{"id":9021,"date":"2020-01-20T07:30:40","date_gmt":"2020-01-20T07:30:40","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=9021"},"modified":"2021-11-13T07:07:19","modified_gmt":"2021-11-13T07:07:19","slug":"docker-interview-questions-and-answer-part-14","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/docker-interview-questions-and-answer-part-14\/","title":{"rendered":"Docker Interview Questions and Answer Part \u2013 14"},"content":{"rendered":"\n<p><strong>What is the function of this command?<br>     docker search apache\/ubuntu<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>It will search your local Docker client environment for images related to either apache or ubuntu.<\/li><li><strong>It will search Docker Hub for images related to both apache and ubuntu. (Ans)<\/strong><\/li><li>It will search your local Docker client environment for images related to both apache and ubuntu.<\/li><li>It will search Docker Hub for images related to either apache or ubuntu.<\/li><\/ul>\n\n\n\n<p><strong>For security, the Docker website uses encryption certificates to ________.<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>secure the computers of local Docker clients<\/li><li>ensure that all images uploaded to Docker Hub are free of malware<\/li><li>ensure that all &#8220;docker run&#8221; operations are valid<\/li><li><strong>secure connections between the website and clients (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>What is the role of apache2ctl in this command?<br>     docker run -d -p 80:80 webserver \/usr\/sbin\/apache2ctl -D FOREGROUND<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>apache2ctl will launch a new Docker container as a backend server to your main container.<\/li><li><strong>apache2tcl will run the Apache webserver software package when the container boots. (Ans)<\/strong><\/li><li>apache2ctl will check to make sure the Apache webserve software package is properly installed on a container.<\/li><li>apache2ctl is the name of a Docker image.<\/li><\/ul>\n\n\n\n<p><strong>Which of these commands will associate a network interface with a Docker container?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>docker attach network newnet<\/li><li><strong>docker network connect newnet newname (Ans)<\/strong><\/li><li>docker network connect newname newnet<\/li><li>docker net connect newname newnet<\/li><\/ul>\n\n\n\n<p><strong>How do you configure a repository in DTR to allow it to be signed by one or more UCP users?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Using the DTR Web UI: select &#8216;Content Trust&#8217; for the repo and add the UCP users who can sign.<\/li><li>Using the Docker client: initialize the snapshot, rotate the root key, add delegation imports.<\/li><li><strong>Using the Notary client: initialize the repo, make the snapshot key user-managed, add delegation targets. (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>For a repo with content trust delegations configured, how do you sign an image?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Set DOCKER_CONTENT_TRUST=TRUE on the client, then docker sign and enter your UCP key passphrase.<\/li><li>Run docker push to upload the image, then upload your private key in the DTR Web UI to sign it.<\/li><li><strong>Set DOCKER_CONTENT_TRUST=1 on the client, then docker push and enter your UCP key passphrase. (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>What is the difference between a &#8216;service&#8217; and an &#8216;application&#8217; in UCP?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>A service runs as a single task on each node in the cluster; an application can run as one or more tasks spread throughout the cluster.<\/li><li><strong>A service has one or more tasks created from a single image; an application is a distributed solution with containers created from many images. (Ans)<\/strong><\/li><li>A service is a system-level component, like the UCP agent or the DTR Notary server; an application is a user-level component created through the Web UI.<\/li><\/ul>\n\n\n\n<p><strong>How are global services and replicated services different?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Global services are restricted so only UCP administrators can see and manage them, replicated services can be secured using role-based access control.<\/li><li>Global services are workloads which run on the UCP servers but are not containers, they are application processes which Docker doesn&#8217;t manage.<\/li><li><strong>Global services run a single task on each UCP node, replicated services run one or more tasks spread across all nodes. (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>How do you deploy an distributed application in UCP?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>You can build an installer into a Docker image and upload it to DTR, then run a container from the image in UCP.<\/li><li>You can copy a Docker Compose file into the Web UI and UCP will deploy all the resources.<\/li><li><strong>You can create networks and volumes manually, then start containers in the correct dependency order. (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>Can you install Docker Datacenter with the free, open-source Docker engine?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>No, DDC requires the commercially supported engine, which is licensed with DDC. (Ans)<\/strong><\/li><li>Yes, but you need to add Docker&#8217;s CA cert into your host&#8217;s certificate store.<\/li><li>Yes, provided you are using version 1.12 of the open-source engine.<\/li><\/ul>\n\n\n\n<p><strong>How do you install UCP and DTR once you have the commercially-supported Docker engine installed?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>The installers are images on the Docker Hub; to install just run containers from docker\/ucp and docker\/dtr. (Ans)<\/strong><\/li><li>Packaged installers are available for all major Linux distros; in debian just run apt-get install docker-ddc.<\/li><li>Download an installer from Docker&#8217;s website, which is an image archive, then uncompress and run as a container.<\/li><\/ul>\n\n\n\n<p><strong>What&#8217;s the difference between Docker repositories and Docker registries?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>A repository can only store images built for one OS, a registry can store images for many OSes<\/li><li><strong>A repository stores many versions of an image, a registry stores many repositories (Ans)<\/strong><\/li><li>A registry is a store for images, a repository is a store for containers running on a host<\/li><\/ul>\n\n\n\n<p><strong>What does Docker Datacenter provide that you don&#8217;t get from the free open-source Docker ecosystem?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Scalable, secure, and supported platforms for managing images and container workloads (Ans)<\/strong><\/li><li>Licensing which lets you run Docker on Windows servers as well as Linux servers<\/li><li>A locked-down container environment, where you can only manage Docker if you have SSH access to the hosts<\/li><\/ul>\n\n\n\n<p><strong>How does Docker Trusted Registry provide high availability and high scale?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Replica nodes can be added to provide HA, and a cloud storage service can be used for scalable storage. (Ans)<\/strong><\/li><li>You can host DTR behind a load balancer, so the LB provides high availability and scale.<\/li><li>DTR runs on DDC as a replicated service, so you can increase scale by adding replicas in UCP.<\/li><\/ul>\n\n\n\n<p><strong>How do organizations and teams in DTR let you capture permissions for multi-user access to a repository?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Repos are created at team level, teams are members of organizations in UCP, users inherit organization permissions<\/li><li><strong>Repos are created at organization level, access is granted to teams in the organization, users inherit team access (Ans)<\/strong><\/li><li>Repos are created at organization level, organizations are owned by a UCP team, users inherit team permissions<\/li><\/ul>\n\n\n\n<p><strong>How do you add new UCP controllers to the cluster, to make UCP highly available?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Run docker swarm join &#8211;as-manager with the swarm token, and the new node will join as a controller.<\/li><li><strong>Run docker swarm join using the manager token, and the new node will be configured as a controller. (Ans)<\/strong><\/li><li>Run docker swarm join to join as a node, and then run the docker\/ucp installer image to become a controller.<\/li><\/ul>\n\n\n\n<p><strong>If you need to install an OS patch on one of the UCP nodes, how can you do it?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Put the node into drain mode which kills all containers and exits the swarm, apply the patch and rejoin.<\/li><li>Stop any services and applications which have tasks running on the node, then apply the patch and restart.<\/li><li><strong>Put the node into drain mode to stop all container workloads, leave the swarm, apply the patch and rejoin. (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>How do you push an image from your local Docker engine to a remote Docker Trusted Registry?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Set your default registry to be DTR using docker config and then just push as normal.<\/li><li>Tag your image with your DTR user name, then run docker push specifying the DTR URL.<\/li><li>Run docker save to archive the image, then log in to DTR using the Web UI and upload the archive.<\/li><li><strong>Tag your image with the DTR domain name, run docker login to authenticate to DTR, and then docker push . (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>Which component of the Docker network stack implements specific network topologies such as <code>overlay networking<\/code> or <code>bridge networking<\/code>?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>libcontainer<\/li><li>Libnetwork<\/li><li><strong>The driver layer (Ans)<\/strong><\/li><li>The CNM<\/li><\/ul>\n\n\n\n<p><strong>Which of the following commands would you use if you were logged onto a Docker host and needed to look at detailed information about a network called <code>prod-fe<\/code>?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>docker network inspect prod-fe (Ans)<\/strong><\/li><li>docker network ls prod-fe<\/li><li>docker network show prod-fe<\/li><li>docker network ls prod-fe &#8211;verbose<\/li><\/ul>\n\n\n<div class=\"epyt-gallery\" data-currpage=\"1\" id=\"epyt_gallery_88509\"><iframe loading=\"lazy\"  id=\"_ytid_11945\"  width=\"760\" height=\"427\"  data-origwidth=\"760\" data-origheight=\"427\" src=\"https:\/\/www.youtube.com\/embed\/?enablejsapi=1&#038;autoplay=0&#038;cc_load_policy=0&#038;cc_lang_pref=&#038;iv_load_policy=1&#038;loop=0&#038;rel=1&#038;fs=1&#038;playsinline=0&#038;autohide=2&#038;theme=dark&#038;color=red&#038;controls=1&#038;disablekb=0&#038;\" class=\"__youtube_prefs__  no-lazyload\" title=\"YouTube player\"  data-epytgalleryid=\"epyt_gallery_88509\"  allow=\"fullscreen; accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen data-no-lazy=\"1\" data-skipgform_ajax_framebjll=\"\"><\/iframe><div class=\"epyt-gallery-list\"><div>Sorry, there was a YouTube error.<\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>What is the function of this command? docker search apache\/ubuntu It will search your local Docker client environment for images related to either apache or ubuntu. It will search Docker&#8230; <\/p>\n","protected":false},"author":1,"featured_media":10435,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[4862],"tags":[567],"class_list":["post-9021","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-docker","tag-docker"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/9021","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=9021"}],"version-history":[{"count":2,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/9021\/revisions"}],"predecessor-version":[{"id":25057,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/9021\/revisions\/25057"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media\/10435"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=9021"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=9021"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=9021"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}