Understanding DevOps
DevOps is a software development methodology that improves collaboration between developers and operations teams by using various automation tools. These tools are implemented using various stages that are part of the DevOps Lifecycle. DevOps is a culture that improves the organization's ability to deliver applications.
OR
DevOps is a mix of various tools and technologies and is purely based on the project. It can have Security Monitoring, Support, Development, chatbots, Tools, AI, etc. (The Development part can include your Java and Node.js)
What are DevOps Benefits?
Improves the Application Quality
Ensure that every action carried out in the software delivery process can be tracked.
Security
Development Speed
Cost-effective lean approach.
Why DevOps?
Faster Software Delivery
Improved Collaboration
Reduced Deployment Failures
Enhanced Quality and Stability
Scalability and Flexibility
Reduced Time to Recovery
Cultural Transformation
Innovation
Cultural Transformation
Alignment with Business Goals
Cost Efficiency
DevOps includes:
CI/CD pipelines
Automated SSL Certificate Rotation
Secret Management (e.g., Vault, SOPS)
Canary Deployments with Progressive Rollouts
Autoscaling with Metrics-Driven Policies
Immutable Infrastructure with Blue-Green Deployments
Debugging with Distributed Tracing
Cluster Autoscaler Tuning for Workload Spikes
Self-Healing Infrastructure (e.g., Health Checks & Restart Policies)
GitOps with Advanced Reconciliation Loops
Service Mesh Implementations (e.g., mTLS, Traffic Shaping)
Operating tools are not DevOps - just a part of it.
What are the anti-patterns of DevOps?
A pattern is a common usage that is usually followed. If a pattern commonly adopted by others does not work for your organization and you continue to blindly follow it, you are essentially adopting an anti-pattern. There are myths about DevOps. Some of them include.
• DevOps is a process
• Agile equals DevOps
• We need a separate DevOps group
• DevOps will solve all our problems
• DevOps means Developers managing Production
• DevOps is Development-driven release management
• DevOps is not development-driven.
• DevOps is not IT operations-driven.
• We can’t do DevOps – We’re Unique
• We can’t do DevOps – We’ve got the wrong people
What is Automation, Scaling, and Infrastructure?
Automation lies at the heart of DevOps. It involves the use of tools and processes to replace manual tasks, thereby reducing human error, increasing efficiency, and accelerating delivery. Automation encompasses everything from code integration and testing to deployment and monitoring. By Automating Routine tasks, development teams can focus on innovation and problem-solving, leading to higher-quality software.
Scalability and Efficiency:
Scaling is another vital aspect of DevOps. As businesses grow, so does the demand for their products or services. DevOps provides the means to scale applications and infrastructure seamlessly. Cloud platforms like AWS, Azure, and Google Cloud offer powerful tools for dynamically allocating and managing resources, ensuring that applications can handle varying workloads without disruptions.
Infrastructure as Code (IaC):
Infrastructure as Code is a fundamental concept in DevOps. It involves managing and provisioning infrastructure using code and automation tools. This allows for consistent, reproducible environments across development, testing, and production, reducing the risk of configuration drift and ensuring that deployments are reliable.
Developer vs DevOps
Developers are responsible for writing and testing code that meets the functional requirements of the software. They typically work closely with product owners or project managers to understand the requirements of the software and to ensure that it is delivered on time and on budget.
DevOps engineers, on the other hand, are responsible for ensuring that the software development process is streamlined and efficient. They focus on automating processes, managing infrastructure, and optimizing the software delivery pipeline. DevOps engineers work closely with developers, IT operations, and security teams to ensure that the software is delivered quickly with minimal downtime and errors.
In summary, while developers focus on writing and testing code to meet functional requirements, DevOps engineers focus on the software development process itself, ensuring that it is optimized for speed, quality, and reliability.
DevOps Responsibility
Checking Email / JIRA Tickets
Checking Notifications from the Monitoring System
Ensuring that there is no critical alert unattended.
Provide Help and Support to Developers
Creating Jenkins Jobs for Deployment
Supporting existing Infra and Creating New Servers
Deploying Code on Dev & Prod Servers
Checking for Proper Approvals Before Code Release
Build And Release Process
Managing User Access to Resources (Grant / Revoke)
Managing GIT Branches
Automation (Jenkins / Ansible)
Server and application support
Ensuring Backup and Creating Backup Policy
How would you describe a successful DevOps engineer or a team?
Collaboration
Communication
Set up and improve workflows and processes (related to testing and delivery)
Dealing with issues
Can you describe which tool or platform you chose to use in some of the following areas and how?
Continuous Integration (CI): ---------------Jenkins, Travis CI, CircleCI, GitLab CI/CD
Continuous Deployment/Delivery (CD): ----------Jenkins, GitLab CI/CD, Travis CI, Circle CI, Spinnaker
Version Control: -----Git
Provisioning infrastructure--------Terraform, AWS CloudFormation, Azure Resource Manager (ARM) Templates, Puppet
Configuration Management-----------Ansible, Puppet, Chef, SaltStack
Monitoring & Alerting ------------Prometheus, Grafana, ELK Stack (Elasticsearch, Logstash, Kibana), New Relic
Logging -----------------ELK Stack (Elasticsearch, Logstash, Kibana), Splunk, Prometheus, Grafana, and AWS CloudWatch Logs
Code review--------GitHub, GitLab, Bitbucket
Cloud Services-----AWS, Azure, Google Cloud Platform (GCP)
Code coverage-----------SonarQube
Issue Tracking---------------Jira, GitLab Issues, GitHub Issues, Trello
Containers and Containers Orchestration----------------Docker, Kubernetes, Docker Swarm, Amazon ECS
Tests-------Robot, Serenity, Gauge
Collaboration and Communication: --------------Slack, Microsoft Teams, Confluence, Jira
Security ----------SonarQube, OWASP Dependency-Check
Artifact Repository-------------------Nexus, Artifactory
What is Version Control?
Version control is the system of tracking and managing changes to software code.
It helps software teams to manage changes to source code over time.
Version control enables the current team to analyze the deletion, editing, and creation of datasets made since the original copy. It brings clarity to the development of the software.
What are the benefits of using version control?
● All team members are free to work on any file at any time with the Version Control System (VCS). Later on, VCS will allow the team to integrate all of the modifications into a single version.
● The VCS asks to provide a brief summary of what was changed every time we save a new version of the project. We also get to examine exactly what was modified in the content of the file. As a result, we will be able to see who made what changes to the project.
● Inside the VCS, all the previous variants and versions are properly stored. We will be able to request any version at any moment, and we will be able to retrieve a snapshot of the entire project at our fingertips.
● A VCS that is distributed, such as Git, lets all the team members retrieve a complete history of the project. This allows developers or other stakeholders to use the local Git repositories of any of the teammates, even if the main server goes down at any point in time.
Name some Version Control tools
Git
Bitbucket
Fossil
AWS Code Commit
What is Source Code Management?
It is a process through which we can store and manage any code. Developers write code, Testers write test cases, and DevOps engineers write scripts. Different teams can store code simultaneously. It saves all changes separately. We can retrieve this code at any point in time.
What is Agile, and is DevOps different from Agile?
The Agile methodology is a way to manage a project by breaking it up into several phases. DevOps is a practice of bringing development and operations teams together, whereas Agile is an iterative approach that focuses on collaboration, customer feedback, and small, rapid releases.
Difference between Scrum and Kanban
Scrum and Kanban are both popular agile project management frameworks that help teams organize and manage their work. They share the goal of improving efficiency, collaboration, and the delivery of high-quality products, but they have different principles and methodologies.
| Scrum | Kanban |
| Time-boxed sprints with fixed durations. | Continuous and flow-based |
| Specific roles and ceremonies | Flexible roles and meetings |
| Scope changes are discouraged during sprints | Allows scope changes at any time |
| Focus on predictability | Focus on optimizing the workflow |
What is CICD in DevOps?
CICD stands for Continuous Integration and Continuous Delivery. These are two different concepts that are complementary to each other.
Continuous Integration (CI): Continuous Integration is a software development practice where developers regularly merge their code changes into a shared central repository, after which automated builds and tests are run. This way we can find the bugs quicker, improve software quality, and save time. Ex. Jenkins, Circle CI, GitLab CI, Bamboo, AWS Code Build
Continuous Delivery (CD): Continuous Delivery is a software development practice where code changes are automatically built, tested, and prepared for production release, as soon as CI is done, this takes actions, and changes get deployed to test, staging, production (as configured), this way Developers will always have deployable artifacts ready all the time.
When a developer commits (integrates) their code to the source code management system like Git, the CI tool automatically pulls the code and runs the build and unit tests. At the end of the integration, artifacts are generated (war file). This is called Continuous Integration. Some CI tools: Jenkins, CircleCI, GitLab. | Once the continuous integration (CI) process is successfully completed, we get artifacts. We deploy those artifacts onto the next available environment (say Dev), where performance and functional tests are carried out. Once the tests are successfully we deploy the artifacts to the Production environment manually. This is called Continuous Delivery. |
Continuous Delivery automates the process of packaging and preparing applications for deployment.
Essential Ports for DevOps Engineers
HTTP (Hypertext Transfer Protocol) - Port 80
Purpose: Used for transferring web pages.HTTPS (HTTP Secure) - Port 443
Purpose: Secure version of HTTP.SSH (Secure Shell) - Port 22
Purpose: Secure remote login and command execution.FTP (File Transfer Protocol) - Port 21
Purpose: Transfers files between computers.SFTP (SSH File Transfer Protocol) - Port 22
Purpose: Secure file transfer protocol.SMTP (Simple Mail Transfer Protocol) - Port 25
Purpose: Sending emails across networks.DNS (Domain Name System) - Port 53
Purpose: Resolves domain names into IP addresses.MySQL Database Server – Port 3306
Purpose: Default port for MySQL connections.PostgreSQL Database Server – Port 5432
Purpose: Default port for PostgreSQL database connections.Docker Daemon API – Port 2375/2376
Purpose: Ports used by the Docker daemon for API access.Kubernetes API Server – Port 6443
Purpose: Entry point for all API requests in Kubernetes clusters.Redis Server – Port 6379
Purpose: The Default port used by Redis, an in-memory data structure store.MongoDB – Port 27017
Purpose: Default port for MongoDB database connections.Apache Kafka – Port 9092
Purpose: Default port for Apache Kafka messaging system connections.Nginx – Port 80/443
Purpose: Web server that can also act as a reverse proxy server.Tomcat – Port 8080
Purpose: Default port for Apache Tomcat web server instances.VNC (Virtual Network Computing) – Port 5900
Purpose: Remote desktop sharing system.Elastic Search – Port 9200
Purpose: The Default port used by Elastic Search REST API calls.RabbitMQ – Port 5672
Purpose: The Default port used by RabbitMQ messaging broker connections.Grafana – Port 3000
Purpose: The Default port used by the Grafana dashboard application for visualizing metrics
🔧 DevOps Tools and Services
1️⃣ 8080 - Jenkins: CI/CD pipeline management interface.
2️⃣ 50000 - Jenkins Agent: Master-Agent communication.
3️⃣ 3000 - Grafana: Metrics and dashboard visualization.
4️⃣ 9090 - Prometheus: Monitoring and alerting system.
5️⃣ 5601 - Kibana: Elasticsearch query and visualization.
6️⃣ 9200 / 9300 - Elasticsearch: REST API and node communication.
7️⃣ 8200 - HashiCorp Vault: Secrets management.
8️⃣ 9418 - Git: Repository cloning and pushing.
🌩️ Cloud Services (AWS, Azure, GCP)
1️⃣ 80 / 443 - HTTP / HTTPS: Web traffic and secure APIs.
2️⃣ 22 - SSH: Secure server login.
3️⃣ 3389 - RDP: Windows Remote Desktop.
4️⃣ 53 - DNS: Domain name resolution.
5️⃣ 3306 / 5432 - MySQL / PostgreSQL: Managed databases.
6️⃣ 6379 - Redis: In-memory data store.
7️⃣ 6443 - Kubernetes API server.
8️⃣ 10250 / 10255 - Kubernetes: API communication and monitoring.
🛠️ Infrastructure Management
1️⃣ 8500 - Terraform Enterprise: HTTP API.
2️⃣ 8888 - Ansible AWX: Automation web interface.
3️⃣ 9000 - SonarQube: Code quality and security.
📊 Monitoring & Logging
1️⃣ 2003 - Graphite: Metrics storage.
2️⃣ 25826 - Collectd: Metrics collection.
3️⃣ 1514 - Syslog: Log collection.
🐳 Containerization & Orchestration
1️⃣ 2375 / 2376 - Docker: Non-secure / secure Docker API.
2️⃣ 6443 - Kubernetes: API server communication.
3️⃣ 10250 - Kubernetes kubelet API.
What are the Challenges faced during the implementation of microservices
While working with microservices, we face numerous challenges!
It usually:
Define Requirements → Design Architecture → Create API Contracts → Develop Services → Implement CI/CD → Containerize (Docker) → Configure Orchestration (Kubernetes) → Set Up Observability (Monitoring, Logging, Tracing) → Security & Testing → Deploy to Production → Continuous Feedback & Iteration
What are the best practices for continuous integration (CI)?
Build Automation
Main Code Repository
Self-testing build
Every day, commits to the baseline
Fast Build process
Production-like environment testing
Publish Build Results
Deployment Automation
🚀 Top CI/CD Tools Every DevOps Engineer Should Know 🚀
🔧 Jenkins
An open-source automation server that supports building, deploying, and automating projects. Highly extensible with thousands of plugins!
🌐 GitLab CI/CD
Seamlessly integrated with GitLab, providing powerful continuous integration, delivery, and deployment features. Great for end-to-end DevOps lifecycle management.
🛠 CircleCI
Offers high-performance builds with intelligent caching, parallelism, and a user-friendly interface. Supports many languages and integrates with popular tools.
🔄 Travis CI
A cloud-based CI/CD service that is easy to set up with GitHub. Ideal for open-source projects with free plans available.
⚙️ Bamboo
Developed by Atlassian, it integrates well with JIRA and Bitbucket. Provides robust build, test, and deployment capabilities.
💻 TeamCity
A powerful CI server by JetBrains that supports many environments and offers extensive customization through plugins.
📦 Azure Pipelines
As part of Azure DevOps, it provides CI/CD pipelines for any language, platform, or cloud. Highly scalable and integrates with numerous services.
🚢 AWS CodePipeline
A fully managed continuous delivery service that helps automate your release pipelines for fast and reliable application and infrastructure updates.
✨ Drone
A modern CI/CD platform built on containers, making it highly scalable and efficient. Supports GitHub, GitLab, Bitbucket, and more.
🔍 Concourse
Designed for simplicity and scalability, it uses pipelines as the core abstraction for organizing the workflow, providing clear and visual feedback
What is the Software Development Life Cycle (SDLC)?
Software Development Life Cycle (SDLC) is a process used by the software industry to design, develop, and test high-quality software. The goal of the SDLC is to produce superior software that meets and exceeds all customer expectations and demands.
7 Stages of the System Development Life Cycle
Planning Stage.
Feasibility or Requirements of Analysis Stage.
Design and Prototyping Stage.
Software Development Stage.
Software Testing Stage.
Implementation and Integration.
Operations and Maintenance Stage.
Here are the typical stages in the SDLC:
Plan Stage
Gather requirements, create a roadmap, and allocate tasks. Ensure alignment with project objectives and customer needs.
Tool: Jira, Trello, Asana
Purpose: Requirements management, task allocation, project tracking.
Code Stage
Develop software using standardized tools and plugins. Maintain code style, prevent security issues, and encourage collaboration.
Tool: Bitbucket & Git, Integrated Development Environments (IDEs) (e.g., Visual Studio Code, IntelliJ)
Purpose: Efficient coding, code styling, and plugin support.
Build stage
In this Build stage, once a developer has finished a task, they commit their code to a shared code repository.
There are many ways this can be done, but typically the developer submits a pull request - a request to merge their new code with the shared codebase.
Another developer then reviews the changes they’ve made, and once they’re done and there are no issues, they approve the pull request.
This manual review is supposed to be quick and lightweight, but it’s effective at identifying issues early.
Simultaneously, the pull request triggers an automated process that builds the codebase and runs a series of end-to-end, integration, and unit tests to identify any regressions.
If the build fails or any of the tests fail, the pull request fails, and the developer is notified to resolve the issue.
Tool: Build automation tools (Jenkins, CircleCI & Bamboo, Gradle, and Maven)
Purpose: Compiling, integrating code, and creating executable software.
Test Stage:
Thoroughly test the software through various levels of testing. Verify functionality, find and fix bugs, and ensure quality.
Tool: Testing frameworks (e.g., JUnit, pytest), testing tools
(e.g., Selenium)SIT, UAT, production environment
Purpose: Unit testing, integration testing, and functional testing.
Scan Stage:
Perform security scans and checks to identify vulnerabilities or weaknesses. Address security concerns proactively.
Tool: Static Analysis tools (e.g., SonarQube), Dynamic Application Security Testing (DAST) tools (e.g., OWASP ZAP)
Purpose: Identifying code vulnerabilities, security flaws, and anti-patterns.
Operate Stage:
Deploy the software in a production environment. Monitor and manage its performance, responding to operational needs.
Tool: Containerization and orchestration tools (e.g., Docker, Kubernetes)
Purpose: Deploying, managing, and scaling applications in production.
Monitor Stage:
Continuously monitor the software for performance, stability, and potential issues. Gather data for further improvement.
- Tool: Monitoring tools (e.g., Prometheus, Nagios), log management tools (e.g., ELK Stack)
Purpose: Real-time performance monitoring, identifying and addressing issues.
How can testing in the DevOps lifecycle be automated?
Developers are obliged to commit all source code changes to a shared DevOps repository. Every time a change is made in the code, Jenkins-like Continuous Integration tools will grab it from this common repository and deploy it for Continuous Testing, which is done by tools like Selenium
Auto Scaling
Auto scaling allows you to automatically scale up and scale down the number of instances depending on the CPU utilization or memory utilization. There are 2 components in Auto scaling: Auto-scaling groups and Launch Configuration
There are two types of scaling:
Vertical Scaling: Increasing the system resources like CPU, RAM, Storage, etc. Ex: AWS instance size t2.micro to t2.large.
Horizontal Scaling: This means increasing the number of instances/systems for your application. Ex: AWS Auto Scaling Groups.
⚙️ How Auto Scaling Works
1. 🧱 Auto Scaling Group (ASG)
An Auto Scaling Group is the core component that:
Defines a group of EC2 instances
Specifies a minimum, maximum, and desired number of instances
Launches instances using a launch template or configuration
2. 📊 Scaling Policies
There are two main types:
📈 Dynamic Scaling
Automatically adjusts capacity based on metrics like:
CPU utilization
Request count per target (for ALB)
Custom CloudWatch metrics
Example:
If CPU > 70% for 5 minutes → add 1 instance
If CPU < 30% for 5 minutes → remove 1 instance
📅 Scheduled Scaling
Scale resources at specific times.
Example: Increase capacity every weekday at 8 AM and reduce at 6 PM.
3. 🧠 Target Tracking Scaling
Think of it like cruise control. You define a target metric (e.g., maintain 50% average CPU), and AWS automatically adjusts the instance count to keep that target.
4. ⚠️ Health Checks and Replacement
Auto Scaling monitors instance health (via EC2 or ELB).
If an instance becomes unhealthy, it is automatically replaced.
5. 🌐 Integration with Load Balancer
Works seamlessly with Elastic Load Balancer (ELB)
Instances are automatically registered/deregistered from the load balancer.
✅ Benefits of Auto Scaling
| Benefit | Description |
| 📈 Handles Variable Load | Adds capacity when demand spikes, and removes it when demand drops. |
| 💸 Cost-Effective | Avoids overprovisioning; only pay for what you need. |
| 🔁 Self-Healing | Detects and replaces failed EC2 instances automatically. |
| ⚖️ Optimized Performance | Maintains consistent performance under load. |
| 🧩 Highly Configurable | Use multiple scaling policies for different apps/environments. |
✅ AWS Services That Support Auto Scaling
| Service | How Auto Scaling Works |
| 🖥️ EC2 (Elastic Compute Cloud) | Automatically launches or terminates EC2 instances in an Auto Scaling Group (ASG) based on CPU, RAM, etc. |
| 🐳 ECS (Elastic Container Service) | Scales the number of tasks or containers in a service |
| ☸️ EKS (Elastic Kubernetes Service) | Auto scales pods (Horizontal Pod Autoscaler) and nodes (Cluster Autoscaler) |
| 🌐 Elastic Load Balancer (ELB) | Works with EC2 Auto Scaling — no auto scaling itself, but helps balance traffic |
| 📄 App Auto Scaling (Generic service) | Let you scale custom services like: |
🧠 Summary:
| AWS Service | Auto Scaling Supported? | Notes |
| EC2 | ✅ Yes (Auto Scaling Groups) | Most common use case |
| ECS | ✅ Yes (service and task scaling) | Needs CloudWatch + scaling policy |
| EKS | ✅ Yes | Requires HPA or cluster autoscaler |
| Lambda | ✅ Yes | Automatic scaling built-in |
| DynamoDB | ✅ Yes | Scales throughput capacity |
| Aurora Replicas | ✅ Yes | Can scale read replicas |
| SageMaker | ✅ Yes | Endpoint instance scaling |
| RDS (Primary Instance) | ❌ No auto-scaling | Only read replicas can scale |
Why is Continuous Testing important for DevOps?
Any modification to the code may be tested immediately with Continuous Testing. This prevents concerns like quality issues and release delays that might occur whenever big-bang testing is delayed until the end of the cycle. In this way, Continuous Testing allows for high-quality and more frequent releases
DevSecOps
DevSecOps is a software development framework that integrates security into every phase of the software development lifecycle (SDLC). It's an extension of the DevOps practice but with the addition of security.
Look for other articles in this series that explain the various other aspects of DevOps.