Show the key difference: "Memory limits are hard — exceed them and the OOM killer terminates your process. CPU limits are soft — exceed them and your container gets throttled. I profile the application first, then set limits with headroom."
Memory: set with --memory flag or deploy.resources.limits.memory in Compose. When a container exceeds its memory limit, the kernel OOM-kills the process (exit code 137). Memory reservation (--memory-reservation) is a soft limit for scheduling. CPU: --cpus limits the number of CPU cores, --cpu-shares sets relative weight for scheduling. Unlike memory, exceeding CPU limits does not kill the container — it gets throttled. Strong candidates discuss: the difference between limits (hard ceiling) and reservations (scheduling hint), swap limits (--memory-swap), the impact of CPU throttling on application latency, monitoring container resource usage with docker stats, and setting appropriate limits based on application profiling rather than guessing.
Tests operational understanding. Candidates who do not set resource limits risk one container consuming all host resources. Those who understand the difference between memory kills and CPU throttling can troubleshoot production performance issues.