Docker - Interview preparation guide
Thilan Dissanayaka Interview Guides Mar 24, 2020

Docker - Interview preparation guide

What is Docker and why is it used?

Docker is a platform for developing, shipping, and running applications in containers. Containers package an application with its dependencies, ensuring consistency across environments. Docker simplifies:

  • Application deployment
  • Environment management
  • Scalability
  • Isolation

What is the difference between a container and a virtual machine?

  • Containers share the host OS kernel and run as isolated processes. They are lightweight and start quickly.
  • VMs include a full OS with their own kernel, making them heavier and slower to boot.
  • Containers are more efficient in terms of resource usage compared to VMs.

What is a Dockerfile?

A Dockerfile is a script containing a set of instructions to build a Docker image. Common commands include:

  • FROM – Base image
  • RUN – Execute a command
  • COPY / ADD – Copy files into the image
  • CMD / ENTRYPOINT – Define default container behavior

What is the difference between CMD and ENTRYPOINT in a Dockerfile?

CMD Purpose: Provides default arguments to the container.

Overridable?: Yes, easily overridden when you run the container using docker run ... [args].

Example:

FROM ubuntu
CMD [\"echo\", \"Hello from CMD\"]

If you run:

docker run myimage

→ Output: Hello from CMD

But if you run:

docker run myimage echo \"Hi there\"

→ Output: Hi there 👉 CMD was completely replaced by what you passed in the docker run command.

🔹 ENTRYPOINT Purpose: Defines the main executable that always runs.

Overridable?: Not overridden easily by default args. It runs unless you use --entrypoint explicitly.

Example:

FROM ubuntu
ENTRYPOINT [\"echo\"]
CMD [\"Hello from CMD\"]

Now, if you run:

docker run myimage

→ Output: Hello from CMD Because this expands to: echo Hello from CMD

If you run:

docker run myimage \"Hi there\"`

→ Output: Hi there It becomes: echo Hi there

The ENTRYPOINT remains; only the arguments (from CMD or command line) change.

To override ENTRYPOINT, you must explicitly use --entrypoint:

docker run --entrypoint /bin/bash myimage

Using Them Together This is the most flexible and common usage:

ENTRYPOINT: defines the fixed command

CMD: defines default arguments, which can be overridden.

Example:

FROM ubuntu
ENTRYPOINT [\"ping\"]
CMD [\"localhost\"]

Default run:

docker run myimage

→ Runs: ping localhost

Override CMD:

docker run myimage 8.8.8.8

→ Runs: ping 8.8.8.8

How does Docker networking work?

Docker provides several network drivers:

  • bridge (default) – containers on the same host can communicate
  • host – shares the host’s network stack
  • overlay – used in Docker Swarm for multi-host communication
  • none – disables networking

You can also create custom user-defined bridges for container communication by name.

What is the difference between an image and a container?

  • Image: A read-only template used to create containers.
  • Container: A runnable instance of an image, which is isolated and can have its own file system and processes.

How do you manage data in Docker containers?

  • Use volumes and bind mounts:
    Volumes are managed by Docker and stored in a special location (/var/lib/docker/volumes).

  • Bind mounts map directories from the host system into the container.
    They help in persisting data and sharing between containers.

What is a multi-stage build in Docker?

Multi-stage builds allow you to use multiple FROM statements to build and copy only the necessary artifacts into the final image. This reduces the image size and separates build dependencies from runtime.

How do you reduce the size of a Docker image?

  • Use minimal base images (like alpine)
  • Remove unnecessary files after installation
  • Combine RUN statements to reduce layers
  • Use .dockerignore to exclude files from the build context
  • Apply multi-stage builds

How do you update a running Docker container?

You can’t directly update a running container. Instead:

  • Stop and remove the old container
  • Build or pull a new image
  • Run a new container with the updated image

Docker containers are meant to be immutable and replaced, not patched.

What are Docker Compose and its benefits?

Docker Compose is a tool for defining and running multi-container Docker applications using a docker-compose.yml file. Benefits:

  • Easier to define complex applications
  • Simple multi-container orchestration
  • Unified configuration for services, volumes, and networks
version: \"3\"
services:
  web:
    image: nginx
    ports:
      - \"8080:80\"
  db:
    image: postgres
    environment:
      POSTGRES_PASSWORD: example

docker-compose up
ALSO READ
Singleton Pattern explained simply
Jan 27 Software Architecture
Singleton Pattern explained simply

Ever needed just one instance of a class in your application? Maybe a logger, a database connection, or a configuration manager? This is where the Singleton Pattern comes in — one of the simplest but...

Identity and Access Management (IAM)
May 11 Identity & Access Management
Identity and Access Management (IAM)

Who are you — and what are you allowed to do? That's the fundamental question every secure system must answer. And it's exactly what Identity and Access Management (IAM) is built to solve.

SQL Injection Login Bypass
Feb 10 Application Security
SQL Injection Login Bypass

SQL Injection (SQLi) is one of the oldest and most fundamental web application vulnerabilities. While modern frameworks have made it harder to introduce, understanding SQL injection is essential for anyone learning web security. In this post, we'll break it down from the ground up using a classic login bypass.

Remote Code Execution (RCE)
Jan 02 Application Security
Remote Code Execution (RCE)

Remote Code Execution (RCE) is the holy grail of application security vulnerabilities. It allows an attacker to execute arbitrary code on a remote server — and the consequences are as bad as it sounds. In this post, we'll go deep into RCE across multiple languages, including PHP, Java, Python, and Node.js.

Exploiting a Stack Buffer Overflow on Linux
Apr 01 Exploit development
Exploiting a Stack Buffer Overflow on Linux

Have you ever wondered how attackers gain control over remote servers? How do they just run some exploit and compromise a computer? If we dive into the actual context, there is no magic happening....

Bypassing DEP with Return-to-libc
Apr 05 Exploit development
Bypassing DEP with Return-to-libc

DEP makes the stack non-executable — our shellcode can't run. The simplest bypass? Don't inject code at all. Instead, call functions that already exist in libc. In this post, we exploit a stack overflow to call system('/bin/sh') without writing a single byte of shellcode.

AUTHOR
Thilan Dissanayaka

Thilan Dissanayaka

Security Engineer at WSO2. Passionate about clean code and cybersecurity. Building secure, scalable applications with modern technologies.

CATEGORIES