[go: up one dir, main page]
Scribd
Upload
26 views6 pages

Devops Interview

The document provides answers to various questions related to Terraform, AWS, Docker, and Kubernetes, covering topics such as resource creation, state file management, security measures, and automation scripts. Key points include using user_data for EC2 instance initialization, the importance of remote state storage, and methods for ensuring high availability and security in cloud environments. Additionally, it discusses best practices for Docker image management and version control with Git.

Uploaded by

poojanandish1993
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views6 pages

Devops Interview

The document provides answers to various questions related to Terraform, AWS, Docker, and Kubernetes, covering topics such as resource creation, state file management, security measures, and automation scripts. Key points include using user_data for EC2 instance initialization, the importance of remote state storage, and methods for ensuring high availability and security in cloud environments. Additionally, it discusses best practices for Docker image management and version control with Git.

Uploaded by

poojanandish1993
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Here are some of the answers to the questions based on Terraform, AWS,

Docker, and other related topics you mentioned:

1. What resources you have created in Terraform?


Typically, in Terraform, you can create resources like:
 EC2 instances

 Security Groups (SG)

 VPCs

 Subnets

 Load Balancers (ALB/NLB)

 S3 Buckets

 RDS Instances

 IAM Roles/Policies

 Lambda Functions, etc.

You can specify these resources in .tf configuration files and run terraform
apply to create them.

2. EC2 instances are running, how to install agents in EC2 through


Terraform?
You can use user_data to install agents when the EC2 instances are
initialized. Here’s an example:
hclCopyEditresource "aws_instance" "example" {
ami = "ami-0c55b159cbfafe1f0"
instance_type = "t2.micro"
user_data = <<-EOF
#!/bin/bash
curl -o /tmp/agent_installer.sh
https://example.com/agent_installer.sh
bash /tmp/agent_installer.sh
EOF
}

3. Where are you storing the state file?


It’s recommended to store the Terraform state file in a remote backend for
team collaboration and to avoid state file conflicts. Common options are:
 S3 bucket with DynamoDB for state locking

 Terraform Cloud/Enterprise

 Azure Blob Storage

 Google Cloud Storage

4. What are the security measures you take while storing the
state file in Git?
Storing state files in Git is not recommended, as they might contain sensitive
data. If needed:
 Use .gitignore to prevent the state file from being added to the
repository.

 If using a remote backend (e.g., S3), ensure that the state file is
encrypted using encryption mechanisms like server-side encryption.

5. You created the resources using Terraform but someone edited


them in the cloud, how to synchronize?
You can use terraform refresh to synchronize the Terraform state with the
actual cloud state.

6. Difference between terraform export and terraform refresh?


 terraform export: Exports Terraform configurations to JSON format.

 terraform refresh: Updates the Terraform state to reflect the real-


world state of resources without modifying them.

7. You need to create SG in multiple environments with the same


configuration file.
You can use Terraform modules and pass different variables for each
environment to ensure consistency while allowing customization.

8. What is terraform validate and terraform fmt?


 terraform validate: Checks the syntax and validity of the Terraform
configuration files.

 terraform fmt: Formats the Terraform configuration files to a canonical


style.

9. How to create 10 instances at a time?


You can use count or for_each to create multiple instances:
hclCopyEditresource "aws_instance" "example" {
count = 10
ami = "ami-0c55b159cbfafe1f0"
instance_type = "t2.micro"
}

10. You need to create a web application and databases? What


security measures do you take to connect them?
 Use Security Groups to allow access only between specific resources.

 Use IAM roles/policies for restricting access to the database and web
application.

 Enable encryption for both the database and application


communications.

 Set up VPC and private subnets to isolate resources.

11. Application deployed in EC2. It should be highly available.


How to configure?
 Use an Auto Scaling group to automatically scale the EC2 instances
based on traffic.

 Place instances behind an Elastic Load Balancer (ELB) for distributing


traffic.

 Use multiple Availability Zones for redundancy.

12. Types of Load Balancer?


 Classic Load Balancer (CLB): Older, basic load balancing
functionality.

 Application Load Balancer (ALB): Suitable for HTTP/HTTPS traffic,


supports content-based routing.

 Network Load Balancer (NLB): Best for TCP/UDP traffic, high-


performance, low-latency.

13. 10 EC2 instances, 2 are down, how does the load balancer
know these 2 instances are down?
The Load Balancer regularly checks the health of registered instances using
health checks (e.g., HTTP, TCP). If an instance fails the health check, it is
removed from the load balancer's pool.
14. 2 EC2 are down, it should automatically get up. How to do it?
Use an Auto Scaling group, which automatically replaces unhealthy EC2
instances with new ones based on defined policies.

15. What are the things you know in Kubernetes? Why


StatefulSets are used?
 StatefulSets are used to manage applications that require stable,
unique network identifiers, persistent storage, and ordered
deployment.

 Kubernetes includes Pods, Deployments, ReplicaSets, Namespaces,


Services, Volumes, and ConfigMaps, etc.

16. To reduce Docker image size, what steps should we take?


 Use a minimal base image like alpine.

 Remove unnecessary dependencies.

 Use multi-stage builds to separate build and runtime environments.

 Minimize layers by combining commands.

17. What security measures do you take while pushing the image
to registry or artifact?
 Use private registries with authentication.

 Enable encryption at rest and in transit for images.

 Use image scanning tools to check for vulnerabilities before pushing.

 Apply role-based access control (RBAC) to restrict access.

18. Written any Python script for automation? Write a Python


script to take a backup of EC2.
Here’s an example script using boto3 to create a snapshot (backup) of an
EC2 instance:
pythonCopyEditimport boto3

ec2 = boto3.client('ec2')

def create_snapshot(instance_id):
volumes = ec2.describe_instances(InstanceIds=[instance_id])
['Reservations'][0]['Instances'][0]['BlockDeviceMappings']
for volume in volumes:
snapshot = ec2.create_snapshot(VolumeId=volume['Ebs']
['VolumeId'], Description=f"Backup of {instance_id}")
print(f"Created snapshot {snapshot['SnapshotId']} for volume
{volume['Ebs']['VolumeId']}")

create_snapshot('i-0abcd1234efgh5678')

19. Write Terraform config file.


Here’s an example for creating an EC2 instance:
hclCopyEditprovider "aws" {
region = "us-east-1"
}

resource "aws_instance" "example" {


ami = "ami-0c55b159cbfafe1f0"
instance_type = "t2.micro"
tags = {
Name = "ExampleInstance"
}
}

20. What security measures should we take with S3 buckets?


 Enable encryption (SSE-S3 or SSE-KMS).

 Use Bucket Policies and IAM roles to restrict access.

 Enable logging for access requests.

 Use versioning to protect from accidental deletions.

21. You have 2 VPCs in different regions, you need to connect


these, how to do it?
You can use VPC Peering, VPN, or AWS Transit Gateway for connecting VPCs
across different regions.

22. You know ECS?


Yes, Amazon Elastic Container Service (ECS) allows you to run and manage
Docker containers at scale.

23. Difference between git merge and git rebase? Cherry-pick?


 Merge combines branches by creating a merge commit. It preserves
the branch history.
 Rebase re-applies commits from one branch onto another, creating a
linear history.

 Cherry-pick applies individual commits from one branch to another.

24. You are in master branch without coming out, how to create a
feature?
You can use git checkout -b feature-branch to create a new feature branch
from the current branch.

25. What is .gitignore?

A .gitignore file tells Git which files or directories to ignore in a repository.


This is typically used for excluding build files, secrets, and environment-
specific files.

26. How to check disk size?


You can use the following commands depending on the system:
 Linux: df -h

 Windows: dir

If you need more detailed answers to any of these, feel free to ask!

You might also like