General

Question 1

Which one is more portable: containers or VMs?

Answer 1

Containers. They are more lightweight and therefore, more portable

Question 2

Can containers run inside VMs?

Answer 2

Yes

Question 3

Are the majority of containers in circulation Linux or Windows based?

Answer 3

Linxus based. They are smaller than Windows containers

Question 4

What is Docker?

Answer 4

Docker is a platform for building and managing containers

Question 5

Since Docker is Linux based, how is it possible for it to run on Windows or Mac?

Answer 5

Docker runs inside a VM for Windows (WSL 2) and Mac

Question 6

Give an illustration of Docker’s architecture

Answer 6

1. Docker Client (CLI, Docker Desktop communcaties with dockerd)
2. dockerd (Restful API that delegates to containerd)
3. containerd (Manages the lifecycle of containers)
4. runc (container runtime that executes containers)
5. Host OS
6. Host hardware

Question 7

Describe the role of dockerd

Answer 7

dockerd provides an API to docker clients. It delegates most of the work to containerd

Question 8

Describe the role of containerd

Answer 8

containerd manages images and the lifecycle of containers. it uses instances of runc to build, run, and remove containers by passing an image to it

Question 9

What is the role of runc

Answer 9

runc is a stand-alone container runtime that interacts with the host OS to build, run, and remove containers. As soon as containers are built, runc terminates and the containerd’s shim process becomes the parent process for the running container. This is done so that Docker avoids having dozens of runc instances for running containers

Question 10

Is a docker host and a docker node the same thing?

Answer 10

Yes

Question 11

What is the role of a shim?

Answer 11

To become the parent process of a container after runc creates it. It also reports back to containerd when a container terminates

Question 12

What is a container?

Answer 12

A container is an instance of an image

Question 13

What is a Dockerfile?

Answer 13

A Dockerfile is a file containing all of the instructions necessary to build a container image. Dockerfiles are normallyu located in the root directory of an application.

docker build [Options] [path]

Is the command used to build images by specifying the path to the Dockerfile

Question 14

What is an image and what is it composed of?

Answer 14

An image is a template for building containers. It is composed of a stack of independent layers where the base layer is usually a lightweight OS (no kernel) that provides a CLI to interact with the container

Question 15

What is a registry?

Answer 15

A registry is a collection of repositories for images. Docker Hub is the default registry for Docker Desktop

Question 16

Give an illustration of the structure of a registry

Answer 16

1. Registry
2. N Repositories per registry
3. N images per repository

Question 17

What happens when you don’t specify a tag when pulling an image?

Answer 17

The “latest” tag is used implicitly

Question 18

True or False

It’s a good practice to specify the version of the image you are pulling instead of using the “latest” tag

Answer 18

True

Question 19

How do image layers make images more space efficient?

Answer 19

Image layers can be shared by different images. This means that image layers can be stored locally and be reused by multiple images

Question 20

What is a digest and why is it used?

Answer 20

A digest is a hash over the contents of an image. It is used so that an image can be recognized even if it happens to have the same name as another image but with older code

Question 21

What is a manifest list and what is it used for?

Answer 21

A manifest list is a list of the CPU architectures that an image supports. Each CPU architecture has its own manifest that lists the layers used to build that image. This makes it easy to pull images with the right CPU architecture since Docker pulls the proper image by parsing the manifest list

Question 22

If you have 2 images stored locally and they have some layers in common, will deleting one of the images remove all of the layers stored locally?

Answer 22

No. If there is another image that shares some of the layers, those layers that are being shared will not be deleted until the second image is deleted

Question 23

What is Docker buildx?

Answer 23

Docker buildx is a plugin that extends the Docker CLI to support multi-arch builds

Question 24

What happens if you kill the main process (PID 1) of a container?

Answer 24

The container will also be killed

Question 25

Does stopping a container destroy the data that was persisted inside of it?

Answer 25

No. However, it’s important to remember that containers are designed to be immutable and persisting data inside them is an anti-pattern. You should use volumes instead

Question 26

Where can you specify what app should be loaded by default when running a container?

Answer 26

Dockerfile Entrypoint

Question 27

When specifying the layers in a dockerfile, which layers should be at the top?

Answer 27

The layer that is bound to be changed the most so that caching can be optimized.

Question 28

Should dockerfiles be kept in a VCS?

Answer 28

Yes

Question 29

Do images need to be tagged before you can push them?

Answer 29

Yes

Question 30

Which of the following dockerfile commands build layers and which provide metadata: FROM, RUN, COPY, EXPOSE, WORKDIR, ENV, ENTRYPOINT?

Answer 30

Build layers:
* FROM
* RUN
* COPY

Provide metadata:
* EXPOSE
* WORKDIR
* ENV
* ENTRYPOINT

Question 31

What is the purpose of using multi-stage builds?

Answer 31

The end result is a tiny production image with nothing but the binary inside. None of the build tools required to build the application are included in the resulting image

Question 32

Does each container have its own hostname, IP address, and ports?

Answer 32

Yes. Each container has its own hostname, which by default is its own container ID. Each container also has its own IP address for every network it attaches to. Technically, a container receives an IP address out of the IP subnet of the network.

Question 33

What is a volume?

Answer 33

A volume is a directory in the host machine that can be mounted to a directory inside a container so that data generated by the container can be persisted externally

Question 34

Does a volume increase the size of the containers using it?

Answer 34

No

Question 35

Will a volume’s data continue to persist outside a container’s lifecycle?

Answer 35

By default, data will continue to persist even if a container has been stopped or removed. There are CLI commands that can override this behavior.

Question 36

What is the Container Layer?

Answer 36

The Container Layer is a writable layer that sits on top of the container image layers. The container layer is created when a container is executed. Essentially, all changes made to the running container, such as writing new files, modifying existing files, and deleting files, are written to this thin writable container layer. This layer is also ephemeral, which means that when the container is deleted, the contents of the writable layer are also deleted.