InterviewStack.io LogoInterviewStack.io

Container Image Management and Registry Questions

Focuses on the lifecycle of container images from build to runtime. Includes building reproducible images, multi stage builds, tagging strategies and semantic versioning, minimizing image size and attack surface, running as non root, and use of minimal base images. Covers pushing to and pulling from registries including public and private registries, authentication and access control, registry lifecycle policies, image caching and garbage collection, image signing and provenance, vulnerability scanning and remediation processes, integration with CI CD pipelines, and operational considerations such as storage costs, replication and geo distribution, and registry high availability.

HardTechnical
32 practiced
During a deployment window your private registry unexpectedly becomes read-only, causing new image pushes and some deployments to fail. As the SRE on-call, outline immediate triage steps, mitigations to resume deployments, communication plan for stakeholders, and long-term remediation and post-incident actions.
MediumTechnical
35 practiced
Explain the OCI image manifest and the image index (manifest list) structure, including config, layers, and annotations. Describe how you would use annotations to attach provenance or SBOM links and how you would programmatically query those fields from a registry.
HardTechnical
31 practiced
Design an audit logging and compliance pipeline for a container registry that captures push/pull events, vulnerability scan results, signature verification, and admin actions. Include retention policies, tamper-resistance, searchable indexes, and integration points with SIEM and compliance reports.
MediumSystem Design
29 practiced
Design a registry replication strategy to replicate images across three continents to minimize pull latency. Discuss push vs pull replication models, tag conflict resolution, eventual consistency implications, and network considerations for large blob transfers.
EasyTechnical
31 practiced
List practical techniques to minimize container image size and attack surface: multi-stage builds, removing package caches, using --no-install-recommends, distroless/scratch, stripping binaries, and minimizing layers. For each technique give a rough estimate of the potential size savings and trade-offs.

Unlock Full Question Bank

Get access to hundreds of Container Image Management and Registry interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.