MockRounds Logo

Docker BuildKit: Easy Optimization Essentials Quiz

Explore essential Docker BuildKit optimization techniques for faster, smaller, and more secure builds. Learn about caching, secret management, multi-stage builds, and best practices to supercharge your container images.

  1. Enabling BuildKit

    Which method enables BuildKit for Docker builds to unlock advanced features and performance improvements?

    1. Add .buildkitignore file to the project
    2. Set RUN_BUILDKIT=true in the Dockerfile
    3. Set the environment variable DOCKER_BUILDKIT=1
    4. Update Docker Compose to version 4

    Explanation: Setting the environment variable DOCKER_BUILDKIT=1 enables BuildKit in Docker. Adding .buildkitignore is not a configuration file, RUN_BUILDKIT=true is not recognized by Docker, and updating Docker Compose does not enable BuildKit by itself.

  2. Layer Ordering Impact

    Why is placing less frequently changed instructions higher in the Dockerfile important when optimizing with BuildKit?

    1. It automatically installs dependencies after copying the code
    2. It reduces the final image size by removing duplicate files
    3. It disables parallel execution to ensure step-by-step builds
    4. It allows better cache reuse and avoids unnecessary rebuilds of subsequent layers

    Explanation: Placing stable instructions first improves cache effectiveness, preventing rebuilds of downstream layers when frequent changes occur. Reducing image size is a related benefit but is not the main effect; BuildKit does not disable parallel execution by this ordering, and dependencies are not installed automatically just by reordering.

  3. Purpose of Cache Mounts

    What is a key benefit of using cache mounts in BuildKit for package installations?

    1. They speed up repeated builds by reusing downloaded dependencies
    2. They make secrets persist across layers
    3. They execute the build sequentially for accuracy
    4. They increase image size to store more cached files

    Explanation: Cache mounts allow dependency download caches to persist across builds, speeding up processes like npm ci or pip install. They do not bloat image size because caches are not part of the final image. Cache mounts do not handle secrets or affect build execution order.

  4. Multi-Stage Build Advantages

    What is a main advantage of using multi-stage Docker builds?

    1. They create images only for ARM64 architectures
    2. They separate build and runtime environments to produce smaller and safer images
    3. They allow for mounting secrets into the final image
    4. They force Docker to ignore .dockerignore settings

    Explanation: Multi-stage builds remove build dependencies and compilers from the final image, resulting in reduced size and better security. They do not override .dockerignore, are not responsible for secret mounting in runtime images, and support multiple architectures, not just ARM64.

  5. Safe Handling of Secrets

    How should secrets such as API keys be handled during a Docker build to avoid leaving them in image history?

    1. Copy secret files into the final image using COPY
    2. Echo secrets directly into environment files during RUN steps
    3. Use BuildKit's secret mount feature with the --mount=type=secret flag
    4. Set secrets as environment variables in the Dockerfile

    Explanation: BuildKit's secret mount allows sensitive data to be available only during build and not stored in layers. Echoing or copying secrets or setting them as environment variables leads to exposure in image history and is insecure.

  6. Inline Cache Export Usage

    How does enabling inline cache export help in CI/CD pipelines when building Docker images?

    1. It stores credentials in the output image
    2. It lets future builds reuse remote caches to avoid redundant steps
    3. It generates a separate cache container for each build
    4. It restricts the build to local environments only

    Explanation: Inline cache export embeds cache metadata in the image, making remote cache reuse possible in distributed or CI/CD pipeline builds. It does not create separate cache containers, expose credentials, or restrict builds to local environments.

  7. Benefit of .dockerignore

    Why is using a .dockerignore file critical for Docker build optimization?

    1. It allows the container to ignore certain mount points at runtime
    2. It ensures all files in the project directory are included in the image
    3. It prevents unnecessary files like node_modules and .git from being sent in the build context, speeding up the process
    4. It encrypts sensitive environment files before the build starts

    Explanation: A .dockerignore file tells Docker which files and folders to exclude from the context sent to the daemon, reducing build time and avoiding accidental inclusion. It does not handle encryption, does not force inclusion, and does not affect runtime mounts.

  8. Reducing Layer Count

    Which method helps to reduce the number of image layers during builds?

    1. Combining multiple RUN instructions into a single RUN with commands chained by &&
    2. Creating a new Dockerfile for each dependency
    3. Splitting every package installation into separate RUN steps
    4. Adding more ENV variables at the top of the Dockerfile

    Explanation: Chaining commands in a single RUN instruction reduces the number of layers, which leads to more efficient and smaller images. Splitting installs adds layers, more ENV variables do not reduce layers, and multiple Dockerfiles add complexity unnecessarily.

mockrounds.com Learn • Practice • Evaluate