{"id":9023,"date":"2020-01-20T07:36:05","date_gmt":"2020-01-20T07:36:05","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=9023"},"modified":"2021-11-13T07:07:07","modified_gmt":"2021-11-13T07:07:07","slug":"docker-interview-questions-and-answer-part-15","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/docker-interview-questions-and-answer-part-15\/","title":{"rendered":"Docker Interview Questions and Answer Part \u2013 15"},"content":{"rendered":"\n<p><strong>Which fundamental networking technology does the native (local) <code>overlay<\/code> driver leverage when creating multi-host container networks?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>VLAN<\/li><li>Token Ring<\/li><li><strong>VXLAN (Ans)<\/strong><\/li><li>FCoE<\/li><\/ul>\n\n\n\n<p><strong>You need to create a singe container network that spans multiple hosts and gives all containers on the network IP addresses from the same L2 subnet. <br>    Which built-in Docker networking driver would you use?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>bridge<\/li><li><strong>overlay (Ans)<\/strong><\/li><li>ipvlan<\/li><li>l2-overlay<\/li><\/ul>\n\n\n\n<p><strong>Which of the following commands would you use to display all networks present on a particular Docker host?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>docker networks get<\/li><li><strong>docker network ls (Ans)<\/strong><\/li><li>docker network display<\/li><li>docker network show<\/li><\/ul>\n\n\n\n<p><strong>In which of the following scenarios will the built-in Docker name resolution allow two containers to resolve each other by name?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Two containers created with the &#8211;name flag and both containers are on the same container network (Ans)<\/strong><\/li><li>Two containers created with the &#8211;name flag and both containers are part of the same Swarm Service<\/li><li>Two containers created with the &#8211;name flag and both containers are part of the same Swarm<\/li><li>Both containers are on the same Docker host<\/li><\/ul>\n\n\n\n<p><strong>You manage a production Docker estate and want to make sure all of the nodes in a particular Swarm can handle and process requests for a particular service. You <br>    need this to work even if nodes in the Swarm are not running a task for the service. Which technology should you use to accomplish this?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>IPVLAN<\/li><li>Service Discovery<\/li><li><strong>The Routing Mesh (Ans)<\/strong><\/li><li>An traditional external load balancer<\/li><\/ul>\n\n\n\n<p><strong>Which of the following container networks is used by Swarm Mode for internal routing of traffic?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>overlay<\/li><li>nat<\/li><li><strong>ingress (Ans)<\/strong><\/li><li>bridge<\/li><\/ul>\n\n\n\n<p><strong>Which core Docker component contains the bulk of networking code and is the de facto implementation of the CNM?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>bridgenetwork<\/li><li>containerbridge<\/li><li><strong>libnetwork (Ans)<\/strong><\/li><li>libcontainer<\/li><\/ul>\n\n\n\n<p><strong>Which of the following describes a <code>sandbox<\/code> in the context of Docker networking?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>A container within a container that contains a shared network stack<\/li><li><strong>A ring-fenced area of the Host OS that contains an isolated network stack (Ans)<\/strong><\/li><li>An area of virtual memory used as scratch space by Libnetwork<\/li><li>A ring-fenced area of a container made available to all other containers on the same network<\/li><\/ul>\n\n\n\n<p><strong>In which programming language is Libnetwork written?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>C<\/li><li>Pascal<\/li><li>Python<\/li><li><strong>Golang (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>You have a container network called <code>m1-prd<\/code> that is scoped to &#8220;swarm.&#8221; However, when you are logged onto a node in the Swarm, you cannot see the network. Why <br>     might this be the case?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>The node you are logged onto is not running a task that is using the network, so the network has not been extended to the node yet. (Ans)<\/strong><\/li><li>Docker takes a lazy approach to creating networks on all nodes in the Swarm. You probably haven&#8217;t waited the 30 minutes it takes to infect the entire Swarm <br>        with the network.<\/li><li>The m1-prd network is encrypted and therefore not visible in the output of regular docker network commands.<\/li><li>The docker network ls command does not display networks scoped to to &#8220;swarm.&#8221;<\/li><\/ul>\n\n\n\n<p><strong>What is the purpose of the MACVLAN driver?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>To put containers on existing networks and VLANs<\/li><li>To create multi-host overlay networks<\/li><li><strong>To enhance container networking for Docker Engines running on Docker for Mac (DFM) (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>Which of the following open source specification documents forms the foundation of Docker networking?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The Docker Network Model (DNM)<\/li><li>The Container Network Interface (CNI)<\/li><li><strong>The Container Network Model (CNM) (Ans)<\/strong><\/li><li>Virtual Extensible LAN (VXLAN)<\/li><\/ul>\n\n\n\n<p><strong>Which of the following are the three major constructs defined in the Container Network Model (CNM)?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Container, endpoint, network<\/li><li><strong>Sandbox, endpoint, network (Ans)<\/strong><\/li><li>Service, endpoint, network<\/li><li>Sandbox, container, network<\/li><\/ul>\n\n\n\n<p><strong>Which native Docker feature simplifies and enhances creation and management of Docker networks?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The Docker Remote API<\/li><li>Content Trust<\/li><li>The volume driver interface<\/li><li><strong>Swarm Mode (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>Which of the following will display the specific command that created each layer in an image?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>docker build -th imagename<\/li><li><strong>docker history imagename (Ans)<\/strong><\/li><li>docker search imagename<\/li><li>docker images -t imagename<\/li><\/ul>\n\n\n\n<p><strong>What is accomplished by running the following command?<br>    docker run -p 5000:5000 registry:latest<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Docker Engine will run a &#8220;hot update&#8221; on the live Registry image.<\/li><li><strong>The Docker Registry image will (if necessary) be pulled and then run, exposing port 5000. (Ans)<\/strong><\/li><li>Only if the Docker Registry image has already been pulled will it be run, exposing port 5000.<\/li><li>The Docker Registry image will be pulled from Docker Hub using port 5000.<\/li><\/ul>\n\n\n\n<p><strong>You would prepare an image called hello-world for uploading to a local Docker Registry using which of the following commands?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>docker tag hello-world localhost:5000\/hello-world:latest (Ans)<\/strong><\/li><li>docker tag hello-world localhost\/hello-world:latest<\/li><li>docker -tag 127.0.0.1\/hello-world:latest<\/li><li>docker -t hello-world localhost:5000\/hello-world:latest<\/li><\/ul>\n\n\n\n<p><strong>To add encryption using a self-signed certificate to your Docker Registry infrastructure, to which directory must the certificate be copied (assuming your domain is <br>    domain.com)?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>\/etc\/docker\/certs.d\/domain.com:5000\/ (Ans)<\/strong><\/li><li>\/etc\/docker\/cert.d\/domain.com:5000\/<\/li><li>\/var\/lib\/docker\/certs.d\/domain.com:5000\/<\/li><li>\/etc\/docker\/certs.d\/domain.com\/<\/li><\/ul>\n\n\n\n<p><strong>Which of these is the correct command to display a list images currently stored in a Docker Registry using a self-signed certificate?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>curl &#8211;insecure http:\/\/192.168.1.16:5000\/v2\/_catalog<\/li><li>curl -i https:\/\/192.168.1.16:5000\/v2\/_catalog<\/li><li>curl -i https:\/\/192.168.1.16:5000\/v2\/_data<\/li><li><strong>curl &#8211;insecure https:\/\/192.168.1.16:5000\/v2\/_catalog (Ans)<\/strong><\/li><\/ul>\n\n\n\n<p><strong>How do you temporarily enable Docker Content Trust on your local machine to take advantage of digitally signed images?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>export DOCKER_CONTENT_TRUST=1 (Ans)<\/strong><\/li><li>export $DOCKER_CONTENT_TRUST=0<\/li><li>echo DOCKER_CONTENT_TRUST=1 &gt;&gt; \/etc\/profile<\/li><li>echo $DOCKER_CONTENT_TRUST=1<\/li><\/ul>\n\n\n<div class=\"epyt-gallery\" data-currpage=\"1\" id=\"epyt_gallery_23631\"><iframe loading=\"lazy\"  id=\"_ytid_57014\"  width=\"760\" height=\"427\"  data-origwidth=\"760\" data-origheight=\"427\" src=\"https:\/\/www.youtube.com\/embed\/?enablejsapi=1&#038;autoplay=0&#038;cc_load_policy=0&#038;cc_lang_pref=&#038;iv_load_policy=1&#038;loop=0&#038;rel=1&#038;fs=1&#038;playsinline=0&#038;autohide=2&#038;theme=dark&#038;color=red&#038;controls=1&#038;disablekb=0&#038;\" class=\"__youtube_prefs__  no-lazyload\" title=\"YouTube player\"  data-epytgalleryid=\"epyt_gallery_23631\"  allow=\"fullscreen; accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen data-no-lazy=\"1\" data-skipgform_ajax_framebjll=\"\"><\/iframe><div class=\"epyt-gallery-list\"><div>Sorry, there was a YouTube error.<\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Which fundamental networking technology does the native (local) overlay driver leverage when creating multi-host container networks? VLAN Token Ring VXLAN (Ans) FCoE You need to create a singe container network&#8230; <\/p>\n","protected":false},"author":1,"featured_media":10436,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[4862],"tags":[],"class_list":["post-9023","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-docker"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/9023","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=9023"}],"version-history":[{"count":3,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/9023\/revisions"}],"predecessor-version":[{"id":25056,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/9023\/revisions\/25056"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media\/10436"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=9023"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=9023"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=9023"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}