Check the DevOps Interview Questions and Answers for Beginners that make you selected in any DevOps Interview:
Q. What is architecture of Kubernetes?
A. This is container management tool which is used for container creation, update, deletion, scaling up and scaling down all done here. Used to centrally control and automate the deployments.
Kubernetes control play is Kubernetes master node.
Kubernetes architecture is divided into two parts: – Kubernetes master and Kubernetes worker node.
Kubernetes master includes: – kube-apiserver, etcd, kube-scheduler, kube-controller manager.
Kube-apiserver is connected with all the master nodes, kubelet, kube-proxy of worker node. This is responsible for creating of pods, deleting of pods, scaling up or down of pods. Interaction of worker or master node.
Kube-scheduler: – This is used to schedule the pods for the execution in several jobs. Kube-scheduler will inform to kube api server regarding the pods then api server will interact with to etcd and collect the pod’s information that it is going to launch in particular worker node like first kubelet or kube-proxy.
Etcd: – This is etc database. This collects the sensitive information like passwords, about Pod’s information, cluster information, cluster configuration, pods configuration, pod’s meta data.
Kube-controller manager: – This is used to maintain the desired state. It means if we need 4 pods at a time and 2 got failed so this controller manager will start the remaining 2 pods. Some of the controller managers are like name space control manager, volume control manager, replication controller.
Kubelet is agent through which master and worker node will interact together, container’s monitoring, receive command from master node and give instruction to container run time and monitor the pod and container health.
Kube-proxy: – This is DNS manager of Kubernetes. It helps to provide the IP address to pods, how to interact the pod to services, routing to collect pods.
Cloud: – There will be one cloud provider like AWS, Azure, GCP etc.
Q. How to troubleshoot with not working pod?
A. We can have from two side issue. One is infrastructure and second during deployment. If issue happens for first time, then probability issue from infra side, we will check the configuration and if during deployment then we will check the logs and troubleshoot the issue.
Some issues: – crash loopback off
Command: – Kubectl get pods or Kubectl get events
Q. Configuring Prometheus to Grafana?
A. Prometheus is an open-source tool for monitoring and alerting applications
Configure the port number in security group with custom tcs protocol
Port 9090 — Prometheus Server, Port 9100 — Prometheus Node Exporter, Port 3000 — Grafana
From the architecture: –
Prometheus Server: This component is the central component that collects the metrics from multiple nodes. Prometheus uses the concept of scraping, where target systems’ metric endpoints are contacted to fetch data at regular intervals.
Node Exporter: This is called a monitoring agent which we installed on all the target machines so that Prometheus can fetch the data from all the metrics endpoints.
Push Gateway: Push Gateway is used for scraping metrics from applications and passing on the data to Prometheus. Push Gateway captures the data and then transforms it into the Prometheus data format before pushing.
Alert Manager: Alert Manager is used to send the various alerts based upon the metrics data collected in Prometheus.
Web UI: The web UI layer of Prometheus provides the end user with an interface to visualize data collected by Prometheus. In this, we will use Grafana to visualize the data.
Q. Configuring Prometheus to Grafana?
- Now we will install the Prometheus on one of the EC2 Instance.
- Now to monitor your servers you need to install the node exporter on all your target machine which is like a monitoring agent on all the servers.
- Now we will configure the Prometheus for our EC2 instance where we have installed the node-exporter.
- Once Prometheus is installed successfully then we can install the Grafana and configure Prometheus as a data source.
Grafana provides lot of dashboards which we can directly import in our Grafana instance and
Q. Branching strategy in our project?
A. Few of the branches that we work are feature, release, dev, production
We make changes in feature and at last all went to release branch with the help of PR.
Production is last branch where we push our data at the time of sprint end.
Q. What are the goals of Maven?
A. integration-test: run integration tests.
verify: verify all integration tests passed.
Maven clean goal (clean: clean) is bound to the clean phase in the clean lifecycle. Its clean: clean goal deletes the output of a build by deleting the build directory. Thus, when maven clean command executes, Maven deletes the build directory.
Q. what does pom.xml file contains?
A. POM is an acronym for Project Object Model. The pom. xml file contains information of project and configuration information for the maven to build the project such as dependencies, build directory, source directory, test source directory, plugin, goals etc. Maven reads the pom. xml file, then executes the goal.
Q. What is repository in maven?
A. Repository is a directory where all the project jars, library jar, plugins or any other project specific artifacts are stored and can be used by Maven easily.
Q. What is stateFile in Terraform?
A. StateFile is used to keep track of the resources that terraform manages. It stores information about the current state of infrastructure and helps terraform plan and apply changes accurately.
Q. What is meta-arguments in terraform module?
A. Meta-arguments are special arguments in Terraform that are used to control how resources
are created, updated, or destroyed.
Q. Meta-Arguments in Terraform are as follows:
A. depends_on: Specifies dependencies between resources.
Ex: – # The web_security_group resource depends on the web_server resource
# The web_elb resource depends on the web_sg resource
count: – The “count” meta-argument is used to create four instances, each with the specified AMI and instance type. The “tags” block is used to assign a name to each instance, with a unique index based on the count. Run terraform init to initialize the Terraform project. Run terraform apply to create 4 instances.
for_each: Allows creating multiple instances of a resource based on a map or set of strings.
lifecycle: Defines lifecycle rules for managing resource updates, replacements, and deletions.
provider: Specifies the provider configuration for a resource. It allows selecting a specific provider or version for a resource.
Q. What is the difference between a variable and data source in Terraform?
A. Data sources provide dynamic information about entities that are not managed by the current Terraform and configuration.
Variables provide static information.
Q. which module called child or parent in terraform?
A. A module that has been called by another module is often referred to as a child module.
Q. What is the root module name in Terraform?
A. Terraform has two types of modules; the top-level module is always called the “root” module and the modules that are called from the root module are called “child” modules.
Q. What is Playbook in Ansible?
A. Playbook in ansible is yaml file that defines a set of tasks and configurations to be executed on remote servers. It is used for automation and configuration management.
Q. What is configuration management in DevOps?
A. DevOps configuration is the evolution and automation of the systems administration role, bringing automation to infrastructure management and deployment.
Installation of software, patches, hardware operations in multiple machines at a time instead of manually so we configuration management is necessary.
Q. What is Light house stage?
A. Lighthouse is an open-source tool from Google that is used to audit and improve the quality of web pages.
In the context of a Jenkins pipeline, you can use Lighthouse as a step to automatically audit your web application during the build or deployment process to ensure it meets certain quality standards.
Q. What is Zap scan stage?
A. ZAP is an open-source security testing tool for finding vulnerabilities in web applications
In a Jenkins pipeline, a “ZAP scan” would typically involve running security scans on your web application using ZAP to check for common security vulnerabilities like cross-site scripting (XSS), SQL injection, and more.
Q. What is bastion host in devops
A. It’s a special server that stands between the public internet and your private network. When you want to access the computers inside your network from the outside, you first go through this doorman (bastion host). It checks who you are, ensures you have permission to enter, and then allows you to access the computers inside. This helps protect your network from unauthorized access and keeps it safe.
Q. How do you handle secrets in Ansible?
A. HarshiCorp Vault.
Q. Can we use Ansible as IaC? If yes, can we compare with other infrastructure as code like Terraform?
A. Yes Ansible supports in some way. It can create ec2 instance but it is used as configuration management tool.
Q. Explain the workflow of how docker container created?
A. Docker Container Creation workflow: –
a. Dockerfile: – Create a dockerfile with application instructions.
b. Build Image: – Use docker build to build an image from docker file/
c. Run Container: – Run a container from the image using docker run.
d. Container: – The container runs your application isolated and self-contained.
Q. How do you manage multiple containers?
A. I manage multiple containers using Kubernetes ensuring high availability, scalability and load balancing.
Q. What is blue green deployments?
A. Blue green deployment is deployment strategy where you have two identical environments (Blue and Green) and you switch traffic between them when deploying new versions. This minimises downtime and allows quick rollback if issue arises.
Blue-green deployments are typically used for larger, less frequent releases or updates.
Q. What is Canary Deployment?
A. Canary deployment typically involves making changes in the existing environment, initially affecting a subset of users or servers.
Canary deployments are typically used for more frequent, smaller changes or updates.
Q. How do you scale your applications?
A. I use autoscaling application in aws or Kubernetes horizontal pod scaling to dynamically adjust resources based on traffic pattern and resource utilisation.
Q. How do you rollback if something fails?
A. I will roll back to previous version with the help of Kubernetes. I will ensure regular monitoring and alerts to detect failures early.
Q. What kind of issue that SonarQube will identify?
A. Code Coverage, Duplicacy in code.
Q. Feature of SonarQube?
A. Improve quality, grow developer skills., Continuous quality management., Reduce risk., Scale with ease.
Q. What is branches in GIT?
A. In Git, branches are a part of your everyday development process. Git branches are effectively a pointer to a snapshot of your changes. When you want to add a new feature or fix a bug—no matter how big or how small—you spawn a new branch to encapsulate your changes.
Q. Purpose of tagging in git?
A. Tags help in identifying different commits that are important enough to be recognized.
A tag is an object referencing a specific commit within the project history
Q. Difference between merge and rebase
A. git merge is a way of combining changes from one branch (source branch) into another branch (target branch) whereas git rebase is a way of moving the changes from one branch onto another branch.
Q. Difference between git commit and git push
A. git commit saves repository changes on local but not remote repository. Contrarily, Git push then updates your git commit changes and sends it to remote repository.
Q. Can we have two masters in Jenkins?
A. You can have multiple Jenkins masters configured with the same connection details (ensure you select distinct remote paths mind) and connect them to the same machine. The only issue you may see is if all the Jenkins masters try to run builds on that node at the same time.
Q. What happens when master in Jenkins goes down?
A. Whenever there is a problem with the active master and it goes down, the other master will become active and requests will resume.
If the Jenkins master is lost or destroyed, there may be a crippling impact on your organization’s ability to build, test, or release. Let’s address this and create a disaster-recovery plan for Jenkins to ensure a high level of availability and quick turnaround time for any failures that may occur.
Q. What is the use of Ansible?
A. It helps automate repetitive tasks, improve efficiency, and ensure consistency in infrastructure and application configurations
Q. What is Dockerfile?
A. A Dockerfile is a script that uses the Docker platform to generate containers automatically.
It is text file which contains set of instructions which is used to build the images automatically.
Dockerfile is a text document containing all the commands the user requires to call on the command line to assemble an image. With the help of a Dockerfile, users can create an automated build that executes several command-line instructions in succession.
Q. What is Docker image?
A. This is template to create docker container. A Docker image is a template file used to execute code in a Docker container. An image is comparable to a snapshot in virtual machine (VM) environments.
Q. Docker Container?
A. Running instance of Docker image. Containers hold entire package to run application.
Note: – First, we need to add instruction to create dockerfile and build to make docker image and from image we can create docker container
Q. Command To stop the docker images
A. docker stop [images-name]
Q. Command to remove container
A. Docker rm container-id
Q. Command to restart the container
A. docker restart
Q. Command To push image to docker hub: –
A. docker login
Q. Command To save data locally
A. docker commit
Q. Command To push data to repository or docker hub
A. docker push
Q. Command to copy file from docker to local system
A. docker local
Q. Command to check the logs
A. docker logs [container-name]
Q. Command If we want docker container to store the data so we can create
A. docker container
Q. Command to logout from docker hub
A. docker logout
Q. what is docker compose?
A. Docker Compose is used to run multiple containers as a single service. For example, suppose you had an application which required NGNIX and MySQL, you could create one file which would start both the containers as a service without the need to start each one separately.
Q. what is docker inspect do?
A. docker inspect is a command that returns detailed, low-level information on Docker objects. Those objects can be docker images, containers, networks, volumes, plugins, etc.
Q. How do you check logs in a container?
A. The docker logs command shows information logged by a running container.
Command: – Docker logs container id
Q. Command to run the docker run A. docker run -d -p <image name> Here p= publisher or port mapping.
docker run [OPTIONS] IMAGE [: TAG|@DIGEST] [COMMAND] [ARG...]
Q. What is Kubernetes?
A. Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.
Q. What is difference between docker container and Kubernetes?
A. Docker is a container runtime; Kubernetes is a platform for running and managing containers from many container runtimes.
The difference between the two is that Docker is about packaging containerized applications on a single node and Kubernetes is meant to run them across a cluster.
Q. What are the most used Terraform commands?
A. Terraform init: – To initialise the terraform module.
Terraform Plan: – To check the config before the deployment
Terraform apply: – To apply the changes.
Terraform destroy: – TO destroy the config created by terraform.
Terraform Format: – To make the indentation of the configuration file.
Terraform validate: – To validate the code indentation.
Terraform show: – To show the state file configuration.
Terraform import: – To use resources created other than terraform or manually.
Q. Difference between SSL and TLS?
SSL (Secure Socket Layer): –
A. SSL was the original technology developed to secure internet communication.
It has several versions, including SSL 2.0 and SSL 3.0, but these versions are now considered insecure due to vulnerabilities.
SSL is no longer recommended for use because of these security flaws. It has been largely replaced by TLS.
TLS (Transport Layer Security): –
TLS is an improved and more secure version of SSL.
It was created as an upgrade to SSL and addresses the security issues found in SSL versions.
TLS has multiple versions (e.g., TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3), with each version being more secure and efficient than the previous one.
TLS is the modern and recommended technology for securing data transmission on the internet.
Q. What is Terraform D?
A. This is in built plugin that we use to execute terraform command from external source code editor itself.
Q. What is Terraform backend and its types?
A. A backend defines where terraform stores its state data files.
There are two types of Terraform backends: local and remote.
1. Local Backend. A local backend stores the state file on the machine where terraform is running. This is the default backend that is used if you don’t specify a backend in your Terraform configuration.
Q. What is blueprint deployment in aws devops?
A. Blueprints automatically generate source code and a continuous integration and delivery (CI/CD) pipeline to deploy common patterns to your AWS account without requiring extensive programming knowledge.
Blueprints are a declarative way to orchestrate the deployment of various resource templates and other artifacts
Q. What is DaemonSet in Kubernetes?
A. DaemonSet is a Kubernetes feature that lets you run a Kubernetes pod on all cluster nodes that meet certain criteria. Every time a new node is added to a cluster, the pod is added to it, and when a node is removed from the cluster, the pod is removed.
Q. What to do when I forget the Git password of my local?
A. In local We can directly generate the token from GitHub in that case and use it.
Q. What to do if code quality gate is failed in SonarQube?
A. There are multiple by default quality gate and we have option to have create custom quality gate to check the code quality. If any Jenkins builds are failing then we check in SonarQube as well if builds failing due to low code coverage. Then we connect to dev team for that.
The built-in Sonar way, quality gate.
Q. How do I change my Sonar quality gate?
A. Open your project in SonarQube.
Go to the Administration > Quality Gate menu for project.
Choose the quality gate you want to use for that project.
Q. If build failed in first stage, then how can be build progressed for next stage check?
A. We can use post filled action by using always. Three results failed, success and always, one more is unstable if build is having any nexus IQ vulnerabilities.
Q. What are the plugins we use in Jenkins?
A. 1. For backup we use thinBackup plugin,
2. Pipeline Plugin for CI
3. SonarQube Plugin for code quality check
4. Docker plugin to create Docker containers and automatically run builds on them,
5. Kubernetes Plugin for creating individual Kubernetes Pods for each agent on the Docker image., Kubernetes plugin also terminates the Kubernetes Pods automatically once you finish the build, this plugin integrates Jenkins with Kubernetes, this plugin, you can automatically scale the running process of Jenkins agents in the Kubernetes environment.
6. Git Plugin for Git operations like polling, branching, merging, fetching, tagging, listing, and pushing repositories., It helps you to schedule your builds and automatically triggers each build after each commit.
7. Jenkins JFrog Plugin for storage of build image