Skip to content

DevOps Interview Questions and Answers

1. What would you do if an EC2 instance is getting slow?

  • Check CPU, Memory, and Disk Utilization using CloudWatch metrics.
  • Investigate running processes to identify bottlenecks using tools like htop or top.
  • Ensure the instance type is sufficient for the workload; consider upgrading if necessary.
  • Look for network or I/O issues.
  • Verify the application performance logs.
  • Restart the instance as a last resort.

2. If users can’t access an application hosted on EC2, what steps would you take?

  • Verify the instance health in the AWS Console.
  • Check security group and network ACL rules for proper port and IP configurations.
  • Ensure the application service is running.
  • Confirm the DNS configuration and connectivity.
  • Investigate application logs for errors.
  • Test the connection using tools like curl or ping.

3. What’s the difference between a Load Balancer and a Reverse Proxy?

  • Load Balancer distributes traffic across multiple servers for scalability and fault tolerance.
  • Reverse Proxy acts as an intermediary server to forward client requests to backend servers, often providing caching, SSL termination, and additional security.

4. How would you write a Terraform script to create an EC2 instance and run a script on every reboot?

resource "aws_instance" "example" {
  ami           = "ami-12345678"
  instance_type = "t2.micro"

  user_data = <<-EOT
              #!/bin/bash
              echo "Script runs on every reboot" >> /var/log/reboot.log
              EOT

  tags = {
    Name = "example-instance"
  }
}

5. What is a Backend in Terraform, and why is it used?

  • Backend defines where Terraform stores its state data (e.g., local, S3, or Consul).
  • It is used to enable state sharing, locking, and remote operations.

6. What is the Docker lifecycle?

  1. Create
  2. Start
  3. Stop
  4. Restart
  5. Pause
  6. Unpause
  7. Remove

7. What are the key Docker components?

  • Docker Engine: The runtime environment.
  • Docker Images: Templates for containers.
  • Docker Containers: Running instances of images.
  • Docker Compose: Tool for defining multi-container applications.
  • Docker Hub: Registry for sharing images.

8. What’s the difference between a Docker Image and a Docker Container?

  • Docker Image: A read-only template with application code and dependencies.
  • Docker Container: A running instance of a Docker image.

9. What should you do before creating a Docker container?

  • Ensure the Docker image is properly built.
  • Verify dependencies are included.
  • Confirm the application is tested locally.

10. What is Docker Compose, and how do you use it?

  • Docker Compose: A tool to define and run multi-container Docker applications.
  • Use a docker-compose.yml file to define services and run docker-compose up.

11. What steps would you take if you see an "unhealthy" status in an ELB?

  • Check target group health checks.
  • Ensure instances are running and reachable.
  • Verify security group rules.
  • Look at application logs for errors.

12. How do you optimize Docker images for better performance?

  • Use multi-stage builds.
  • Minimize the number of layers.
  • Avoid including unnecessary files.
  • Use a minimal base image like alpine.

13. How would you secure a Docker container?

  • Use non-root users.
  • Limit container capabilities.
  • Implement network policies.
  • Scan images for vulnerabilities.
  • Use signed images.

14. What is Jenkins scaling, and how do you achieve it?

  • Scaling Jenkins involves adding worker nodes to handle more builds.
  • Use Jenkins distributed builds by configuring a master-slave architecture.

15. What is the role of the Master and Node in Jenkins?

  • Master: Orchestrates builds and provides the UI.
  • Node: Executes build tasks.

16. What is a Sidecar container, and when would you use it?

  • A Sidecar container runs alongside a main application container, providing auxiliary services like logging, monitoring, or proxying.

17. What is the difference between ConfigMap and Secrets in Kubernetes?

  • ConfigMap: Stores non-sensitive configuration data.
  • Secrets: Stores sensitive data like passwords or keys.

18. What is the default deployment in Kubernetes?

  • Deployment: Manages stateless applications and ensures updates with rollbacks.

19. What are Taints and Tolerations in Kubernetes?

  • Taints: Restrict which nodes can schedule pods.
  • Tolerations: Allow pods to override taints.

20. What is a Static Pod in Kubernetes, and how is it different from a regular pod?

  • Static Pod: Managed directly by the kubelet, not by the API server.
  • Regular pods are managed by the API server.

21. How do you check pod logs and attach Prometheus for monitoring?

  • Check logs: kubectl logs <pod-name>.
  • Attach Prometheus by deploying Prometheus and configuring it to scrape metrics.

22. How would you define a ConfigMap and Secrets in Kubernetes?

  • ConfigMap: 
    apiVersion: v1
kind: ConfigMap
metadata:
  name: example-config

data:
  key: value
  • Secrets: 
    apiVersion: v1
kind: Secret
metadata:
  name: example-secret

data:
  key: c2VjcmV0

23. What is the default scaling in Kubernetes, and how does it work?

  • Kubernetes uses the Horizontal Pod Autoscaler to scale pods based on metrics like CPU or memory usage.

24. What is RBAC in Kubernetes, and why is it important?

  • RBAC (Role-Based Access Control) restricts resource access based on roles.
  • It improves security by enforcing the principle of least privilege.

25. What’s the difference between ClusterRole and Role in RBAC?

  • ClusterRole: Grants permissions across the cluster.
  • Role: Grants permissions within a specific namespace.