Skip to main content
HashnodeAshwin's Blog

Command Palette

Search for a command to run...

TOP MNC — AWS / DevOps INTERVIEW QUESTIONS

Updated
47 min read
A
Ashwin

I'm a DevOps magician, conjuring automation spells and banishing manual headaches. With Jenkins, Docker, and Kubernetes in my toolkit, I turn deployment chaos into a comedy show. Let's sprinkle some DevOps magic and watch the sparks fly!

What is GIT stash?

Git stash is a feature in Git that allows you to temporarily save your changes without committing them. It's useful when you need to switch branches or perform some other operation that requires a clean working directory.

What is a branching strategy?

A branching strategy is a set of rules and guidelines for how branches are created, named, and managed in a version control system like Git. It defines how code changes flow from development through testing to production.

How do you receive tickets?

• JIRA

• ServiceNow

• Azure DevOps Boards

What is your project architecture?

• Microservices in EKS

• CI/CD via Jenkins/GitHub Actions

• IaC via Terraform

• Monitoring via Prometheus & Grafana

• Images in ECR • Logs in CloudWatch

Where is the Git commit history stored?

The Git commit history is stored in the .git directory, which is a hidden folder in the root of your Git repository. This directory contains all the metadata and object database for the repository, including commits, branches, tags, and configuration.

What is the command to discard changes in the working directory?

The command to discard changes in the working directory in Git is git checkout -- <file> or git checkout . to discard all changes.

What is the Command to change the ownership and permissions of a file or directory in Linux?

To change ownership: chown [new_owner] [file/directory]

To change permissions: chmod [permissions] [file/directory]

Change ownership to "newuser": chown newuser /var/www/myfile.txt

Change permissions to read and write for the owner: chmod u+rw /var/www/myfile.txt

How are Kubernetes clusters created?

A Kubernetes (K8s) cluster can be created using a variety of tools, including:

  • Minikube

    An open-source tool that can be used to create a simple cluster with one worker node. It's compatible with Linux, Mac, and Windows.

  • Kubeadm

    A tool that can be used to create a cluster that meets best practices and passes Kubernetes Conformance tests. It can also be used for other cluster lifecycle functions, like bootstrap tokens and cluster upgrades.

  • Kubectl

    A command-line tool that can be used to communicate with a Kubernetes cluster's control plane.

  • Helm

    A tool that can be used to create and deploy resources

What is Kubernetes Ingress, and how do we access applications deployed on-premises?

A Kubernetes object that manages external HTTP/HTTPS access to services within a cluster, typically via URL routing or host-based routing. To access on-prem applications:

  • Use an Ingress Controller (e.g., NGINX).

  • Combine with DNS + reverse proxy or use VPN/Direct Connect for network access.

What is the port range for NodePort in Kubernetes?

The default NodePort range is 30000–32767.

How to delete log files >50MB and older than 30 days?

find /var/log -type f -size +50M -mtime +30 -delete

How did you reduce deployment cost by 40%?

• Migrated workloads to EKS with auto-scaling

• Used Spot instances

• Implemented CI/CD to reduce idle compute

• Optimized Docker images

• Reduced unused infrastructure with Terraform cleanup

• Used S3 lifecycle policies

How do you uncommit the changes that have already been pushed to GitHub?

You can revert the commit history by using git revert or git reset:

  • git revert <commit>This creates a new commit that undoes the changes in a previous commit.

  • git reset --hard <commit>This will reset the current branch to the specified commit, discarding any commits made after it. You'll need to push the changes with git push --force.

Note: Be cautious when using git reset --hard, especially with git push --force, as it rewrites history and can cause issues for other collaborators.

How do you debug the exited container?

You can debug an existing container by using the docker start -ai <container_id> command, which starts the container interactively and attaches your terminal to it. You can then inspect logs, check configurations, or run debugging commands within the container.

The main ways an application communicates with the outside world

🔹 1. Public IP or DNS

🔹 2. Load Balancer

  • Routes external traffic to internal services (e.g., AWS ELB)

🔹 3. NAT Gateway

  • Enables outbound internet access for private apps (no public IP)

🔹 4. Reverse Proxy / API Gateway

  • Intercepts requests and forwards them (e.g., Nginx, AWS API Gateway)

🔹 5. Kubernetes Services

  • NodePort, LoadBalancer, and Ingress expose pods to external traffic

🔹 6. Open Ports & Protocols

  • App listens on specific TCP/UDP ports (e.g., 80 for HTTP, 443 for HTTPS)

🔹 7. DNS & Service Discovery

  • Resolves names to IPs; used for locating services

🔹 8. Messaging Queues & Event Systems

  • Communicates via Kafka, RabbitMQ, AWS SQS for async data transfer

🔹 9. CDN / Edge Services

  • Distribute and cache content closer to users (e.g., CloudFront)

How do you execute jobs in parallel in Jenkins?

Jobs can be executed in parallel in Jenkins by using the "Parallel" step in Jenkins Pipeline or by configuring concurrent builds in the job configuration.

Maven Lifecycle

Maven is a build management tool. It uses a simple pom.xml to configure all the dependencies needed to build, test, and run the code. Maven manages the full lifecycle of a test project. Once integrated with Jenkins, the Maven Webdriver will build the project and execute all tests efficiently.

Maven is a build automation tool for Java projects, managing dependencies, builds, and plugins using the POM (Project Object Model) file

Maven defines a standard build lifecycle consisting of phases like clean, validate, compile, test, package, install, and deploy, among others. These phases define the order in which goals are executed.

Have you worked on Maven scripts?

Yes, I have experience working with Maven and writing Maven scripts for building, testing, packaging, and deploying Java applications. Maven is a popular build automation tool used for managing dependencies, building projects, and generating project documentation.

About pom.xml:

* pom.xml The Project Object Model file is used by Maven to configure and manage a project. It contains project information such as dependencies, build settings, plugins, and profiles. The pom.xml The file defines the structure and behavior of the Maven project and is located in the project's root directory.

Your team wants a Grafana dashboard to visualize the HTTP request latency of your applications running in EKS. How would you achieve this?

To visualize HTTP request latency in Grafana:

  1. Use Prometheus to scrape metrics from your EKS cluster.

  2. Set up Grafana to connect to Prometheus as a data source.

  3. Create a dashboard in Grafana with a query like:

     prometheusCopy codehttp_request_duration_seconds_bucket{job="nginx", status="2xx"}

This will show latency metrics, which can be graphed in Grafana.

How do you upgrade Jenkins?

Jenkins can be upgraded by downloading the latest version from the Jenkins website and following the upgrade instructions provided in the documentation.

🔸What is UPSTREAM?

In NGINX, UPSTREAM defines a Group of Servers. It is mostly used for load balancing and Reverse Proxying

How would you set up Prometheus to monitor a custom application you've developed?

Install Prometheus: Install Prometheus on your server or Kubernetes cluster.

Expose Metrics: Add a metrics endpoint in your custom application. This endpoint should expose metrics in the Prometheus format (usually /metrics).

Configure Prometheus Scraping: Modify the Prometheus configuration file (prometheus.yml) to include your application’s endpoint as a scrape target.

Run Prometheus: Start Prometheus, and it will begin scraping metrics from your custom application. Visualize with Grafana:

Set up Grafana to visualize the Prometheus data, creating dashboards for custom application metrics.

How do you configure Prometheus?

To configure Prometheus, I edit the prometheus.yml file where I define scrape_configs.
In this file, I add targets like node_exporter, applications, or Kubernetes pods, and then restart Prometheus so it loads the new configuration.

How do you create a Grafana dashboard?

In Grafana, I go to Dashboards → New Dashboard → Add Panel.
Then I select a data source (Prometheus), write a PromQL query, and save the dashboard

How do you create multiple dashboards?

To create multiple dashboards, I simply repeat the process — Dashboards → New Dashboard.
Each dashboard can have its own set of panels and queries

How do you create multiple graphs in a single dashboard?

I add multiple panels inside the same dashboard.
Each panel can show a different metric and PromQL query.

How do you search things in Grafana?

Grafana has a search bar where I can search for dashboards, panels, folders, alerts, or data sources.
I can also filter dashboards by name, tags, or owners

What is PromQL?

PromQL (Prometheus Query Language) is the language used in Prometheus to query and filter metrics.
It helps you extract time-series data, apply filters, do aggregations, and build graphs or alerts.

🚀 How a Kubernetes Cluster is Monitored Using Prometheus and Grafana

🧠 1️⃣ Prometheus — Data Collection Layer

  • Prometheus is the main monitoring tool that collects and stores metrics from your Kubernetes cluster.

  • It works by scraping metrics endpoints (usually /metrics endpoints exposed by components).

  • It gathers metrics from:

    • Kubelet (node-level metrics)

    • API Server

    • kube-state-metrics (for object-level metrics like Pods, Deployments, etc.)

    • cAdvisor (for container-level metrics like CPU, memory)

    • Node Exporter (for system-level metrics)

    • Application metrics (if instrumented)

⚙️ 2️⃣ Grafana — Visualization Layer

  • Grafana connects to Prometheus as a data source.

  • It provides beautiful dashboards and visualizations of cluster health, performance, and resource usage.

  • You can monitor:

    • Node health and utilization

    • Pod CPU & memory usage

    • Cluster-wide resource consumption

    • Network traffic

    • Application-specific metrics

🔗 3️⃣ How They Work Together (Flow)

  1. Prometheus scrapes metrics from Kubernetes components and pods.

  2. Prometheus stores this time-series data in its internal database.

  3. Grafana queries Prometheus to visualize data using dashboards.

  4. You can set alerts in Prometheus or Grafana Alerting to trigger notifications (e.g., Slack, email) when thresholds are crossed.

📊 Example Metrics You Can Monitor

ComponentMetric ExampleDescription
Nodenode_cpu_usage_seconds_totalCPU usage per node
Podcontainer_memory_usage_bytesPod memory usage
Clusterkube_pod_status_phasePod running/pending status
ApplicationCustom metrics (e.g., requests/sec)App performance metrics

🧠 Summary

In Kubernetes, we use Prometheus and Grafana for cluster monitoring. Prometheus scrapes metrics from Kubernetes components like the API server, kubelet, and cAdvisor, and stores them as time-series data. Grafana connects to Prometheus as a data source to visualize these metrics on dashboards. We can monitor pod health, node performance, and cluster utilization, and configure alerts for any performance degradation.

How would you configure a Grafana alert to notify you when the CPU utilization of a specific EC2 instance exceeds 90%?

Create a Dashboard: First, create a Grafana dashboard that shows the CPU utilization for the specific EC2 instance using CloudWatch metrics.

Add Alert: In the panel, click on the "Alert" tab and configure the alert condition to trigger when CPU utilization exceeds 90%.

Configure Notification Channel: Set up a notification channel (email, Slack, etc.) to send the alert.

Set Alert Thresholds: Define the threshold for the alert as 90% and configure the frequency of the alert checks.

What is called a Parameterised Job in Jenkins?

A Parameterised Job in Jenkins is a job that accepts parameters when it is triggered. These parameters can be used to customize the job's behavior or configuration.

What is a Docker Swarm?

Docker Swarm is Docker's native clustering and orchestration tool. It allows you to create and manage a cluster of Docker nodes and deploy services across the cluster. Docker Swarm enables the scaling of applications, load balancing, and high availability.

What is the difference between Docker Swarm and Kubernetes?

Docker Swarm is a simpler and less feature-rich orchestration tool compared to Kubernetes. It is suitable for small to medium-sized deployments, while Kubernetes is more scalable and suitable for complex, large-scale deployments.

How do you provide AWS access based on employee timing (e.g., 10 AM–5 PM, 6 PM–2 AM)?

Use Lambda with CloudWatch Events to attach/detach IAM policies based on time. Alternatively, create IAM access keys and disable/enable them using scheduled Lambda functions to enforce time-based access.

How do you handle codes in Nexus satisfactorily?

Nexus is a repository manager that can be used to store and manage artifacts like JAR files, WAR files, and Docker images. You can handle code in Nexus by uploading artifacts to the repository and managing them using Nexus's web interface or API.

What is the default port number for DynamoDB?

For local development, DynamoDB uses port 8000. In AWS, it's accessed over HTTPS without needing to specify a port.

How do you pull artifacts from Nexus?

Artifacts can be pulled from Nexus using tools like Maven, Gradle, or Docker, which are configured to resolve dependencies from the Nexus repository.

How do you manage space issues in the Jenkins server?

Space issues in Jenkins can be managed by regularly cleaning up old build artifacts, configuring build retention policies, and monitoring disk usage.

What is called a multibranch project in the Jenkins server?

A multi-branch project in Jenkins is a project type that automatically creates Jenkins jobs for each branch in a repository. It scans the repository for branches and creates jobs for them, allowing you to build and test each branch independently.

How do you secure the Jenkins server?

Jenkins servers can be secured by enabling authentication, configuring authorization, using HTTPS for communication, restricting access to sensitive information, and regularly applying security updates.

Can you explain Jenkins’ master-slave architecture? How would you add jobs for slaves?

  • Jenkins Master-Slave Architecture:

    • Master: Manages the Jenkins environment, schedules jobs, and monitors slaves.

    • Slave: Executes jobs assigned by the master. Slaves can run on different machines or environments.

  • Adding Jobs for Slaves:

    1. Configure the slave node in Jenkins (Manage Jenkins → Manage Nodes and Clouds → New Node).

    2. Assign labels to the slave (e.g., linux, windows).

    3. In the job configuration, restrict the job to run on specific slaves using the label (e.g., Restrict where this project can run).

How do you run jobs on specific Jenkins slaves, and what if I have 70 slaves?

  • Use labels to assign jobs to specific slaves. For example:

    • Assign a label linux-slave to a group of slaves.

    • Configure the job to run on nodes with that label.

  • For 70 slaves:

    • Group slaves by purpose or environment using labels (e.g., dev, prod, linux, windows).

    • Use dynamic provisioning (e.g., Kubernetes or cloud plugins) to manage a large number of slaves efficiently.

How do you manage GitHub roles?

GitHub roles can be managed by assigning appropriate permissions to users or teams within a GitHub organization. This can be done using the GitHub web interface or API.

What is called a NULL resource in Terraform?

In Terraform, a null resource is a placeholder resource that does nothing but can be used to trigger actions or execute provisioners based on changes in other resources.

What is called terraform fmt?

terraform fmt is a command in Terraform used to format Terraform configuration files according to a standard style.

What is called Snowball?

Snowball is a service provided by AWS that allows you to transfer large amounts of data to and from the AWS cloud using physical storage devices.

How do you manage credentials in Terraform?

Credentials in Terraform can be managed using environment variables, CLI flags, or by configuring providers to use IAM roles or access keys stored securely.

What is called Code Deploy in AWS?

AWS CodeDeploy is a service that automates code deployments to EC2 instances, on-premises servers, Lambda functions, and other compute services.

Can you attach a single EBS volume to multiple EC2 instances at the same time?

No, a single EBS volume can only be attached to one EC2 instance at a time.

Can you use Multiple FROM in a Dockerfile?

No, you can only have one FROM instruction in a Dockerfile. It defines the base image for the subsequent instructions.

DockerFile runs as which user?

By default, commands in a Dockerfile are executed as the root user.

How can we pass an argument to Dockerfile?

Arguments can be passed to a Dockerfile using the --build-arg flag when running docker build command.

What are deployment strategies?

Deployment strategies are techniques used to release new versions of software while minimizing downtime and risk. Examples include blue-green deployment, canary deployment, rolling updates, etc.

What is called an application load balancer?

ALB operates at the application layer (Layer 7) of the OSI model, making routing decisions based on content, such as HTTP/HTTPS requests. It supports advanced features like content-based routing, host-based routing, and containerized applications.

Do LoadBalancers work in on-premises setups?

Not natively. For on-premises Kubernetes, use MetalLB, HAProxy, or NGINX as a LoadBalancer alternative.

What is Kubernetes architecture?

Kubernetes architecture consists of a master node that controls the cluster and worker nodes where containers are deployed. It includes components like the API server, scheduler, controller manager, and etcd for state management.

What is called the Fargate service in AWS?

AWS Fargate is a serverless compute engine for containers that allows you to run containers without managing the underlying infrastructure.

What are Register targets in Ansible?

Register targets in Ansible are variables that store the output of a task or command for later use in the playbook.

How to access the S3 bucket privately?

S3 buckets can be accessed privately by configuring bucket policies, IAM policies, or access control lists (ACLs) to restrict access to specific users or roles.

What is the difference between a NAT instance and a NAT Gateway?

A NAT instance is an EC2 instance configured to forward traffic from instances in a private subnet to the internet. A NAT Gateway is a managed service provided by AWS that performs the same function but is highly available and scalable.

How can you restrict particular IPs from accessing EC2 instances?

You can restrict access to EC2 instances by configuring security groups or network access control lists (NACLs) to allow traffic only from specific IP addresses or ranges.

What is VPC Peering and how does it work?

VPC Peering connects two VPCs privately using the AWS backbone.

  • No internet needed.

  • Route tables must be updated.

  • CIDR ranges must not overlap.

VPC peering enables you to connect VPCs across different AWS regions

What is called a Transit Gateway?

Gateway: A Gateway is a network device that connects different networks. For example, an Amazon VPC (Virtual Private Cloud) can be connected to an on-premises network using an AWS VPN Gateway.

A Transit Gateway is a service in AWS that allows you to connect multiple VPCs and on-premises networks together in a hub-and-spoke model.

How do we connect services deployed in the cloud to on-premise systems?

Answer:

  • VPN, AWS Direct Connect

  • Hybrid DNS

  • API Gateway with VPC Link

  • PrivateLink or proxy servers

⚙️ Challenges Faced While Implementing DevOps

Tool Integration Complexity:
Integrating multiple DevOps tools such as Jenkins, Docker, Kubernetes, Git, and Terraform can be challenging, requiring expertise in configuring and maintaining seamless workflows.

Pipeline Failures and Maintenance:
Continuous Integration and Continuous Deployment (CI/CD) pipelines often fail due to incorrect configurations, missing dependencies, or version mismatches, demanding frequent troubleshooting and maintenance.

Environment Consistency:
Maintaining consistent environments across development, testing, and production can be difficult, leading to deployment issues when configurations differ between environments.

Security and Secrets Management:
Protecting sensitive data such as API keys, credentials, and tokens is critical. Mismanagement of secrets can expose the system to vulnerabilities and breaches.

Monitoring and Observability:
Setting up efficient monitoring and log management using tools like Prometheus, Grafana, or ELK Stack requires effort and continuous tuning to detect and respond to issues promptly.

Scaling and Infrastructure Management:
Managing scalability, auto-scaling configurations, and infrastructure performance across multiple environments can become complex as applications grow.

Configuration Drift:
Manual changes made in production that are not reflected in code repositories cause discrepancies between environments, leading to instability and errors.

Collaboration and Culture Shift:
Adopting DevOps requires strong collaboration between development and operations teams. Resistance to cultural change and lack of communication often slow down adoption.

Dependency and Version Management:
Applications using multiple libraries or microservices can face compatibility and versioning issues, causing build or runtime failures

⚙️ Challenges we face while using AWS

  1. Service Complexity: AWS offers a vast array of services, and navigating them can be overwhelming, requiring a good understanding of each service's capabilities and use cases.

  2. Cost Management: Managing AWS costs effectively requires careful monitoring and optimization to avoid unexpected bills and overspending.

  3. Security and Compliance: Ensuring the security and compliance of AWS environments involves managing access controls, encryption, and compliance requirements effectively.

  4. Networking Challenges: Setting up and managing network configurations, VPCs, and connectivity options can be complex, particularly in multi-region or hybrid cloud environments.

  5. Performance Optimization: Optimizing the performance of AWS resources requires understanding and tuning configurations to meet the demands of high-traffic or resource-intensive applications.

  6. Resilience and Disaster Recovery: Designing resilient architectures and implementing backup and disaster recovery mechanisms are crucial but challenging tasks.

  7. CI/CD Implementation: Setting up CI/CD pipelines for automated software delivery requires integrating different AWS services and managing deployment workflows effectively.

  8. Monitoring and Troubleshooting: Monitoring AWS resources, analyzing logs, and diagnosing issues in real-time are essential tasks that require configuring monitoring tools and analyzing data effectively.

What are the types of autoscaling?

The types of autoscaling in AWS include:

Horizontal autoscaling: This means increasing the number of instances/systems for your application. Ex: AWS Auto Scaling Groups.

Vertical autoscaling: Increasing the system resources like CPU, RAM, Storage, etc. Ex: AWS instance size t2. micro to t2. large.

Scheduled autoscaling: Scaling based on predefined schedules.

Predictive autoscaling: Scaling based on predicted load patterns.

To prevent DDOS attacks, which load balancer is used?

To prevent DDoS attacks, AWS offers the AWS Shield service, which protects against DDoS attacks at the network and application layers. Application Load Balancers (ALB) and Network Load Balancers (NLB) can be configured with AWS Shield for additional protection.

What is called a sticky session?

A sticky session, also known as session affinity, is a feature of load balancers that ensures that requests from the same client are always routed to the same backend server. This is useful for applications that store session state on the server side.

What is called Lambda?

AWS Lambda is a serverless computing service through which you can run your code without provisioning any servers.

It only runs your code when needed and also scales automatically when the request count increases. It supports various programming languages and can be triggered by events from other AWS services or custom sources.

How do you manage the tfstate file in Terraform?

The tfstate file in Terraform contains the state of your infrastructure. It should be stored securely and managed using a remote backend like Amazon S3 or HashiCorp Consul. This ensures that the state is accessible to all members of your team and is not lost if a local copy is destroyed.

How do you create multiple EC2 instances in Terraform?

Multiple EC2 instances can be created in Terraform by defining multiple resource blocks with the aws_instance type, each specifying the desired configuration for an instance.

AWS has released a new service. How does Terraform behave?

Terraform typically releases updates to support new AWS services shortly after they are released. Users can check the Terraform documentation or the Terraform AWS provider release notes for information on when support for new services is added.

What is the difference between git pull and git fetch?

git pull fetches changes from a remote repository and merges them into the current branch, while git fetch only fetches changes from the remote repository but does not merge them. This allows you to inspect the changes before merging them into your local branch.

What is called Jenkins File?

A Jenkinsfile is a text file that contains the definition of a Jenkins Pipeline. It is written in Groovy syntax and defines the steps to be executed in the pipeline, including building, testing, and deploying software.

What are called Shared Libraries in Jenkins?

Shared Libraries in Jenkins are reusable scripts or Groovy code that can be shared across multiple Jenkins pipelines. They allow you to define common functions, steps, or variables that can be used in various pipelines to promote code reuse and maintainability.

What is Docker networking?

Docker networking refers to the networking capabilities of Docker containers, including creating virtual networks, connecting containers to networks, and exposing ports to allow communication between containers or between containers and the host system.

Types of Docker Networking

  1. BridgeDefault network; containers communicate on the same host

  2. Host – Container shares host’s network stack

  3. None – No networking for the container

  4. Overlay – Communication across multiple Docker hosts (Swarm)

  5. Macvlan – Container gets its own IP on the physical network

What is called a Trust relationship in AWS?

A trust relationship in AWS defines which entities are trusted to assume roles within an AWS account. It specifies the trusted entities (such as other AWS accounts or IAM users) and the permissions they are granted when assuming the role.

What are public and private subnets?

  1. Public Subnet: A public subnet is a network segment in which AWS resources (like EC2 instances) can have direct access to the Internet, typically through an Internet Gateway (IGW).

  2. Private Subnet: A private subnet is a network segment where resources are isolated from direct internet access, often used for databases or backend services, with communication routed through a NAT Gateway or VPN.

How do you establish a connection between EC2 instances?

You can establish a connection between EC2 instances by using SSH (for Linux instances) or RDP (for Windows instances) to connect directly to the instance over the internet or through a private network if the instances are in the same VPC.

What is the realm command?

The realm command is a command-line interface (CLI) tool used to interact with Keycloak, an open-source identity and access management (IAM) solution. It allows you to manage realms, users, roles, and other aspects of the Keycloak server from the command line.

How do you differentiate between an AWS account's dev env, test env, and prod env?

You can differentiate between development (dev), testing (test), and production (prod) environments in AWS by using separate AWS accounts, separate VPCs within the same account, or by using tags and naming conventions to distinguish resources belonging to each environment.

Types of EC2 Instances?

AWS offers a variety of EC2 instance types optimized for different use cases, including general-purpose, compute-optimized, memory-optimized, storage-optimized, and GPU instances, among others.

How can you encrypt the already created unencrypted EBS without creating a fresh EC2 instance?

You can encrypt an unencrypted EBS volume without creating a fresh EC2 instance by taking a snapshot of the unencrypted volume, creating a new encrypted volume from the snapshot, and attaching it to the instance as a replacement for the unencrypted volume.

How do you install Nginx in the Ansible playbook?

You can install Nginx in an Ansible playbook by using the apt or yum module to install the Nginx package and a service module to ensure that the Nginx service is running.

How do you recover the deleted object in S3?

Deleted objects in S3 can be recovered if versioning is enabled on the bucket. You can restore a deleted object by using the AWS Management Console, AWS CLI, or SDK to initiate a restore operation on the object's version.

How do you route the data only to one EC2 instance when an application load balancer has 5 servers connected?

You can route data to only one EC2 instance behind an Application Load Balancer (ALB) by configuring session stickiness or by using a target group with a single target (the desired instance) and associating it with the ALB listener.

What is called “FROM SCRATCH” in Docker?

FROM SCRATCH It is a special instruction in a Dockerfile that indicates the base image for building a new Docker image. It essentially starts from an empty filesystem, without any pre-existing layers.

Can we run the container inside the container?

Yes, it's possible to run a Docker container within another Docker container, though it's generally not recommended due to security and performance concerns. This technique is often used in specific scenarios like testing or debugging.

Can we use Ansible to create infrastructure in AWS?

Yes, Ansible can be used to create and manage infrastructure in AWS. Ansible provides AWS modules that allow you to provision resources such as EC2 instances, VPCs, security groups, and more.

What is called EC2 auto recovery?

EC2 Auto Recovery is a feature provided by AWS that automatically recovers an EC2 instance if it becomes impaired due to an underlying hardware failure. It preserves the instance's instance ID, private IP addresses, Elastic IP addresses, and all instance metadata.

What is called Persistent Storage in Docker?

Persistent storage in Docker refers to storage that persists even after a container is stopped or deleted. This can be achieved by using Docker volumes or bind mounts to mount directories from the host filesystem into the container.

What happens when you delete /var/lib/docker/overlay?

Deleting the /var/lib/docker/overlay a directory would likely corrupt Docker's internal state, as it contains important files related to Docker's overlay filesystem, used for managing container filesystems and layers. It's not recommended to manually delete this directory.

What are called regular expressions in Linux?

Regular expressions (regex) in Linux are patterns used for matching strings or text data. They are powerful tools for searching, manipulating, and validating text based on specific patterns or rules.

What is DynamoDB?

DynamoDB is a fully managed NoSQL database service provided by AWS. It offers seamless scalability, high availability, and low latency for applications requiring fast and predictable performance at any scale.

How do you push the image to DockerHub?

To push a Docker image to DockerHub, you first tag the image using your DockerHub username and repository name, then use the docker push command followed by the tagged image name. For example:

docker tag my_image my_username/my_repository
docker push my_username/my_repository

Why do you change the name of the image using the tag command in Docker?

You change the name of the image using the tag command in Docker to associate the image with a specific repository on DockerHub or another Docker registry. This allows you to push the image to the registry and pull it from other hosts.

How do you authorize data to the Application Load Balancer?

Data is authorized to an Application Load Balancer (ALB) by configuring security groups and network ACLs to allow traffic from specific sources to reach the ALB's listener ports. Additionally, you can configure AWS IAM policies to control access to the ALB's APIs and resources.

What is called an Event Handler in Lambda?

An event handler in AWS Lambda is a function that is executed in response to an event. It defines the code that Lambda should run when a specific event occurs, such as an HTTP request, S3 upload, DynamoDB update, etc.

What is the difference between CMD and Entrypoint in Docker?

CMD is an instruction in a Dockerfile that specifies the default command to run when a container starts, which can be overridden at runtime. Entrypoint is similar but defines the executable that will run when the container starts, with any specified arguments passed to it as arguments to the container.

What is CloudFormation?

AWS CloudFormation is a service that allows you to define and provision infrastructure as code, enabling you to create, update, and manage AWS resources in a declarative and automated way using JSON or YAML templates. You can spend less time managing resources and more time focusing on your applications.

How do you change the name of an instance in a Terraform file without destroying it?

In Terraform, you can change the name of an instance without destroying it by modifying the name attribute of the instance resource in your Terraform configuration file and then applying the changes using terraform apply.

How does Ansible execute the jobs?

Ansible executes jobs by connecting to remote hosts via SSH (by default) and running tasks defined in playbooks or ad-hoc commands. It utilizes modules on the remote hosts to perform tasks, collect results, and report back to the control node.

How to connect the on-premise data center to AWS?

You can connect an on-premise data center to AWS using various methods such as VPN (Virtual Private Network), Direct Connect, or AWS VPN CloudHub. These methods establish a secure and private connection between your on-premise network and your AWS VPC.

What is a GIT tag?

A Git tag is a reference to a specific commit in a Git repository. Tags are typically used to mark releases or significant points in the project history, allowing you to easily reference and checkout specific versions of the codebase.

What is DevOps?

DevOps is a software development methodology that improves the collaboration between developers and operations teams using various automation tools. These automation tools are implemented using various stages which are a part of the DevOps Lifecycle. DevOps is a culture that improves the organization's ability to deliver the application

Why do we need DevOps?

DevOps helps organizations deliver software more quickly, reliably, and efficiently by breaking down silos between development and operations teams, automating manual processes, improving collaboration, and promoting a culture of continuous improvement. It enables faster time to market, higher-quality software, and increased responsiveness to customer feedback.

How do you configure the job in Jenkins?

To configure a job in Jenkins, you typically:

Click on "New Item" on the Jenkins dashboard.

Enter a name for the job and select the type of job (e.g., Freestyle project, Pipeline).

Configure the job settings such as source code management, build triggers, build steps, post-build actions, etc.

Save the configuration.

What are the roles you played on your laptop?

This question seems a bit broad. Typically, roles played on a laptop could include software development, system administration, content creation, communication, and entertainment.

How do you configure Ansible in Jenkins?

To configure Ansible in Jenkins, you would typically:

  • Install the Ansible plugin in Jenkins.

  • Configure Jenkins to have access to your Ansible playbooks and inventory files.

  • Create a new Jenkins job and configure it to execute an Ansible playbook as a build step.

  • Specify the playbook path and any required options.

  • Save the job configuration.

What are Apache Ant, Gradle, and Apache Tomcat

Apache Ant is a Java-based build tool that automates the process of building and deploying applications. It is an open-source software that uses XML configuration files build.xmlto define the tasks needed to compile, test, and package Java applications.

Key features of Apache Ant:

  • It is highly customizable and allows developers to create custom-built tasks.

  • Unlike Gradle and Maven, Ant does not follow a convention-over-configuration approach, meaning developers define all build processes explicitly.

  • Ant is widely used in older Java projects but can also be used for other tasks like deploying applications, packaging, and managing dependencies.

Gradle is an open-source build automation tool used for compiling, testing, and packaging software. It is highly flexible and supports multiple programming languages, but it's especially popular for Java projects. Gradle uses a domain-specific language (DSL) based on Groovy to define build scripts, and it is often used as an alternative to Maven due to its speed and customizability.

Apache Tomcat is an open-source, Java-based web server and servlet container that serves Java applications. It is primarily used to run Java Servlets and JavaServer Pages (JSP), making it a popular choice for deploying Java-based web applications.

Git workflow?

Git workflow refers to a set of guidelines and practices for using Git to manage code changes collaboratively. Common Git workflows include Centralized Workflow, Feature Branch Workflow, Gitflow Workflow, and Forking Workflow. Each workflow defines rules for branching, merging, and releasing code changes.

Maven lifecycle?

Maven defines a standard build lifecycle consisting of phases like validate, compile, test, package, install, and deploy, among others. Each phase represents a different stage in the software development lifecycle, and Maven plugins are bound to these phases to perform specific tasks.

How do you integrate SonarQube in Jenkins?

To integrate SonarQube in Jenkins, you would typically:

Install the SonarQube Scanner plugin in Jenkins.

  • Configure Jenkins to have access to your SonarQube server.

  • Add a SonarQube scanner build step to your Jenkins job configuration, specifying the required options such as the SonarQube server URL, authentication credentials, and project key.

  • Run the Jenkins job, and the SonarQube scanner will analyze the code and send the results to the SonarQube server for review.

How do you configure the bucket?

  • Configuring an S3 bucket in AWS involves several steps:

    • Log in to the AWS Management Console and navigate to the S3 service.

    • Click on "Create bucket" and follow the prompts to configure the bucket name, region, and other settings.

    • Configure permissions for the bucket using bucket policies, Access Control Lists (ACLs), or IAM policies.

    • Optionally, configure features such as versioning, server access logging, encryption, and lifecycle policies according to your requirements.

    • Once configured, you can upload objects to the bucket and manage its settings through the S3 console or AWS CLI.

Differences between git rebase and git merge?

    • git merge integrates changes from one branch into another, creating a new merge commit that combines the histories of both branches. It maintains a linear history but can result in merge commits cluttering the history.

      • git rebase moves the commits from one branch to another, replaying them on top of the target branch's commits. It creates a cleaner, linear history without merge commits but can rewrite history and should be used with caution, especially in shared branches.

What is git init?

git init It is a command used to initialize a new Git repository in the current directory or in a specified directory. It creates a new .git directory that stores Git metadata, including the repository's configuration, object database, and references to branches and commits.

What is a git clone?

git clone is a command used to create a copy of an existing Git repository, including all of its files, branches, and commit history. It fetches the contents of the repository from a remote location (usually another Git repository) and sets up a local repository on the user's machine.

If a file is suddenly deleted in git, how do you get it back?

If a file is accidentally deleted in a Git repository, you can restore it from a previous commit using the git checkout command:

    •         git checkout <commit_hash> -- path/to/deleted/file

      Replace <commit_hash> With the hash of a commit where the file still exists, and path/to/deleted/file with the path to the deleted file. This will restore the file to its state at that commit. Alternatively, if the file was deleted in the most recent commit, you can use:

         git checkout HEAD -- path/to/deleted/file

      This will restore the file from the most recent commit in the current branch.

What is the purpose of Docker?

  • Docker is a platform for developing, shipping, and running applications using containerization technology. Its main purposes include:

    • Providing a consistent environment for developers, enabling them to package their applications and dependencies into portable containers.

    • Facilitating the deployment of applications across different environments, from development to production, with minimal differences and dependencies.

    • Improving resource utilization by running lightweight, isolated containers on a shared host operating system.

    • Enabling scalability and agility in software development and deployment processes.

You have 10 EC2 instances and need to apply the same configuration to all. What are the ways to do it?

We can use multiple approaches depending on scale and automation needs:

  1. Ansible – Push configurations to all EC2 instances using inventory (agentless).

  2. AWS Systems Manager (SSM) – Run commands or apply configurations without SSH access.

  3. User Data / AMI – Pre-configure instances at launch time.

  4. Shell script with SSH – Manual approach for small setups.

  5. Configuration management tools – Chef, Puppet, or SaltStack.

  6. Auto Scaling with Launch Templates – Ensures consistency for newly created instances.

In Jenkins, how can you find log files?

    • In Jenkins, you can find log files for build jobs and the Jenkins server itself:

      • For build jobs: Navigate to the specific job's page on the Jenkins dashboard, click on a specific build number, and then click on "Console Output" to view the build log.

      • For Jenkins server logs: Depending on how Jenkins is installed, logs can typically be found in the Jenkins home directory, often under a directory named logs or similar. Common log files include jenkins.log general server logs and access_log for access logs.

How is Ansible deployed in Jenkins?

    • Ansible can be used to automate deployment tasks in Jenkins by integrating Ansible playbooks or roles into Jenkins jobs:

      • Install Ansible on the Jenkins server or on a machine accessible to Jenkins.

      • Write Ansible playbooks or roles to define the deployment tasks, such as copying files to remote servers, restarting services, etc.

      • Create a Jenkins job and configure it to execute the Ansible playbook or role as a build step.

      • Specify any required parameters or options in the Jenkins job configuration.

      • Run the Jenkins job to trigger the deployment process using Ansible.

What is the use of Ansible?

    • Ansible is an open-source automation tool used for configuration management, application deployment, and orchestration. Its main uses include:

      • Automating repetitive tasks such as software installation, configuration, and updates across multiple servers.

      • Enforcing consistent configurations and policies across IT infrastructure, improving reliability and security.

      • Streamlining application deployment processes by automating tasks such as code deployment, server provisioning, and environment setup.

      • Orchestration of complex workflows and interactions between different systems and services.

What is configuration management?

  1. Configuration management is the process of systematically managing changes to an organization's IT infrastructure, ensuring that systems and software configurations are consistent, compliant, and up-to-date. Its main objectives include:

      • Maintaining consistency and integrity across IT environments by documenting and managing configuration items (CIs) such as servers, software, and network devices.

        * Enabling efficient management of changes, updates, and deployments through automation and standardized processes.

        * Improving visibility and control over IT assets and configurations, facilitating troubleshooting, auditing, and compliance efforts.

        * Supporting scalability and agility in IT operations by enabling rapid provisioning, configuration, and decommissioning of resources.

In the Ubuntu server, what are public and private keys?

    • In the Ubuntu server, a public key and a private key are components of asymmetric cryptography used for secure communication and authentication.

      • A public key is shared freely and used to encrypt data or verify signatures. It can be shared with anyone.

      • A private key is kept secret and used to decrypt data or create signatures. It must be kept secure and should not be shared with anyone.

Difference between SVN and GIT:

    • Centralized vs. Distributed: SVN (Subversion) is a centralized version control system, meaning it has a single repository that serves as the central source of truth. Git, on the other hand, is distributed, meaning every developer has a complete copy of the repository, including its full history.

      • Branching and Merging: SVN uses a branching model where branches are heavy and long-lived. Git encourages lightweight branching and merging due to its distributed nature, making branching and merging faster and easier.

      • Performance: Git is generally faster than SVN, especially for operations like branching, merging, and committing, due to its distributed architecture.

      • Workflow: SVN follows a lock-modify-unlock model for file versioning, while Git uses a copy-modify-merge model. This makes Git more flexible for concurrent development and reduces the likelihood of conflicts.

      • Repository Size: Git repositories tend to be smaller in size compared to SVN repositories due to Git's efficient storage mechanism.

What version control tools are used in the present market?

    • In addition to Git and SVN, other popular version control tools in the market include:

      • Mercurial

      • Perforce

      • Microsoft Team Foundation Version Control (TFVC)

      • CVS (Concurrent Versions System)

  2. Git commit:

* git commit is a command used to save changes to the local repository. It creates a new commit containing the changes staged for commit, along with a commit message describing the changes.

Git push and fetch:

* git push is used to upload local repository content to a remote repository, typically hosted on a platform like GitHub or Bitbucket.

* git fetch is used to retrieve changes from a remote repository and store them in the local repository without modifying the working directory. It updates the remote tracking branches.

How to create a repository in GitHub:

* To create a repository on GitHub:

* Log in to your GitHub account.

* Click on the "+" icon in the top-right corner and select "New repository."

* Enter a name for your repository, choose visibility options, and configure other settings as needed.

* Click on "Create repository" to finalize the creation process.

Git Workflow: Local to Remote Repository

Complete end-to-end workflow from local changes to pushing code to a remote repository

Step 1: Clone the Repository (If Not Already Local)

  • Get the remote repo to your local machine:
git clone <repository-URL>
cd <repository-folder>

Step 2: Check Current Branch

git branch
  • Ensures you are on the correct branch (e.g., main or dev).

Step 3: Make Changes Locally

  • Edit or create files in your project folder.

Step 4: Check Status

  • See which files are modified or untracked:
git status

Step 5: Stage Changes

  • Stage specific files:
git add <file-name>
  • Or stage all files:
git add .

Step 6: Commit Changes

  • Commit with a descriptive message:
git commit -m "Add feature X or fix bug Y"

Step 7: Verify Remote Repository

  • Check remote connections:
git remote -v
  • If missing, add remote:
git remote add origin <repository-URL>

Step 8: Push Changes

  • Push local commits to the remote branch:
git push origin <branch-name>
  • Example:
git push origin main

Step 9: Verify in Remote

  • Open GitHub/GitLab/Bitbucket to confirm your commits are updated.

Optional Steps

  • Pull latest changes from remote before pushing to avoid conflicts:
git pull origin <branch-name>
  • Resolve conflicts if any, then stage, commit, and push again.

🧠 Summary

“End-to-end Git workflow starts with cloning the repository locally. I make code changes, check the status, and stage files using git add. Then I commit the changes with a message and push them to the remote repository using git push origin <branch>. Before pushing, I ensure my branch is up to date by pulling remote changes to avoid conflicts.

How to push a file in the GitHub flow:

* After creating a repository on GitHub, you can push files to it using the following steps:

* Initialize a local Git repository in the directory containing the files: git init.

* Add the files to the staging area: git add . (to add all files) or git add <file> (to add specific files).

* Commit the changes: git commit -m "Initial commit".

* Link the local repository to the remote GitHub repository: git remote add origin <repository_url>.

* Push the changes to GitHub: git push -u origin master.

About branching strategies:

* Branching strategies define how code changes are managed and integrated in a version control system. Common branching strategies include:

* Gitflow: A branching model that uses long-lived branches for feature development, releases, and hotfixes.

* GitHub Flow: A simpler branching model where all development happens on the main branch (usually master or main), and feature branches are created for new features.

* Trunk-Based Development: A strategy where all changes are committed directly to the main branch, with short-lived feature branches used sparingly.

Location and configuration file in Ansible:

Ansible's main configuration file is typically located at /etc/ansible/ansible.cfg on the control node. This file can also be located at $HOME/.ansible.cfg for per-user configuration. Additionally, Ansible can be configured to use a custom configuration file using the -c or --config option when running Ansible commands.

What are the modules you have used in Ansible?

* Ansible provides a wide range of modules for automating tasks across various systems and services. Some commonly used modules include:

* shellExecute shell commands on remote hosts.

* copyCopy files to remote hosts.

* template: Render Jinja2 templates on remote hosts.

* apt/yum/pacman: Manage packages on Debian/Ubuntu, RHEL/CentOS, and Arch Linux systems, respectively.

* service/systemd: Manage system services.

* docker_image/docker_container: Manage Docker images and containers.

* lineinfileModify lines in text files on remote hosts.

* gitClone Git repositories on remote hosts.

* uriInteract with REST APIs.

Where did you find an error in Jenkins?

* Errors in Jenkins can be found in various places:

* Console Output: The console output of a Jenkins job contains detailed information about the build process, including any errors encountered.

* Build History: The build history on the Jenkins dashboard shows the status of past builds, including failed builds.

* Jenkins System Logs: System logs for Jenkins are typically located in the Jenkins home directory, often under a directory named logs. Common log files include jenkins.log general server logs and access_log for access logs.

* Notifications: If configured, Jenkins can send email notifications or integrate with messaging platforms like Slack to notify users of build failures.

What is the Jira tool?

Jira is a project management tool used for issue tracking, task management, and project management. It allows teams to plan, track, and manage agile software development projects, as well as other types of projects such as bug tracking, task assignment, and workflow management.

As a DevOps engineer, why do we use the Jira Tool?

DevOps teams use Jira to facilitate collaboration, track issues and tasks, manage project workflows, and streamline software development processes. It helps in organizing and prioritizing work, tracking progress, and ensuring that development, operations, and other teams are aligned toward common goals.

Why do we use a pipeline in Jenkins? Flow?

* Pipelines in Jenkins provide a way to define and automate the software delivery process, from code commit to deployment. They allow for the creation of continuous integration and continuous delivery (CI/CD) workflows, enabling automation of build, test, and deployment tasks. Pipelines ensure consistency, repeatability, and traceability in the software delivery process, leading to faster time-to-market and higher-quality software.

What is Release management due to production?

In DevOps, release management is the process of planning, coordinating, and deploying software releases to production environments. It aims to deliver new features, bug fixes, and enhancements reliably, efficiently, and timely.

chmod 444 <filename.txt>As root user? Change the above permissions to 777.

* To change the permissions of a file named filename.txt to 777:

plaintext shellCopy code# chmod 777 filename.txt

curlwww.google.comis not working and telnetwww.google.comIs it working now?

* curl is a command-line tool for transferring data with URLs. If curlwww.google.com is not working, it could be due to network connectivity issues or firewall restrictions. However, telnetwww.google.com is working because telnet establishes a TCP connection to the specified host and port, bypassing some network restrictions that may affect curl.

I have two instances in public and private subnets, I am pinging from one server to another server and getting any response, but by usingtelnet <ip>On port 23, it’s working now.

If you are able to ping from one server to another,r but telnet on port 23 (telnet service) is not working, it indicates that there may be a firewall or security group rule blocking incoming connections on port 23. You need to check the security group settings for the instance and ensure that port 23 (Telnet) is allowed for incoming connections.

What is SSL? And how does it work internally?

Secure Sockets Layer, is a security protocol that creates an encrypted link between a server and a client, ensuring privacy, authentication, and data integrity for online communications like browsing and transactions.

My web servers are running in private subnets. I want to route my ELB Traffic to web servers in private subnets.

To route ELB (Elastic Load Balancer) traffic to web servers in private subnets, you can set up a target group for your web servers and configure the ELB to forward traffic to the target group. The web servers should be registered with the target group, and the ELB should be configured to route incoming traffic based on the target group's rules.

Why is SG?

Security Groups are fundamental to network security in AWS. It can be attached to many EC2 Instances. Security groups act as virtual firewalls for your instances, controlling inbound and outbound traffic. They can be associated with instances and control their network access. SGs are used to control access to instances based on protocols, ports, and IP addresses, enhancing security and compliance with network access policies.

If we have to install Ubuntu, where do we define the OS while launching the EC2 instance?

* When launching an EC2 instance, the OS can be specified by selecting the appropriate AMI (Amazon Machine Image) that contains the desired Ubuntu version.

What is .pem?

* .pem is a file extension used for certain types of files in Linux and related systems. In AWS, .pem files are used for SSH key pairs to access EC2 instances securely.

If we stop the EC2 instance, will the Private IP change?

No, stopping an EC2 instance retains its private IP address. However, terminating and restarting an instance may result in a change of private IP unless using an Elastic IP.

What is blue/green development?

Blue/green deployment involves maintaining two identical production environments, where one (say blue) serves live traffic while the other (green) receives new code deployments and rigorous testing. Once validated, traffic is switched to the green environment, ensuring minimal downtime and enabling quick rollback if needed.

What is PaaS?

Platform as a Service (PaaS) is a cloud computing service model where a provider delivers a platform to customers, typically including an operating system, programming language execution environment, database, and web server. PaaS facilitates application development, deployment, and management without the complexity of building and maintaining the underlying infrastructure.

What is shell scripting? How do we use the script for Automation?

Shell scripting involves writing scripts (sequences of commands) for the command-line shell of an operating system (like Bash in Unix/Linux) to automate tasks. For automation:

* Identify repetitive tasks suitable for automation.

* Write shell scripts using commands and logic (loops, conditionals).

* Test scripts thoroughly in a controlled environment before deploying in production.

* Use cron jobs or schedulers to run scripts automatically at specified intervals.

What is MySQL? How many ways can we use to take a backup?

MySQL is an open-source relational database management system (RDBMS) that uses SQL (Structured Query Language) to manage databases. There are several ways to take backups in MySQL:

* Logical Backup: Using tools like mysqldump to export SQL statements that can recreate the database structure and data.

* Physical Backup: Copying the MySQL data directory directly, which includes all database files.

* Replication: Using MySQL replication to create backups on a slave server, keeping it synchronized with the master server.

* Backup Tools: Utilizing third-party backup tools and services that integrate with MySQL for automated backups and recovery

How do you execute a shell script within a Python script?

To execute a shell script within a Python script, you can use the subprocess module, which allows you to spawn new processes, connect to their input/output/error pipes, and obtain their return codes.

How do you execute jobs in AWS?

AWS Lambda

  • Purpose: Run serverless code in response to events.

  • Key Steps:

    1. Create a Lambda function.

    2. Deploy via AWS Console, CLI, or Infrastructure as Code.

    3. Invoke manually or set up event triggers (API Gateway, S3, CloudWatch).

AWS Batch

  • Purpose: Run large-scale batch computing jobs.

  • Key Steps:

    1. Create a Compute Environment.

    2. Create a Job Queue.

    3. Define a Job Definition.

    4. Submit jobs via AWS Console or SDK.

AWS Step Functions

  • Purpose: Orchestrate complex workflows by coordinating multiple AWS services.

  • Key Steps:

    1. Define a State Machine.

    2. Deploy the State Machine.

    3. Start execution via AWS Console or SDK

What steps do you take when a build fails in Jenkins?

  • Review the Build Logs: Access and analyze the console output for error messages and stack traces.

  • Identify the Cause: Look for common issues such as code errors, failed tests, or configuration problems.

  • Check Recent Changes: Review recent commits or merges and communicate with team members.

  • Reproduce the Issue Locally: Try to replicate the build failure on your local machine.

  • Verify Jenkins Configuration: Check build scripts and environment variables for errors.

  • Rerun the Build: Retry the build and consider cleaning the workspace.

  • Roll Back Changes: Revert recent changes if they are identified as the cause.

  • Implement a Fix: Make necessary code or configuration updates to resolve the issue.

  • Monitor the Fix: Ensure the issue is resolved and monitor subsequent builds.

  • Document the Issue: Record the cause and resolution for future reference.

    How do you integrate LDAP with AWS and Jenkins?

Integrating LDAP with AWS

  1. Set Up AWS Directory Service: Create a directory using AWS Managed Microsoft AD or Simple AD.

  2. Configure IAM Roles and Policies: Create roles and policies for LDAP users.

  3. Enable AWS IAM Identity Center (if applicable): Integrate your LDAP directory.

  4. Set Up SSO with LDAP: Configure SSO settings for LDAP authentication.

Integrating LDAP with Jenkins

  1. Install LDAP Plugin: Install via "Manage Plugins".

  2. Configure LDAP Plugin: Set LDAP server details and user search parameters in "Configure Global Security".

  3. Test LDAP Connection: Verify settings using "Test LDAP Settings".

  4. Configure Authorization: Set up access control using LDAP groups.

  5. Verify User Authentication: Log in with LDAP credentials to confirm integration.

Networking Concept

What is IP address classification and CIDR?

IP addresses are grouped into classes:

  • Class A: 0.0.0.0 – 127.255.255.255

  • Class B: 128.0.0.0 – 191.255.255.255

  • Class C: 192.0.0.0 – 223.255.255.255

CIDR (Classless Inter-Domain Routing) replaces class-based IPs with flexible notation like 192.168.1.0/24, allowing better IP address allocation.

What is the difference between Elastic IP and Static IP?

  • Elastic IP is AWS-specific: a public IP that you can reassign between instances.

  • Static IP is a generic concept: a fixed IP manually assigned to a device or server.

What is a loopback address?
A loopback address (like 127.0.0.1) is used to test the local system’s network stack. It routes traffic back to the same machine.

How do you divide a large network into smaller segments and what are the benefits of subnetting?
You divide a large network by creating subnets using subnet masks.
Benefits include:

  • Efficient IP allocation

  • Improved security

  • Better performance and traffic isolation

How does the internet work?
The Internet is a global network of networks. Devices communicate using protocols like TCP/IP. DNS resolves domain names to IPs, routers direct traffic, and ISPs connect users to the internet.

Explain the OSI model and give a real-time example of UDP.
The OSI model has 7 layers:

  1. Physical

  2. Data Link

  3. Network

  4. Transport

  5. Session

  6. Presentation

  7. Application

UDP Example: Live streaming or video calls use UDP, where speed is prioritized over reliability.

How do you terminate a TLS certificate?
TLS termination is usually done at a load balancer, reverse proxy, or Ingress controller, where encrypted traffic is decrypted before forwarding to internal services.

What are HTTP status codes?

  • 200 OK: Success

  • 301 Moved Permanently: Redirect

  • 400 Bad Request: Client error

  • 401 Unauthorized: Authentication needed

  • 500 Internal Server Error: Server issue

What is the difference between TCP and UDP? Give real-world examples.

  • TCP is connection-oriented and reliable (e.g., web browsing, emails).

  • UDP is connectionless, faster, but unreliable (e.g., video streaming, VoIP).

What are the different IP address classes?

  • Class A: Large networks (10.0.0.0/8)

  • Class B: Medium (172.16.0.0/12)

  • Class C: Small (192.168.0.0/16)

  • Class D: Multicast

  • Class E: Reserved/experimental

How do you encrypt data in transit?
Use protocols like TLS/SSL, HTTPS, or VPNs to encrypt traffic between client and server.

What is the difference between IPv4 and IPv6?

  • IPv4: 32-bit, e.g., 192.168.0.1

  • IPv6: 128-bit, e.g., 2001:0db8:85a3::8a2e:0370:7334
    IPv6 supports more devices and includes built-in security.

How does DNS work?
DNS translates domain names (e.g., google.com) into IP addresses.
Steps:

  1. Browser queries the DNS resolver

  2. Resolver checks the cache or queries the root/authoritative servers

  3. Returns the IP address to the browser

  4. The browser connects to that IP

If your website is slow, what steps would you take to fix it?

  • Check server CPU/RAM usage

  • Analyze slow database queries

  • Use CDN for static files

  • Optimize frontend (CSS/JS/images)

  • Check application logs for errors

  • Use load balancers or autoscaling if needed

#devops#devops-journey#devopscommunity

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Ashwin's Blog

108 posts