Follow a systematic approach: "First docker logs for application errors. If the container dies immediately, I check the exit code — 137 means OOM, 1 means the app crashed. Then docker run with an interactive shell to inspect the filesystem and test commands manually."
Diagnostic steps: check container logs (docker logs), inspect the container state (docker inspect), check exit code for clues (137 = OOM killed, 1 = application error), try running interactively (docker run -it --entrypoint sh) to explore the filesystem, check if the image builds correctly, verify environment variables are set, and check volume mounts and permissions. Common causes: missing environment variables, wrong file permissions on mounted volumes, port conflicts, insufficient memory limits, missing dependencies in the image, and entrypoint scripts failing. Strong candidates discuss: docker events for daemon-level debugging, exec into running containers, using ephemeral debug containers (docker debug), and checking dmesg for OOM kills.
Tests operational skills. Candidates who cannot debug a crashing container will be stuck in production incidents. Those who follow a systematic approach from logs to exit codes to interactive inspection resolve issues efficiently.