🚀 DevOps & SRE Certification Program 📅 Starting: 1st of Every Month 🤝 +91 8409492687 🔍 Contact@DevOpsSchool.com

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

Docker

Docker Interview Questions and Answer Part – 15

January 20, 2020 comments off

Which fundamental networking technology does the native (local) overlay driver leverage when creating multi-host container networks?

  • VLAN
  • Token Ring
  • VXLAN (Ans)
  • FCoE

You need to create a singe container network that spans multiple hosts and gives all containers on the network IP addresses from the same L2 subnet.
Which built-in Docker networking driver would you use?

  • bridge
  • overlay (Ans)
  • ipvlan
  • l2-overlay

Which of the following commands would you use to display all networks present on a particular Docker host?

  • docker networks get
  • docker network ls (Ans)
  • docker network display
  • docker network show

In which of the following scenarios will the built-in Docker name resolution allow two containers to resolve each other by name?

  • Two containers created with the –name flag and both containers are on the same container network (Ans)
  • Two containers created with the –name flag and both containers are part of the same Swarm Service
  • Two containers created with the –name flag and both containers are part of the same Swarm
  • Both containers are on the same Docker host

You manage a production Docker estate and want to make sure all of the nodes in a particular Swarm can handle and process requests for a particular service. You
need this to work even if nodes in the Swarm are not running a task for the service. Which technology should you use to accomplish this?

  • IPVLAN
  • Service Discovery
  • The Routing Mesh (Ans)
  • An traditional external load balancer

Which of the following container networks is used by Swarm Mode for internal routing of traffic?

  • overlay
  • nat
  • ingress (Ans)
  • bridge

Which core Docker component contains the bulk of networking code and is the de facto implementation of the CNM?

  • bridgenetwork
  • containerbridge
  • libnetwork (Ans)
  • libcontainer

Which of the following describes a sandbox in the context of Docker networking?

  • A container within a container that contains a shared network stack
  • A ring-fenced area of the Host OS that contains an isolated network stack (Ans)
  • An area of virtual memory used as scratch space by Libnetwork
  • A ring-fenced area of a container made available to all other containers on the same network

In which programming language is Libnetwork written?

  • C
  • Pascal
  • Python
  • Golang (Ans)

You have a container network called m1-prd that is scoped to “swarm.” However, when you are logged onto a node in the Swarm, you cannot see the network. Why
might this be the case?

  • The node you are logged onto is not running a task that is using the network, so the network has not been extended to the node yet. (Ans)
  • Docker takes a lazy approach to creating networks on all nodes in the Swarm. You probably haven’t waited the 30 minutes it takes to infect the entire Swarm
    with the network.
  • The m1-prd network is encrypted and therefore not visible in the output of regular docker network commands.
  • The docker network ls command does not display networks scoped to to “swarm.”

What is the purpose of the MACVLAN driver?

  • To put containers on existing networks and VLANs
  • To create multi-host overlay networks
  • To enhance container networking for Docker Engines running on Docker for Mac (DFM) (Ans)

Which of the following open source specification documents forms the foundation of Docker networking?

  • The Docker Network Model (DNM)
  • The Container Network Interface (CNI)
  • The Container Network Model (CNM) (Ans)
  • Virtual Extensible LAN (VXLAN)

Which of the following are the three major constructs defined in the Container Network Model (CNM)?

  • Container, endpoint, network
  • Sandbox, endpoint, network (Ans)
  • Service, endpoint, network
  • Sandbox, container, network

Which native Docker feature simplifies and enhances creation and management of Docker networks?

  • The Docker Remote API
  • Content Trust
  • The volume driver interface
  • Swarm Mode (Ans)

Which of the following will display the specific command that created each layer in an image?

  • docker build -th imagename
  • docker history imagename (Ans)
  • docker search imagename
  • docker images -t imagename

What is accomplished by running the following command?
docker run -p 5000:5000 registry:latest

  • Docker Engine will run a “hot update” on the live Registry image.
  • The Docker Registry image will (if necessary) be pulled and then run, exposing port 5000. (Ans)
  • Only if the Docker Registry image has already been pulled will it be run, exposing port 5000.
  • The Docker Registry image will be pulled from Docker Hub using port 5000.

You would prepare an image called hello-world for uploading to a local Docker Registry using which of the following commands?

  • docker tag hello-world localhost:5000/hello-world:latest (Ans)
  • docker tag hello-world localhost/hello-world:latest
  • docker -tag 127.0.0.1/hello-world:latest
  • docker -t hello-world localhost:5000/hello-world:latest

To add encryption using a self-signed certificate to your Docker Registry infrastructure, to which directory must the certificate be copied (assuming your domain is
domain.com)?

  • /etc/docker/certs.d/domain.com:5000/ (Ans)
  • /etc/docker/cert.d/domain.com:5000/
  • /var/lib/docker/certs.d/domain.com:5000/
  • /etc/docker/certs.d/domain.com/

Which of these is the correct command to display a list images currently stored in a Docker Registry using a self-signed certificate?

  • curl –insecure http://192.168.1.16:5000/v2/_catalog
  • curl -i https://192.168.1.16:5000/v2/_catalog
  • curl -i https://192.168.1.16:5000/v2/_data
  • curl –insecure https://192.168.1.16:5000/v2/_catalog (Ans)

How do you temporarily enable Docker Content Trust on your local machine to take advantage of digitally signed images?

  • export DOCKER_CONTENT_TRUST=1 (Ans)
  • export $DOCKER_CONTENT_TRUST=0
  • echo DOCKER_CONTENT_TRUST=1 >> /etc/profile
  • echo $DOCKER_CONTENT_TRUST=1

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.