What is the Difference between an Image, Container and Engine?
Docker Image:
A single file with all dependencies and configuration required to run a program or you can say that Image is the template used to create a Docker Container.
Docker Container:
A Docker container is a running instance of Images
Docker Engine:
Docker Engine is a client-server application that builds and execute container using docker components.
What is the Difference between the Docker command COPY vs. ADD?
The Docker ADD command can copy the file from a specific URL, Let's say you want to get a log file from GitHub, In such case you use the ADD command
e.g.:-You want to download a specific package from the Internet
Whereas Docker COPY is used to copy the file from your file system. Let's say want to copy the source code from your host system into your container. In such cases, the COPY command is used.
What is the Difference between the Docker command CMD vs. RUN?
CMD
sets the default command and arguments to be executed when running a container, whereasRUN
is used to execute commands during the image build process, set up the environment, Installation dependency.How Will you reduce the size of the Docker image?
You can reduce the size of the Docker images by following the below steps:
-Use a smaller base image.
-Minimize installed dependencies
-Optimize resource usage.
Why and when to use Docker?
Docker is used to enable consistent application deployment across different environments.
Simplified Environment Setup
Enhances scalability and resource utilization
Simplifies dependency management and isolation.
Explain the Docker components and how they interact with each other.
Docker daemon: (Heart of Docker container)
The Docker daemon (docked) runs on the host system and manages Docker objects such as images, containers, networks, and volumes. It handles requests from the Docker client and communicates with the container runtime.
Docker CLI: The Docker Command-Line Interface (CLI) that allows users to interact with the Docker Engine. It provides a set of commands for managing images, containers, networks, and other Docker objects.
Docker Images: A single file with all dependencies and configuration required to run a program or you can say that Image is the template used to create a Docker Container.
Dockerfile: A text file containing instructions to build a Docker image.
Docker Containers: Containers are instances created from Docker images.
Docker Registry: Docker Registry is a centralized repository for Docker images.
Docker Engine: Docker Engine is a client-server application that builds and execute container using docker components.
Docker Volumes: Volumes provide persistent data storage for containers.
Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?
Docker Compose: A tool that simplifies the management of multi-container applications. It allows you to define and run multiple Docker containers as a single application using a simple YAML configuration file.
Docker vs Hypervisor?
Docker | Hypervisor |
Docker utilizes containerization | Hypervisors, also known as virtual machine (VM) |
It runs application in an isolated container that share the host system operating system | It runs a guest OS on top of a Host operating system |
It doesn't have own kernel. It uses the kernel from the host | It has its own kernel and operating system |
What are the advantages and disadvantages of using docker?
Advantage | Disadvantage |
It is lightweight | Security Concerns |
Portability | Limited OS compatibility, |
Resource Efficiency | No solution for data backup and recovery |
Scalability | Not a good solution for App that have Rich GUI |
Isolation |
What is a Docker namespace?
Mechanism to isolate processes, users, and resources in containers.
What is a Docker registry?
Storage for Docker images, like Docker Hub or private registries.
What is an entry point?
Default command to execute when a container starts.
How to implement CI/CD in Docker?
Use Docker images for consistent build and deployment environments.
Automate image creation and deployment using tools like Jenkins or GitLab CI/CD.
Will data on the container be lost when the docker container exits?
Data in a container is lost if not stored in a persistent volume.Docker containers are designed to be lightweight and disposable, so they don't retain data by default
What is a Docker swarm?
Native clustering and orchestration solution for Docker, managing a group of Docker nodes as a single virtual system.
What are the docker commands for the following:
view running containers
docker ps
To view all containers, including the ones that have exited or are stopped
docker ps -a
command to run the container under a specific name
docker run --name <container_name> <image_name>
command to export a docker
docker export <container_id> > <output_file>.tar
command to import an already existing docker image
docker import <input_file>.tar <image_name>:
commands to delete a container
docker rm <containerID/name>
command to remove all stopped containers, unused networks, build caches, and dangling images?
docker prune -a
docker system prune -f
What are the common Docker practices to reduce the size of Docker Images?
-Use a Minimal Base Image: Start with a minimal base image, such as Alpine Linux, to reduce the initial image size
-Multi-Stage Builds: This helps discard unnecessary build dependencies, resulting in a smaller final image.
-Minimize Layers: Reduce the number of layers in your Dockerfile. Combine multiple RUN commands into a single command.
-Minimize Image Layers: Avoid installing software, copying files, and running commands in separate layers if they can be combined.
-Remove Unnecessary Dependencies:Avoid installing packages or dependencies that your application doesn't need.
-Use .dockerignore:Use a .dockerignore file to exclude unnecessary files and directories from being copied into the image during the build process.
-Use COPY Instead of ADD: Use the COPY command instead of ADD to copy files into the image. COPY only handles local files, which is safer and more predictable.
-Avoid running unnecessary services:Minimize services and processes running in the container, only including what's essential for the application to function.
Real-Time Challenges with Docker?
Docker is a single daemon process. Which can cause a single point of failure, If the Docker Daemon goes down for some reason all the applications are down.
Docker Daemon runs as a root user. Which is a security threat. Any process running as a root can have adverse effects. When it is comprised for security reasons, it can impact other applications or containers on the host.
Resource Constraints: If you're running too many containers on a single host, you may experience issues with resource constraints. This can result in slow performance or crashes.
What steps would you take to secure containers?
Use Distroless or Images with not too many packages as your final image in a multi-stage build, so that there is less chance of CVE or security issues.
Ensure that the networking is configured properly. This is one of the most common reasons for security issues. If required configure custom bridge networks and assign them to isolate containers.
Use utilities like Sync to scan your container images.
Happy Learning :)