Docker Interview Questions and Answer Part – 19

What can you use to run multiple containers from a single YAML file?

• Dockerfile
• docker run
• docker-compose (Ans)
• docker run containers.yml

Which of the following is not a benefit of Virtual Memory?

• Use more memory than is physically available
• Processes can use memory as if they are the only process running
• Compress data stored in memory to increase capacity (Ans)
• Don’t have to save entire contents of memory when switching processes

Which of the following is not a benefit of a union filesystem for containers?

• Decrease startup time for containers with images pre-extracted into an image cache
• Save disk space by sharing common files with the host OS filesystem via symbolic links (Ans)
• Share page cache entries to reduce memory overhead
• Save disk space with readonly layers reused among containers

What does it mean for two containers to share a network namespace?

• They share the host’s (or root) network namespace.
• They have isolated virtual network adapters.
• They share a virtual network but still have isolated virtual network adapters.
• They share a single network stack. (Ans)

Which networking approach would you use if you don’t trust an application?

• Share network with other containers
• None (Ans)
• Share with host
• Virtual network

When you create a process with separate namespaces (network, mount, IPC, UTS, PID, and user), what is the net effect?

• It appears as if the process is running on a different machine. (Ans)
• Processses get their own isolated instances of system resources.
• Processes can share system resources.

Why do you use tools like Docker, LXC and rkt?

• To kill processes that consume too much of a system resource
• To configure the additional isolation necessary to create a container (Ans)
• To create VMs to isolate processes
• To emulate virtual resources per process

When a mount namespace is created, what does it contain?

• An empty list of mount points
• The list of mount points passed when creating the new mount namespace
• A default set of mount points from /etc/mountns.defaults
• Essentially a copy of the existing filesystem (Ans)

What does Layered Responsibility mean?

• You can rely upon others for base layers in container images. (Ans)
• You can’t see the layers beneath yours in container images.
• You don’t ever have to see the layers beneath yours in container images.
• You need to validate that all layers are built properly when using an image.

What is a context switch?

• When the executing process is changed (Ans)
• When the executing cgroup is changed
• When the contents of virtual memory is loaded into physical memory
• When the contents of physical memory is swapped to disk

What is a substantial reason for moving from a single node to a multi-node cluster?

• It’s a best practice to use multi-node clusters in production.
• It’s a best practice to run individual containers on individual nodes.
• When containers saturate the resources of a single node (Ans)
• When containers conflict with each other, i.e. port conflicts or file system conflicts

Where is there a natural separation in responsibility when building a cluster?

• Running apps & running VMs
• Node operating system & cluster services
• Machine hardware & operating system
• Provisioning nodes & running apps (Ans)

What is the net effect of a separate network namespace? Each process can have an entirely separate __ .

• hostname
• IP address (Ans)
• filesystem
• list of processes

What runtime or execution environments can be used with a cluster?

• Containers
• chroot Processes
• All of these (Ans)
• Virtual Machines

What does an Image from a site like Docker Hub provide?

• A container’s hostname
• The host filesystem to run a container
• A container’s network configuration
• The entire host filesystem
• A container’s filesystem (Ans)

What is the net effect of a separate IPC namespace? Each process can have an entirely separate ______ .

• message queue (Ans)
• IP address
• filesystem
• list of processes
• hostname

What does a system container run?

• Runs an OS init process, effectively emulating a VM (Ans)
• Runs a single application
• Runs the container runtime
• Runs the host OS init process

Why are images so valuable?

• Manually configuring a hostname for a container is hard work.
• Manually building a filesystem for a container is hard work. (Ans)
• Manually configuring service discovery for a container is hard work.
• Manually configuring networking for a container is hard work.

What do capabilities isolate?

• Privileged operations (Ans)
• Unprivileged processes
• Privileged processes
• Unprivileged operations

Which of the following is NOT an analogy for namespaces?

• A slice of a pizza per process (Ans)
• A whole pizza per process
• Database
• List

Rajesh Kumar

I’m a DevOps/SRE/DevSecOps/Cloud Expert passionate about sharing knowledge and experiences. I have worked at Cotocus. I share tech blog at DevOps School, travel stories at Holiday Landmark, stock market tips at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow , and SEO strategies at Wizbrand.

Do you want to learn Quantum Computing?

Please find my social handles as below;

Rajesh Kumar Personal Website
Rajesh Kumar at YOUTUBE
Rajesh Kumar at INSTAGRAM
Rajesh Kumar at X
Rajesh Kumar at FACEBOOK
Rajesh Kumar at LINKEDIN
Rajesh Kumar at WIZBRAND

Rajesh Kumar DailyLogs