Class 1 - Introduction to Docker and Kubernetes Flashcards

1
Q

What is containerization?

A

Containerization is a software which enables operating system to create multiple isolated user-space for applications.
Operating system could be running on physical hardware or virtual machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is created when a container is created is it Kernel space or user space?

A

User space is created for isolation. It uses linux utilities called namespace to isolate one container from other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Containerization vs Virualization

A

1) Containerization is to segregate application from the underlying OS. While virtualization is a way to create VM from hardware resources.
Cloud providers use mix of both.

2) In containerization it is easy to move software from one computing environment to another. Eg. from Dev -> Staging -> Production.
Virtual machine guest is more tightly tied to the underlying hypervisor and movement of application from dev to staging to production environment requires more effort.

3) Containers consumes less CPU, memory and disks.
While applications running on virtualization requires full stack of resource and result in more waste of resources.

4) Containers are more in line with the devops approach. It is more agile and easy to manage than virtualization.
Virtualization management is also easy but when it comes to port applications between different environment then it requires more efforts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How should we use baremetals? One way is either create one large machine and run multiple containers on top of the VM. Or create individual VMs and then deploy containers.

A

In the first approach we get more computing resources and it will be faster as containers are running directly on top of OS.
In case of other approach it will be bit slower as there is one additional hop that needs to be jumped. But it is more resilient as even if one VM goes down we have other VM to work with.

It is a tradeoff.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are containers?

A

Containers are type of virtualization technology which uses host operating system kernel to run multiple guest instances.
Container is nothing but running instance of image. Image consists of libraries, binaries and the corresponding RootFS required by container to run.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is docker?

A

Docker is a container engine that is used to create containers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What things does each container have its own?

A
Root file system
Networking IPs and ports, hostnames
Processes
Devices
Memory

A container will not show process related to other containers or host machine.
You can assign memory and CPU to container. This can be done using docker or by kubernetes. Both have different ways.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is used to map networking from docker container to host machine networking?

A

There is a bridge called docker0, which takes care of mapping the network interface inside the container to network interface on the host machine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which linux kernel features does docker use to achieve containerization?

A

It uses cgroups, namespaces, chroot and others to provide resource isolation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Is the statement “Docker enables containerization” true? And elaborate

A

No, docker uses kernel to achieve containerization. It is the inherent property of underlying OS to enable containerization. That is why till long time docker did not support windows as there was no support for containerization in Windows.
Docker enables management of containers and images.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Can we create containers in Linux without container engine like docker?

A

Yes, we can use “unshare” command in Linux to create isolations or containers. It helps you in creating namespaces like mount namespace, IPC namespace, network namespace, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does chroot feature provide?

A

chroot command allows every container to have its own root filesystem, which is completely distinct from root filesystem from host machine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does cgroup feature provide?

A

cgroup allows you to give resources, provide CPU, memory to particular containers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How many types of containers are there?

A

There are two types of containers:
1) Regular containers
NGinx
2) Privileged containers (lesser isolation as compared to regular container)
This container can make changes to actual root FS to host file system. Eg. ElasticSearch container requires some changes to systemctl etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Docker ecosystem

A

1) Docker Engine - primary daemon which helps you in creating containers.
Dockerd and docker CLI.

2) Docker Hub - store images. Provider by Docker Inc.
We pull images from repository.

3) Docker Machine - is a tool which interacts with underlying cloud providers. It automatically provisions Docker hosts and install the Docker Engine on them.

  • It creates additional hosts on your own computer.
  • Creates hosts on cloud providers.
  • Machine creates the server, installs Docker and configures the Docker client.

4) Docker Swarm (Very similar to Kubernetes)
Docker swarm helps you in creating clusters. Docker swarm helps you in clustering multiple docker hosts and providing a single overlay network across all the hosts.

A single docker host is a standalone entity. When we want HA, disaster recovery etc we need cluster. So to do that we need swarm.

Without swarm, any container running on docker host 1 will be able to communicate with other containers running on docker host 1.
To allow communication across multiple docker hosts, we use docker swarm. It creates one single overlay network across all hosts.

5) Docker Compose
Allows you to create multiple container applications.
Allows providing dependencies.
Compose will spin up all your containers in a single command. Each container runs a particular component/service of your application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is overlay network?

A

Overlay network is a private subnet, spans across multiple docker hosts. Putting all of them together in a single network itself.

17
Q

What is the primary use case of Docker machine?

A

For autoscaling, when lets say you have CPU pressure, you will use docker machine to communicate with underlying cloud provider to create new machines.

18
Q

Which are the namespaces available in Linux?

A

1) PID namespace - a way to isolate processes.
The container is only aware of its processes.

2) Network namespace
3) Mount namepsace
create mounts inside container. each container has its own /tmp, /var or even have an entirely different userspace.
4) IPC namespace
- Memory segment
- Semaphores
- Queues
The two containers are able to create shared memory segments and semaphores with same name but are nto able to interact with other containers memory segments or shared memory.

5) UTS namespace
It is the reason why we can give name to containers. Name acts as hostname to container.
This isolation allows each container to have its own hostname and NIS domain name

19
Q

What does this command provide us

ls -ltra /proc//ns

A

This gives us list of which namespace is current process pointing to.

20
Q

Give example of sample Dockerfile that modifies default index.html of NGINX image

A

FROM nginx:latest

COPY index.html /usr/nginx/html/index.html

21
Q

What is the difference between CMD and ENTRYPOINT in Dockerfile?

A

CMD is used when you want to run a particular script/executable once a container starts.

ENTRYPOINT allows you to have location of script which once again will be run JUST like CMD when the container starts. But in this case the image itself will behave as an executable, which means you can pass arguments to container in case of ENTRYPOINT.
You can provide arguments to docker run command which will pass the arguments to ENTRYPOINT script.

22
Q

What is Hypervisors?

A

A hypervisor, also known as a virtual machine monitor, is a process that creates and runs virtual machines (VMs). A hypervisor allows one host computer to support multiple guest VMs by virtually sharing its resources, like memory and processing.

23
Q

Different types of Hypervisors?

A

1) Bare metal
run directly on the host’s hardware.
2) Hosted
run as a software layer on an operating system, like other computer programs.

24
Q

Why use Hypervisors?

A

Hypervisors make it possible to use more of a system’s available resources and provide greater IT mobility since the guest VMs are independent of the host hardware. This means they can be easily moved between different servers.

25
Q

What is YAML?

A

It is markup language. Yet Another Markup Language.
Use this to provide data to a certain API or certain software. Human friendly. It is considered to be superset of JSON.
Any JSON file is a valid YAML file. But vice versa is not true.

It is main language for creating and managing PODS in K8s. It is used for holding system configuration, meta-data, and other settings.

26
Q

YAML notation basics and what characters are used

A

— “three dashes” is optional and is used to separate documents within a stream
Each block starts with “-“ a dash followed by a space.

Three “…” denote end of Document

# for comment
\: colon to separate key and value

pipe determines that value provided is multi-line string

27
Q

Datatypes in YAML

A

Scalars - strings and numbers
Sequences - aka arrays or lists
Mapping - aka hashes / dictionaries

28
Q

Why container orchestration?

A

When you have multiple docker hosts (independent) running certain containers, when it comes to managing multiple docker hosts, so that they are part of single cluster.
When it comes to cluster management, monitoring cluster, it is difficult to use docker alone. Multiple docker hosts which are part of the same subnet or are behaving as a large single host.
This is where the container orchestration comes into the picture.

29
Q

What are responsibilities of container orchestrator?

A
  • Manages scalability, availability and networking of containers.
  • Manage the timing of container creation and deletion
  • Helps in monitoring the cluster i.e. group of hosts
  • Helps in container configuration in order to allow containers to communicate with each other.

Outside reference:
Software teams use container orchestration to control and automate many tasks:

Provisioning and deployment of containers
Redundancy and availability of containers
Scaling up or removing containers to spread application load evenly across host infrastructure
Movement of containers from one host to another if there is a shortage of resources in a host, or if a host dies
Allocation of resources between containers
External exposure of services running in a container with the outside world
Load balancing of service discovery between containers
Health monitoring of containers and hosts
Configuration of an application in relation to the containers running it

30
Q

Which are available container orchestrators?

A
  • Docker Swarm
  • Kubernetes (K8s)
  • Apache Mesos
31
Q

Layer diagram of Container Orchestration

A

From top to bottom

  • Web apps and services
  • Orchestration (spans across multiple container runtime)
    • Service Management
    • Scheduling
    • Resource Management
  • Container Runtime (multiple)
  • Machine and OS (multiple)
  • Machine infrastructure
32
Q

What does service management layer of orchestration do?

A

Service management is a way to expose your containers to other containers running inside your cluster or somewhere outside the cluster.
It manages routing of requests and responses to and from containers. Interaction between the containers.

33
Q

What does the scheduling layer of container orchestration do?

A

It allows you to assign a container to a node that is healthy enough to run the container. Like if you are running a heavy container like elasticsearch you would not want to run it on a 1 CPU and 1 GB memory node.
So the assignment of a container to a node is what scheduling is all about.

34
Q

What does the resource management layer of container orchestration do?

A

It manages the assignment of CPUs and Memory to the containers.

35
Q

Compare docker swarm vs k8s

A

Docker swarm

  • Services are easily discoverable throught the whole network
  • Runs easily with other docker tools
  • Local volume can be shared easily
  • Provides quick container deployment as well as scaling even in large clusters

K8s

  • Containers are defined as services which makes them easily discoverable in Kubernetes
  • It can easily run on any operating system
  • Volume is shared within the pods
  • It provides strong guarantees at the expense of speed to cluster states
36
Q

Can a pod have multiple containers?

A

Yes pod is an abstraction over multiple containers. Pod != Single docker container. A pod can have multiple containers and it encapsulates one or more containers.

37
Q

What is k8s?

A

K8s is an open source, portable platform for automating container deployments, scaling and management of containerized workloads and applications.
It groups containers that make up an application into logical units for easy management and discovery.
Hence it’s called container orchestration tool.