InterviewStack.io LogoInterviewStack.io

Container Image Management and Registry Questions

Focuses on the lifecycle of container images from build to runtime. Includes building reproducible images, multi stage builds, tagging strategies and semantic versioning, minimizing image size and attack surface, running as non root, and use of minimal base images. Covers pushing to and pulling from registries including public and private registries, authentication and access control, registry lifecycle policies, image caching and garbage collection, image signing and provenance, vulnerability scanning and remediation processes, integration with CI CD pipelines, and operational considerations such as storage costs, replication and geo distribution, and registry high availability.

MediumTechnical
32 practiced
Describe how to build, test, and publish multi-architecture container images (amd64, arm64) using Docker buildx or cloud builder services. Explain manifest lists, QEMU/emulation trade-offs, and strategies to validate image behavior for each architecture before publishing.
MediumTechnical
54 practiced
Estimate monthly storage cost for a private registry storing 20 TB of compressed image blobs with 3x replication across regions (object storage pricing $0.02/GB-month) and 30% overhead for metadata and versions. Show math and propose optimizations to reduce cost while maintaining reliability.
EasyTechnical
25 practiced
List common authentication and authorization methods used by container registries (basic auth, token/OAuth, mTLS, cloud IAM). For each, discuss typical use cases, strengths, operational aspects like token expiration, and how to integrate with CI systems securely.
HardSystem Design
26 practiced
Design a rollback strategy that can safely revert a bad image across hundreds of microservices with different release cadences. Consider immutable images, CI/CD rollback triggers, handling DB migrations, service meshes, canary rollback patterns, and preventing rollback storms when many services fail simultaneously.
MediumTechnical
36 practiced
Describe a safe plan to run garbage collection on a private container registry backed by object storage (e.g., S3). Include discovery of unreferenced blobs, dry-run validation, scheduling to avoid peak traffic, handling replication lag, and how to restore mistakenly deleted blobs.

Unlock Full Question Bank

Get access to hundreds of Container Image Management and Registry interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.