Installation and Configuration (15%)

Question 1

What is the recommended way of installing Docker

Answer 1

set up docker repositories

install from them for the ease of installation and upgrade tasks.

Question 2

How to upgrade docker-engine?

Answer 2

sudo apt-get update

install docker from the instructions from here

Question 3

How to uninstall docker?

Answer 3

sudo apt-get purge docker-ce

sudo rm -rf /var/lib/docker

Question 4

126. Are Images, containers, volumes, or customized configuration files on your host are not automatically removed when you uninstall docker?

Answer 4

No. You need to explicitly delete those

Question 5

How to add the user to the Docker group and use docker as a non-root user?

Answer 5

sudo usermod -aG docker your-user

Question 6

128. What are the ways to install docker?

Answer 6

1. using repositories
2. using DEB package
3. using convience scripts

Question 7

133. What are the recommended storage drivers on different distributions?

Answer 7

Centos: overlay2

Ubuntu supports overlay2, aufs and btrfs storage drivers. Overlay2 is the default one

Question 8

134. What are all the release channels that Docker CE supports?

Answer 8

Stable gives you latest releases for general availability.Test gives pre-releases that are ready for testing before general availability.Nightly gives you latest builds of work in progress for the next major release

Question 9

135. Where are the Docker-CE binaries available?

Answer 9

Docker Engine - Community binaries for a release are available on download.docker.com as packages for the supported operating systems.

Question 10

136. Where are the Docker-EE binaries available?

Answer 10

Docker Hub

Question 11

137. What are logging drivers?

Answer 11

Docker has multiple mechanisms to get the logging information from running docker containers and services. These mechanisms are called logging drivers

Question 12

138. How to configure a logging driver for the Docker daemon so that all the containers use it?

Answer 12

configure log-driver in /etc/docker/daemon.json{ “log-driver”: “syslog”}

Question 13

139. Whats is the default logging driver?

Answer 13

json-file

Question 14

140. If you have configurable options for your logging driver how do you specify?

Answer 14

use log-opts in the daemon.json file{ “log-driver”: “json-file”, “log-opts”: { “max-size”: “10m”, “max-file”: “3”, “labels”: “production_status”, “env”: “os,customer” }}

Question 15

141. How to find the logging driver for the Docker daemon?

Answer 15

docker info –format ‘{{.LoggingDriver}}’

Question 16

142. How to configure a logging driver for a container?

Answer 16

docker run -it –log-driver json-file –log-opt max-size=10m alpine ash

Question 17

143. What are the available logging drivers for the Docker CE edition?

Answer 17

json-file
local
journald

Question 18

144. If the swarm loses the quorum of managers it loses the ability to perform management tasks. Is this statement correct?

Answer 18

Yes

Question 19

145. If the swarm loses quorum all the existing tasks and services are all deleted. Is this statement correct?

Answer 19

No. All the existing tasks will continue to run. But, new nodes cannot be added and new tasks can’t be created.

Question 20

146. We should use a fixed IP address for the advertise address to prevent the swarm from becoming unstable on machine reboot. Is this statement correct?

Answer 20

Yes. If the whole swarm restarts and every manager node subsequently gets a new IP address, there is no way for any node to contact an existing manager. Therefore the swarm is hung while nodes try to contact one another at their old IP addresses.

Question 21

147. You should maintain an odd number of managers in the swarm to support manager node failures. Is this statement correct?

Answer 21

Yes

Question 22

148. I have manager nodes 3, 5, 7, 9. How do you distribute these manager nodes on availability zones so that If you suffer a failure in any of those zones, the swarm should maintain the quorum of manager nodes

Answer 22

Manager Nodes Availability Zones 3 1-1-1 5 2-2-1 7 3-2-2 9 3-3-3

Question 23

149. How to drain the node

Answer 23

docker node update –availability drain

Question 24

150. How to cleanly rejoin a manager node in the cluster?

Answer 24

1. To demote the node to a worker, run docker node demote
2. To remove the node from the swarm, run docker node rm
3. Re-join the node to the swarm with a fresh state using docker swarm jo

Question 25

151. How to forcibly remove a node?

Answer 25

docker node rm –force

Question 26

152. If you want to remove a manager node you need to demote it to a worker role first. Is this statement correct?

Answer 26

Yes. You must ensure that there is a quorum

Question 27

153. What is the location where swarm managers save the swarm state?

Answer 27

/var/lib/docker/swarm

Question 28

154. How to backup the swarm?

Answer 28

1. If autolock is enabled. You must unlock the swarm2. stop the docker on the manager node so that you don’t have unpredictable results3. save the entire contents of /var/lib/docker/swarm4. start the manager

Question 29

155. How to restore swarm from the backup?

Answer 29

1. shut down the docker on the targeted machine
2. Remove the contents of /var/lib/docker/swarm
3. Restore the /var/lib/docker/swarm directory from the backup
4. Start the docker on the node so that it doesn’t connect to old ones
   docker swarm init –force-new-cluster
5. Verify the state of the swarm
   docker service ls
6. rotate the autolock key
7. Add manager and worker nodes for the required capacity
8. backup this swarm

Question 30

156. What is a team in the DTR?

Answer 30

A team defines the permissions a set of users have for a set of repositories.

Question 31

157. What are all the permission levels that teams could have?

Answer 31

Read Only: View repository and pull images.

Read Write: View repository, pull and push images.

Admin: Manage repository and change its settings, pull and push images.

Question 32

158. Where is the Docker daemon directory?

Answer 32

/var/lib/docker on Linux

C:\ProgramData\docker on Windows

Question 33

159. How to enable the debugging on Docker daemon

Answer 33

1. add this flag in /etc/docker/daemon.json{ “debug”: true}2. Send a HUP signal to the daemon to cause it to reload its configuration.sudo kill -SIGHUP $(pidof dockerd)

Question 34

160. How to check whether Docker is running?

Answer 34

// all these can be used depending on the operating system
docker info
sudo systemctl is-active docker
sudo status docker
sudo service docker status

Question 35

161. What are the hardware and software requirements for UCP?

Answer 35

Minimum

1. 8GB of RAM for manager nodes or nodes running DTR
2. 4GB of RAM for worker nodes
3. 3GB of free disk space

Recommended

1. 16GB of RAM for manager nodes or nodes running DTR
2. 4 vCPUs for manager nodes or nodes running DTR
3. 25-100GB of free disk space

Question 36

162. What products that Docker EE contains?

Answer 36

UCP
DTR
Docker Engine with enterprise-grade support,

Question 37

163. Where is the location of the custom certificates?

Answer 37

/etc/docker/certs.d

Question 38

164. What are the ports that DTR uses?

Answer 38

80/tcp - Web app and API client access to DTR.443/tcp - Web app and API client access to DTR

Question 39

165. DTR needs to be installed on a worker node that is being managed by UCP. You can’t install DTR on a standalone Docker engine. Is this statement correct?

Answer 39

Yes

Question 40

166. How to backup the UCP

Answer 40

To create a UCP backup, run the docker/ucp:2.2.22 backup command on a single UCP managerdocker container run \ –log-driver none –rm \ –interactive \ –name ucp \ -v /var/run/docker.sock:/var/run/docker.sock \ docker/ucp:2.2.22 backup \ –id \ –passphrase “secret” > /tmp/backup.tar

Question 41

How to restore the UCP

Answer 41

docker/ucp:2.2.22 restore –passphrase “secret”

docker container run –rm -i –name ucp \
-v /var/run/docker.sock:/var/run/docker.sock \
docker/ucp:2.2.22 restore –passphrase “secret” < /tmp/backup.tar

Question 42

You need to backup the UCP on the single manager node since Docker maintains the same UCP state in all the manager nodes. Is this statement correct?

Answer 42

Yes

Question 43

How to backup the DTR?

Answer 43

To perform a backup of a DTR node, run the docker/dtr backup command.

Question 44

DTR requires that a majority (n/2 + 1) of its replicas are healthy at all times for it to work. So if a majority of replicas are unhealthy or lost, the only way to restore DTR to a working state is by recovering from a backup. Is this statement correct?

Answer 44

Yes

Question 45

How to configure Docker to start on boot?

Answer 45

sudo systemctl enable docker