introduction Flashcards

1
Q

What is containerization?

A
  • is a software deployment process
  • bundles application’s code with libs and binaries
  • outputs images, based on layers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is created when a container is created is it Kernel space or user space?

A

User space is created for isolation. It uses linux utilities called namespace to isolate one container from other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the benefits of containerization?

A
  • Portability
    Software developers use containerization to deploy applications in multiple environments without rewriting the program code.
  • Scalability
    Containers are lightweight software components that run efficiently. Much lighter than VMs
  • Fault tolerance
    Containerized services operate in isolated user spaces, a single faulty container doesn’t affect the other containers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are containers?

A
  • Containers are lightweight packages of your application code
  • Containers are executable units of software
  • Container contain application code along with its libraries and dependencies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is docker?

A

Docker is a container engine that is used to create containers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What things does each container have its own?

A
  • Root file system
  • Networking IPs and ports
  • hostnames
  • Processes
  • Devices
  • Memory

A container will not show process related to other containers or host machine.You can assign memory and CPU to container. This can be done using docker or by kubernetes. Both have different ways.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is used to map networking from docker container to host machine networking?

A

There is a bridge called docker0, which takes care of mapping the network interface inside the container to network interface on the host machine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which linux kernel features does docker use to achieve containerization?

A

It uses cgroups, namespaces, chroot and others to provide resource isolation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Is the statement “Docker enables containerization” true? And elaborate

A

No, docker uses kernel to achieve containerization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does chroot feature provide?

A

chroot command allows every container to have its own root filesystem, which is completely distinct from root filesystem from host machine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does cgroup feature provide?

A

cgroup allows you to give resources, provide CPU, memory to particular containers.

control groups for collection of processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How many types of containers are there?

A
  • Regular containers: NGINX
  • Privileged containers: lesser isolation, container can make changes to actual root FS to host file system. Less secure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Docker ecosystem

A
  • Docker Engine - primary daemon which helps you in creating containers: Dockerd and docker CLI
  • Docker Hub : store images, image registry
  • Docker Machine interacts with cloud providers. Creates hosts on cloud providers
  • Docker Swarm Very similar to Kubernetes
  • Docker Compose Compose can spin up many containers with dependencys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is overlay network?

A
  • Overlay network is a private subnet
  • spans across multiple docker hosts.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which are the namespaces available in Linux?

A

1) PID namespace - a way to isolate processes.The container is only aware of its processes.
2) Network namespace
3) Mount namepsace create mounts inside container
4) IPC namespace - Memory segment - Semaphores - Queues(The two containers are able to create shared memory segments and semaphores with same name)
5) UTS namespace hostname, nis name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does this command provide us >lsns

A

This gives us list of namespaces

17
Q

Give example of sample Dockerfile that modifies default index.html of NGINX image

A

FROM nginx:latest
COPY index.html /usr/nginx/html/index.html

18
Q

What is the difference between CMD and ENTRYPOINT in Dockerfile?

A
  • ENTRYPOINT is the App or binary
  • CMD is the parameter for the App or binary

ENTRYPOINT [“/usr/bin/my-app”]

CMD [“help”]

19
Q

What is a Hypervisor?

A

A hypervisor, also known as a virtual machine monitor, is a process that creates and runs virtual machines (VMs). A hypervisor allows one host computer to support multiple guest VMs by virtually sharing its resources, like memory and processing.

20
Q

Different types of Hypervisors?

A

1) Bare metal run directly on the host’s hardware.
2) Hosted run as a software layer on an operating system, like other computer programs. (VirtualBox)

21
Q

Why use Hypervisors?

A

Hypervisors make it possible to use more of a system’s available resources and provide greater IT mobility since the guest VMs are independent of the host hardware. This means they can be easily moved between different servers.

22
Q

What is YAML?

A
  • Yet Another Markup Language.
  • matches user’s expectations, human friendly !!!
  • superset of JSON
  • YAML is case sensitive
  • no tabs
23
Q

YAML notation basics and what characters are used

A

flow style

Basics spaces are important!

”#” comment
“—” new document
“- “ Conventional Block Format
Sequence: “[milk, groceries, eggs, juice, fruits]”
Map: “{name: John Smith, age: 33}”

elements in start sequence [e1…
# only block style in start sequence
- e1
- e2
# Sequence, flow s.
- [x, x2]
# Sequence with map, flow s.
- [x, x3: h]
# Map block and flow mixed
~~~
- map:
map2: {e1: x, e2: x2}
map3:
- a
- a: x
~~~

24
Q

Datatypes in YAML

A
  • Scalars - strings and numbers
  • Sequences - aka arrays or lists
  • Mapping - aka hashes / dictionaries
25
Q

Why container orchestration?

A

When it comes to cluster container management,
* monitoring
* scaling
* managing cluster, it is very difficult

26
Q

What are responsibilities of container orchestrator?

A
  • scalability
  • availability redundancy
  • networking
  • timing of container creation and deletion
  • monitoring the cluster
  • container communication, port exposing.
  • Provisioning and deployment of containers
  • load evenly across host infrastructure
  • Movement of containers from one host to another if a host dies
  • Allocation of resources between containers
  • Load balancing
  • Configuration of an application in relation to the containers running it
27
Q

Which are available container orchestrators?

A
  • Docker Swarm
  • Kubernetes (K8s)
  • Apache Mesos
28
Q

Layer diagram of Container Orchestration

A

From top to bottom
1. Web apps and services
2. Orchestration
3. Service Management
4. Scheduling
5. Resource Management
6. Container Runtime (multiple)
7. Machine and OS (multiple)- Machine infrastructure

29
Q

What does service management layer of orchestration do?

A
  • expose containers (to inside outside of the cluster)
  • manages routing
30
Q

What does the scheduling layer of container orchestration do?

A

Pods are matched to a nodes that fits requirements

31
Q

What does the resource management layer of container orchestration do?

A

It manages the assignment of CPUs and Memory to the containers.

32
Q

Can a pod have multiple containers?

A

Yes pod is an abstraction over 1..n containers.

33
Q

What is k8s?

A

K8s is an open source, portable platform for
* automating container deployments,
* scaling and management of containerized workloads and applications.

34
Q

What are namespaces

A
  • Namespaces are a feature of the Linux kernel
  • that partitions kernel resources such that one set of processes sees one set of resources while another set of processes sees a different set of resources
35
Q

Types of Linux namespaces

A
  • (user) A user namespace has its own set of user IDs and group IDs
  • (pid) A process ID namespace assigns a set of PIDs to processes
  • (net) A network namespace has an independent network stack: own routing table, set of IP addresses…
  • (mnt) A mount namespace has an independent list of mount points
  • (ipc) An interprocess communication namespace has its own IPC resource
  • (uts) A UNIX Time‑Sharing namespace allows a single system to appear to have different host and domain names to different processes.

A user namespace has its own set of user IDs and group IDs for assignmen

36
Q

What are container images

A
  • A container image is a file used to execute code in a container
  • images act as a set of instructions to build a container, like a template
37
Q

parent image

A

A parent image is the image that your image is based on.

38
Q

base image

A

A base image has no parent image specified in its Dockerfile.
It is created using a Dockerfile with the FROM Scratch directive.