsequent steps in Dockerfile.
ØCMD: We use CMD command to provide default values of an executing container. In a Dockerfile, if we include multiple CMD commands, then only the last instruction is used.
Some of the common instructions in Dockerfile are as follows:
ØFROM: We use FROM to set the base image for subsequent instructions. In every valid Dockerfile, FROM is the first instruction.
ØLABEL: We use LABEL to organize our images as per project, module, licensing etc. We can also use LABEL to help in automation. In LABEL we specify a key-value pair that can be later used for programmatically handling the Dockerfile
ØRUN: We use RUN command to execute any instructions in a new layer on top of the current image. With each RUN command we add something on top of the image and use it in subsequent steps in Dockerfile.
ØCMD: We use CMD command to provide default values of an executing container. In a Dockerfile, if we include multiple CMD commands, then only the last instruction is used.
Q)
Container Network Model (CNM).
Docker uses an architecture called Container
Network Model (CNM) to manage networking for Docker containers.
1. Sandbox
2. Endpoint
3. Network
4. Driver
5. NetworkController
Q)
Docker Universal Control Plane.
Docker Universal Control Plane (UCP)
is the enterprise-grade cluster management solution from Docker which helps you
manage your Docker cluster and applications through a single interface.
Universal Control Plane include
centralized policy management for all of your container, centralized role-based
access control, user management, application cluster management, and the
ability to organize your container as a service or stack.
It also includes secure image
scanning, continuous monitoring of your image in the registry.
Q)
What is Docker Trusted Registry(DTR)?
Docker
Trusted Registry is an on-site, on-premise registry for centralized storage for
all your container images. DTR is an enterprise-grade image storage solution
from Docker. DTR is installed on-prem or in your own public cloud infrastructure.
It works with Universal Control Plane. It allows you to securely store your
Docker images so that you can easily track and manage your applications. Like
UCP it's an easy-to-use web-based application. It has role-based access
controls, so it supports multiple users and it allows your company to
easily store all of your images on-premises in your own registry.
Q)
What are the Control groups?
Docker Engine on Linux also relies on a technology
called control groups (cgroups). A cgroup limits an application to a
specific set of resources. Control groups allow Docker Engine to share
available hardware resources to containers and optionally enforce limits and
constraints. For example, you can limit the memory available to a specific
container.
what a cgroup does is it provides
resource accounting and limiting and it ensures that no
containers exhaust the host's resources.
Q) Difference between replicated and global deployment?
For a replicated service, you specify the number of identical tasks you want to run. For example, you decide to deploy a Redis service with five replicas, each serving the same content. A global service is a service that runs one task on every node. There is no pre-specified number of tasks.
Q)
Mount options available in docker?
1. Volume mount: it is managed by docker and is stored in a part of the host filesystem (stored at /var/lib/docker/volumes/ in Linux).
2. Bind mount: it may be stored anywhere on the host system.
3. tmpfs: Stored only in a host’s system memory in Linux.
1. Volume mount: it is managed by docker and is stored in a part of the host filesystem (stored at /var/lib/docker/volumes/ in Linux).
2. Bind mount: it may be stored anywhere on the host system.
3. tmpfs: Stored only in a host’s system memory in Linux.
Q)
Difference between docker stop and docker kill?
#docker stop <container-id>: will
send SIGTERM (terminate) signal and then SIGKILL signal after a grace period of
10 secs to the process running inside the container leading to a gracefull stop.
#docker kill <container-id>: will
send SIGKILL signal to the process running inside the container causing abruptly
stop the container.
