Limited Time Offer!

For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!

Enroll Now

Docker Interview Questions and Answer Part – 15

Which fundamental networking technology does the native (local) overlay driver leverage when creating multi-host container networks?

  • VLAN
  • Token Ring
  • VXLAN (Ans)
  • FCoE

You need to create a singe container network that spans multiple hosts and gives all containers on the network IP addresses from the same L2 subnet.
Which built-in Docker networking driver would you use?

  • bridge
  • overlay (Ans)
  • ipvlan
  • l2-overlay

Which of the following commands would you use to display all networks present on a particular Docker host?

  • docker networks get
  • docker network ls (Ans)
  • docker network display
  • docker network show

In which of the following scenarios will the built-in Docker name resolution allow two containers to resolve each other by name?

  • Two containers created with the –name flag and both containers are on the same container network (Ans)
  • Two containers created with the –name flag and both containers are part of the same Swarm Service
  • Two containers created with the –name flag and both containers are part of the same Swarm
  • Both containers are on the same Docker host

You manage a production Docker estate and want to make sure all of the nodes in a particular Swarm can handle and process requests for a particular service. You
need this to work even if nodes in the Swarm are not running a task for the service. Which technology should you use to accomplish this?

  • IPVLAN
  • Service Discovery
  • The Routing Mesh (Ans)
  • An traditional external load balancer

Which of the following container networks is used by Swarm Mode for internal routing of traffic?

  • overlay
  • nat
  • ingress (Ans)
  • bridge

Which core Docker component contains the bulk of networking code and is the de facto implementation of the CNM?

  • bridgenetwork
  • containerbridge
  • libnetwork (Ans)
  • libcontainer

Which of the following describes a sandbox in the context of Docker networking?

  • A container within a container that contains a shared network stack
  • A ring-fenced area of the Host OS that contains an isolated network stack (Ans)
  • An area of virtual memory used as scratch space by Libnetwork
  • A ring-fenced area of a container made available to all other containers on the same network

In which programming language is Libnetwork written?

  • C
  • Pascal
  • Python
  • Golang (Ans)

You have a container network called m1-prd that is scoped to “swarm.” However, when you are logged onto a node in the Swarm, you cannot see the network. Why
might this be the case?

  • The node you are logged onto is not running a task that is using the network, so the network has not been extended to the node yet. (Ans)
  • Docker takes a lazy approach to creating networks on all nodes in the Swarm. You probably haven’t waited the 30 minutes it takes to infect the entire Swarm
    with the network.
  • The m1-prd network is encrypted and therefore not visible in the output of regular docker network commands.
  • The docker network ls command does not display networks scoped to to “swarm.”

What is the purpose of the MACVLAN driver?

  • To put containers on existing networks and VLANs
  • To create multi-host overlay networks
  • To enhance container networking for Docker Engines running on Docker for Mac (DFM) (Ans)

Which of the following open source specification documents forms the foundation of Docker networking?

  • The Docker Network Model (DNM)
  • The Container Network Interface (CNI)
  • The Container Network Model (CNM) (Ans)
  • Virtual Extensible LAN (VXLAN)

Which of the following are the three major constructs defined in the Container Network Model (CNM)?

  • Container, endpoint, network
  • Sandbox, endpoint, network (Ans)
  • Service, endpoint, network
  • Sandbox, container, network

Which native Docker feature simplifies and enhances creation and management of Docker networks?

  • The Docker Remote API
  • Content Trust
  • The volume driver interface
  • Swarm Mode (Ans)

Which of the following will display the specific command that created each layer in an image?

  • docker build -th imagename
  • docker history imagename (Ans)
  • docker search imagename
  • docker images -t imagename

What is accomplished by running the following command?
docker run -p 5000:5000 registry:latest

  • Docker Engine will run a “hot update” on the live Registry image.
  • The Docker Registry image will (if necessary) be pulled and then run, exposing port 5000. (Ans)
  • Only if the Docker Registry image has already been pulled will it be run, exposing port 5000.
  • The Docker Registry image will be pulled from Docker Hub using port 5000.

You would prepare an image called hello-world for uploading to a local Docker Registry using which of the following commands?

  • docker tag hello-world localhost:5000/hello-world:latest (Ans)
  • docker tag hello-world localhost/hello-world:latest
  • docker -tag 127.0.0.1/hello-world:latest
  • docker -t hello-world localhost:5000/hello-world:latest

To add encryption using a self-signed certificate to your Docker Registry infrastructure, to which directory must the certificate be copied (assuming your domain is
domain.com)?

  • /etc/docker/certs.d/domain.com:5000/ (Ans)
  • /etc/docker/cert.d/domain.com:5000/
  • /var/lib/docker/certs.d/domain.com:5000/
  • /etc/docker/certs.d/domain.com/

Which of these is the correct command to display a list images currently stored in a Docker Registry using a self-signed certificate?

  • curl –insecure http://192.168.1.16:5000/v2/_catalog
  • curl -i https://192.168.1.16:5000/v2/_catalog
  • curl -i https://192.168.1.16:5000/v2/_data
  • curl –insecure https://192.168.1.16:5000/v2/_catalog (Ans)

How do you temporarily enable Docker Content Trust on your local machine to take advantage of digitally signed images?

  • export DOCKER_CONTENT_TRUST=1 (Ans)
  • export $DOCKER_CONTENT_TRUST=0
  • echo DOCKER_CONTENT_TRUST=1 >> /etc/profile
  • echo $DOCKER_CONTENT_TRUST=1
Rajesh Kumar
Follow me