Image Creation, Management, and Registry (20%) Flashcards

Image Creation, Management, and Registry (20%)

1
Q

Which instruction sets the base image for the subsequent builds in the Dokcerfile?

A

FROM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

No instruction can precede FROM in the Dockerfile. Is this statement correct?

A

No. ARG is the only instruction can precede FROM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the two forms for the RUN instruction?

A

shell form: RUN

exec form: RUN [“executable”, “param1”, “param2”]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does the RUN instruction do in the Dockerfile?

A

The RUN instruction will execute any commands in a new layer on top of the current image and commit the results.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The RUN command normally utilizes cache from the previous build. Which flag should you specify for the build not to use cache?

A

–no-cache

docker build –no-cache .

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Is there any other instruction that can invalidate the cache?

A

Yes. ADD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How many forms that CMD instruction has?

A

CMD [“executable”,”param1”,”param2”] (exec form, this is the preferred form)

CMD [“param1”,”param2”] (as default parameters to ENTRYPOINT)

CMD command param1 param2 (shell form)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

If CMD instruction provides default arguments for the ENTRYPOINT instruction, both should be specified in JSON format. Is this statement correct?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the purpose of the CMD instruction in the Dockerfile?

A

The main purpose of a CMD is to provide defaults for an executing container. These defaults can include an executable, or they can omit the executable, in which case you must specify an ENTRYPOINT instruction as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How to make your container execute the same executable every time?

A

use ENTRYPOINT in combination with CMD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of the LABEL instruction in the Dockerfile?

A

It adds metadata to the Image

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How to check the labels for the current image?

A

docker inspect // Under Labels section

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The EXPOSE instruction actually publish the port. Is this statement correct?

A

No. It serves as a type of documentation between the image publisher and image consumer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What should you do to actually publish the ports?

A

use -p flag when running a container

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the purpose of the ENV instruction in the Dockerfile?

A

ENV an ENV instruction sets the enviroment value to the key and it is available for the subsequent build steps and in the running container as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How to change the environment variables when running containers?

A

docker run –env =

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the difference between ADD and COPY instructions?

A

ADD [–chown=:] … The ADD instruction copies new files, directories or remote file URLs from and adds them to the filesystem of the image at the path .COPY [–chown=:] … The COPY instruction copies new files or directories from and adds them to the filesystem of the container at the path .

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is ENTRYPOINT instruction in the Dockerfile?

A

An ENTRYPOINT allows you to configure a container that will run as an executable.Command line arguments to docker run will be appended after all elements in an exec form ENTRYPOINT, and will override all elements specified using CMD.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How can you override the ENTRYPOINT instruction?

A

docker run –entrypoint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the VOLUME instruction in the Dockerfile?

A

The VOLUME instruction creates a mount point with the specified name and marks it as holding externally mounted volumes from native host or other containers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What initializes the newly created Volume?

A

docker run -v

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is the USER instruction in the Dockerfile?

A

The USER instruction sets the user name (or UID) and optionally the user group (or GID) to use when running the image and for any RUN, CMD and ENTRYPOINT instructions that follow it in the Dockerfile.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the WORKDIR instruction in the Dockerfile?

A

The WORKDIR instruction sets the working directory for any RUN, CMD, ENTRYPOINT, COPY and ADD instructions that follow it in the Dockerfile.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

You have specified multiple WORKDIR instructions in the Dockerfile what is the result WORKDIR?

A
WORKDIR /a
WORKDIR b
WORKDIR c
RUN pwd
result: /a/b/c
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is the ARG instruction in the Dockerfile?

A

ARG [=]The ARG instruction defines a variable that users can pass at build-time to the builder with the docker build command using the –build-arg = flag.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the ONBUILD instruction in the Dockerfile?

A

The ONBUILD instruction adds to the image a trigger instruction to be executed at a later time, when the image is used as the base for another build.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which instruction sets the system call signal that will be sent to the container to exit?

A

STOPSIGNAL signal

28
Q

Which instruction let Docker daemon know the health of the container?

A

HEALTHCHECK

29
Q

What are all the options that can be provided for the HEALTHCHECK instruction?

A
  • -interval=DURATION (default: 30s)
  • -timeout=DURATION (default: 30s)
  • -start-period=DURATION (default: 0s)
  • -retries=N (default: 3
30
Q

What is the SHELL instruction in the Dockerfile?

A

The SHELL instruction allows the default shell used for the shell form of commands to be overridden. The default shell on Linux is [“/bin/sh”, “-c”], and on Windows is [“cmd”, “/S”, “/C”]. The SHELL instruction must be written in JSON form in a Dockerfile.

31
Q

Create ephemeral containers is considered best practice?

A

Yes

32
Q

What should you do if you want to exclude some files while executing the docker build image and don’t want to send all the files to Docker daemon?

A

use .dockerignore file

33
Q

What is the best way to drastically reduce the size of an image?

A

Multi Stage Builds

34
Q

How do you minimize the number of layers while building the image?

A

Only the instructions RUN, COPY, ADD create layers.Where possible, use multi-stage builds, and only copy the artifacts you need into the final image.sort multi line argumentsRUN apt-get update && apt-get install -y \ bzr \ cvs \ git \ mercurial \ subversion

35
Q

How to leverage the build cache?

A

Put instructions that likely to change often at the bottom of the dockerfile.

36
Q

How to remove unused images?

A

docker image prune

37
Q

How to see the history of the image?

A

docker image history

38
Q

How to format the output of the docker inspect command?

A
by using --format flag
//examples
docker inspect --format='{{range .NetworkSettings.Networks}}{{.MacAddress}}{{end}}' $INSTANCE_IDdocker inspect --format='{{.LogPath}}' $INSTANCE_ID
39
Q

How to tag an image?

A
docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
docker tag 0e5574283393 fedora/httpd:version1.0 
// by id
docker tag httpd fedora/httpd:version1.0 
// by name
docker tag httpd:test fedora/httpd:version1.0.test // by name and tag
docker tag 0e5574283393 myregistryhost:5000/fedora/httpd:version1.0
40
Q

How to run a local registry?

A

docker run -d -p 5000:5000 –restart=always –name registry registry:2

41
Q

How to copy an image from the docker hub to a local repository?

A
// pull an image from the Docker Hub
docker pull ubuntu
// tag an image
docker tag ubuntu:16.04 localhost:5000/my-ubuntu
// push the image
docker push localhost:5000/my-ubuntu
42
Q

How to stop and remove a local registry?

A

docker container stop registry && docker container rm -v registry

43
Q

How to display the layers of the Docker image?

A

docker image inspect //under Layers section

44
Q

How to create a Docker image from archive or stdin?

A
docker image load
// example
docker image load -i example.tar
45
Q

How to modify an image to a single layer?

A
// take any multiple layer image
// run the container
docker export  > single-layer.tar
docker import /path/to/single-layer.tar
// check the history
docker image history
46
Q

Each layer is only a set of differences from the layer before it. The layers are stacked on top of each other. Is this statement about the image correct?

A

Yes

47
Q

When you create a container It adds one writable layer on top of all the layers of the image. Is this statement about the image correct?

A

Yes

48
Q

What is the copy-on-write (CoW) strategy?

A

Copy-on-write is a strategy of sharing and copying files for maximum efficiency. If a file or directory exists in a lower layer within the image, and another layer (including the writable layer) needs read access to it, it just uses the existing file. The first time another layer needs to modify the file (when building the image or running the container), the file is copied into that layer and modified. This minimizes I/O and the size of each of the subsequent layers.

49
Q

How to customize the registry while deploying?

A
// customize published port
docker run -d \  -p 5001:5000 \  --name registry-test \  registry:2
// If you want to change the port the registry listens on within the container
docker run -d \  -e REGISTRY_HTTP_ADDR=0.0.0.0:5001 \  -p 5001:5001 \  --name registry-test \  registry:2
// storage customization
docker run -d \  -p 5000:5000 \  --restart=always \  --name registry \  -v /mnt/registry:/var/lib/registry \  registry:2
50
Q

How to configure a registry?

A

The Registry configuration is based on a YAML file. you can specify a configuration variable from the environment by passing -e arguments to your docker run stanza or from within a Dockerfile using the ENV instruction.// for example you have a configuration like this for root directorystorage: filesystem: rootdirectory: /var/lib/registry// you can create environment variable like thisREGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/somewhereit will change from /var/lib/registry to /somewhere

51
Q

What is the location of the registry configuration file?

A

/etc/docker/registry/config.yml

52
Q

How to customize an entire config file of registry?

A

docker run -d -p 5000:5000 –restart=always –name registry \ -v pwd/config.yml:/etc/docker/registry/config.yml \ registry:2

53
Q

How to login to a self-hosted registry?

A

docker login localhost:5000

54
Q

Where do you configure any credential helpers or credentials for the registry to prevent passing every time you log in?

A

/etc/docker/daemon.json

55
Q

How to limit the number of records when docker search?

A

docker search nginx –limit=2

56
Q

How to format the docker search?

A

docker search –format “{{.Name}}: {{.StarCount}}” nginx

57
Q

How to disable Image signing while pushing an image to the repository?

A

docker push [OPTIONS] NAME[:TAG]–disable-content-trust=true

58
Q

How to enable docker content trust in the Docker CLI?

A

export DOCKER_CONTENT_TRUST=1docker push //:

59
Q

How to pull an image from the repository?

A

docker pull [OPTIONS] NAME[:TAG|@DIGEST]// pulling from docker hub by defaultdocker pull debian// pulling from other repositoriesdocker pull myregistry.local:5000/testing/test-image

60
Q

How to pull an image with multiple images?

A

NAME?

61
Q

How to remove all images which are not used by existing containers?

A

docker image prune -a

62
Q

How to limit the scope when pruning images?

A

by uisng –filter flag

docker image prune -a –filter “until=24h”

63
Q

How to remove an image?

A

docker rmi

64
Q

How to remove image without deleting the untagged parent images?

A

docker rmi –no-prune

65
Q

How to delete an image from the repository?

A

login into DTR web UI
go to the TAGS section
delete the specific TAG
you can also delete all images by deleting the entire repository