{"id":13562452,"url":"https://github.com/learning-zone/docker-and-kubernetes-basics","last_synced_at":"2025-07-23T18:05:10.903Z","repository":{"id":38744333,"uuid":"293051231","full_name":"learning-zone/docker-and-kubernetes-basics","owner":"learning-zone","description":"Docker and Kubernetes Basics","archived":false,"fork":false,"pushed_at":"2022-12-06T12:33:51.000Z","size":7576,"stargazers_count":212,"open_issues_count":0,"forks_count":220,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-06-01T15:49:55.518Z","etag":null,"topics":["cloud-native","containers","devops","docker","docker-compose","jenkins","kubernetes","virtualization"],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/learning-zone.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-09-05T10:15:59.000Z","updated_at":"2025-05-15T04:16:16.000Z","dependencies_parsed_at":"2023-01-23T21:48:04.268Z","dependency_job_id":null,"html_url":"https://github.com/learning-zone/docker-and-kubernetes-basics","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/learning-zone/docker-and-kubernetes-basics","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learning-zone%2Fdocker-and-kubernetes-basics","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learning-zone%2Fdocker-and-kubernetes-basics/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learning-zone%2Fdocker-and-kubernetes-basics/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learning-zone%2Fdocker-and-kubernetes-basics/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/learning-zone","download_url":"https://codeload.github.com/learning-zone/docker-and-kubernetes-basics/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/learning-zone%2Fdocker-and-kubernetes-basics/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266726613,"owners_count":23974926,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloud-native","containers","devops","docker","docker-compose","jenkins","kubernetes","virtualization"],"created_at":"2024-08-01T13:01:08.796Z","updated_at":"2025-07-23T18:05:10.880Z","avatar_url":"https://github.com/learning-zone.png","language":"HTML","funding_links":[],"categories":["HTML"],"sub_categories":[],"readme":"# Docker and Kubernetes Basics\n\n\u003e *Click \u0026#9733; if you like the project. Your contributions are heartily ♡ welcome.*\n\n\u003cbr/\u003e\n\n## Table of Contents\n\n* *[Docker Workshop](docker-practice.md)*\n* *[Docker Command Cheatsheet](docker-commands.md)*\n* *[Kubernetes Basics](kubernetes.md)*\n* *[Kubernetes Workshop](kubernetes-workshop.md)*\n* *[Kubectl Command Cheatsheet](kubernetes-commands.md)*\n* *[Cloud Computing Basics](cloud.md)*\n* *[Jenkins Interview Questions](jenkins.md)*\n\n\u003cbr/\u003e\n\n## Q. What is Docker?\n\nDocker is a containerization platform which packages your application and all its dependencies together in the form of containers so as to ensure that your application works seamlessly in any environment, be it development, test or production.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/docker-architecture.png\" alt=\"Docker Architecture\" width=\"600px\" /\u003e\n\u003c/p\u003e\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is a Docker Container?\n\nDocker containers include the application and all of its dependencies. It shares the kernel with other containers, running as isolated processes in user space on the host operating system. Docker containers are not tied to any specific infrastructure: they run on any computer, on any infrastructure, and in any cloud. Docker containers are basically runtime instances of Docker images.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What are Docker Images?\n\nDocker image is the source of Docker container. In other words, Docker images are used to create containers. When a user runs a Docker image, an instance of a container is created. These docker images can be deployed to any Docker environment.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is Docker Hub?\n\nDocker images create docker containers. There has to be a registry where these docker images live. This registry is Docker Hub. Users can pick up images from Docker Hub and use them to create customized images and containers. Currently, the Docker Hub is the world\\'s largest public repository of image containers.\n\n**Reference:**\n\n* **[https://docs.docker.com/get-started/](https://docs.docker.com/get-started/)**\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Explain Docker Architecture?\n\nThe Docker works on client-server architecture. The Docker client establishes communication with the Docker Daemon. The Docker client and Daemon can run on the same system. A Docket client can also be connected to a remote Docker Daemon. The different types of Docker components in a Docker architecture are–\n\n* **Docker Client**: This performs Docker build pull and run operations to establish communication with the Docker Host. The Docker command uses Docker API to call the queries to be run.\n* **Docker Host**: This component contains Docker Daemon, Containers and its images. The images will be the kind of metadata for the applications which are containerized in the containers. The Docker Daemon establishes a connection with Registry.\n* **Registry**: This component will be storing the Docker images. The public registries are Docker Hub and Docker Cloud which can be s used by anyone.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is a Dockerfile?\n\nDocker can build images automatically by reading the instructions from a file called Dockerfile.\nA Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image.\nUsing docker build, users can create an automated build that executes several command-line instructions in succession.\n\n**Example:**\n\n```js\n# alpine will download only basic version of node.js\nFROM node:alpine\n\n# Instead of root directory, program will use \"/usr/app\" directory\nWORKDIR /usr/app\n\n# Copy local directory to nodejs directory\nCOPY ./ ./\n\n# Perform npm install\nRUN npm install\n\n# Run npm start in command prompt\nCMD [\"npm\", \"start\"]\n```\n\n```js\ndocker build -t sofyspace/scm-website:latest .        // --tag , -t   ==\u003e Name and optionally a tag in the 'name:tag' format\ndocker run -p 3000:3000 sofyspace/scm-website         // Project will run on local and will map to docker conatiner port \n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Tell us something about Docker Compose.\n\nCompose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application\\'s services. Then, with a single command, you create and start all the services from your configuration.\nYou can use Docker Compose to create separate containers, host them and get them to communicate with each other. Each container will expose a port for communicating with other containers.\n\n**Example:** Define the MySQL service\n\n```yml\nversion: \"3.7\"\n\nservices:\n  app:\n    image: node:12-alpine\n    command: sh -c \"yarn install \u0026\u0026 yarn run dev\"\n    ports:\n      - 3000:3000\n    working_dir: /app\n    volumes:\n      - ./:/app\n    environment:\n      MYSQL_HOST: mysql\n      MYSQL_USER: root\n      MYSQL_PASSWORD: secret\n      MYSQL_DB: todos\n\n  mysql:\n    image: mysql:5.7\n    volumes:\n      - todo-mysql-data:/var/lib/mysql\n    environment:\n      MYSQL_ROOT_PASSWORD: secret\n      MYSQL_DATABASE: todos\n\nvolumes:\n  todo-mysql-data:\n```\n\n```js\ndocker-compose up  // Start the App\ndocker-compose down   // Removing Volumes\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How is Dockerfile different from Docker Compose\n\nA Dockerfile is a simple text file that contains the commands a user could call to assemble an image whereas Docker Compose is a tool for defining and running multi-container Docker applications. Docker Compose define the services that make up your app in docker-compose.yml so they can be run together in an isolated environment. It get an app running in one command by just running docker-compose up. Docker compose uses the Dockerfile if one add the build command to your project's docker-compose.yml. Your Docker workflow should be to build a suitable Dockerfile for each image you wish to create, then use compose to assemble the images using the build command.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is Docker Swarm?\n\nDocker Swarm is native clustering for Docker. It turns a pool of Docker hosts into a single, virtual Docker host. Docker Swarm serves the standard Docker API, any tool that already communicates with a Docker daemon can use Swarm to transparently scale to multiple hosts.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is a Docker Namespace?\n\nA namespace is one of the Linux features and an important concept of containers. Namespace adds a layer of isolation in containers. Docker provides various namespaces in order to stay portable and not affect the underlying host system. Few namespace types supported by Docker – PID, Mount, IPC, User, Network\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the lifecycle of a Docker Container?\n\nDocker containers have the following lifecycle:\n\n1. Create a container\n1. Run the container\n1. Pause the container(optional)\n1. Un-pause the container(optional)\n1. Start the container\n1. Stop the container\n1. Restart the container\n1. Kill the container\n1. Destroy the container\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is Docker Machine?\n\nDocker machine is a tool that lets you install Docker Engine on virtual hosts. These hosts can now be managed using the docker-machine commands. Docker machine also lets you provision Docker Swarm Clusters.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Suppose you have 3 containers running and out of these, you wish to access one of them. How do you access a running container?\n\nThe following command lets us access a running container:\n\n```js\ndocker exec -it bash\n```\n\nThe exec command lets you get inside a container and work with it.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Will you lose your data, when a docker container exits?\n\nNo, you won\\'t lose any data when Docker container exits. Any data that your application writes to the container gets preserved on the disk until you explicitly delete the container. The file system for the container persists even after the container halts.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Where all do you think Docker is being used?\n\nDocker is being used in the following areas:\n\n* **Simplifying configuration**: Docker lets you put your environment and configuration into code and deploy it.\n* **Code Pipeline Management**: There are different systems used for development and production. As the code travels from development to testing to production, it goes through a difference in the environment. Docker helps in maintaining the code pipeline consistency.\n* **Developer Productivity**: Using Docker for development gives us two things – We\\'re closer to production and development environment is built faster.\n* **Application Isolation**: As containers are applications wrapped together with all dependencies, your apps are isolated. They can work by themselves on any hardware that supports Docker.\n* **Debugging Capabilities**: Docker supports various debugging tools that are not specific to containers but work well with containers.\n* **Multi-tenancy**: Docker lets you have multi-tenant applications avoiding redundancy in your codes and deployments.\n* **Rapid Deployment**: Docker eliminates the need to boost an entire OS from scratch, reducing the deployment time.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How is Docker different from other containerization methods?\n\nDocker containers are very easy to deploy in any cloud platform. It can get more applications running on the same hardware when compared to other technologies, it makes it easy for developers to quickly create, ready-to-run containerized applications and it makes managing and deploying applications much easier. You can even share containers with your applications.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can I use JSON instead of YAML for my compose file in Docker?\n\nYou can use JSON instead of YAML for your compose file, to use JSON file with compose, specify the JSON filename to use,\nfor eg:\n\n```js\ndocker-compose -f docker-compose.json up\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the Difference Between Containers and Virtual Machines?\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/container-vs-virtual-machine.png\" alt=\"Containers and Virtual Machines\" width=\"600px\" /\u003e\n\u003c/p\u003e\n\n**Virtual Machines:**\n\nA virtual machine (VM) is best described as a software program that emulates the functionality of a physical hardware or computing system. It runs on top of an emulating software, called the hypervisor, which replicates the functionality of the underlying physical hardware resources with a software environment. These resources may be referred to as the host machine, while the VM that runs on the hypervisor is often called a guest machine.\n\nThe virtual machine contains all necessary elements to run the apps, including:\n\n* Computing\n* Storage\n* Memory\n* Networking\n* Hardware functionality available as a virtualized system\n\nThe VM may also contain the necessary system binaries and libraries to run the apps. The actual operating system (OS), however, is managed and executed using the hypervisor.\n\n**Containers:**\n\nContainerization creates abstraction at an OS level that allows individual, modular, and distinct functionality of the app to run independently. As a result, several isolated workloads—the containers—can dynamically operate using the same physical resources.\n\nA less technical definition of containers might be: a unit of software that is lightweight but still bundles the code, its dependencies, and the configuration altogether into a single image. Containers can run:\n\n* On top bare metal servers\n* On top hypervisors\n* In cloud infrastructure\n\nContainers share all necessary capabilities with the VM to operate as an isolated OS environment for a modular app functionality with one key difference. Using a containerization engine, such as the Docker Engine, containers create several isolated OS environments within the same host system kernel, which can be shared with other containers dedicated to run different functions of the app. Only bins, libraries, and other runtime components are developed or executed separately for each container, which makes them more resource efficient as compared to VMs.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is Hypervisor?\n\nA hypervisor is a software that makes virtualization possible. It is also called Virtual Machine Monitor. It divides the host system and allocates the resources to each divided virtual environment. You can basically have multiple OS on a single host system. There are two types of Hypervisors:\n\n* **Type 1:** It\\'s also called Native Hypervisor or Bare metal Hypervisor. It runs directly on the underlying host system. It has direct access to your host\\'s system hardware and hence does not require a base server operating system.\n* **Type 2:** This kind of hypervisor makes use of the underlying host operating system. It\\'s also called Hosted Hypervisor.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is virtualization?\n\nVirtualization is the process of creating a software-based, virtual version of something(compute storage, servers, application, etc.). These virtual versions or environments are created from a single physical hardware system. Virtualization lets you split one system into many different sections which act like separate, distinct individual systems. A software called Hypervisor makes this kind of splitting possible. The virtual environment created by the hypervisor is called Virtual Machine.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is containerization?\n\nUsually, in the software development process, code developed on one machine might not work perfectly fine on any other machine because of the dependencies. This problem was solved by the containerization concept. So basically, an application that is being developed and deployed is bundled and wrapped together with all its configuration files and dependencies. This bundle is called a container. Now when you wish to run the application on another system, the container is deployed which will give a bug-free environment as all the dependencies and libraries are wrapped together. Most famous containerization environments are Docker and Kubernetes.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Difference between virtualization and containerization\n\nContainers provide an isolated environment for running the application. The entire user space is explicitly dedicated to the application. Any changes made inside the container is never reflected on the host or even other containers running on the same host. Containers are an abstraction of the application layer. Each container is a different application.\n\nWhereas in Virtualization, hypervisors provide an entire virtual machine to the guest(including Kernal). Virtual machines are an abstraction of the hardware layer. Each VM is a physical machine. VM is more isolated and heavy and takes a lot time to start.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Is there a way to identify the status of a Docker container?\n\nThere are six possible states a container can be at any given point –\n\n1. Created\n1. Running\n1. Paused\n1. Restarting\n1. Exited\n1. Dead.\n\nUse the following command to check for docker state at any given point: `$ docker ps` The above command lists down only running containers by default. To look for all containers, use the following command: `$ docker ps -a`\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can you remove a paused container from Docker?\n\nThe answer is no. You cannot remove a paused container. The container has to be in the stopped state before it can be removed.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can a container restart by itself?\n\nNo, it\\'s not possible for a container to restart by itself. By default the flag -restart is set to false.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Is it better to directly remove the container using the rm command or stop the container followed by remove container?\n\nIts always better to stop the container and then remove it using the remove command. `$ docker stop \u003ccoontainer_id\u003e $ docker rm -f \u003ccontainer_id\u003e`\nStopping the container and then removing it will allow sending SIG_HUP signal to recipients. This will ensure that all the containers have enough time to clean up their tasks. This method is considered a good practice, avoiding unwanted errors.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Will cloud overtake the use of Containerization?\n\nDocker containers are gaining popularity but at the same time, Cloud services are giving a good fight. In my personal opinion, Docker will never be replaced by Cloud. Using cloud services with containerization will definitely hype the game. Organizations need to take their requirements and dependencies into consideration into the picture and decide what\\'s best for them. Most of the companies have integrated Docker with the cloud. This way they can make the best out of both the technologies.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How many containers can run per host?\n\nThere can be as many containers as you wish per host. Docker does not put any restrictions on it. But you need to consider every container needs storage space, CPU and memory which the hardware needs to support. You also need to consider the application size. Containers are considered to be lightweight but very dependant on the host OS.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Is it a good practice to run stateful applications on Docker? or What type of applications - Stateless or Stateful are more suitable for Docker Container?\n\nThe concept behind stateful applications is that they store their data onto the local file system. You need to decide to move the application to another machine, retrieving data becomes painful. I honestly would not prefer running stateful applications on Docker.\n\nSuppose you have an application that has many dependant services. Will docker compose wait for the current container to be ready to move to the running of the next service?\nThe answer is yes. Docker compose always runs in the dependency order. These dependencies are specifications like depends_on, links, volumes_from, etc.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How will you monitor Docker in production?\n\nDocker provides functionalities like docker stats and docker events to monitor docker in production. Docker stats provides CPU and memory usage of the container. Docker events provide information about the activities taking place in the docker daemon.\n\n**Monitoring Tools for Docker:**\n\n1. [Sematext](https://sematext.com/)\n2. [Dynatrace](https://www.dynatrace.com/)\n3. [Datadog](https://www.datadoghq.com/)\n4. [Prometheus \u0026 Grafana](https://prometheus.io/docs/visualization/grafana/)\n5. [Elasticsearch \u0026 Kibana](https://www.elastic.co/kibana/)\n6. [SolarWinds Server \u0026 Application Monitor](https://www.solarwinds.com/server-application-monitor)\n7. [AppOptics Docker Monitoring with APM](https://www.appoptics.com/use-cases/docker-performance-monitoring)\n8. [cAdvisor](https://github.com/google/cadvisor)\n9. [Sysdig](https://sysdig.com/)\n10.[ManageEngine Applications Manager](https://www.manageengine.com/products/applications_manager/)\n11.[Sumo Logic](https://www.sumologic.com/)\n12.[Splunk](https://www.splunk.com/)\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Is it a good practice to run Docker compose in production?\n\nYes, using docker compose in production is the best practical application of docker compose. When you define applications with compose, you can use this compose definition in various production stages like CI, staging, testing, etc.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What changes are expected in your docker compose file while moving it to production?\n\nThese are the following changes you need make to your compose file before migrating your application to the production environment:\n\n* Remove volume bindings, so the code stays inside the container and cannot be changed from outside the container.\n* Binding to different ports on the host.\n* Specify a restart policy\n* Add extra services like log aggregator\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Are you aware of load balancing across containers and hosts? How does it work?\n\nWhile using docker service with multiple containers across different hosts, you come across the need to load balance the incoming traffic. Load balancing and HAProxy is basically used to balance the incoming traffic across different available(healthy) containers. If one container crashes, another container should automatically start running and the traffic should be re-routed to this new running container. Load balancing and HAProxy works around this concept.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is a Docker Registry?\n\nA Docker Registry is a place where all the Docker Images will be stored and Docker Cloud and Docker Hub are the public registries where these images can be hosted upon. The Docker hub is the default storage for the Docker Images. An own registry can also be set up as per the requirement. Docker Data Center (DDC) can also be used which includes DTR (Docker Trusted Registry). Docker store will provide the feature of buying and selling the Docker images.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is DockerHub?\n\nDockerHub is a cloud-based registry service which allows you to link to code repositories, build your images and test them, stores manually pushed images, and links to Docker cloud so you can deploy images to your hosts. It provides a centralized resource for container image discovery, distribution and change management, user and team collaboration, and workflow automation throughout the development pipeline.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to create Docker container\n\nWe can use Docker image to create Docker container by using the below command:\n\n```js\ndocker run -t -i \u003ccommand-name\u003e\n```\n\nThis command will create and start a container. If you want to verify the list of all running container with the status on a host use the below command:\n\n```js\ndocker ps -a\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Does Docker container package up the entire OS?\n\nDocker containers do not package up the OS. They package up the applications with everything that the application needs to run. The engine is installed on top of the OS running on a host. Containers share the OS kernel allowing a single host to run multiple containers.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Describe how many ways are available to configure Docker daemon?\n\nThere are two ways to configure the Docker daemon:\n\n* Using a JSON configuration file. This is the preferred option, since it keeps all configurations in a single place.\n* Using flags when starting dockerd. You can use both of these options together as long as you don’t specify the same option both as a flag and in the JSON file. If that happens, the Docker daemon won’t start and prints an error message.\n\n```js\n$ dockerd --debug --tls=true --tlscert=/var/docker/server.pem --tlskey=/var/docker/serverkey.pem\n--host tcp://\u003cHost_IP\u003e:2376\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can you list reasons why Container Networking is so important?\n\n* Containers need to talk to external world.\n* Reach Containers from external world to use the service that Containers provides.\n* Allows Containers to talk to host machine.\n* Inter-container connectivity in same host and across hosts.\n* Discover services provided by containers automatically.\n* Load balance traffic between different containers in a service.\n* Provide secure multi-tenant services.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to create a user-defined Bridge network ?\n\nTo create a user-defined bridge network, one can use the docker network create command -\n\n`$ docker network create mynet`\n\nYou can specify the subnet, the IP address range, the gateway, and other options. See the docker network create reference or the output of docker network create --help for details.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is memory-swap flag?\n\n`--memory-swap` is a modifier flag that only has meaning if `--memory` is also set. Using swap allows the container to write excess memory requirements to disk when the container has exhausted all the RAM that is available to it. There is a performance penalty for applications that swap memory to disk often.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can you explain different volume mount types available in Docker?\n\nThere are three mount types available in Docker · Volumes are stored in a part of the host filesystem which is managed by Docker (`/var/lib/docker/volumes/` on Linux). Non-Docker processes should not modify this part of the filesystem. Volumes are the best way to persist data in Docker. · Bind mounts may be stored anywhere on the host system. They may even be important system files or directories. Non-Docker processes on the Docker host or a Docker container can modify them at any time. · tmpfs mounts are stored in the host system’s memory only, and are never written to the host system’s filesystem.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to share data among DockerHost?\n\nWays to achieve this when developing your applications. One is to add logic to your application to store files on a cloud object storage system like Amazon S3. Another is to create volumes with a driver that supports writing files to an external storage system like NFS or Amazon S3. Volume drivers allow you to abstract the underlying storage system from the application logic. For example, if your services use a volume with an NFS driver, you can update the services to use a different driver, as an example to store data in the cloud, without changing the application logic.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to Backup, Restore, or Migrate data volumes under Docker container?\n\nSteps to Backup a container\n\n1. Launch a new container and mount the volume from the dbstore container\n1. Mount a local host directory as /backup\n1. Pass a command that tars the contents of the dbdata volume to a backup.tar file inside our /backup directory.\n\n`$ docker run --rm --volumes-from dbstore -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata` Restore container from backup With the backup just created, you can restore it to the same container, or another that you made elsewhere. For example, create a new container named dbstore2: `$ docker run -v /dbdata --name dbstore2 ubuntu /bin/bash`\n\nThen un-tar the backup file in the new container`s data volume:\n\n```js\ndocker run --rm --volumes-from dbstore2 -v $(pwd):/backup ubuntu bash -c \"cd /dbdata \u0026\u0026 tar xvf /backup/backup.tar --strip 1\"\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to Configure Automated Builds on DockerHub\n\nYou can build your images automatically from a build context stored in a repository. A build context is a Dockerfile and any files at a specific location. For an automated build, the build context is a repository containing a Dockerfile.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to configure the default logging driver under Docker?\n\nTo configure the Docker daemon to default to a specific logging driver, set the value of log-driver to the name of the logging driver in the daemon.json file, which is located in /etc/docker/ on Linux hosts or C:\\ProgramData\\docker\\config\\ on Windows server hosts. The default logging driver is json-file.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Why do my services take 10 seconds to recreate or stop?\n\nCompose stop attempts to stop a container by sending a SIGTERM. It then waits for a default timeout of 10 seconds. After the timeout, a SIGKILL is sent to the container to forcefully kill it. If you are waiting for this timeout, it means that your containers aren’t shutting down when they receive the SIGTERM signal.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How do I run multiple copies of a Compose file on the same host?\n\nCompose uses the project name to create unique identifiers for all of a project’s containers and other resources. To run multiple copies of a project, set a custom project name using the -command line option or the COMPOSE_PROJECT_NAME environment variable.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the difference between up, run, and start under Docker Compose?\n\nTypically, you want docker-compose up. Use up to start or restart all the services defined in a docker-compose.yml. In the default \"attached\" mode, you see all the logs from all the containers. In \"detached\" mode (-d), Compose exits after starting the containers, but the containers continue to run in the background.\n\nThe docker-compose run command is for running \"one-off\" or \"adhoc\" tasks. It requires the service name you want to run and only starts containers for services that the running service depends on. Use run to run tests or perform an administrative task such as removing or adding data to a data volume container. The run command acts like docker run -ti in that it opens an interactive terminal to the container and returns an exit status matching the exit status of the process in the container. The docker-compose start command is useful only to restart containers that were previously created, but were stopped. It never creates new containers.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is Docker Trusted Registry?\n\nDocker Trusted Registry (DTR) is the enterprise-grade image storage solution from Docker. You install it behind your firewall so that you can securely store and manage the Docker images you use in your applications.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to declare default environment variables under Docker Compose?\n\nCompose supports declaring default environment variables in an environment file named .env placed in the folder where the docker-compose command is executed (current working directory). Example: The below example demonstrate how to declare default environmental variable for Docker Compose. img\n\nWhen you run docker-compose up, the web service defined above uses the image alpine:v3.4. You can verify this with the docker-compose config command which prints your resolved application config to the terminal: img\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can you list out ways to share Compose configurations between files and projects under Docker Compose?\n\nCompose supports two methods of sharing common configuration:\n\nExtending an entire Compose file by using multiple Compose files\nExtending individual services with the extends field\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the purpose of EXPOSE command in Dockerfile?\n\nWhen writing your Dockerfiles, the instruction EXPOSE tells Docker the running container listens on specific network ports. This acts as a kind of port mapping documentation that can then be used when publishing the ports.\n\n`EXPOSE \u003cport\u003e [\u003cport\u003e/\u003cprotocol\u003e...]`\n\nYou can also specify this within a docker run command, such as:\n\n`docker run --expose=1234 my_app`\n\nPlease note that EXPOSE will not allow communication via the defined ports to containers outside of the same network or to the host machine. To allow this to happen you need to publish the ports.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Why Docker Monitoring is necessary?\n\n* Monitoring helps to identify issues proactively that would help to avoid system outages.\n* The monitoring time-series data provide insights to fine-tune applications for better performance and robustness.\n* With full monitoring in place, changes could be rolled out safely as issues will be caught early on and be resolved quickly before that transforms into root-cause for an outage.\n* The changes are inherent in container based environments and impact of that too gets monitored indirectly.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Is it possible to run Kubernetes on Docker EE 2.0 Platform?\n\nYes, it is possible to run Kubernetes under Docker EE 2.0 platform. Docker Enterprise Edition (EE) 2.0 is the only platform that manages and secures applications on Kubernetes in multi-Linux, multi-OS and multi-cloud customer environments. As a complete platform that integrates and scales with your organization, Docker EE 2.0 gives you the most flexibility and choice over the types of applications supported, orchestrators used, and where it’s deployed. It also enables organizations to operationalize Kubernetes more rapidly with streamlined workflows and helps you deliver safer applications through integrated security solutions.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can you use Docker Compose to build up Swarm/Kubernetes Cluster?\n\nYes, one can deploy a stack on Kubernetes with docker stack deploy command, the `docker-compose.yml` file, and the name of the stack. Example: `$docker stack deploy --compose-file /path/to/docker-compose.yml mystack $docker stack services mystack` You can see the service deployed with the kubectl get services command $kubectl get svc, po, deploy.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is 'docker stack deploy' command meant for?\n\nThe \"docker stack deploy\" is a command to deploy a new stack or update an existing stack. A stack is a collection of services that make up an application in a specific environment. A stack file is a file in YAML format that defines one or more services, similar to a docker-compose.yml file for Docker Compose but with a few extensions.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Explain the concept of HA under Swarm Mode?\n\nHA refers to High Availability. High Availability is a feature where you have multiple instances of your applications running in parallel to handle increased load or failures. These two paradigms fit perfectly into Docker Swarm, the built-in orchestrator that comes with Docker. Deploying your applications like this will improve your uptime which translates to happy users. For creating a high availability container in the Docker Swarm, we need to deploy a docker service to the swarm with nginx image. This can be done by using docker swarm create command as specified above.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What are Docker secrets and why is it necessary\n\nIn Docker there are three key components to container security and together they result in inherently safer apps. img Docker Secrets, a container native solution that strengthens the Trusted Delivery component of container security by integrating secret distribution directly into the container platform. By integrating secrets into Docker orchestration, we are able to deliver a solution for the secrets management problem that follows these exact principles. The following diagram provides a high-level view of how the Docker swarm mode architecture is applied to securely deliver a new type of object to our containers: a secret object.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What are docker networking\n\nMainly we have four mode of networking for Docker\n\n* Bridge mode networking\n* Host mode networking\n* Container mode networking\n* No networking\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Explain a use case for Docker\n\n* It can be used to spin up a unified developement environment for all the developers to avoid the problem of \"it works fine on my machine\" by packaging up the application with all its dependencies in a docker container and then run it on any os.\n* You can spin up clean test environments quickly (instead of bringing up full virtual machines)in order to test your software.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Basic Docker Commands\n\n| Command       | Description                             | Example                  |\n|---------------|-----------------------------------------|--------------------------|\n|pull   | Download an image from docker hub               | $ docker pull hello-world |\n|run    | Run a container ( create and start a container )| $ docker run hello-world |\n|ps     | List containers ( process status )              | $ docker ps              |\n|images | List images                                     | $ docker images          |\n|logs   | Show container logs                             | $ docker logs -f myapp   |\n|exec   | Execute a command in a running container        | $ docker exec myapp ls   |\n|cp     | Copy files between a container and local file system| $ docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH |\n|build  | Build a new image                               | $ docker build -t myapp:latest . |\n|start  | Start a Docker container                        | $ docker start myapp     |\n|stop   | Stop a docker container                         | $ docker stop myapp      |\n|version| Display Docker Client and Docker Server version | $ docker version  |\n|info   | Display number of containers running, paused, stopped, number of images etc.| $ docker info |\n|build  | Build docker image                              | $ docker build . -t myapp:1.0.0 |\n|dockerd| To launch Docker daemon                         | $ dockerd   |\n|create | To create a new container.                      | $ docker create hello-world   |\n|kill   | To kill a container                             | $ docker kill myapp |\n|commit | To create a new image from container changes.   | $ docker container commit mycontainer myimage |\n|login  | To login into hub.docker.com                    | $ docker login  |\n|push `\u003cusername/image name\u003e`| push it to docker hub      | $ docker push myapp |\n|rm `\u003ccontainer id\u003e`| delete a stopped container          | $ docker rm myapp |\n|rmi `\u003cimage-id\u003e` | delete an image from the local system | $ docker rmi myapp |\n|system prune | to remove all the stopped containers, all the networks that are not used, all dangling images and all build caches.| $ docker system prune --all |\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the difference between the COPY and ADD commands in a Dockerfile?\n\n**COPY** takes in a src and destination. It only lets you copy in a local file or directory from your host (the machine building the Docker image) into the Docker image itself.\n\n**ADD** lets you do that too, but it also supports 2 other sources. First, you can use a URL instead of a local file / directory. Secondly, you can extract a **tar** file from the source directly into the destination.\n\n**Syntax:**\n\n```js\nCOPY \u003csource\u003e \u003cdestination\u003e\nADD \u003csource\u003e \u003cdestination\u003e\n```\n\n**Example:** Dockerfile\n\n```js\n# From alpine library\nFROM alpine\n\n# Copy all the files from source directory to Docker image\nCOPY ./html_files /app/html\n\n# Copy Text file to Docker image\nCOPY sample.txt /app/sample.txt\n\n# Copy tar file to Docker image\nADD file.tar /app\n\n# Copy svg file directly from url to Docker image\nADD https://cdnjs.cloudflare.com/ajax/libs/line-awesome/1.3.0/svg/docker.svg /app/images/logo.svg\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is Docker Volume?\n\nDocker volumes are a widely used and useful tool for ensuring data persistence while working in containers. Docker volumes are file systems mounted on Docker containers to preserve data generated by the running container.\n\n* The data doesn\\'t persist when that container no longer exists, and it can be difficult to get the data out of the container if another process needs it.\n* A container\\'s writable layer is tightly coupled to the host machine where the container is running. The data cannot be easily moveable somewhere else.\n* Writing into a container's writable layer requires a storage driver to manage the filesystem.\n\nDocker has two options for containers to store files in the host machine so that the files are persisted even after the container stops:\n\n* **Volumes** are stored in a part of the host filesystem, which is managed by\n* **Bind mounts** may be stored anywhere on the host system.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/types-of-mounts-volume.png\" alt=\"Docker Architecture\" width=\"500px\" /\u003e\n\u003c/p\u003e\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. When would you use \"docker kill\" or \"docker rm -f\"?\n\nThe `docker stop` command attempts to stop a running container first by sending a SIGTERM signal to the root process (PID 1) in the container. If the process hasn\\'t exited within the timeout period a SIGKILL signal will be sent.\n\n```js\ndocker stop ----time=30 foo\n```\n\nBy default, the `docker kill` command doesn\\'t give the container process an opportunity to exit gracefully -- it simply issues a SIGKILL to terminate the container. However, it does accept a `--signal` flag which will let you send something other than a SIGKILL to the container process.\n\n```js\ndocker kill ----signal=SIGINT foo\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the difference between CMD and ENTRYPOINT in a Dockerfile?\n\n* **CMD** defines default commands and/or parameters for a container. CMD is an instruction that is best to use if you need a default command which users can easily override. If a Dockerfile has multiple CMDs, it only applies the instructions from the last one.\n\n```JS\nFROM centos:8.1.1911\n\nCMD [\"echo\", \"Hello Docker\"]\n```\n\nRun result\n\n ```js\n$ sudo docker run \u003cimage-id\u003e\nHello Docker\n$ sudo docker run \u003cimage-id\u003e hostname   # hostname is exec to override CMD\n244be5006f32\n```\n\n* **ENTRYPOINT** is preferred when you want to define a container with a specific executable. Default parameters that cannot be overridden when Docker Containers run with CLI parameters.\n\n```js\nFROM centos:8.1.1911\n\nENTRYPOINT [\"echo\", \"Hello Docker\"]\n```\n\nRun result\n\n```js\n$ sudo docker run \u003cimage-id\u003e\nHello Docker\n$ sudo docker run \u003cimage-id\u003e hostname   # hostname as parameter to exec\nHello Docker hostname\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Do I lose my data when the Docker container exits?\n\nNo, you won\\'t lose any data when Docker container exits. Any data that your application writes to the container gets preserved on the disk until you explicitly delete the container. The file system for the container persists even after the container halts.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is Build Cache in Docker?\n\nDocker creates container images using layers. Each command that is found in a Dockerfile creates a new layer. Each layers contains the filesystem changes of the image between the state before the execution of the command and the state after the execution of the command.\n\nDocker uses a layer cache to optimize the process of building Docker images and make it faster. Docker Layer Caching mainly works on **RUN**, **COPY** and **ADD** commands.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the difference between \"docker run\" and \"docker create\"?\n\nDocker create command creates a fresh new container from a docker image. However, it doesn\\'t run it immediately.\n\n```js\ndocker start -a $(docker create myimage)          // The -a option causes the terminal to attach so that \n                                                  // the container runs in the foreground \n```\n\nDocker run command is a combination of create and start as it creates a new container and starts it immediately. In fact, the docker run command can even pull an image from Docker Hub if it doesn’t find the mentioned image on your system.\n\n```js\ndocker run myimage\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the difference between a docker registry and repository?\n\n**Registry:**\n\nA service responsible for hosting and distributing images. The default registry is the Docker Hub.\n\n**Repository:**\n\nA collection of related images (usually providing different versions of the same application or service).\n\n**Tag:**\n\nAn alphanumeric identifier attached to images within a repository (e.g., 14.04 or stable ).\n\n**Syntax:**\n\n```js\ndocker pull myregistryhost:3000/namespace/repo-name:tag\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the default CPU limit set for a container?\n\nBy default, a container has no resource constraints and can use as much of a given resource as the host\\'s kernel scheduler allows. Docker provides ways to control how much memory, or CPU a container can use, setting runtime configuration flags of the docker run command.\n\nTo limit the maximum amount of memory usage for a container, add the `--memory` option to the docker run command. Alternatively, you can use the shortcut `-m`.\n\n**Syntax:**\n\n```js\ndocker run -it --memory=\"[memory_limit]\" [docker_image]\n```\n\n**Example:**\n\n```js\ndocker run -it --memory=\"1g\" ubuntu\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can you create containers without their own PID namespace\n\nDocker creates a new PID namespace for each container by default. A container\\'s PID namespace isolates processes in that container from processes in other containers.\n\nWithout a PID namespace, the processes running inside a container would share the same ID space as those in other containers or on the host. A process in a container would be able to determine what other processes were running on the host machine.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the difference between Docker Image and Layer?\n\nLayers are what compose the file system for both Docker images and Docker containers. When you pull a image, you eventually don\\'t have to download all of its filesystem. If you already have another image that has some of the layers of the image you pull, only the missing layers are actually downloaded.\n\n**show case**\n\n```js\ndocker pull busybox\ndocker history busybox\n\n// Output\nIMAGE               CREATED             CREATED BY                                      SIZE                COMMENT\nd7057cb02084        39 hours ago        /bin/sh -c #(nop) CMD [\"sh\"]                    0 B\ncfa753dfea5e        39 hours ago        /bin/sh -c #(nop) ADD file:6cccb5f0a3b3947116   1.096 MB\n```\n\nNow create a new container from layer `cfa753dfea5e` as if it was an image:\n\n```js\ndocker run -it cfa753dfea5e sh -c \"ls /\"\n\n// Output\nbin   dev   etc   home  proc  root  sys   tmp   usr   var\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the difference between \"expose\" and \"publish\" in Docker?\n\nIn Docker networking, there are two different mechanisms that directly involve network ports: exposing and publishing ports. This applies to the default bridge network and user-defined bridge networks.\n\nYou expose ports using the **EXPOSE** keyword in the Dockerfile or the `--expose` flag to docker run. Exposing ports is a way of documenting which ports are used, but does not actually map or open any ports. Exposing ports is optional.\n\n**Example:** Dockerfile\n\n```js\n...\nEXPOSE 3000\n...\n```\n\nYou publish ports using the `--publish` or `--publish-all` flag to docker run. This tells Docker which ports to open on the container\\'s network interface.\n\n**Example:**\n\n```js\ndocker run -d -p 3000 \u003cimage_id\u003e\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Docker Compose vs. Dockerfile - which is better?\n\nA **Dockerfile** is a text document that contains all the commands/Instruction a user could call on the command line to assemble an image. Using **docker build** commmand we can build an image from a Dockerfile.\n\n**Example:**\n\n```js\nFROM centos:latest\nLABEL maintainer=\"collabnix\"\nRUN yum update -y \u0026\u0026 \\\n\tyum install -y httpd net-tools \u0026\u0026 \\\n\tmkdir -p /run/httpd \nEXPOSE 80\nENTRYPOINT apachectl \"-DFOREGROUND\"\n```\n\n**Docker Compose** is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application\\'s services. Then, with a single command, you create and start all the services from your configuration. By default, docker-compose expects the name of the Compose file as `docker-compose.yml` or `docker-compose.yaml`. If the compose file have different name we can specify it with `-f` flag.\n\n**Example:**\n\n```js\nversion: '3'\nservices:\n  web:\n    build: .\n    ports:\n    - \"5000:5000\"\n    volumes:\n    - .:/code\n    - logvolume01:/var/log\n    links:\n    - redis\n  redis:\n    image: redis\nvolumes:\n  logvolume01: {}\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What exactly do you mean by \"Dockerized node\"? Can this node be on-premises or in the cloud?\n\nDocker can manage nodes that exist on-premises as well as in the cloud. Docker Datacenter is an on-premises solution that enterprises use to create, manage, deploy and scale their applications and comes with support from the Docker team. It can manage hosts that exist in your datacenter as well as in your virtual private cloud or public cloud provider (AWS, Azure, Digital Ocean, SoftLayer etc.).\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How can we control the startup order of services in Docker compose?\n\nCompose always starts and stops containers in dependency order, where dependencies are determined by **depends_on**, **links**, **volumes_from**, and **network_mode: \"service:...\"**.\n\n**Example:** to use wait-for-it.sh or wait-for to wrap your service\\'s command:\n\n```js\nversion: \"2\"\nservices:\n  web:\n    build: .\n    ports:\n      - \"80:8000\"\n    depends_on:\n      - \"db\"\n    command: [\"./wait-for-it.sh\", \"db:5432\", \"--\", \"python\", \"app.py\"]\n  db:\n    image: postgres\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is an orphan volume and how to remove it?\n\nIf you want to see a list of the dangling volumes you can simply run:\n\n```js\ndocker volume ls -qf dangling=true\n```\n\n**docker volume ls** lists the volumes and **-qf** means list only the ids and filter on **dangling=true**.\n\nTo delete these volumes we\\'ll pass them in to the **docker volume rm** function which takes a volume id or list of ids. The final command is:\n\n```js\ndocker volume rm $(docker volume ls -qf dangling=true)\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Can you explain dockerfile ONBUILD instruction?\n\nThe `ONBUILD` instruction adds to the image a trigger instruction to be executed at a later time, when the image is used as the base for another build. The trigger will be executed in the context of the downstream build, as if it had been inserted immediately after the `FROM` instruction in the downstream Dockerfile.\n\nThis is useful if you are building an image which will be used as a base to build other images, for example an application build environment or a daemon which may be customized with user-specific configuration.\n\n**Example:**\n\n```js\nONBUILD ADD . /app/src\nONBUILD RUN /usr/local/bin/python-build --dir /app/src\n```\n\n*Note:*\n\n* Chaining **ONBUILD** instructions using **ONBUILD** isn\\'t allowed.\n* The **ONBUILD** instruction may not trigger **FROM** or **MAINTAINER** instructions.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How does Docker run containers in non-Linux systems?\n\nWindows and Macintosh systems can\\'t run Linux containers directly, since they\\'re not Linux kernels with the appropriate facilities to run even Linux programs, much less supporting the same extra cgroup facilities. So when you install Docker on these, generally it installs a Linux VM on which to run the containers. Almost invariably it will install only a single VM and run all containers in that one VM.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How containers work at low level?\n\nContainers are implemented using **Linux namespaces** and **cgroups**. Namespaces let you virtualize system resources, like the file system or networking for each container. On the other hand, cgroups provide a way to limit the amount of resources, such as CPU and memory, that each container can use. At their core, low-level container runtimes are responsible for setting up these namespaces and cgroups for containers, and then running commands inside those namespaces and cgroups.\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. Name some limitations of containers vs VM\n\n| VMs                          |Containers                |\n|------------------------------|--------------------------|\n| Heavyweight\t               | Lightweight               |\n| Limited performance          | Native performance    |\n| Each VM runs in its own OS   | All containers share the host OS|\n| Hardware-level virtualization| OS virtualization|\n| Startup time in minutes      | Startup time in milliseconds|\n| Allocates required memory    | Requires less memory space|\n| Fully isolated and hence more secure|\tProcess-level isolation, possibly less secure|\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to use Docker with multiple environments?\n\nIn a software development lifecycle, there may be as little deployment environments as just **development** and **production**. However, there may also be as many as **development**, **integration**, **testing**, **staging** and **production**.\n\nDocker Compose is a Docker companion tool used to coordinate multiple containers with configurations. Compose will only need you one file `docker-compose.yaml` which defines everything from build-time to run-time and one command docker-compose up.\n\n**Example:**\n\n```js\nFROM node:8-alpine\n\nWORKDIR /usr/src/your-app\n\nCOPY package*.json ./\n\nRUN if [ \"$NODE_ENV\" = \"development\" ]; \\\n\tthen npm install;  \\\n\telse npm install --only=production; \\\n\tfi\n\nCOPY . .\n```\n\nDevelopment command:\n\n```js\ndocker-compose -f docker-compose.yml -f docker-compose.dev.yml up\n```\n\nProduction command:\n\n```js\ndocker-compose -f docker-compose.yml -f docker-compose.prod.yml up\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is the difference between a Docker image and a container?\n\n|Docker Image\t                   | Docker Container       |\n|----------------------------------|------------------------|\n|It is Blueprint of the Container. |It is instance of the Image.\n|Image is a logical entity.\t       |Container is a real world entity.\n|Image is created only once.\t   |Containers are created any number of times using image.\n|Images are immutable.\t           |Containers changes only if old image is deleted and new is used to build the container.\n|Images does not require computing resource to work.|Containers requires computing resources to run as they run as Docker Virtual Machine.|\n|To make a docker image, you have to write script in Dockerfile.|To make container from image, you have to run “docker build” command|\n|Docker Images are used to package up applications and pre-configured server environments.|Containers use server information and file system provided by image in order to operate.|\n|Images can be shared on Docker Hub.|It makes no sense in sharing a running entity, always docker images are shared.|\n|There is no such running state of Docker Image.|Containers uses RAM when created and in running state.|\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. How to link containers?\n\n**Connect using network port mapping:**\n\n```js\ndocker run -d -p 3000:3000 sofyspace/react-app\n```\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n\n## Q. What is Paravirtualization?\n\nParavirtualization is a computer hardware virtualization technique that allows virtual machines (VMs) to have an interface similar to that of the underlying or host hardware. This technique aims to improve the VM\\'s performance by modifying the guest operating system (OS).\n\nWith paravirtualization, the guest OS is modified, so it knows that it is running in a virtualized environment on top of a hypervisor (the hardware running the VM) and not on the physical hardware.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"assets/paravirtualization.png\" alt=\"Paravirtualization\" width=\"600px\" /\u003e\n\u003c/p\u003e\n\n\u003cdiv align=\"right\"\u003e\n    \u003cb\u003e\u003ca href=\"#table-of-contents\"\u003e↥ back to top\u003c/a\u003e\u003c/b\u003e\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flearning-zone%2Fdocker-and-kubernetes-basics","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flearning-zone%2Fdocker-and-kubernetes-basics","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flearning-zone%2Fdocker-and-kubernetes-basics/lists"}