🔧 Common DevOps Commands by Tool

🧱 Jenkins (CLI + Pipeline)

• jenkins-cli.jar -s http://localhost:8080 list-jobs

• build job-name -p PARAM=value

• groovy = println 'Hello from Groovy'

• pipeline { agent any; stages { stage('Build') { steps { sh 'make' } } } }

☁️ AWS CLI

• aws configure

• aws s3 ls

• aws ec2 describe-instances

• aws s3 cp file.txt s3://bucket-name/

• aws cloudformation deploy --template-file template.yml --stack-name mystack

☁️ Azure CLI

• az login

• az group create --name myResourceGroup --location eastus

• az vm create --resource-group myResourceGroup --name myVM --image UbuntuLTS

• az vm start --name myVM --resource-group myResourceGroup

☁️ GCP CLI (gcloud)

• gcloud init

• gcloud compute instances list

• gcloud app deploy

• gcloud container clusters get-credentials my-cluster --zone us-central1-a

🛠 Terraform

• terraform init

• terraform plan

• terraform apply

• terraform destroy

• terraform fmt

• terraform validate

⚙️ Ansible

• ansible -m ping all

• ansible-playbook site.yml

• ansible-inventory --list -y

• ansible-vault encrypt secrets.yml

🐳 Docker

• docker build -t myimage .

• docker run -d -p 80:80 myimage

• docker ps

• docker exec -it <container_id> /bin/bash

• docker-compose up

• docker login

• docker logout

☸ Kubernetes (kubectl)

• kubectl get pods

• kubectl logs pod-name

• kubectl describe pod pod-name

• kubectl apply -f deployment.yaml

• kubectl delete -f deployment.yaml

• kubectl scale deployment myapp --replicas=3

• kubectl rollout undo deployment myapp

📜 Git

• git init

• git clone repo-url

• git status

• git add .

• git commit -m "message"

• git push origin main

• git checkout -b new-branch

• git merge branch-name

• git rebase -i HEAD~3

🔐 Vault (HashiCorp)

• vault login

• vault kv put secret/mysecret password=123456

• vault kv get secret/mysecret

• vault kv delete secret/mysecret

📈 Prometheus

• Configuration file: prometheus.yml

• Run server: ./prometheus --config.file=prometheus.yml

📊 Grafana (CLI)

• grafana-cli plugins install grafana-piechart-panel

• systemctl restart grafana-server

🧪 Helm (Kubernetes Package Manager)

• helm repo add bitnami https://charts.bitnami.com/bitnami

• helm install myrelease bitnami/nginx

• helm upgrade myrelease bitnami/nginx

• helm rollback myrelease 1

• helm uninstall myrelease

🐙 GitHub Actions

• .github/workflows/main.yml for defining workflows

• Trigger manually via Actions UI or by git push

---

Jenkins

• jenkins-cli.jar -s http://localhost:8080 build job-name -p PARAM=value

• jenkins-cli.jar -s http://localhost:8080 get-job job-name > job.xml

• jenkins-cli.jar -s http://localhost:8080 create-job job-name < job.xml

• jenkins-cli.jar -s http://localhost:8080 disable-job job-name

• jenkins-cli.jar -s http://localhost:8080 enable-job job-name

---

AWS CLI

• aws ec2 start-instances --instance-ids i-1234567890abcdef0

• aws ec2 stop-instances --instance-ids i-1234567890abcdef0

• aws s3 sync ./localdir s3://mybucket --delete

• aws iam list-users

• aws logs describe-log-groups

• aws lambda invoke --function-name my-function response.json

---

Azure CLI

• az vm list --output table

• az group delete --name myResourceGroup

• az acr login --name myregistry

• az aks get-credentials --resource-group myResourceGroup --name myAKSCluster

• az storage account create --name mystorageaccount --resource-group myResourceGroup --location eastus

---

Google Cloud CLI (gcloud)

• gcloud compute ssh my-vm-instance

• gcloud container clusters create my-cluster --zone us-central1-a

• gcloud app logs tail -s default

• gcloud functions deploy my-function --runtime python39 --trigger-http

---

Terraform

• terraform workspace new dev

• terraform workspace select prod

• terraform state list

• terraform import aws_instance.my_instance i-1234567890abcdef0

• terraform output

• terraform graph | dot -Tpng > graph.png

---

Ansible

• ansible-playbook -i inventory.ini site.yml --check

• ansible all -m shell -a 'uptime'

• ansible-vault decrypt secrets.yml

• ansible-galaxy install geerlingguy.nginx

• ansible-playbook site.yml --tags "install"

---

Docker

• docker images

• docker rm $(docker ps -aq) (remove all containers)

• docker rmi $(docker images -q) (remove all images)

• docker network ls

• docker volume ls

• docker logs -f container_id

---

Kubernetes (kubectl)

• kubectl get svc

• kubectl get nodes

• kubectl exec -it pod-name -- /bin/bash

• kubectl port-forward svc/my-service 8080:80

• kubectl top node

• kubectl get events --sort-by='.metadata.creationTimestamp'

---

Git

• git fetch origin

• git diff

• git stash

• git stash pop

• git cherry-pick <commit>

• git log --oneline --graph --all

---

Helm

• helm list

• helm repo update

• helm get values myrelease

• helm history myrelease

• helm test myrelease

---

Vault (HashiCorp)

• vault status

• vault policy list

• vault token create

• vault kv list secret/

• vault audit enable file file_path=/var/log/vault_audit.log

---

Basic Questions About Devops

🧱 CI/CD Pipelines

1. Jenkins test stage fails

   • Answer: Check environment variables, script logic, and if dependencies are missing. Use echo statements for debugging.

2. GitLab pipeline stuck in pending

   • Answer: Runner may be offline, not registered, or tags mismatch with job definition.

3. Secrets printing in logs

   • Answer: Mask variables, use credential stores, and avoid printing secret variables.

4. Old version deployed

   • Answer: Check source branch, Git tags, image tag in Docker, or pipeline caching issues.

5. Approval before deploy

   • Answer: Use input step in Jenkins or manual approval in GitLab/GitHub Actions.

6. Trigger build on tag

   • Answer: Configure webhook or job trigger for tag pattern (e.g., refs/tags/*).

7. Build fails on one branch

   • Answer: Compare differences in branch-specific configs or pipeline YAML.

8. Skip tests on branches

   • Answer: Add branch-based condition in pipeline: if: $CI_COMMIT_BRANCH != 'main'.

9. Scheduled pipeline not running

   • Answer: Check cron syntax, timezone, and whether the schedule is enabled.

10. Missing Maven in Jenkins

    • Answer: Install Maven via Jenkins global tools or Docker image with Maven.

---

☁️ Cloud Platforms

11. EC2 instance unreachable

    • Answer: Check security group, public IP, and SSH key.

12. Azure VM Terraform fails intermittently

    • Answer: Could be resource quota, rate limit, or dependency timing.

13. Restrict access to S3

    • Answer: Use bucket policies, IAM roles, and ACLs.

14. Blue-green in AWS

    • Answer: Use ELB with two target groups, switch traffic between them.

15. GCP Cloud Run 503

    • Answer: Check logs, start timeouts, and ensure correct container port is exposed.

16. Autoscale VMs

    • Answer: Use AWS Auto Scaling Groups or Azure VMSS.

17. Static IP in Azure

    • Answer: Define a public IP resource in Terraform and associate with the VM NIC.

18. Rotate cloud access keys

    • Answer: Use IAM best practices: create new key, update, then delete old one.

19. Recover deleted cloud resource

    • Answer: Use backups, snapshots, or reapply Terraform.

20. Azure user locked out

    • Answer: Check AAD MFA settings, RBAC, or reset password via admin.

---

🛠 Infrastructure as Code

21. Terraform state lock error

    • Answer: Unlock manually with terraform force-unlock or wait until automatic timeout.

22. Manual change in portal

    • Answer: Terraform will detect drift; reapply or import manually changed resource.

23. Resume Ansible playbook

    • Answer: Use --start-at-task or handle idempotency with when conditions.

24. Secure Terraform secrets

    • Answer: Use environment variables, vault, or tfvars ignored in .gitignore.

25. Unexpected resource replacement

    • Answer: Check for immutable fields in the config like name or region.

26. Rollback infra version

    • Answer: Use VCS for .tf files, revert to last working version.

27. Pushed tfstate to Git

    • Answer: Remove from repo, rotate secrets if any exposed, add to .gitignore.

28. terraform taint vs destroy

    • Answer: taint marks a resource to be recreated; destroy removes it.

29. Multi-env with Terraform

    • Answer: Use workspaces or directory-based separation with separate state files.

30. New module not picked up

    • Answer: Run terraform get -update=true or ensure module source path is correct.

---

📦 Docker & Containers

31. Container won’t start

    • Answer: Check logs, entrypoint errors, or port conflicts.

32. App crashes in container

    • Answer: Missing dependencies, wrong base image, or environment mismatch.

33. Reduce image size

    • Answer: Use smaller base images (alpine), multi-stage builds, clean up cache.

34. Port in use error

    • Answer: Use a different port or stop the conflicting service.

35. Share data between containers

    • Answer: Use Docker volumes or bind mounts.

36. ENTRYPOINT vs CMD

    • Answer: ENTRYPOINT is the fixed binary; CMD passes default arguments.

37. Secrets in Docker

    • Answer: Use Docker secrets or environment variables injected via orchestrator.

38. Debug a running container

    • Answer: Use docker exec -it <id> /bin/sh or attach to logs.

39. .dockerignore usage

    • Answer: Prevents unnecessary files from being sent to Docker daemon.

40. Container exits immediately

    • Answer: Entrypoint script finishes or crashes.

---

☨ Kubernetes (Beginner)

41. Pod in CrashLoopBackOff

    • Answer: View logs (kubectl logs), check init containers, and probes.

42. Service not reachable

    • Answer: Check labels, service selector, and port mapping.

43. Scale deployment

    • Answer: kubectl scale deployment <name> --replicas=n

44. Rollback deployment

    • Answer: kubectl rollout undo deployment <name>

45. Secret not mounting

    • Answer: Ensure secret exists, proper volumeMount path and names are correct.

46. Zero-downtime deploy

    • Answer: Use readiness/liveness probes and rolling updates.

47. Apply vs Create

    • Answer: apply updates existing resources, create only adds new.

48. Expose pod externally

    • Answer: Use LoadBalancer or Ingress.

49. View pod logs

    • Answer: kubectl logs <pod-name>

50. Schedule on specific node

    • Answer: Use nodeSelector, affinity, or tolerations.

-----------------------------------------------------------------------------------------------------------------------

51. Accidentally committed secrets to GitHub

    • Answer: Immediately remove the file, rotate the secrets, and use tools like git filter-branch or BFG Repo-Cleaner to scrub history.

52. Manage access keys in CI/CD

    • Answer: Store them securely in credential stores or environment variables, never hardcode in scripts.

53. Scan for vulnerabilities

    • Answer: Use tools like Snyk, Trivy, or GitHub Advanced Security to detect known CVEs.

54. chmod 777 issue

    • Answer: Avoid it; it's insecure. Assign minimum required permissions with chown and chmod.

55. Enforce MFA

    • Answer: Use IAM policies, enable MFA in cloud provider account settings.

56. Jenkins UI exposed publicly

    • Answer: Add authentication, firewall rules, and use HTTPS.

57. Access private Docker registries securely

    • Answer: Use docker login, store creds securely, or use orchestrator secrets.

58. Secure Terraform state

    • Answer: Use remote backends like S3 with encryption and versioning.

59. Rotate SSH keys

    • Answer: Generate new keys, update authorized_keys on all hosts, and remove old keys.

60. Implement least privilege

    • Answer: Define fine-grained roles, restrict permissions to what's necessary.

---

📋 Monitoring & Logging

61. App is slow

    • Answer: Check CPU, memory, I/O, network, and response time metrics.

62. Logs not in CloudWatch

    • Answer: Ensure log group and stream exist; verify IAM role permissions.

63. High CPU alerts

    • Answer: Set CloudWatch or Prometheus alerts with defined thresholds.

64. Push vs Pull monitoring

    • Answer: Push: metrics sent to a collector (e.g., StatsD); Pull: metrics scraped (e.g., Prometheus).

65. Track deployment events

    • Answer: Emit custom logs or use deployment tracking tools (e.g., Rollbar, Datadog).

66. Disk space filling

    • Answer: Use du, df, and log rotation; check temp files or large directories.

67. Monitor K8s pods

    • Answer: Use kubectl top pod or integrate Prometheus/Grafana.

68. Log visualization

    • Answer: Use tools like Kibana, Grafana Loki, or ELK stack.

69. False positive alerts

    • Answer: Tune thresholds, use alert deduplication and anomaly detection.

70. Duplicate alerts

    • Answer: Check for misconfigured alert rules or overlapping checks.

---

🧪 Automation & Scripting

71. Automate log cleanup

    • Answer: Write a Bash script with find and schedule with cron.

72. Script fails on server

    • Answer: Check for shell compatibility, permissions, and dependencies.

73. Schedule backup with cron

    • Answer: Create a script and add an entry to crontab like 0 2 * * * /backup.sh.

74. Test Bash script safely

    • Answer: Use set -x and run in a controlled test environment.

75. Permission denied in Python

    • Answer: Check file permissions, user privileges, and SELinux/AppArmor if enabled.

76. Send alerts to Slack

    • Answer: Use curl to post JSON to a Slack webhook URL.

77. Capture script output

    • Answer: Redirect to a log file: ./script.sh > output.log 2>&1

78. Cronjob not running

    • Answer: Check crontab syntax, path to script, and user permissions.

79. Check and restart service

    • Answer: if ! systemctl is-active --quiet myservice; then systemctl restart myservice; fi

80. Automate passwordless SSH

    • Answer: Generate SSH key and copy public key using ssh-copy-id.

---

📁 Git & Version Control

81. Pushed to wrong branch

    • Answer: Revert the commit or cherry-pick to the correct branch and force push.

82. Revert merge commit

    • Answer: Use git revert -m 1 <merge_commit_hash>.

83. git reset vs revert

    • Answer: reset changes history; revert adds a new commit to undo.

84. Remove secrets from Git history

    • Answer: Use BFG or git filter-branch, then force push.

85. Force push broke build

    • Answer: Identify last working commit, create hotfix, avoid force pushes.

86. Squash commits

    • Answer: Use git rebase -i to squash, then push with --force-with-lease.

87. package-lock.json conflict

    • Answer: Resolve manually by merging changes or regenerating the lock file.

88. Enforce branch naming

    • Answer: Use Git hooks or CI validation scripts.

89. Git branching strategy

    • Answer: Use GitFlow, trunk-based, or feature branch workflows.

90. Make hotfix without disrupting main

    • Answer: Branch from main, fix, test, and merge with minimal changes.

---

⟳ Troubleshooting & Operations

91. Server is down

    • Answer: Ping, SSH, check logs, disk, memory, and restart services.

92. IP blacklisted

    • Answer: Contact provider, rotate IP, or review firewall/email settings.

93. Setup load balancer

    • Answer: Use NGINX, HAProxy, or cloud LB service with backend configs.

94. Jenkins agent not connecting

    • Answer: Check network, authentication tokens, and agent logs.

95. Deploy works in staging but not prod

    • Answer: Check environment variables, configs, secrets, and IAM roles.

96. Allow only Cloudflare traffic

    • Answer: Use firewall rules to allow only Cloudflare IP ranges.

97. Track config changes

    • Answer: Store configs in Git, use tools like Ansible or Puppet.

98. Breakage due to dependency

    • Answer: Use version pinning and virtual environments.

99. Test without affecting prod

    • Answer: Use staging environment or feature flags.

100. Prepare for high traffic

- **Answer:** Scale resources, use CDN, caching, load testing

---

Scenario-based DevOps questions

 

🚀 1. CI/CD Pipeline Issue

Scenario:
You have a Jenkins pipeline that fails at the testing stage. The build step is successful, but during testing, it reports that a required environment variable is missing.

Question:
How would you troubleshoot and fix this issue?

Expected Answer:

• Check the pipeline script (Jenkinsfile) to see if the environment variable is defined.

• Verify that the variable is passed correctly from the Jenkins environment or injected via credentials.

• If using Docker, ensure the variable is available inside the container.

• Add a debug step (echo $VAR_NAME) to confirm it's being set.

---

🛠️ 2. Infrastructure as Code (Terraform)

Scenario:
You used Terraform to deploy a VM in Azure. Later, someone manually deleted the VM from the portal.

Question:
What happens the next time you run terraform plan and how would you fix it?

Expected Answer:

• Terraform will show that the VM needs to be recreated.

• terraform plan will detect that the resource is missing and suggest creating it again.

• Running terraform apply will recreate the deleted VM.

• Best practice: Avoid manual changes outside Terraform to prevent state drift.

---

☁️ 3. Deployment Rollback

Scenario:
A deployment went live and caused issues in production. Users started facing errors immediately.

Question:
How would you handle the rollback?

Expected Answer:

• First, stop further impact (pause traffic, scale down, etc.).

• Use the last known good deployment version from the CI/CD tool (e.g., Git tag, Docker image).

• Roll back using the deployment tool (Helm, Kubernetes, or Jenkins).

• Communicate with the team and investigate logs for root cause.

---

🔐 4. SSH Key Access

Scenario:
You created a new VM and pushed your public SSH key during provisioning. But when you try to SSH, access is denied.

Question:
What could be the possible issues?

Expected Answer:

• Wrong key used while connecting (ssh -i wrong_key.pem).

• Permissions on the ~/.ssh/authorized_keys file or ~/.ssh directory are incorrect.

• The SSH service might not be running or the firewall might be blocking access.

• Wrong user (ubuntu vs root vs azureuser).

---

📦 5. Docker Image Issue

Scenario:
Your application works locally but fails with a "module not found" error when run inside a Docker container.

Question:
What would you check?

Expected Answer:

• Ensure the dependency is listed in the requirements.txt or package.json.

• Confirm the file is being copied properly in the Dockerfile.

• Rebuild the Docker image to reflect the changes (docker build .).

• Check the WORKDIR and execution context in the container.

50+ essential Linux commands(cheatsheet)

 Absolutely! As a DevOps professional, it’s vital to be proficient in the Linux command line for effective server management, automation, and troubleshooting. In this comprehensive guide, we’ll cover 50+ essential Linux commands(cheatsheet) with clear explanations and practical examples. This will help you enhance your Linux skills in a straightforward and practical manner.

1. id - This is used to find out user and group names and numeric ID’s (UID or group ID) of the current user or any other user in the server.
   Example: id -u root

2. cd - Change Directory: Navigate to a different directory.
Example:cd /home/user/documents

3. pwd - Print Working Directory: Display the current directory's full path. Example: pwd

4. mkdir - Make Directory: Create a new directory.
Example: mkdir new_folder

5. rm - Remove: Delete files or directories.
Example: rm file.txt

6. cp - Copy: Copy files or directories.
Example: cp file.txt /backup

7. mv - Move: Move files or directories.
Example: mv file.txt /new_location

8. touch - Create Empty File: Create a new empty file.
Example: touch new_file.txt

9. cat - Concatenate and Display: View the content of a file.
Example: cat file.txt

10. nano - Text Editor: Open a text file for editing.
Example: nano file.txt

11. grep - Search Text: Search for text patterns in files.
Example: grep "pattern" file.txt

12. find - Search Files and Directories: Search for files and directories. Example: find /path/to/search -name "file_name"

13. chmod - Change File Permissions: Modify file permissions.
Example: chmod 755 file.sh

14. chown - Change Ownership: Change the owner and group of a file or directory.
Example: chown user:group file.txt

15. ps - Process Status: Display running processes.
Example: ps aux

16. top - Monitor System Activity: Monitor system processes in real-time. Example: top

17. kill - Terminate Processes: Terminate a process using its ID. Also can use pkill to terminate processes based on their name or other attributes.
Example: kill PID
pkill Process_Name

18. wget - Download Files: Download files from the internet.
Example: wget https://example.com/file.zip

19. less - To view the contents of a file one screen at a time, allowing for easy navigation and search within the file. Example: less test.log

20. tar - Archive and Extract: Create or extract compressed archive files. Example: tar -czvf archive.tar.gz folder

21. ssh - Secure Shell: Connect to a remote server securely.
Example: ssh user@remote_host

22. scp - Securely Copy Files: Copy files between local and remote systems using SSH.
Example: scp file.txt user@remote_host:/path

23. rsync - Remote Sync: Synchronize files and directories between systems.
Example: rsync -avz local_folder/ user@remote_host:remote_folder/

24. df - Disk Free Space: Display disk space usage.
Example: df -h

25. du - Disk Usage: Show the size of files and directories.
Example: du -sh /path/to/directory

26. ifconfig - Network Configuration: Display or configure network interfaces (deprecated, use ip).
Example: ifconfig

27. ip - IP Configuration: Manage IP addresses and network settings. Example: ip addr show

28. netstat - Network Statistics: Display network connections and statistics (deprecated, use ss).
Example: netstat -tuln

29. systemctl - System Control: Manage system services using systemd. Example: systemctl start service_name

30. journalctl - Systemd Journal: View system logs using systemd's journal.
Example: journalctl -u service_name

31. free - This command displays the total amount of free space available.
Example: free -m

32. at - Execute Commands Later: Run commands at a specified time. Example: echo "command" | at 15:30

33. ping - Network Connectivity: Check network connectivity to a host. Example: ping google.com

34. traceroute - Trace Route: Trace the route packets take to reach a host. Example: traceroute google.com

35. - Check Website Connectivity: Check if a website is up.
Example: curl -Is https://example.com | head -n 1

36. dig - Domain Information Groper: Retrieve DNS information for a domain.
Example: dig example.com

37. hostname - Display or Set Hostname: Display or change the system's hostname.
Example: hostname

38. who - Display Users: Display currently logged-in users.
Example: who

39. useradd - Add User: Create a new user account.
Example: useradd newuser

40. usermod - Modify User: Modify user account properties.
Example: usermod -aG groupname username

41. passwd - Change Password: Change user password.
Example: passwd username

42. sudo - Superuser Do: Execute commands as the superuser.
Example: sudo command

43. lsof - List Open Files: List open files and processes using them. Example: lsof -i :port

44. nc - Netcat: Networking utility to read and write data across network connections.
Example: echo "Hello" | nc host port

45. scp - Secure Copy Between Hosts: Copy files securely between hosts. Example: scp file.txt user@remote_host:/path

46. sed - Stream Editor: Text manipulation using regex.
Example: sed 's/old/new/g' file.txt

47. awk - Text Processing: Pattern scanning and text processing.
Example: awk '{print $2}' file.txt

48. cut - Text Column Extraction: Extract specific columns from text. Example: cut -d"," -f2 file.csv

49. sort - Sort Lines: Sort lines of text files.
Example: sort file.txt

50. diff - File Comparison: Compare two files and show differences. Example: diff file1.txt file2.txt

51. ls - List Files and Directories: List the contents of a directory.
Example: ls -la

52. history - This command is used to view the previously executed command.
Example: history 10

53. cron - Schedule Tasks: Manage scheduled tasks.
Example: crontab -e

54. ssh-keygen - This command is used to generate a public/private authentication key pair. This process of authentication allows the user to connect remote server without providing a password.
Example: ssh-keygen

55. nslookup - This stands for “Name server Lookup”. This is a tool for checking DNS hostname to Ip or Ip to Hostname. This is very helpful while troubleshooting.
Example: nslookup google.com

56. tr - For translating or deleting characters.

These commands cover a wide range of tasks that are essential for DevOps professionals working with Linux systems. Remember to always refer to the man pages (man command) for more detailed information about each command and its options.
Example:cat crazy.txt | tr "[a-z]" "[A-Z]"

57. tnc - This is “Test Network Connection” command. Mostly used command while troubleshooting. It displays diagnostic information for a connection.
Example:tnc google.com --port 443

58. w - Displays current user.

59. su - Switch User.
Example: su - root

60. ac(All Connections) — Total connect time for all users or specified users.
Example: ac john

61. tail — Displays the last part of a file, commonly used to monitor logs in real-time.
Example: tail monitor.logs

62. head — Displays the first part of a file, often used to quickly see the beginning of a file’s content.
Example: head content.txt

63. ip route — To show or manipulate the IP routing table. Shows clear ip tables rules.
Example: ip rout

Linux Commands and tricks for DevOps tasks read more

Conclusion

DevOps professionals often rely on a set of essential Linux commands to manage systems, automate tasks, and ensure the smooth operation of infrastructure. These commands are foundational for DevOps tasks and are used in various contexts, from system administration to deployment automation.