What is the Difference between Docker Engine, Container and Docker Image?

Docker Engine: This is the runtime that allows you to create and manage containers. The client talks to the Docker daemon, which does the heavy lifting of building, running, and managing Docker containers.

Docker Image: A Docker image executable package that includes everything required to run a piece of software. It's like a template that describes the system you want it. It's immutable, meaning you can't change it after it's been created. But you can create new versions of it.

Docker Container: A Docker container is a runtime instance of a Docker image. You can have multiple containers running based on the same image.

What is the Difference between the Docker command COPY vs ADD?

Both COPY and ADD are Dockerfile commands that serve to copy files or directories from the host into the image being built. However, there are distinct differences and use cases for each:

COPY is straightforward. It copies files or directories from the source and adds them to the filesystem of the container at the destination. It is considered best practice to use COPY when you simply want to move files or directories without any special operations.

ADD does everything COPY does and more. In addition to simply copying files, it has two primary special features: 1) It can automatically unpack compressed files. So if you ADD a tarball to the image, Docker will unpack it for you. 2)It can fetch URLs. If the source is a URL, ADD will fetch the URL's contents and place them at the specified destination in the image.

Always prefer to use COPY, because of its extended features, ADD can be less predictable than COPY

What is the Difference between the Docker command CMD vs RUN?

CMD and RUN are both directives used in a Dockerfile, but they serve distinct purposes:

RUN Command:
- The RUN command is used to execute commands as part of the image building process.
- Each time a RUN command is executed, it creates a new layer on top of the current image, and the results of the command (e.g., a new file or modified configuration) are incorporated into the image.
- It is often used for installing software, setting up configurations, and preparing the environment inside the container image.

Example:

    RUN apt-get update && apt-get install -y nginx

CMD Command:
- The CMD command is used to provide default arguments for the executing container and to specify commands to run when the container starts.
- A Dockerfile can contain multiple CMD instructions, but only the last CMD will be effective.
- If the user provides a command when using the docker run command, it will override the CMD defined in the Dockerfile.
- If the container is meant to be interactive or to behave like an executable, then CMD is essential to define what should happen when it's run.

Example:

    CMD ["nginx", "-g", "daemon off;"]

Key Differences:

Purpose: RUN is for "building/setup" while CMD is for "executing/running".
Number of Usages: You can have multiple RUN commands in a Dockerfile and all of them will be executed during the build. However, if you have multiple CMD commands, only the last one will have an effect.
Override Behavior: CMD can be easily overridden when starting a container by simply providing a different command to the docker run command.

It's common to see both commands used within a single Dockerfile, where RUN commands set up the necessary environment and CMD determines the default runtime behavior of the container.

How Will you reduce the size of the Docker image?

1.Use Multi-Stage Builds: This is a powerful method to reduce image sizes, especially for compiled languages.

In the first stage, you install all the necessary tools and compile your application. In the second stage, you start with a clean, minimal base image and only copy the compiled application from the first stage.

    # First stage: Build
    FROM golang:1.16 AS build
    WORKDIR /app
    COPY . .
    RUN go build -o myapp .

    # Second stage: Run
    FROM alpine:latest
    COPY --from=build /app/myapp /myapp
    CMD ["/myapp"]

**
2. Use a Minimal Base Image**: Instead of using a generic base image like ubuntu or debian, consider using lighter-weight base images such as alpine, which can be just a few megabytes in size. For specific applications like Node.js or Python, there are official slim versions available e.g., node:slim or python:slim.

3. Chain Commands: Minimize the number of layers by chaining commands together in a single RUN statement using &&.

RUN apt-get update && apt-get install -y package-name && apt-get clean

4. Remove Temporary Files:After installing packages or building software, remove unnecessary files or caches.

RUN apt-get update \
    && apt-get install -y package-name \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

5. Use .dockerignore: Just like .gitignore for Git, .dockerignore allows you to specify patterns and filenames that should be excluded from the build context, ensuring they don’t get included in the image.

6.Minimize Application Binaries and Dependencies: Only add the necessary binaries or compile the application to remove debugging symbols. For interpreted languages, consider removing unnecessary dependencies or using tools like pipenv, npm prune, etc., to ensure only required packages are added.

Why and when to use Docker?

NO BASE SERVER CONFIGURATION DEPENDENCY, USE ONLY SPECIFIED VERSION OF SOFTWARE AND RUN THE CODE IN EXACT MANNER EVERYWHERE/EVERYTIME YOU BUiLD.

The value of Docker for DevOps continues as it enables an entirely isolated application to be deployed to multiple servers. As it spreads to the servers, no other applications can access it. The only exposure of the container is to the internet and the Docker client.

We can use Docker to wrap up an application in such a way that its deployment and runtime issues—how to expose it on a network, how to manage its use of storage and memory and I/O, how to control access permissions—are handled outside of the application itself, and in a way that is consistent across all “containerized".

Explain the Docker components and how they interact with each other.

Docker has several core components that work together to allow you to build, ship, and run containers. Here's a concise overview:

Docker Daemon (dockerd):

The background service running on the host that manages building, running, and managing containers. It's the core component that oversees Docker's operations.
Docker Client (docker):

The command-line tool that allows users to interact with Docker. It communicates with the Docker Daemon to execute commands.
Docker Images:

Read-only templates that contain the filesystem contents and application code for a container. Images are used to create containers.
Docker Containers:

Running instances of Docker images. Containers encapsulate the runtime environment for an application.
Docker Registries:

Repositories to store and distribute Docker images. Docker Hub is a public registry service, but you can also use private registries.
Docker Compose:

A tool to define and run multi-container Docker applications. It uses a docker-compose.yml file to define the services and their configurations.

How they interact:

The Docker Client communicates with the Docker Daemon to execute commands like building, running, or stopping containers.
The Docker Daemon builds and runs containers using images.
Images are either built locally from a Dockerfile or pulled from a registry.
When using Docker Compose, the defined services in the docker-compose.yml file are spun up as containers by interacting with the Docker Daemon.

Users send commands using the Docker Client, the Docker Daemon processes these commands, it uses images (either locally available or pulled from registries) to run containers, and Docker Compose allows orchestrating multiple containers together.

Explain the terminology: Docker Compose, Docker File, Docker Image, Docker Container?

Docker Compose:A tool to define and manage multi-container Docker applications. Uses a docker-compose.yml file to specify the setup of each service/container.
Dockerfile: A text file with a set of instructions to define how a Docker image should be built. It outlines the base image, application code, libraries, dependencies, and other components.
Docker Image:A static snapshot or template containing the application, libraries, dependencies, and other filesystem contents. It's used to create and run containers.
Docker Container:A running instance of a Docker image. It encapsulates the runtime environment and isolated processes for an application.

A Dockerfile describes how to build an Image. An Image is a blueprint for a Container. Docker Compose manages multiple containers to work together.

In what real scenarios Docker can be used?

Development Environments: Using Docker to mirror production environments locally, ensuring consistency in software behavior.
Microservices: Deploying small, independent services in individual containers to enhance scalability and maintainability.
Continuous Integration/Continuous Deployment (CI/CD): Using Docker in CI/CD pipelines to ensure consistent testing and deployment environments.
Isolated Testing: Running tests in Docker containers to ensure they don't affect the host or other tests.
Legacy Software: Containerizing older applications to run on modern infrastructure without modification.
Platform-as-a-Service (PaaS): Deploying applications on platforms like AWS Elastic Beanstalk or Google App Engine Flex that support Docker containers.

Educational Labs: Using Docker for tutorials or labs to provide each student with an isolated, consistent environment.

Docker vs Hypervisor?

Docker (Containers):

Lightweight: Only packages the application and its dependencies.
Performance: Near-native performance since it shares the host OS kernel.
Boot Time: Starts quickly, often in seconds.
Efficiency: Can run many more containers on a host than VMs.

Hypervisor (Virtual Machines):

Full OS: Each VM runs a full OS instance with its kernel.
Performance: Slight overhead due to hardware emulation.
Boot Time: Slower, similar to booting a full OS.
Isolation: Stronger isolation since VMs don't share OS kernels.

What are the advantages and disadvantages of using docker?

Advantages of Docker:

Consistency: Ensures the same environment from development to production.
Lightweight: Containers share the host OS kernel, reducing overhead.
Portability: Easily move and deploy across different environments.
Scalability: Quickly scale up or down as containers can start/stop rapidly.
Isolation: Applications and their dependencies are isolated in containers.
Version Control for Images: Track changes, rollback, and reproduce environments.

Disadvantages of Docker:

Security: Containers share the same OS kernel, which might pose risks if not properly secured.
Persistent Storage: Handling persistent data is complex.
Learning Curve: Requires understanding of new concepts and commands.
Compatibility: Not all apps and systems are designed for containerization.
Networking Complexity: Setting up inter-container communication can be complex.

Docker simplifies many aspects of software deployment, but it introduces its own set of challenges that need to be addressed during implementation.

What is a Docker namespace?

Docker uses a technology called namespaces to provide the isolated workspace called the container. When you run a container, Docker creates a set of namespaces for that container. These namespaces provide a layer of isolation.

What is a Docker registry?

A Docker registry is a storage and distribution system for named Docker images. It allows you to push, pull, and manage images, making it easier to share and deploy containerized applications. Docker Hub is a popular public Docker registry, but there are also private registries for internal use.

What is an ENTRYPOINT in docker?

ENTRYPOINT is one of the many instructions you can write in a dockerfile. The ENTRYPOINT instruction is used to configure the executables that will always run after the container is initiated. For example, you can mention a script to run as soon as the container is started. Note that the ENTRYPOINT commands cannot be overridden or ignored, even when you run the container with command line arguments.

FROM ubuntu 
RUN apt-get update && apt-get install -y nginx 
ENTRYPOINT ["nginx", "-g", "daemon off;"]

How to implement CI/CD in Docker?

To implement CI/CD in Docker:

Write a Dockerfile to containerize your application.
Set up a CI/CD tool (like Jenkins, GitLab CI, or GitHub Actions).
On code commit or merge:
- CI: Pull the code, build the Docker image, and run tests inside the container.
- CD: If tests pass, push the Docker image to a registry and deploy the container to the production environment.

Automate the steps above using your chosen CI/CD tool's pipelines or workflows.

Will data on the container be lost when the docker container exits?

Yes, any data that is created inside the container and is not stored on persistent storage (like Docker volumes or bind mounts) will be lost when the container exits. If you want to retain data, you need to use volumes or other storage mechanisms to persist it outside the container's filesystem.

What is a Docker swarm?

Docker Swarm is a native clustering and orchestration tool for Docker. It allows you to create and manage a group (or "swarm") of Docker nodes as a single virtual system, enabling container deployment, scaling, and networking across multiple hosts.

What are the docker commands for the following:

view running containers - "docker ps” or “docker container ls"
command to run the container under a specific name - docker exec -it <container name> <command>
command to export a docker - docker export [OPTIONS] CONTAINER
command to import an already existing docker image - docker images
commands to delete a container - docker rm -f < Container_ID>
command to remove all stopped containers, unused networks, build caches, and dangling images? - To additionally remove any stopped containers and all unused images (not just dangling images), add the -a flag to the command: docker system prune -a.

Happy Learning!

Docker Important interview Questions