What is the Difference between an Image, Container and Engine?
Image:
A read-only template used to create containers.
Images are built from a Dockerfile, which contains instructions to assemble the image.
Images can be stored locally or in a registry.
Container:
A runnable instance of an image.
Containers encapsulate the application and its dependencies, providing consistency across different environments.
Containers are lightweight and can be easily started, stopped, moved, and deleted.
Engine:
Docker Engine is the software that enables containerization.
It provides a platform to develop, ship, and run applications in containers.
Docker Engine consists of a server (daemon) and a client (CLI) communicating via REST API or CLI commands.
It manages container lifecycle, networking, storage, and other aspects of containerized applications.
What is the Difference between the Docker command COPY vs ADD?
Feature | COPY | ADD |
Purpose | Copies files from the host to the container. | Copies files from the host to the container, with additional features like URL support and auto-extraction of tar files. |
Usage | COPY <src> <dest> | ADD <src> <dest> |
Additional Features | Only for copying local files. | Supports copying files from URLs and extracting tar files automatically. |
Performance | Generally faster. | Slightly slower due to additional functionality. |
Best Practice | Use for simple copying tasks. | Avoid using when simple COPY suffices, as it may add complexity. |
What is the Difference between the Docker command CMD vs RUN?
Aspect | CMD | RUN |
Purpose | Defines the default command to be executed when a container starts. | Executes commands during the build process to modify the container image. |
Usage | Specified once in a Dockerfile. | Can be used multiple times in a Dockerfile. |
Example | CMD ["executable","param1","param2"] | RUN apt-get update && apt-get install -y package_name |
Execution Time | Executes when a container starts. | Executes during the image building process. |
Effect | Sets the initial command to run when a container starts. | Executes commands to build layers in the Docker image. |
Modification | Often used in conjunction with ENTRYPOINT to define the final executable. | Used to install dependencies, configure the environment, and set up the container environment. |
How Will you reduce the size of the Docker image?
OR
What are the common docker practices to reduce the size of Docker Image?
To reduce the size of a Docker image, you can implement the following strategies:
Use Alpine base image: Utilize lightweight base images like Alpine Linux instead of larger ones like Ubuntu or CentOS.
Multi-stage builds: Employ multi-stage builds to minimize the number of layers and intermediate artifacts in the final image.
Remove unnecessary dependencies: Remove unnecessary packages and dependencies after they are no longer needed in the Dockerfile.
Compress files and assets: Compress files and assets before adding them to the Docker image to reduce the overall size.
Clean up: Clean up temporary files, caches, and other artifacts generated during the build process to minimize the size of the final image.
Why and when to use Docker?
Why to use Docker:
Simplifies application deployment and management.
Ensures consistency across different environments.
Enables isolation of applications and dependencies.
Facilitates scalability and resource optimization.
Streamlines collaboration between development, operations, and QA teams.
When to use Docker:
Development: Creating reproducible development environments.
Testing: Ensuring consistent testing environments across teams.
Continuous Integration/Continuous Deployment (CI/CD): Automating build, test, and deployment pipelines.
Microservices Architecture: Orchestrating and scaling individual components of complex systems.
Hybrid and Multi-Cloud Deployments: Ensuring portability and flexibility across different cloud providers.
Explain the Docker components and how they interact with each other. Docker Components and Interactions:
Docker Engine: The core component responsible for running and managing containers. It consists of:
Docker Daemon: Runs on the host machine and manages Docker objects like images, containers, networks, and volumes.
Docker Client: Interfaces with the Docker Daemon through REST API calls.
Docker Images: Read-only templates used to create Docker containers.
Docker Containers: Runnable instances of Docker images. They encapsulate the application and its dependencies, providing:
Isolation: Each container runs in its own environment.
Portability: Consistent behavior across different environments.
Docker Registry: Stores Docker images, facilitating their distribution and sharing. It includes:
Docker Hub (public registry) or private registries like Docker Trusted Registry (DTR).
Allows pushing, pulling, and managing Docker images.
Docker Compose: Tool for defining and running multi-container Docker applications. It uses YAML files to:
Define services, networks, and volumes.
Coordinate the interaction between different containers.
These components interact as follows:
Docker Client communicates with Docker Daemon to execute commands.
Docker Daemon interacts with the host OS to manage containers.
Docker Images are stored in Docker Registry and pulled by Docker Daemon as needed.
Docker Containers are created, started, stopped, and deleted by Docker Daemon.
Docker Compose coordinates the deployment and management of multi-container applications using YAML configuration files.
Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?
Dockerfile: A text file that contains instructions for building a Docker image. It specifies the base image, dependencies, environment variables, and commands needed to create the image. (Refer Q6.)
Docker vs Hypervisor?
Aspect | Docker | Hypervisor |
Virtualization | OS-level virtualization | Hardware-level virtualization |
Isolation | Lightweight, shares host OS kernel | Full isolation, each VM has its own kernel |
Resource Usage | Minimal overhead, shares host resources | Higher overhead, dedicated resources per VM |
Performance | Better performance due to shared kernel | Slightly lower performance due to overhead |
Portability | Highly portable, consistent across systems | Less portable, may require compatibility checks |
Image Size | Smaller image sizes | Larger image sizes |
Startup Time | Faster startup time | Slower startup time |
Use Cases | Containerized applications, microservices | Running multiple OS instances, legacy applications |
Management | Easier management with container orchestration tools | More complex management with dedicated hypervisor management tools |
Examples | Docker, Kubernetes, Docker Swarm | VMware, VirtualBox, Hyper-V, KVM |
What are the advantages and disadvantages of using docker?
Advantages of Docker:
Portability: Containers can run consistently across different environments.
Isolation: Applications and dependencies are encapsulated, avoiding conflicts.
Efficiency: Lightweight containers enable efficient resource utilization.
Scalability: Easy to scale containers horizontally or vertically.
Consistency: Ensures consistent behavior across development, testing, and production environments.
Fast Deployment: Rapid deployment of applications due to containerization.
Disadvantages of Docker:
Learning Curve: Requires learning new concepts and tools for effective use.
Security Concerns: Misconfigured containers can pose security risks.
Networking Complexity: Networking setup for containers can be complex, especially in distributed systems.
Compatibility: Compatibility issues may arise between Docker versions and host environments.
What is a Docker namespace?
A Docker namespace is a feature that provides isolation for various resources within the Docker ecosystem, such as containers, images, volumes, and networks.
It ensures that each resource has a unique identifier and does not conflict with others.
Namespaces allow Docker to manage and organize resources efficiently, providing a layer of abstraction for containerization and enabling better resource utilization and security isolation.
What is a Docker registry?
A Docker registry is a repository for Docker images, where users can store and share their Docker images.
It serves as a centralized location for managing and distributing Docker images, allowing users to push, pull, and manage images.
Docker Hub is a popular public Docker registry, while private registries like Docker Trusted Registry (DTR) offer additional security and control for organizations.
What is an entry point?
An entry point in Docker specifies the default executable that should be run when a container starts.
It defines the initial command or script to execute within the container's environment.
It is typically set in the Dockerfile using the
ENTRYPOINT
instruction.The entry point provides flexibility and control over container startup behavior, enabling customization based on application requirements.
How to implement CI/CD in Docker?
Version control code, set up CI pipeline to build Docker images, push them to registry, trigger CD pipeline for automated deployment, manage infrastructure with Docker Compose/Kubernetes, and monitor containers for feedback.
Will data on the container be lost when the docker container exits?
Yes, by default, data within a Docker container will be lost when the container exits, unless explicitly persisted. Docker containers are ephemeral by design, meaning they are intended to be stateless and disposable. When a container exits, any changes made to its filesystem or data within the container are discarded.
To persist data beyond the lifecycle of a container, Docker provides mechanisms such as volumes and bind mounts. Volumes and bind mounts allow you to store data outside of the container's filesystem, ensuring that it persists even after the container exits.
What is a Docker swarm?
Docker Swarm is a container orchestration tool provided by Docker.
It enables the management and deployment of multiple Docker containers across a cluster of machines.
Swarm uses a decentralized architecture with a manager node and worker nodes.
It provides features for service discovery, scaling, load balancing, and rolling updates.
Swarm supports high availability and fault tolerance for containerized applications.
It is integrated with Docker Engine, making it easy to set up and manage containerized environments at scale.
What are the docker commands for the following:
view running containers
docker ps
command to run the container under a specific name
docker run --name <container_name> <image_name>
command to export a docker
docker export <container_id or container_name> > <file_name>.tar
command to import an already existing docker image
docker import <file_name>.tar <repository_name>:<tag>
commands to delete a container
docker rm <container_id or container_name>
OR
#Force delete a running container:
docker rm -f <container_id or container_name>
command to remove all stopped containers, unused networks, build caches, and dangling images?
docker system prune