DMCA.com Protection Status Trending Topics About Devops: Basic Questions About Devops

Tuesday, 15 July 2025

Basic Questions About Devops

๐Ÿงฑ CI/CD Pipelines

  1. Jenkins test stage fails

    • Answer: Check environment variables, script logic, and if dependencies are missing. Use echo statements for debugging.

  2. GitLab pipeline stuck in pending

    • Answer: Runner may be offline, not registered, or tags mismatch with job definition.

  3. Secrets printing in logs

    • Answer: Mask variables, use credential stores, and avoid printing secret variables.

  4. Old version deployed

    • Answer: Check source branch, Git tags, image tag in Docker, or pipeline caching issues.

  5. Approval before deploy

    • Answer: Use input step in Jenkins or manual approval in GitLab/GitHub Actions.

  6. Trigger build on tag

    • Answer: Configure webhook or job trigger for tag pattern (e.g., refs/tags/*).

  7. Build fails on one branch

    • Answer: Compare differences in branch-specific configs or pipeline YAML.

  8. Skip tests on branches

    • Answer: Add branch-based condition in pipeline: if: $CI_COMMIT_BRANCH != 'main'.

  9. Scheduled pipeline not running

    • Answer: Check cron syntax, timezone, and whether the schedule is enabled.

  10. Missing Maven in Jenkins

    • Answer: Install Maven via Jenkins global tools or Docker image with Maven.

☁️ Cloud Platforms

  1. EC2 instance unreachable

    • Answer: Check security group, public IP, and SSH key.

  2. Azure VM Terraform fails intermittently

    • Answer: Could be resource quota, rate limit, or dependency timing.

  3. Restrict access to S3

    • Answer: Use bucket policies, IAM roles, and ACLs.

  4. Blue-green in AWS

    • Answer: Use ELB with two target groups, switch traffic between them.

  5. GCP Cloud Run 503

    • Answer: Check logs, start timeouts, and ensure correct container port is exposed.

  6. Autoscale VMs

    • Answer: Use AWS Auto Scaling Groups or Azure VMSS.

  7. Static IP in Azure

    • Answer: Define a public IP resource in Terraform and associate with the VM NIC.

  8. Rotate cloud access keys

    • Answer: Use IAM best practices: create new key, update, then delete old one.

  9. Recover deleted cloud resource

    • Answer: Use backups, snapshots, or reapply Terraform.

  10. Azure user locked out

    • Answer: Check AAD MFA settings, RBAC, or reset password via admin.

๐Ÿ›  Infrastructure as Code

  1. Terraform state lock error

    • Answer: Unlock manually with terraform force-unlock or wait until automatic timeout.

  2. Manual change in portal

    • Answer: Terraform will detect drift; reapply or import manually changed resource.

  3. Resume Ansible playbook

    • Answer: Use --start-at-task or handle idempotency with when conditions.

  4. Secure Terraform secrets

    • Answer: Use environment variables, vault, or tfvars ignored in .gitignore.

  5. Unexpected resource replacement

    • Answer: Check for immutable fields in the config like name or region.

  6. Rollback infra version

    • Answer: Use VCS for .tf files, revert to last working version.

  7. Pushed tfstate to Git

    • Answer: Remove from repo, rotate secrets if any exposed, add to .gitignore.

  8. terraform taint vs destroy

    • Answer: taint marks a resource to be recreated; destroy removes it.

  9. Multi-env with Terraform

    • Answer: Use workspaces or directory-based separation with separate state files.

  10. New module not picked up

    • Answer: Run terraform get -update=true or ensure module source path is correct.

๐Ÿ“ฆ Docker & Containers

  1. Container won’t start

    • Answer: Check logs, entrypoint errors, or port conflicts.

  2. App crashes in container

    • Answer: Missing dependencies, wrong base image, or environment mismatch.

  3. Reduce image size

    • Answer: Use smaller base images (alpine), multi-stage builds, clean up cache.

  4. Port in use error

    • Answer: Use a different port or stop the conflicting service.

  5. Share data between containers

    • Answer: Use Docker volumes or bind mounts.

  6. ENTRYPOINT vs CMD

    • Answer: ENTRYPOINT is the fixed binary; CMD passes default arguments.

  7. Secrets in Docker

    • Answer: Use Docker secrets or environment variables injected via orchestrator.

  8. Debug a running container

    • Answer: Use docker exec -it <id> /bin/sh or attach to logs.

  9. .dockerignore usage

    • Answer: Prevents unnecessary files from being sent to Docker daemon.

  10. Container exits immediately

    • Answer: Entrypoint script finishes or crashes.

☨ Kubernetes (Beginner)

  1. Pod in CrashLoopBackOff

    • Answer: View logs (kubectl logs), check init containers, and probes.

  2. Service not reachable

    • Answer: Check labels, service selector, and port mapping.

  3. Scale deployment

    • Answer: kubectl scale deployment <name> --replicas=n

  4. Rollback deployment

    • Answer: kubectl rollout undo deployment <name>

  5. Secret not mounting

    • Answer: Ensure secret exists, proper volumeMount path and names are correct.

  6. Zero-downtime deploy

    • Answer: Use readiness/liveness probes and rolling updates.

  7. Apply vs Create

    • Answer: apply updates existing resources, create only adds new.

  8. Expose pod externally

    • Answer: Use LoadBalancer or Ingress.

  9. View pod logs

    • Answer: kubectl logs <pod-name>

  10. Schedule on specific node

    • Answer: Use nodeSelector, affinity, or tolerations.

-----------------------------------------------------------------------------------------------------------------------

  1. Accidentally committed secrets to GitHub

    • Answer: Immediately remove the file, rotate the secrets, and use tools like git filter-branch or BFG Repo-Cleaner to scrub history.

  2. Manage access keys in CI/CD

    • Answer: Store them securely in credential stores or environment variables, never hardcode in scripts.

  3. Scan for vulnerabilities

    • Answer: Use tools like Snyk, Trivy, or GitHub Advanced Security to detect known CVEs.

  4. chmod 777 issue

    • Answer: Avoid it; it's insecure. Assign minimum required permissions with chown and chmod.

  5. Enforce MFA

    • Answer: Use IAM policies, enable MFA in cloud provider account settings.

  6. Jenkins UI exposed publicly

    • Answer: Add authentication, firewall rules, and use HTTPS.

  7. Access private Docker registries securely

    • Answer: Use docker login, store creds securely, or use orchestrator secrets.

  8. Secure Terraform state

    • Answer: Use remote backends like S3 with encryption and versioning.

  9. Rotate SSH keys

    • Answer: Generate new keys, update authorized_keys on all hosts, and remove old keys.

  10. Implement least privilege

    • Answer: Define fine-grained roles, restrict permissions to what's necessary.

๐Ÿ“‹ Monitoring & Logging

  1. App is slow

    • Answer: Check CPU, memory, I/O, network, and response time metrics.

  2. Logs not in CloudWatch

    • Answer: Ensure log group and stream exist; verify IAM role permissions.

  3. High CPU alerts

    • Answer: Set CloudWatch or Prometheus alerts with defined thresholds.

  4. Push vs Pull monitoring

    • Answer: Push: metrics sent to a collector (e.g., StatsD); Pull: metrics scraped (e.g., Prometheus).

  5. Track deployment events

    • Answer: Emit custom logs or use deployment tracking tools (e.g., Rollbar, Datadog).

  6. Disk space filling

    • Answer: Use du, df, and log rotation; check temp files or large directories.

  7. Monitor K8s pods

    • Answer: Use kubectl top pod or integrate Prometheus/Grafana.

  8. Log visualization

    • Answer: Use tools like Kibana, Grafana Loki, or ELK stack.

  9. False positive alerts

    • Answer: Tune thresholds, use alert deduplication and anomaly detection.

  10. Duplicate alerts

    • Answer: Check for misconfigured alert rules or overlapping checks.

๐Ÿงช Automation & Scripting

  1. Automate log cleanup

    • Answer: Write a Bash script with find and schedule with cron.

  2. Script fails on server

    • Answer: Check for shell compatibility, permissions, and dependencies.

  3. Schedule backup with cron

    • Answer: Create a script and add an entry to crontab like 0 2 * * * /backup.sh.

  4. Test Bash script safely

    • Answer: Use set -x and run in a controlled test environment.

  5. Permission denied in Python

    • Answer: Check file permissions, user privileges, and SELinux/AppArmor if enabled.

  6. Send alerts to Slack

    • Answer: Use curl to post JSON to a Slack webhook URL.

  7. Capture script output

    • Answer: Redirect to a log file: ./script.sh > output.log 2>&1

  8. Cronjob not running

    • Answer: Check crontab syntax, path to script, and user permissions.

  9. Check and restart service

    • Answer: if ! systemctl is-active --quiet myservice; then systemctl restart myservice; fi

  10. Automate passwordless SSH

    • Answer: Generate SSH key and copy public key using ssh-copy-id.

๐Ÿ“ Git & Version Control

  1. Pushed to wrong branch

    • Answer: Revert the commit or cherry-pick to the correct branch and force push.

  2. Revert merge commit

    • Answer: Use git revert -m 1 <merge_commit_hash>.

  3. git reset vs revert

    • Answer: reset changes history; revert adds a new commit to undo.

  4. Remove secrets from Git history

    • Answer: Use BFG or git filter-branch, then force push.

  5. Force push broke build

    • Answer: Identify last working commit, create hotfix, avoid force pushes.

  6. Squash commits

    • Answer: Use git rebase -i to squash, then push with --force-with-lease.

  7. package-lock.json conflict

    • Answer: Resolve manually by merging changes or regenerating the lock file.

  8. Enforce branch naming

    • Answer: Use Git hooks or CI validation scripts.

  9. Git branching strategy

    • Answer: Use GitFlow, trunk-based, or feature branch workflows.

  10. Make hotfix without disrupting main

    • Answer: Branch from main, fix, test, and merge with minimal changes.

⟳ Troubleshooting & Operations

  1. Server is down

    • Answer: Ping, SSH, check logs, disk, memory, and restart services.

  2. IP blacklisted

    • Answer: Contact provider, rotate IP, or review firewall/email settings.

  3. Setup load balancer

    • Answer: Use NGINX, HAProxy, or cloud LB service with backend configs.

  4. Jenkins agent not connecting

    • Answer: Check network, authentication tokens, and agent logs.

  5. Deploy works in staging but not prod

    • Answer: Check environment variables, configs, secrets, and IAM roles.

  6. Allow only Cloudflare traffic

    • Answer: Use firewall rules to allow only Cloudflare IP ranges.

  7. Track config changes

    • Answer: Store configs in Git, use tools like Ansible or Puppet.

  8. Breakage due to dependency

    • Answer: Use version pinning and virtual environments.

  9. Test without affecting prod

    • Answer: Use staging environment or feature flags.

  10. Prepare for high traffic

- **Answer:** Scale resources, use CDN, caching, load testing

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)