Docker Flashcards
What is Docker?
Docker is a tool designed to make it easier to create, deploy, and run applications by using containers.
Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ships it all out as one package.
Docker is an Open Source software. It provides the automation of Linux application deployment in a software container.
We can do operating system level virtualization on Linux with Docker.
Docker can package software in a complete file system that contains software code, runtime environment, system tools, & libraries that are required to install and run the software on a server.
What are the common use cases of Docker?
Some of the common use cases of Docker are as follows:
a, Setting up Development Environment
b, Testing automation set-up
c, Production Deployment
I. Setting up Development Environment: We can use Docker to set the development environment with the applications on which our code is dependent.
II. Testing Automation Setup: Docker can also help in creating the Testing Automation setup. We can setup different services and apps with Docker to create the automation-testing environment.
III. Production Deployment: Docker also helps in implementing the Production deployment for an application. We can use it to create the exact environment and process that will be used for doing the production deployment.
What is the difference between Docker image and Docker container?
Docker container is simply an instance of a Docker image.
A Docker image is a snapshot of a container. We create a docker image with a build command.
How is a Docker container different from a hypervisor?
In a Hypervisor environment we first create a Virtual Machine and then install an Operating System on it. After that we deploy the application. The virtual machine may also be installed on different hardware configurations.
In a Docker environment, we just deploy the application in Docker. There is no OS layer in this environment. We specify libraries, and the rest of the kernel is provided by Docker engine.
In a way, Docker container and hypervisor are complementary to each other.
What is the most popular use of Docker?
The most popular use of Docker is in build pipeline. With the use of Docker, it is much easier to automate the development to deployment process in build pipeline.
We use Docker for the complete build flow from development work, test run and deployment to production environment.
What is the role of open source development in the popularity of Docker?
Since Linux was an open source operating system, it opened new opportunities for developers who want to contribute to open source systems.
One of the very good outcomes of open source software is Docker. It has very powerful features.
Docker has wide acceptance due to its usability as well as its open source approach of integrating with different systems.
What is Docker Swarm?
Docker Swarm is used to create a cluster environment. It can turn a group of Docker engines into a Single virtual Docker Engine. This creates a system with pooled resources. We can use Docker Swarm to scale our application.
What is a Docker Image?
Docker Image is the blue print that is used to create a Docker Container. Whenever we want to run a container we have to specify the image that we want to run.
There are many Docker images available online for standard software. We can use these images directly from the source.
The standard set of Docker Images is stored in Docker Hub Registry. We can download these from this location and use it in our environment.
We can also create our own Docker Image with the software that we want to run as a container.
What is a Docker Container?
A Docker Container is a lightweight system that can be run on a Linux operating system or a virtual machine. It is a package of an application and related dependencies that can be run independently.
Since Docker Container is very lightweight, multiple containers can be run simultaneously on a single server or virtual machine.
With a Docker Container we can create an isolated system with restricted services and processes. A Container has private view of the operating system. It has its own process ID space, file system, and network interface.
Multiple Docker Containers can share same Kernel.
What is Docker Machine?
We can use Docker Machine to install Docker Engine on virtual hosts. It also provides commands to manage virtual hosts.
Some of the popular Docker machine commands enable us to start, stop, inspect and restart a managed host.
Can we run more than one process in a Docker container?
Yes, a Docker Container can provide process management that can be used to run multiple processes.
What are the objects created by Docker Cloud in Amazon Web Services (AWS) EC2?
Docker Cloud creates following objects in AWS EC2 instance:
I. VPC: Docker Cloud creates a Virtual Private Cloud with the tag name dc-vpc. It also creates Class Less Inter-Domain Routing (CIDR) with the range of 10.78.0.0/16.
II. Subnet: Docker Cloud creates a subnet in each Availability Zone (AZ). In Docker Cloud, each subnet is tagged with dc-subnet.
III. Internet Gateway: Docker Cloud also creates an Internet gateway with name dc-gateway and attaches it to the VPC created earlier.
IV. Routing Table: Docker Cloud also creates a routing table named dc-route-table in Virtual Private Cloud. In this Routing Table Docker Cloud associates the subnet with the Internet Gateway.
What are the main security concerns with Docker based containers?
Docker based containers have following security concerns:
I. Kernel Sharing: In a container-based system, multiple containers share same Kernel. If one container causes Kernel to go down, it will take down all the containers.
In a virtual machine environment we do not have this issue.
II. Container Leakage: If a malicious user gains access to one container, it can try to access the other containers on the same host. If a container has security vulnerabilities it can allow the user to access other containers on same host machine.
III. Denial of Service: If one container occupies the resources of a Kernel then other containers will starve for resources. It can create a Denial of Service attack like situation.
IV. Tampered Images: Sometimes a container image can be tampered. This can lead to further security concerns. An attacker can try to run a tampered image to exploit the vulnerabilities in host machines and other containers.
V. Secret Sharing: Generally one container can access other services. To access a service it requires a Key or Secret. A malicious user can gain access to this secret. Since multiple containers share the secret, it may lead to further security concerns.
What are the main benefits of using Docker?
Docker is a very powerful tool. Some of the main benefits of using Docker are as follows:
I. Utilize Developer Skills: With Docker we maximize the use of Developer skills. With Docker there is less need of build or release engineers. Same Developer can create software and wrap it in one single file.
II. Standard Application Image: Docker based system allows us to bundle the application software and Operating system files in a single Application Image that can be deployed independently.
III. Uniform deployment: With Docker we can create one package of our software and deploy it on different platforms seamlessly.
Why do we use Docker on top of a virtual machine?
Generally we use Docker on top of a virtual machine to ensure isolation of the application. On a virtual machine we can get the advantage of security provided by hypervisor. We can implement different security levels on a virtual machine. And Docker can make use of this to run the application at different security levels.
