HyperV interview questions

• HyperV  interview questions

Server Virtualization:
Server Virtualization enables multiple operating systems can run on a single hosting server.
In Server virtualization, physical server resources are abstracted logically to create and run virtual machines. (ESXi, KVM, Hyper-V).

Storage Virtualization:
Storage virtualization enables grouping of multiple physical storage disks into single logical storage and it will be presented as single storage to all the servers. VMware vSAN is the best example of storage virtualization.

Network Virtualization:
Network Virtualization allows making a complete software-defined network (SDN) by decoupling the virtual network from the underlying network resources. Network virtualization is the process of combining hardware network resources and software network resources in a single software-based administrative entity.

Desktop Virtualization:
It enables to deploy multiple desktops on few server hardware and accessed by users from any location. VMware Horizon View is the best example for desktop virtualization.

Application Virtualization:
Application virtualization enables to use of the application anywhere without installing the software our device.

What is Type 1 Hypervisor?
Type 1 is called as bare metal Hypervisor which directly installed on physical servers. It offers high-performance and lower resource usage. Example: VMware ESXi, Xen Servers, Hyper-V

What is Type 2 Hypervisor?
Type 2 is called as Hosted Hypervisor which runs on top of operating systems. This type of hypervisor will be installed as an application. It offers moderate performance. But it’s very easy to setup and manages the environment. Example: VMware Workstation, Oracle Virtual Box.

https://www.unixarena.com/2019/08/virtualization-hypervisor-basic-interview-questions.html/

VMware Interview Questions

• VMware Interview Questions

Explain what is hypervisor
A hypervisor is a program that enables multiple operating systems to share a single hardware host.
The hypervisor controls the resources and host processor, allocating what is required for each operating system in turn and make sure that the guest operating system cannot disrupt each other.

Explain VMware DRS?
VMware DRS stands for Distributed Resource Scheduler; it dynamically balances resources across various host under a cluster or resource pool.

Define the term ’VMKenel’.
VMWare Kernel is a proprietary kernel of VMware. It needs an operating system to boot and manage the kernel. A service console is being offered whenever VMWare kernel is booted.

 What is the use of Promiscuous Mode?
Promiscuous mode is useful when you want to run a virtual machine with network sniffers helps you to capture packet of that network. Moreover, if the promiscuous mode set to accept, all the communication is visible to all the virtual machines.

What is Cold and Hot Migration?
When you migrate powered off or suspended, it is known as cold migration. When you migrate your running power on virtual machines, it is known as hot migration.

What is Virtual Desktop Infrastructure?
Virtual Desktop Infrastructure which also known as VDI allows you to host the desktop operating system on the centralized window server in a data center. It is also known as server-based computing as it is the variation on the client-server computing model.

Explain the importance of snapshot in VMWare
A VMWare snapshot is a copy of a virtual machine disk file which is used to restore a VM to a specific point in time when the system fails, or system error occurs.

What is VVol?
Virtual Volume known as VVol is a new VM disk management feature concept introduced in vSphere 6.0. It enables array-based operation at the virtual disk level.  It is automatically created when a virtual disk is created in a virtual environment.

Can we do vMotion between two data centers?
Yes, we can do vMotion between two datacenters. However,  for this VM should be powered off.

What is RDM?
RDM is a sort form of Raw Device Mapping. It is a file stored in VMFS volume which acts as a proxy for a raw physical device. It allows you to store virtual machine data directly on LUN.

What is NFS?
NFS is a Network file system. It is a file sharing protocol which ESXI host used to communicate with the NAS device. It is a specialized store device which connects to a network and can provide file aces service to ESXI hosts.

https://career.guru99.com/top-15-vmware-interview-questions/

• Explain what happens to a Virtual Machine after the host which it is running on, fails.

First, you should explain that the VM is forcefully powered off.
Next, ask if the host was in a correctly configured HA cluster (If it isn’t then nothing else happens to the VM)
If the Host is HA enabled, then ask what the Virtual Machine restart policy is. If it’s disabled then the VM will not be restarted on other hosts.
Ignoring the HA master election process, the simple answer is that the Virtual Machine will be rebooted on another ESXi host in the cluster.
Mention that there are things that will stop a Virtual Machine from being restarted on other hosts such as Admission Control settings & resource availability on the host.
The key thing to remember is that HA does NOT trigger a vMotion.

When should Promiscuous Mode be enabled on a Virtual Switch

Promiscuous Mode is a vSwitch and Portgroup setting that allows for Virtual Machines to receive all traffic within the same vSwitch or Portgoup (depending on where you set the configuration)
Typical use cases for this are packet sniffing applications.

Name 3 benefits of installing VMware Tools on Virtual Machines

Enables features such as Guest Introspection for NSX / agentless antivirus
Installs the VMXNET3 driver for improved network performance.
Allows the ability to copy and paste between the VM and desktop (some other settings might need to be enabled first)

What techniques are available to ESXi to reclaim memory?

Transparent Page Sharing (TPS) – Note that as of vSphere 6.0, this is disabled by default.
Ballooning – Requests VMware tools to “inflate a memory balloon” inside the VM until excess memory is released back to ESXi.
Memory Compression.
Swapping – This is the last option that ESXi will use to reclaim memory because it is the most disruptive to performance as memory gets swapped out from real memory onto disk

What is the impact of using Thick Eager Zeroed disk provisioning for VMDKs?
This disk type will zero out all data on the disk before allocating the VMDK to the Virtual Machine.
This has some performance benefit to the VM because it doesn’t have to zero a block before it can be written to.
The negative side is that it takes longer to provision the VMDK to the VM (since it has to zero all blocks first) and it has a measurable, sustained IO hit on the storage system

What are the main benefits of a Distributed Switch?
    Central Management of all ESXi host’s networking, meaning that there is only one switch to manage rather than one per host.
    The ability to enable Network IO Control (NIOC)
    NetFlow support.

Name 3 Virtual Machine Files

    VMX – The Virtual Machine configuration file
    NVRAM – The VM’s BIOS file
    VMEM – The VM’s pagefile
    VMSD – VM Snapshot state file


https://virtualg.uk/10-vmware-interview-questions-and-answers/

docker interview questions

What are the main drawbacks of Docker?
Some notable drawbacks of Docker are:
    Doesn't provide a storage option
    Offer a poor monitoring option.
    No automatic rescheduling of inactive Nodes
    Complicated automatic horizontal scaling set up

What is Docker Engine?
Docker daemon or Docker engine represents the server. The docker daemon and the clients should be run on the same or remote host, which can communicate through command-line client binary and full RESTful API

Docker Engine is supported by the following components:

• Docker Engine REST API
• Docker Command-Line Interface (CLI)
• Docker Daemon

Explain the Docker components

Docker Client: This component executes build and run operations to communicate with the Docker Host.

Docker Host: This component holds the Docker Daemon, Docker images, and Docker containers. The daemon sets up a connection to the Docker Registry.

Docker Registry: This component stores Docker images. It can be a public registry, such as Docker Hub or Docker Cloud, or a private registry.

What is memory-swap flag?
Memory-swap is a modified flag that only has meaning if- memory is also set. Swap allows the container to write express memory requirements to disk when the container has exhausted all the RAM which is available to it.

Explain Docker Swarm?
Docker Swarm is native gathering for docker which helps you to a group of Docker hosts into a single and virtual docker host. It offers the standard docker application program interface.

Docker Swarm is native clustering for Docker.It turns a pool of Docker hosts into a single, virtual Docker host.

Docker Swarm is an open-source container orchestration tool that is integrated with the Docker engine and CLI. If you want to use Docker Swarm, you should use the overlay network driver. Using an overlay network enables the Swarm service by connecting multiple docker host daemons together.

What is Docker hub?
Docker hub is a cloud-based registry that which helps you to link to code repositories. It allows you to build, test, store your image in Docker cloud.

Explain Docker object labels
Docker object labels is a method for applying metadata to docker objects including, images, containers, volumes, network, swam nodes, and services.

You can use labels to organize your images, record licensing information, annotate relationships between containers, volumes, and networks, or in any way that makes sense for your business or application.

How can you run multiple containers using a single service?
By using docker-compose, you can run multiple containers using a single service. All docker-compose files uses yaml language.

Does Docker offer support for IPV6?
Yes, Docker provides support IPv6. IPv6 networking is supported only on Docker daemons runs on Linux hosts.

Can you lose data when the container exits?
No, any data that your application writes to disk get stored in container. The file system for the contain persists even after the container halts.

• What is the use of the docker save and docker load commands?

A Docker image can be exported as an archive via the docker save command.
The exported Docker image can then be imported to another Docker host via the docker load command:

What is the default Docker network driver, and how can you change it when running a Docker image?
Docker provides different network drivers like bridge, host, overlay, and macvlan. bridge is the default.


What is a Docker image? What is a Docker image registry?
A Docker image consists of many layers. Each layer corresponds to a command in an image’s Dockerfile. This image provides isolation for an application when you run a Docker image as a container.
A Docker image registry is a storage area for Docker images. You can get images from them instead of building them.

What is a DockerFile?

Docker uses the instructions in the Dockerfile to automatically build images.

Is there any problem with just using the latest tag in a container orchestration environment? What is considered best practice for image tagging?
The problem is if you push a new image with just the latest tag, you lose your old image and your deployments will use the new image.

What is Docker Compose?
Docker Compose is a tool that lets you define multiple containers and their configurations via a YAML or JSON file.
Docker Compose is a YAML file which contains details about the services, networks, and volumes for setting up the Docker application. So, you can use Docker Compose to create separate containers, host them and get them to communicate with each other.
use a JSON file instead of a YAML file for the Docker Compose file. 

• What is a Docker Container?

Docker containers include the application and all of its dependencies. It shares the kernel with other containers, running as isolated processes in user space on the host operating system.Docker containers are basically runtime instances of Docker images.

• think of containers as runtime instances of Docker images.
• use the underlying system’s CPU and memory to perform tasks.
• any containerized application can run on any platform regardless of the underlying operating system

Docker containers wrap a piece of software in a complete filesystem that contains everything needed to run: code, runtime, system tools, system libraries – anything that can be installed on a server.

Docker containers include the application and all of its dependencies. It shares the kernel with other containers, running as isolated processes in user space on the host operating system

• What are Docker Images?

Docker images are used to create containers. When a user runs a Docker image, an instance of a container is created. These docker images can be deployed to any Docker environment.

• Will you lose your data, when a docker container exists?

Any data that your application writes to the container gets preserved on the disk until you explicitly delete the container.
The file system for the container persists even after the container halts.

What is Docker Machine?
Docker machine is a tool that lets you install Docker Engine on virtual hosts.Docker machine also lets you provision Docker Swarm Clusters.

What’s the difference between virtualization and containerization?

Virtualization helps us run and host multiple operating systems on a single physical server. In virtualization, hypervisors give a virtual machine to the guest operating system. The VMs form an abstraction of the hardware layer so each VM on the host can act as a physical machine.

Containers form an abstraction of the application layer, so each container represents a different application.

Containerization provides us with an isolated environment for running our applications.

• What is the functionality of a hypervisor?

A hypervisor, or virtual machine monitor, is software that helps us create and run virtual machines

Native: Native hypervisors, or bare-metal hypervisors, run directly on the underlying host system. It gives us direct access to the hardware of the host system and doesn’t require a base server operating system.

Hosted: Hosted hypervisors use the underlying host operating system.

A vCPU is a VM thread (see cpu in the “VM Configuration Reference” chapter). These vCPUs appear to a guest just like physical CPUs. A guest's scheduling algorithm can't know that when it is migrating execution between vCPUs it is switching threads, not physical CPUs

This switching between threads can degrade performance of all the guests and the overall system. This is especially common when VMs are configured with more vCPUs than there are physical CPUs on the hardware.

Specifically, if in the hypervisor host there are more threads (including vCPU threads) ready to run than there are physical CPUs available to run them, the hypervisor host scheduler must apply its priority and scheduling policies (round-robin, FIFO, etc.) to decide which threads to run. These scheduling policies may employ preemption and time slicing to manage threads competing for physical CPUs.

Every preemption requires a guest exit, context switch and restore, and a guest entrance (see “Guest exits”). Thus, inversely to what usually occurs with physical CPUs, reducing the number of vCPUs in a VM can improve overall performance: less threads will compete for time on the physical CPUs, so the hypervisor will not be obliged to preempt threads (with the attendant guest exits) as often. In brief, fewer vCPUs in a VM may sometimes yield the best performance.

Virtual CPU’s can be allocated to a virtual machine.  The amount of virtual processors available are determined by the number of cores available on the hardware. 

It is important not to allow a running container to consume too much of the host machine’s memory. On Linux hosts, if the kernel detects that there is not enough memory to perform important system functions, it throws an OOME, or Out Of Memory Exception, and starts killing processes to free up memory. Any process is subject to killing, including Docker and other important applications. This can effectively bring the entire system down if the wrong process is killed.

By default, Docker does not apply any CPU limitations. Containers can all of the hosts given CPU power.

Virtual machines are considered a suitable choice in a production environment, rather than Docker containers since they run on their own OS without being a threat to the host computer. But if the applications are to be tested then Docker is the choice to go for, as Docker provides different OS platforms for the thorough testing of the software or an application.

• Sharing sockets with docker-compose

    Create common volume

    Connect the socket position of the container with the socket you want to refer to the common volume

    Mount the common volume on the referencing container

The following is an example of connecting a certain API server to MySQL.

a want to run a bunch of applications that inside containers (for security and management reasons), and these applications need to speak to a mysql server (via a unix domain socket – which just appears to be a file on the filesystem.

I also want to run the mysql server inside a container – so the mechanics of getting a socket shared between them are a little non-trivial.

A Unix domain socket or IPC socket (inter-process communication socket) is a data communications endpoint for exchanging data between processes executing on the same host operating system

/var/run/docker.sock is the Unix domain socket . Sockets are used in your favorite Linux distribution, allowing different processes to communicate with each other. Like everything in Unix, sockets are files. In Docker,/var/run/docker.sock is the way to communicate with the main Docker process. Because it is a file, we can share it with other containers.

When you start Docker and share the socket, you give the container permission to manipulate the Docker host. Your container can now start or stop other containers, drag in or create images on the Docker host, and even write to the host file system

X11 applications may fail due to failures in sharing sockets with containers created by the master container.  There seems to be no problem sharing sockets between the vnc container and the master, but when the master creates a container and names its volume, the socket is not functional.

Didn’t know that sockets could be mounted.

I’m starting the Jenkins container with the following command

Jenkins is running and “sees” a change in the repository

It thens tries to build and run a docker container by using the binded Docker socket.

 /var/run/docker.sock is a Unix domain socket. Sockets are used in your favorite Linux distro to allow different processes to communicate with one another. Like everything in Unix, sockets are files, too. In the case of Docker, /var/run/docker.sock is a way to communicate with the main Docker process and, because it's a file, we can share it with containers.

• Differentiate between COPY and ADD commands that are used in a Dockerfile?

COPY provides just the basic support of copying local files into the container whereas ADD provides additional features like remote URL and tar extraction support

Can a container restart by itself?

it is possible only while using certain docker-defined policies while using the docker run command. 

Can you tell the differences between a docker Image and Layer?

Image: This is built up from a series of read-only layers of instructions. An image corresponds to the docker container and is used for speedy operation due to the caching mechanism of each step.

Layer: Each layer corresponds to an instruction of the image’s Dockerfile. In simple words, the layer is also an image but it is the image of the instructions run.

What is the purpose of the volume parameter in a docker run command?

docker run -v /data/app:usr/src/app myapp

mounts the directory  /data/app in the host to the usr/src/app directory.

The volume parameter is used for syncing a directory of a container with any of the host directories

sync the container with the data files from the host without having the need to restart it

ensures data security in cases of container deletion

even if the container is deleted, the data of the container exists in the volume mapped host location making it the easiest way to store the container data.

Where are docker volumes stored in docker?

Volumes are created and managed by Docker and cannot be accessed by non-docker entities. 

 

Can you differentiate between Daemon Logging and Container Logging?

Daemon Level: This kind of logging has four levels- Debug, Info, Error, and Fatal.

Container Level:

docker logs <container_id>

What is the best way of deleting a container?

- docker stop <container_id>

- docker rm <container_id>

• Can you tell the difference between CMD and ENTRYPOINT?

CMD command provides executable defaults for an executing container.

ENTRYPOINT specifies that the instruction within it will always be run when the container starts.

This command provides an option to configure the parameters and the executables

If the DockerFile does not have this command, then it would still get inherited from the base image mentioned in the FROM instruction

• Docker Layer Caching (DLC) can reduce Docker image build times on CircleCI.

Docker Layer Caching (DLC) is a great feature to use if building Docker images is a regular part of your CI/CD process. DLC will save image layers created within your jobs, rather than impact the actual container used to run your job.

DLC caches the individual layers of any Docker images built during your CircleCI jobs, and then reuses unchanged image layers on subsequent CircleCI runs, rather than rebuilding the entire image every time. In short, the less your Dockerfiles change from commit to commit, the faster your image-building steps will run.

As Docker is processing your Dockerfile to determine whether a particular image layer is already cached it looks at two things: the instruction being executed and the parent image.

Docker will scan all of the children of the parent image and looks for one whose command matches the current instruction. If a match is found, docker skips to the next instruction and repeats the process.

If a matching image is not found in the cache, a new image is created

Since the cache relies on both the instruction being executed and the image generated from the previous instruction it should come as no surprise that changing any instruction in the Dockerfile will invalidate the cache for all of the instructions that follow it. Invalidating an image also invalidates all the children of that image.

How to reduce the size of Docker Images

    Use a .dockerignore file to remove unnecessary content from the build context

    Try to avoid installing unnecessary packages and dependencies

    Keep the layers in the image to a minimum

    Use alpine images wherever possible

    Use Multi-Stage Builds, which I am going to talk about in this article.

The multi-stage build is the dividing of Dockerfile into multiple stages to pass the required artifact from one stage to another and eventually deliver the final artifact in the last stage.

Previously, when we didn’t have the multi-stage builds feature, it was very difficult to minimize the image size. We used to clean up every artifact (which isn’t required) before moving to the next instruction as every instruction in Dockerfile adds the layer to the image. We also used to write bash/shell scripts and apply hacks to remove the unnecessary artifacts.

https://blog.logrocket.com/reduce-docker-image-sizes-using-multi-stage-builds/

https://circleci.com/docs/2.0/docker-layer-caching/

https://www.ctl.io/developers/blog/post/caching-docker-images

https://www.edureka.co/blog/interview-questions/docker-interview-questions/#DockerAdvancedQuestions
https://www.toptal.com/docker/interview-questions

https://www.guru99.com/docker-interview-questions.html

https://www.educative.io/blog/top-40-docker-interview-questions
https://www.interviewbit.com/docker-interview-questions/
https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/application/nginx-app.yaml

https://www.ctl.io/developers/blog/post/tutorial-understanding-the-security-risks-of-running-docker-containers

https://forums.docker.com/t/using-docker-in-a-dockerized-jenkins-container/322/9

https://nps.edu/web/c3o/support1

https://blog.fearcat.in/a?ID=01000-18e50b57-7ac9-4466-83ce-e3904cca07bc

https://en.wikipedia.org/wiki/Unix_domain_socket

http://bobtfish.github.io/blog/2013/10/06/read-only-bind-mounts-and-docker/

https://titanwolf.org/Network/Articles/Article?AID=33d13422-4d43-4955-9610-c0461ea53678

https://cloudacademy.com/blog/docker-vs-virtual-machines-differences-you-should-know/

https://docs.docker.com/config/containers/resource_constraints/

https://www.fastvue.co/tmgreporter/blog/understanding-hyper-v-cpu-usage-physical-and-virtual/

https://www.qnx.com/developers/docs/7.0.0/#com.qnx.doc.hypervisor.user/topic/perform/vcpu.html

https://stackoverflow.com/questions/41582969/how-does-docker-images-and-layers-work

https://www.edureka.co/blog/interview-questions/docker-interview-questions/