Quiz: Docker / Containers¶
8 questions
L0 (2 questions)¶
1. Why should you use multi-stage builds?
Show answer
To keep final images small. Build stage has compilers/tools, final stage only has the binary and runtime deps. Reduces attack surface and pull time.2. What happens to data inside a container when it's deleted?
Show answer
It's gone. Containers are ephemeral. Use volumes or bind mounts for persistent data.L1 (3 questions)¶
1. Your Docker image is 1.2GB. What are the most effective strategies to reduce its size?
Show answer
1. Use a smaller base image (alpine, distroless, or scratch).2. Multi-stage builds: compile in a fat builder stage, copy only the binary to a minimal final stage.
3. Combine RUN commands to reduce layers and clean caches in the same layer (apt-get install && rm -rf /var/lib/apt/lists/*).
4. Use .dockerignore to exclude build artifacts.
5. Pin specific package versions to avoid pulling unnecessary dependencies. *Common mistake:* Use docker image prune to reduce size — this removes unused images from the host but does not change the image itself.
2. A container exits immediately after docker run. How do you debug it?
Show answer
1. docker logs2. docker inspect
3. Run interactively: docker run -it
4. Override entrypoint: docker run --entrypoint /bin/sh
5. Check if the CMD/ENTRYPOINT expects a foreground process — containers exit when PID 1 exits. *Common mistake:* Use docker restart to fix it — if the process crashes on start, restart will just trigger the same crash loop.
3. What is the difference between CMD and ENTRYPOINT in a Dockerfile?
Show answer
ENTRYPOINT defines the executable that always runs. CMD provides default arguments to ENTRYPOINT (or is the default command if no ENTRYPOINT). docker runL2 (3 questions)¶
1. Explain the difference between COPY and ADD in a Dockerfile. When should you use each?
Show answer
COPY simply copies files/directories from build context to image. ADD does the same but also auto-extracts tar archives and can fetch URLs. Best practice: always use COPY unless you specifically need tar extraction. ADD's implicit behaviors make builds less predictable. For URL fetching, prefer RUN curl/wget for better caching control and error handling. *Common mistake:* ADD is always faster because it is a newer command — both have the same performance; ADD just has extra implicit behaviors.2. What is the difference between a Docker volume and a bind mount, and when should you prefer each?
Show answer
Volumes: managed by Docker, stored in /var/lib/docker/volumes/, portable across hosts, support volume drivers (NFS, cloud storage). Bind mounts: map a specific host path into the container, useful for development (live code reload) but tightly couple to host filesystem. Prefer volumes for production data (databases, persistent state); use bind mounts for development and config files. *Common mistake:* Bind mounts are faster because they bypass Docker's storage driver — both use the host filesystem; the performance difference is negligible.3. How does Docker layer caching work, and how do you structure a Dockerfile to maximize cache hits?
Show answer
Each instruction creates a layer. Docker caches layers and reuses them if the instruction and all previous layers are unchanged. Cache-busting happens when any file referenced by COPY/ADD changes. Best practice:1. Put rarely-changing instructions first (FROM, system packages).
2. Copy dependency files (package.json, requirements.txt) before source code.
3. Install dependencies in a separate RUN before COPY . to avoid reinstalling on every code change. *Common mistake:* Use --no-cache on every build to ensure fresh layers — this defeats the purpose of caching and makes builds much slower.