SET – 1
1. What is DevOps, and why is it important?
DevOps is a set of practices that combines software development (Dev) and IT
operations (Ops). It aims to shorten the software development life cycle and provide
continuous delivery with high software quality.
2. Can you explain the CI/CD pipeline and its components?
CI (Continuous Integration) is a practice where developers frequently merge code
into a shared repository. CD (Continuous Deployment) automates the deployment of
new changes. Key components are:
Source Control: Git, SVN
Build Automation: Jenkins, CircleCI
Test Automation: Selenium, JUnit
Deployment Automation: Ansible, Kubernetes
3. What is Infrastructure as Code (IaC), and why is it used in DevOps?
IaC refers to managing infrastructure through code, allowing teams to automate the
provisioning and configuration of environments. Tools include Terraform, AWS
CloudFormation, and Ansible.
4. What is the difference between Ansible, Puppet, and Chef?
All three are configuration management tools. Ansible uses an agentless architecture
and is simpler to set up, Puppet uses a master-agent architecture, and Chef is built
around Ruby and offers a powerful DSL for defining infrastructure.
5. How do you implement blue-green deployment?
Blue-green deployment minimizes downtime and reduces risks by running two
identical production environments (blue and green). Traffic is routed to the green
environment after validation, while blue remains as a backup.
6. Explain how you would set up a monitoring and alerting system for production?
Use tools like Prometheus and Grafana for monitoring. Set up alerting rules based on
thresholds (e.g., CPU usage, memory, response times) and integrate with services
like PagerDuty or Slack for real-time alerts.
7. What is a Dockerfile? Can you walk through a basic Dockerfile?
A Dockerfile is a script that contains instructions to build a Docker image. Basic
Dockerfile example:
Dockerfile
FROM node:14
WORKDIR /app
RUN npm install
CMD [“npm”, “start”]
8. How do you ensure security in DevOps?
Security can be implemented using the following:
Static code analysis: Tools like SonarQube
Secret management: Vault, AWS Secrets Manager
Compliance checks: Using tools like OpenSCAP or Chef Inspec
9. Can you explain Git branching strategies?
Feature Branching: Separate branches for features
Gitflow: Structured flow with master, develop, and feature branches
Trunk-Based Development: Minimal branches, merging frequently into trunk
10. How do you handle configuration management in a microservices architecture?
Centralized configuration management tools like Spring Cloud Config or Consul can
be used to manage configuration files for all services in one place.
SET – 2
1. What is container orchestration, and why is Kubernetes popular?
Container orchestration automates the deployment, scaling, and management of
containerized applications. Kubernetes is popular due to its powerful features like
automated scaling, self-healing, and service discovery.
2. What are namespaces in Kubernetes, and why are they used?
Namespaces provide a way to segment a Kubernetes cluster into virtual clusters.
They help in organizing and isolating resources between teams or environments.
3. How do you optimize a CI/CD pipeline for faster deployments?
Parallelizing tasks
Caching dependencies
Using lightweight containers
Limiting unnecessary test runs
4. What’s the difference between containers and virtual machines (VMs)?
Containers share the host OS and are more lightweight, while VMs run their own OS
and are more resource-intensive.
5. What is a reverse proxy, and why is it used in a DevOps setup?
A reverse proxy forwards client requests to backend servers, improving security,
performance, and load balancing. Nginx and HAProxy are popular reverse proxy
servers.
6. What is Helm in Kubernetes?
Helm is a package manager for Kubernetes that allows you to define, install, and
upgrade even the most complex Kubernetes applications.
7. What is the use of service mesh in microservices?
A service mesh manages communication between microservices. Istio and Linkerd
are popular tools that provide observability, traffic management, and security
features.
8. What is the difference between Continuous Delivery and Continuous Deployment?
Continuous Delivery ensures code is always in a deployable state, while Continuous
Deployment automates the release process to production.
9. What are some common challenges with microservices?
Common challenges include:
Complex inter-service communication
Distributed data management
Monitoring and logging across services
10. How do you handle secrets in a CI/CD pipeline?
Use secret management tools like HashiCorp Vault, AWS Secrets Manager, or
environment variables encrypted with tools like Jenkins Credentials Plugin.
SET – 3
1. What is canary deployment, and when would you use it?
Canary deployment releases a new version of an application to a small subset of
users. It’s useful when testing a new feature or mitigating risk during production
deployments.
2. Explain the concept of “shift left” in DevOps.
“Shift left” means moving testing, security, and performance evaluation earlier in the
software development lifecycle to identify issues sooner.
3. What’s the difference between stateful and stateless applications?
Stateless applications do not retain any data between requests, while stateful
applications store data across multiple sessions or requests.
4. How do you implement High Aailability (HA) in your infrastructure?
Use techniques like load balancing, auto-scaling, database replication, and multi-
region deployments to ensure high availability.
5. What is a deployment strategy you would use for zero downtime?
Blue-green deployment or rolling updates with Kubernetes ensure zero downtime
during deployments.
6. What are Kubernetes pods, and how do they differ from containers?
A pod is the smallest deployable unit in Kubernetes, which can contain one or more
containers that share storage and network resources.
7. Explain how you would secure a Kubernetes cluster.
Use Role-Based Access Control (RBAC)
Enable mutual TLS for service communication
Use network policies to control traffic between pods
8. What are Jenkins pipelines?
Jenkins pipelines define a series of steps to automate the CI/CD process using code
(Pipeline as Code). It supports complex workflows and parallel task execution.
9. How do you handle rollbacks in case of a failed deployment?
Tools like Kubernetes and Helm have built-in rollback features. Additionally, using
feature flags or storing previous versions of containers allows for easy rollback.
10. How do you troubleshoot a failing service in Kubernetes?
Use kubectl commands to inspect pod logs, check the events, and describe the pod
for more details. Tools like Prometheus and Grafana can help with metrics.
SET – 4
1. What’s the difference between Docker Compose and Kubernetes?
Docker Compose is used to define and run multi-container Docker applications on a
single host, whereas Kubernetes is a full container orchestration platform that
manages large-scale, distributed containerized applications across multiple hosts.
2. How would you scale a microservices architecture in Kubernetes?
Use Kubernetes’ built-in auto-scaling features such as Horizontal Pod Autoscaler
(HPA) and Vertical Pod Autoscaler (VPA). Define resource limits and requests for CPU
and memory. Use Ingress and load balancers to distribute traffic.
3. Explain the concept of “immutable infrastructure.”
Immutable infrastructure means that servers or containers are never modified after
they are deployed. If a change is needed, a new version of the server or container is
created and deployed.
4. How do you manage logs in a microservices architecture?
Centralized logging solutions such as the ELK (Elasticsearch, Logstash, Kibana) stack,
Fluentd, and Prometheus help in aggregating and monitoring logs across services.
This ensures efficient tracking and troubleshooting.
5. What are Jenkins agents, and how are they used in a CI/CD pipeline?
Jenkins agents (or nodes) are machines that Jenkins delegates the job to run build
tasks. They allow distributed builds, meaning you can run different jobs on different
environments.
6. What is a “service account” in Kubernetes, and how do you use it?
A service account is used to provide an identity for pods that run in a Kubernetes
cluster to access the Kubernetes API. You can assign roles to service accounts using
RBAC (Role-Based Access Control).
7. How would you integrate security scanning in your CI/CD pipeline?
Integrate tools like:
Static code analysis: SonarQube, Checkmarx
Dependency scanning: Snyk, OWASP Dependency-Check
Container scanning: Aqua, Clair These tools can scan code for vulnerabilities
before deployment.
8. What are some ways to improve application resiliency in a distributed environment?
Implement retry logic with exponential backoff for transient failures.
Use circuit breakers to stop cascading failures.
Implement redundancy using load balancers and failover systems.
Ensure proper health checks and monitoring are in place.
9. Instead of YAML, what can you use as an alternate file for building Docker compose?
To build a Docker compose, a user can use a JSON file instead of YAML. In case a user
wants to use a JSON file, he/she should specify the filename as given:
Docker-compose -f Docker-compose.json up
10. What are sidecar containers, and how are they used in Kubernetes?
A sidecar container is a container that runs alongside the main application container
in the same pod. It can be used for logging, monitoring, or injecting configurations
without modifying the main container.
SET – 5
1. What’s the difference between Docker Swarm and Kubernetes?
Docker Swarm is Docker’s native clustering and orchestration tool, which is simpler
but less feature-rich compared to Kubernetes. Kubernetes is more robust with
advanced scheduling, self-healing, and load balancing features.
2. What is Prometheus, and how does it work?
Prometheus is an open-source monitoring tool that collects metrics from your
applications and infrastructure. It uses a pull-based model and allows querying data
through its powerful query language, PromQL.
3. What is kubectl logs used for?
kubectl logs fetches the logs of a container in a pod, which helps in debugging
applications running in Kubernetes.
4. What are labels and selectors in Kubernetes?
Labels are key-value pairs attached to Kubernetes objects, like pods. Selectors are
used to query these labels for managing resources and performing operations such
as filtering or grouping.
5. What is the difference between a Job and a CronJob in Kubernetes?
A Job is a Kubernetes resource that runs a one-time task, while a CronJob schedules
tasks to be run periodically at specific intervals, like a Unix cron job.
6. How do you handle downtime during database schema changes?
Use blue-green deployments with separate database schemas.
Apply schema changes in backward-compatible steps.
Use feature flags to manage new database features, allowing a smooth
transition.
7. What’s the role of Terraform in a DevOps ecosystem?
Terraform is used for infrastructure provisioning through code. It allows you to
define your infrastructure in versioned configuration files and automates resource
creation across cloud providers like AWS, Azure, and GCP.
8. How does Nagios help in the continuous monitoring of systems, applications, and
services?
Nagios enables server monitoring and the ability to check if they are
sufficiently utilized or if any task failures need to be addressed.
Verifies the status of the servers and services
Inspects the health of your infrastructure
Checks if applications are working correctly and web servers are reachable
9. What are active and passive checks in Nagios?
Nagios is capable of monitoring hosts and services in two ways:
Active checks are initiated as a result of the Nagios process. Active checks are
regularly scheduled
Passive checks are initiated and performed through external applications/processes.
It results are submitted to Nagios for processing
10. When should I use ‘{{ }}’?
Always use {{}} for variables, unless you have a conditional statement, such as
“when: …”. This is because conditional statements are run through Jinja, which resolves the expressions.