Docker Interview Questions and Answer Part – 18

If you want to perform maintenance on a node, to what availability should you change it?

  • Ready
  • Down
  • Drain (Ans)
  • Pause
  • Active

Assuming you have a stack called APIS, what is the equivalent of docker service ps for stacks?

  • docker stack deploy
  • docker stack ls
  • docker stack ps APIS (Ans)
  • docker stack services APIS

When a service is updated that requires a change in the running container, what happens to the corresponding task?

  • The existing task is kept and its metadata is updated.
  • A new task is also created. (Ans)
  • The existing task is kept.

What happens when a new node is attached to the cluster that matches the constraints of a pending replicated service?

  • The pending task for the service will be assigned to the new node and a container will be started. (Ans)
  • The existing containers for the service will be rebalanced so that a fair share are placed onto the new node.
  • A new task will be allocated to the new node for the global service.
  • Nothing will run on the new node unless you change the service.

If you don’t want a service to run, but you don’t want to remove it, what’s the safest thing to do?

  • Add constraints that aren’t fulfilled.
  • Scale it to zero. (Ans)
  • Manually mark it pending.

In the “Manager Status” column in the output of docker node ls, what shows for worker nodes?

  • Worker
  • Nothing (Ans)
  • Leader
  • Reachable

Which service mode puts a task and a container on each node in the cluster?

  • Global (Ans)
  • Per Node
  • Replicated

Which of the following would you use to stop a health check that’s running for a long time?

  • timeout (Ans)
  • interval
  • CMD
  • retries

Which node role maintains the state of the cluster?

  • Manager (Ans)
  • Replica
  • Slave
  • Worker

Which service mode allows you to arbitrarily scale your service?

  • Replicated (Ans)
  • Global
  • Per Node

If you want to convert a manager node into a worker node, what do you use?

  • docker node promote
  • docker node demote (Ans)
  • docker swarm manager
  • docker swarm worker
  • docker node rm

How are Docker and rkt container images structured on disk?

  • Each container has access to the host filesystem for common files and then a special directory for apps unique to the container.
  • Images are typically split into readonly layers that can be shared between containers. (Ans)
  • Each container has its own extracted, isolated copy of the filesystem from an image.
  • Images are extracted into a readonly directory that can be shared between containers.

What is the net effect of a separate mount namespace? Each process can have an entirely separate __ .

  • ipc
  • network stack
  • filesystem (Ans)
  • hostname

Virtual Memory is similar to which of the following?

  • Capabilities
  • AppArmor
  • SELinux
  • Namespaces (Ans)
  • Control Groups

Why is networking a concern with containers?

  • Because container networking is a new frontier and is different than how you network VMs and physical machines
  • Because you have to use port forwarding to share the host’s physical network adapter
  • Because you don’t want applications to have port conflicts
  • Because each container usually has its own network namespace that needs configuring (Ans)
  • All of these

What can you use to create persistent storage in a container?

  • Volume (Ans)
  • Share the container host’s (root) mount namespace
  • Root file system
  • Image layers

What is one reason for a top Container Layer added to the underlying image layers when creating the filesystem for a container?

  • Easily provide a filesystem for containers from a pre-built image extracted into the top container layer
  • Easily create a new image by snapshotting the top container layer (Ans)
  • Easily configure the networking stack for a container via the top container layer

What is a host or container host?

  • A process running in the root namespaces on a system (Ans)
  • A process running in a namespace labeled “host”
  • A process running outside of all namespaces

Why do you use mount namespaces?

  • To isolate networking and avoid issues with port conflicts
  • To isolate hostnames to make it appear as if a process is running on a separate machine
  • To isolate the list of processes with which a process can interact
  • To isolate the filesystem and only provide files that a single application needs (Ans)

What cluster component helps you find the IP address of another application?

  • Service Discovery (Ans)
  • Provisioner
  • Scheduler
  • Persistent Storage
Rajesh Kumar