DevOps Interview Preparation Guide¶
Overview¶
This comprehensive guide covers essential DevOps interview topics, from basic concepts to advanced scenarios. Each section includes key questions, detailed answers, and practical examples.
Core DevOps Concepts¶
What is DevOps?¶
Answer: DevOps is a cultural and technical movement that emphasizes collaboration between development (Dev) and operations (Ops) teams. It aims to shorten the software development lifecycle and provide continuous delivery of high-quality software.
Key Principles: - Culture: Collaboration between teams - Automation: Automate repetitive tasks - Measurement: Monitor and measure everything - Sharing: Share responsibility and knowledge
Benefits: - Faster deployment cycles - Improved collaboration - Better quality and reliability - Faster issue resolution
DevOps vs Traditional IT¶
| Aspect | Traditional IT | DevOps |
|---|---|---|
| Team Structure | Siloed teams | Cross-functional teams |
| Release Frequency | Monthly/Quarterly | Daily/Multiple times daily |
| Deployment | Manual, error-prone | Automated, reliable |
| Feedback Loop | Slow, after production | Fast, continuous |
| Risk Management | Big-bang releases | Small, incremental changes |
Version Control & Git¶
Git Fundamentals¶
Question: What is Git and why is it important in DevOps?
Answer: Git is a distributed version control system that tracks changes in source code during software development. It's crucial in DevOps because:
- Enables collaboration among developers
- Maintains history of all changes
- Supports branching and merging strategies
- Integrates with CI/CD pipelines
- Provides rollback capabilities
Git Commands¶
# Basic workflow
git init # Initialize repository
git add . # Stage all changes
git commit -m "message" # Commit changes
git status # Check status
git log --oneline # View commit history
# Branching
git branch feature/new # Create branch
git checkout feature/new # Switch to branch
git merge feature/new # Merge branch
git rebase main # Rebase onto main
# Remote operations
git clone <url> # Clone repository
git pull origin main # Pull latest changes
git push origin feature # Push branch
Branching Strategies¶
| Strategy | Description | Use Case | Pros | Cons |
|---|---|---|---|---|
| GitFlow | Multiple branches (main, develop, feature, release, hotfix) | Enterprise software | Structured releases | Complex for small teams |
| GitHub Flow | Main branch + feature branches | Web applications | Simple, fast | No release branches |
| Trunk-Based | Direct commits to main with feature flags | Continuous deployment | Fast feedback | Requires feature flags |
Continuous Integration (CI)¶
CI Concepts¶
Question: What is Continuous Integration and why is it important?
Answer: Continuous Integration is the practice of automatically building and testing code changes as they are committed to version control. It's important because:
- Catches integration issues early
- Ensures code quality through automated tests
- Provides fast feedback to developers
- Reduces integration debt
- Enables frequent releases
CI Pipeline Components¶
# Jenkins Pipeline Example
pipeline {
agent any
stages {
stage('Checkout') {
steps {
git 'https://github.com/user/repo.git'
}
}
stage('Build') {
steps {
sh 'mvn clean compile'
}
}
stage('Test') {
steps {
sh 'mvn test'
junit 'target/surefire-reports/*.xml'
}
}
stage('Package') {
steps {
sh 'mvn package'
}
}
stage('Deploy') {
steps {
sh 'scp target/app.jar server:/opt/app/'
sh 'ssh server "systemctl restart app"'
}
}
}
post {
always {
archiveArtifacts artifacts: 'target/*.jar', fingerprint: true
}
failure {
mail to: 'team@example.com',
subject: "Build failed",
body: "Build ${env.BUILD_NUMBER} failed"
}
}
}
CI Best Practices¶
| Practice | Description | Benefit |
|---|---|---|
| Fast Builds | Keep build times under 10 minutes | Quick feedback |
| Parallel Execution | Run tests in parallel | Faster pipelines |
| Artifact Management | Store and version build artifacts | Reproducible deployments |
| Environment Consistency | Use same tools across environments | Reduce environment issues |
| Automated Testing | Unit, integration, and acceptance tests | Catch bugs early |
Continuous Deployment (CD)¶
CD Concepts¶
Question: What is the difference between Continuous Delivery and Continuous Deployment?
Answer: - Continuous Delivery: Code is always ready to be deployed to production, but deployment is manual - Continuous Deployment: Every code change that passes tests is automatically deployed to production
Deployment Strategies¶
| Strategy | Description | Use Case | Pros | Cons |
|---|---|---|---|---|
| Blue-Green | Two identical environments, switch traffic | Zero-downtime deployments | Instant rollback | Double resources |
| Canary | Gradual traffic shift to new version | Risk mitigation | Gradual rollout | Complex monitoring |
| Rolling Update | Update instances gradually | Stateless applications | Resource efficient | No instant rollback |
| A/B Testing | Route traffic based on rules | Feature testing | Data-driven decisions | Complex routing |
Infrastructure as Code¶
# Terraform Example
resource "aws_instance" "web" {
ami = "ami-12345"
instance_type = "t3.micro"
tags = {
Name = "web-server"
Environment = "production"
}
}
resource "aws_security_group" "web" {
name_prefix = "web-sg-"
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
Containerization & Docker¶
Docker Fundamentals¶
Question: What is Docker and why is it important in DevOps?
Answer: Docker is a platform for developing, shipping, and running applications in containers. It's important in DevOps because:
- Provides consistent environments across development, testing, and production
- Enables microservices architecture
- Simplifies dependency management
- Improves resource utilization
- Accelerates deployment cycles
Docker Commands¶
# Image operations
docker build -t myapp:1.0 . # Build image
docker images # List images
docker rmi myapp:1.0 # Remove image
docker tag myapp:1.0 myapp:latest # Tag image
# Container operations
docker run -d -p 8080:80 myapp # Run container
docker ps # List running containers
docker ps -a # List all containers
docker stop container_id # Stop container
docker rm container_id # Remove container
# Docker Compose
docker-compose up -d # Start services
docker-compose down # Stop services
docker-compose logs # View logs
Dockerfile Best Practices¶
# Good Dockerfile
FROM node:18-alpine
# Set working directory
WORKDIR /app
# Copy package files first (for better caching)
COPY package*.json ./
# Install dependencies
RUN npm ci --only=production
# Copy source code
COPY . .
# Create non-root user
RUN addgroup -g 1001 -S nodejs
RUN adduser -S nextjs -u 1001
USER nextjs
EXPOSE 3000
CMD ["npm", "start"]
Docker Security¶
| Practice | Description | Benefit |
|---|---|---|
| Minimal Base Images | Use Alpine Linux | Smaller attack surface |
| Non-root Users | Run as non-privileged user | Prevent privilege escalation |
| Image Scanning | Scan for vulnerabilities | Identify security issues |
| Secret Management | Don't bake secrets in images | Secure credential handling |
| Regular Updates | Keep base images updated | Patch known vulnerabilities |
Kubernetes¶
Kubernetes Architecture¶
Question: Explain the main components of Kubernetes architecture.
Answer: Kubernetes has two main types of components:
Control Plane (Master Node): - API Server: Entry point for all REST commands - etcd: Distributed key-value store for cluster data - Scheduler: Assigns pods to nodes - Controller Manager: Runs controller processes
Worker Nodes: - Kubelet: Node agent that ensures containers are running - Kube-proxy: Network proxy that maintains network rules - Container Runtime: Software for running containers (Docker, containerd)
Kubernetes Objects¶
| Object | Purpose | Example |
|---|---|---|
| Pod | Smallest deployable unit | Single container or tightly coupled containers |
| Deployment | Manages replica sets | Stateless applications |
| Service | Network abstraction | Load balancing and service discovery |
| ConfigMap | Configuration data | Environment variables |
| Secret | Sensitive data | Passwords, tokens |
| Ingress | External access | HTTP routing |
Kubernetes Manifest¶
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-app
image: my-app:1.0
ports:
- containerPort: 8080
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: db-secret
key: url
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "200m"
Kubernetes Commands¶
# Cluster information
kubectl cluster-info
kubectl get nodes
kubectl get pods
kubectl get services
# Pod operations
kubectl run nginx --image=nginx
kubectl expose pod nginx --port=80 --type=NodePort
kubectl delete pod nginx
# Deployment operations
kubectl create deployment nginx --image=nginx
kubectl scale deployment nginx --replicas=3
kubectl set image deployment/nginx nginx=nginx:1.21
# Debugging
kubectl logs pod-name
kubectl describe pod pod-name
kubectl exec -it pod-name -- /bin/bash
Configuration Management¶
Ansible¶
Question: What is Ansible and how does it work?
Answer: Ansible is an open-source automation tool for configuration management, application deployment, and task automation. It works by:
- Using SSH for communication (agentless)
- Executing tasks defined in YAML playbooks
- Maintaining desired state configuration
- Supporting idempotent operations
Ansible Playbook¶
---
- name: Install and configure web server
hosts: webservers
become: yes
vars:
http_port: 80
max_clients: 200
tasks:
- name: Install Apache
apt:
name: apache2
state: present
- name: Copy configuration file
template:
src: httpd.conf.j2
dest: /etc/httpd/conf/httpd.conf
notify: restart apache
- name: Start Apache service
service:
name: httpd
state: started
enabled: yes
handlers:
- name: restart apache
service:
name: httpd
state: restarted
Ansible Best Practices¶
| Practice | Description | Benefit |
|---|---|---|
| Idempotent Tasks | Tasks can run multiple times safely | Reliable automation |
| Roles | Reusable collections of tasks | Code organization |
| Variables | Separate data from code | Environment flexibility |
| Vault | Encrypt sensitive data | Security |
| Dynamic Inventory | Auto-discover hosts | Scalability |
Infrastructure as Code¶
Terraform¶
Question: What is Infrastructure as Code and why is it important?
Answer: Infrastructure as Code (IaC) is the practice of managing and provisioning infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.
Benefits: - Version control for infrastructure - Reproducible environments - Automated provisioning - Reduced manual errors - Faster deployment cycles
Terraform Workflow¶
# Initialize working directory
terraform init
# Preview changes
terraform plan
# Apply changes
terraform apply
# Destroy infrastructure
terraform destroy
Terraform Configuration¶
terraform {
required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
backend "s3" {
bucket = "my-terraform-state"
key = "prod/terraform.tfstate"
region = "us-east-1"
}
}
provider "aws" {
region = "us-east-1"
}
resource "aws_vpc" "main" {
cidr_block = "10.0.0.0/16"
tags = {
Name = "main-vpc"
}
}
resource "aws_subnet" "public" {
vpc_id = aws_vpc.main.id
cidr_block = "10.0.1.0/24"
tags = {
Name = "public-subnet"
}
}
Monitoring & Logging¶
Prometheus¶
Question: What is Prometheus and how does it work?
Answer: Prometheus is an open-source monitoring and alerting toolkit designed for reliability and scalability. It works by:
- Scraping metrics from configured targets
- Storing time-series data
- Providing powerful query language (PromQL)
- Supporting alerting based on metrics
Prometheus Configuration¶
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'node'
static_configs:
- targets: ['node-exporter:9100']
- job_name: 'application'
static_configs:
- targets: ['app:8080']
scrape_interval: 5s
Grafana¶
Question: What is Grafana and how does it integrate with Prometheus?
Answer: Grafana is an open-source analytics and monitoring platform that provides rich visualizations for time-series data. It integrates with Prometheus by:
- Using Prometheus as a data source
- Creating dashboards with panels
- Supporting alerting
- Providing templating for dynamic dashboards
ELK Stack¶
Question: What is the ELK Stack?
Answer: ELK Stack is a collection of three open-source tools: - Elasticsearch: Search and analytics engine - Logstash: Data processing pipeline - Kibana: Visualization dashboard
Used for centralized logging, log analysis, and monitoring.
Cloud Platforms¶
AWS¶
Question: What are the main AWS services for DevOps?
Answer: - EC2: Virtual servers - S3: Object storage - RDS: Managed databases - Lambda: Serverless functions - CloudFormation: Infrastructure as Code - CodePipeline: CI/CD service - CloudWatch: Monitoring and logging
Azure DevOps¶
Question: What are the main components of Azure DevOps?
Answer: - Azure Boards: Work tracking - Azure Repos: Git repositories - Azure Pipelines: CI/CD - Azure Test Plans: Testing - Azure Artifacts: Package management
GCP¶
Question: What are the main GCP services for DevOps?
Answer: - Compute Engine: VMs - Cloud Storage: Object storage - Cloud SQL: Managed databases - Cloud Functions: Serverless - Cloud Build: CI/CD - Cloud Monitoring: Observability
Security in DevOps (DevSecOps)¶
DevSecOps Principles¶
Question: What is DevSecOps?
Answer: DevSecOps integrates security practices into the DevOps process. It ensures that security is built into every stage of the software development lifecycle.
Security Practices¶
| Practice | Description | Implementation |
|---|---|---|
| SAST | Static Application Security Testing | Code analysis during development |
| DAST | Dynamic Application Security Testing | Runtime security testing |
| SCA | Software Composition Analysis | Dependency vulnerability scanning |
| Container Security | Image scanning and hardening | Vulnerability scanning in CI |
| Infrastructure Security | Secure infrastructure configuration | Security as Code |
Security Tools¶
# GitHub Actions security scanning
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
Behavioral Interview Questions¶
Leadership & Collaboration¶
Question: How do you handle conflicts within a DevOps team?
Answer: I approach conflicts by: 1. Understanding all perspectives 2. Focusing on shared goals 3. Using data to inform decisions 4. Finding win-win solutions 5. Documenting agreements
Question: How do you ensure knowledge sharing in a DevOps team?
Answer: - Regular team meetings and standups - Documentation of processes and decisions - Pair programming and code reviews - Knowledge base and runbooks - Cross-training team members
Problem Solving¶
Question: Describe a time when you had to troubleshoot a production issue.
Answer: Structure your response: 1. Situation: What was the problem? 2. Actions: What steps did you take? 3. Results: How was it resolved? 4. Lessons: What did you learn?
Continuous Improvement¶
Question: How do you stay current with DevOps technologies?
Answer: - Follow industry blogs and newsletters - Attend conferences and meetups - Participate in open-source projects - Take online courses and certifications - Experiment with new tools in personal projects
Common Interview Scenarios¶
System Design¶
Question: Design a CI/CD pipeline for a microservices application.
Answer: Consider: - Source control integration - Build automation - Testing strategy (unit, integration, e2e) - Artifact management - Deployment strategy - Rollback capabilities - Monitoring and alerting
Troubleshooting¶
Question: A deployment failed in production. How do you approach the investigation?
Answer: 1. Check monitoring dashboards for anomalies 2. Review deployment logs 3. Compare with successful deployments 4. Check infrastructure health 5. Test in staging environment 6. Implement fix with rollback plan
Performance Issues¶
Question: How do you identify and resolve performance bottlenecks in a CI/CD pipeline?
Answer: 1. Measure current performance metrics 2. Identify slowest stages 3. Optimize build processes 4. Implement parallel execution 5. Use caching strategies 6. Monitor and iterate