ℹ️ This repo contains questions and exercises on various technical topics, sometimes related to DevOps and SRE :)
📊 There are currently 854 questions
💭 If you wonder "How to prepare for a DevOps interview?", you might want to read some of my suggestions here
📝 You can add more questions and exercises by submitting pull requests :) You can read more about it here
What is DevOps?
Amazon:
"DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market."
Microsoft:
"DevOps is the union of people, process, and products to enable continuous delivery of value to our end users. The contraction of “Dev” and “Ops” refers to replacing siloed Development and Operations to create multidisciplinary teams that now work together with shared and efficient practices and tools. Essential DevOps practices include agile planning, continuous integration, continuous delivery, and monitoring of applications."
Red Hat:
"DevOps describes approaches to speeding up the processes by which an idea (like a new software feature, a request for enhancement, or a bug fix) goes from development to deployment in a production environment where it can provide value to the user. These approaches require that development teams and operations teams communicate frequently and approach their work with empathy for their teammates. Scalability and flexible provisioning are also necessary. With DevOps, those that need power the most, get it—through self service and automation. Developers, usually coding in a standard development environment, work closely with IT operations to speed software builds, tests, and releases—without sacrificing reliability."
What are the benefits of DevOps? What it can help us to achieve?
You should mention some or all of the following:
- Collaboration
- Improved delivery
- Security
- Speed
- Scale
- Reliability
Make sure to elaborate :)
What are the anti-patterns of DevOps?
- Not allowing to push in production on Friday :)
- One specific person is in charge of different tasks. For example there is only one person who is allowed to merge the code of everyone else
- Treating production differently from development environment. For example, not implementing security in development environment
What is Continuous Integration?
A development practice where developers integrate code into a shared repository frequently. It can range from a couple of changes every day or a week to a couple of changes in one hour in larger scales.
Each piece of code (change/patch) is verified, to make the change is safe to merge. Today, it's a common practice to test the change using an automated build that makes sure the code can integrated. It can be one build which runs several tests in different levels (unit, functional, etc.) or several separate builds that all or some has to pass in order for the change to be merged into the repository.
What is Continuous Deployment?
What is Continuous Delivery?
What CI/CD best practices are you familiar with? Or what do you consider as CI/CD best practice?
What systems and/or tools are you using for the following?:
- CI/CD
- Provisioning infrastructure
- Configuration Management
- Monitoring & alerting
- Logging
- Code review
- Code coverage
- Tests
What are you taking into consideration when choosing a tool/technology?
In your answer you can mention one or more of the following:
- mature vs. cutting edge
- community size
- architecture aspects - agent vs. agentless, master vs. masterless, etc.
Explain mutable vs. immutable infrastructure
In mutable infrastructure paradigm, changes are applied on top of the existing infrastructure and over time the infrastructure builds up a history of changes. Ansible, Puppet and Chef are examples of tools which follow mutable infrastructure paradigm.
In immutable infrastructure paradigm, every change is actually a new infrastructure. So a change to a server will result in a new server instead of updating it. Terraform is an example of technology which follows the immutable infrastructure paradigm.
What ways are you familiar with to deliver a software? What are the advantages and disadvantages of each method?
- Archive - collect all your app files into one archive (e.g. tar) and deliver it to the user.
- Package - depends on the OS, you can use your OS package format (e.g. in RHEL/Fefodra it's RPM) to deliver your software with a way to install, uninstall and update it using the standard packager commands
- Images - Either VM or container images where your package is included with everything it needs in order to run successfully.
What is caching? How it works? Why is it important?
Explain stateless vs. stateful
Stateless applications don't store any data in the host which makes it ideal for horizontal scaling and microservices. Stateful applications depend on the storage to save state and data, typically databases are stateful applications.
Describe the workflow of setting up some type of web server (Apache, IIS, Tomcat, ...)
Explain "Open Source"
Describe me the architecture of service/app/project/... you designed and/or implemented
What types of tests are you familiar with?
Styling, unit, functional, API, integration, smoke, scenario, ...
You should be able to explain those that you mention.
You need to install periodically the same package on different operating systems (Ubuntu, RHEL, ...). How would you do it?
It can be as simple as one Ansible (or other CM tool) task that runs periodically with Cron. In more advanced cases, perhaps a CI system.
Compare SRE to DevOps
What is Reliability? How does it fit DevOps?
Reliability, when used in DevOps context, is the ability of a system to recover from infrastructure failure or disruption. Part of it is also being able to scale based on your organization or team demands.
What SRE team is responsible for?
One can argue whether it's per company definition or a global one but at least according to a large companies, like Google for example, the SRE team is responsible for availability, latency, performance, efficiency, change management, monitoring, emergency response, and capacity planning of their services
What is an error budget?
What are MTTF (mean time to failure) and MTTR (mean time to repair)? What these metrics help us to evaluate?
What is a post-mortem meeting? Why is it important?
What is "infrastructure as code"? What implementation of IAC are you familiar with?
How do you manage build artifacts?
What Continuous Integration solution are you using/prefer and why?
What deployment strategies are you familiar with or have used?
Tell me how you perform plan capacity for your CI/CD resources (e.g. servers, storage, etc.)
How would you structure/implement CD for an application which depends on several other applications?
How do you measure your CI/CD quality? Are there any metrics or KPIs you are using for measuring the quality?
What is a configuration drift? What problems is it causing?
Configuration drift happens when in an environment of servers with the exact same configuration and software, a certain server or servers are being applied with updates or configuration which other servers don't get and over time these servers become slightly different than all others.
This situation might lead to bugs which hard to identify and reproduce.
How to deal with a configuration drift?
Do you have experience with testing cross-projects changes? (aka cross-dependency)
Note: cross-dependency is when you have two or more changes to separate projects and you would like to test them in mutual build instead of testing each change separately.
Have you contributed to an open source project? Tell me about this experience
What is Jenkins? What have you used it for?
What are the advantages of Jenkins over its competitors? Can you compare it to one of the following systems?
- Travis
- Bamboo
- Teamcity
- CircleCI
What are the limitations or disadvantages of Jenkins?
Explain the following:
- Job
- Build
- Plugin
- Slave
- Executor
What plugins have you used in Jenkins?
Explain CI/CD and how you implemented it in Jenkins
What type of jobs are there? Which types have you used?
How did you report build results to users? What ways are you familiar with for reporting results?
You need to run unit tests every time a change submitted to a given project. Describe in details how your pipeline would look like and what will be executed in each stage
How to secure Jenkins?
Can you describe some of Jenkins best practices?
Describe how do you add new slaves to Jenkins
You can describe the UI way to add new slaves but better to explain how to do in a way that scales like a script or using dynamic source for slaves like one of the existing clouds.
How to acquire multiple slaves for one specific build?
There are four teams in your organization. How to prioritize the builds of each team? So the jobs of team x will always run before team y for example
If you are managing a dozen of jobs, you can probably use the Jenkins UI. How do you manage the creation and deletion of hundreds of jobs every week/month?
What are some of Jenkins limitations?
- Testing cross-dependencies (changes from multiple projects together)
- Starting builds from any stage (although cloudbees implemented something called checkpoints)
How would you implement an option of a starting a build from a certain stage and not from the beginning?
Do you have experience with developing a Jenkins plugin? Can you describe this experience?
Have you written Jenkins scripts? If yes, what for and how they work?
What is Cloud Computing? What is a Cloud Provider?
What are the advantages of cloud computing? Mention at least 3 advantages
- Pay as you go (or consumption-based payment) - you are paying only for what you are using. No upfront payments and payment stops when resources are no longer used.
- Scalable - resources are scaled down or up based on demand
What types of Cloud Computing are there?
IAAS PAAS SAAS
Explain each of the following Cloud Computing Deployments:
- Public
- Hybrid
- Private
What are the differences between Cloud Providers and On-Premise solution?
In cloud providers, someone else owns and manages the hardware, hire the relevant infrastructure teams and pays for real-estate (for both hardware and people). You can focus on your business.
In On-Premise solution, it's quite the opposite. You need to take care of hardware, infrastructure teams and pay for everything which can be quite expensive. On the other hand it's tailored to your needs.
What is Serverless Computing?
The main idea behind serverless computing is that you don't need to manage the creation and configuration of server. All you need to focus on is splitting your app into multiple functions which will be triggered by some actions.
It's important to note that:
- Serverless Computing is still using servers. So saying there are no servers in serverless computing is completely wrong
- Serverless Computing allows you to have different paying model. You basically pay only when your functions are running and not when the VM or containers are running as in other payment models
Explain the following
- Availability zone
- Region
- Edge location
AWS regions are data centers hosted across different geographical locations worldwide, each region is completely independent of one another.
Within each region, there are multiple isolated locations known as Availability Zones. Multiple availability zones ensure high availability in case one of them goes down.
Edge locations are basically content delivery network which caches data and insures lower latency and faster delivery to the users in any location. They are located in major cities in the world.
What is IAM? What are some of its features?
True or False? IAM configuration is defined globally and not per region
True
What are Roles?
A way for allowing a service of AWS to use another service of AWS. You assign roles to AWS resources.
What are Policies?
Policies documents used to give permissions as to what a user, group or role are able to do. Their format is JSON.
Explain what is S3 and what is it used for
S3 stands for 3 S, Simple Storage Service. S3 is a object storage service which is fast, scalable and durable. S3 enables customers to upload, download or store any file or object that is up to 5 TB in size. While having a maximum size of 5 GB per file (multipart upload if more than 5 GB in size).
What is a bucket?
An S3 bucket is a resource which is similar to folders in a file system and allows storing objects, which consist of data and its meta data.
True or False? A bucket name must be globally unique
True
What objects in S3 consists of? * Another way to ask it: explain key, value, version id and meta data in context of objects
Explain data consistency
Can you host dynamic websites on S3?. What about static websites?
What security measures have you taken in context of S3?
What is a storage class? What storage classes are you familiar with?
What is EC2? What is it used for?
What EC2 pricing models are there?
How to increase RAM for a given EC2 instance?
Stop the instance, the type of the instance to match the desired RAM and start the instance.
What is an AMI?
How many storage options are there for EC2 Instances?
What happens when an EC2 instance is stopped or terminated?
What are Security Groups?
How to migrate an instance to another availability zone?
What are spot instances?
Explain what is CloudFormation
Are you familiar with Cost Explorer tool? Have you used it? What for exactly?
Explain what is CloudFront and what is it used for
Explain the following
- Origin
- Edge location
- Distribution
What delivery methods available for the user with CDN?
True or False?. Objects are cached for the life of TTL
True
What is AWS Snowball?
A transport solution which was designed for transferring large amounts of data (petabyte-scale) into and out the AWS cloud.
What types of load balancers are supported in EC2 and what are they used for?
- Application LB - layer 7 traffic
- Network LB - ultra-high performances or static IP address
- Classic LB - low costs, good for test or dev environments
What is the shared responsibility model? In other words, what AWS is responsible for and what the user is responsible for in regards to Security?
What is the AWS compliance program?
Explain what each of the following services is used for
- AWS Inspector
- AWS Artifact
- AWS Shield
What is AWS WAF? Give an example of how it can used and describe what resources or services you can use it with
What AWS VPN is used for?
What is the difference between Site-to-Site VPN and Client VPN?
True or False? AWS Inspector can perform both network and host assessments
True
What is Amazon RDS?
What are some features or benefits of using RDS?
- Multi AZ - great for Disaster Recovery
- Read Replicas - for better performances
What is AWS Redshift and how its different than RDS?
What do you if you suspect AWS Redshift performs slowly?
- You can confirm your suspicion by going to AWS Redshift console and see running queries graph. This should tell you if there are any long-running queries.
- If confirmed, you can query for running queries and cancel the irrelevant queries
- Check for connection leaks (query for running connections and include their IP)
- Check for table locks and kill irrelevant locking sessions
What is EBS?
What is Amazon ElastiCache? For what cases it used?
Amazon Elasticache is a fully managed Redis or Memcached in-memory data store.
It's great for use cases like two-tier web applications where the most frequently accesses data is stored in ElastiCache so response time is optimal.
What is Amazon Aurora
A MySQL & Postgresql based relational database. Great for use cases like two-tier web applications that has a MySQL or Postgresql database layer and you need automated backups for your application.
What "AWS Database Migration Service" is used for?
What is VPC?
What is an Elastic IP address?
Explain Security Groups and Network ACLs
What would you use for easily creating similar AWS environments/resources for different customers?
CloudFormation
Using which service, can you add user sign-up, sign-in and access control to mobile and web apps?
Cognito
Which service would you use for building a website or web application?
Lightsail
Which tool would you use for choosing between Reserved instances or On-Demand instances?
Cost Explorer
What would you use to check how many unassociated Elastic IP address you have?
Trusted Advisor
What service allows you to transfer large amounts (Petabytes) of data in and out of the AWS cloud?
AWS Snowball
What provides a virtual network dedicated to your AWS account?
VPC
What you would use for having automated backups for an application that has MySQL database layer?
Amazon Aurora
What would you use to migrate on-premise Oracle database to AWS?
AWS Database Migration Service
What would you use to check why certain EC2 instances were terminated?
AWS CloudTrail
Explain what are the following services and give an use case example for each one them:
- CloudTrail
- CloudWatch
- CloudSearch
Explain what is AWS Lambda
What is Ethernet?
What is a MAC address? What is it used for?
When is this MAC address used?: ff:ff:ff:ff:ff:ff
What is an IP address?
Explain subnet mask and given an example
What is a private IP address? What do we need it for?
Explain the OSI model. What layers there are? What each layer is responsible for?
Application: user end (HTTP is here) Presentation: establishes context between application-layer entities (Encryption is here) Session: establishes, manages and terminates the connections Transport: transfers variable-length data sequences from a source to a destination host (TCP & UDP are here) Network: transfers datagrams from one network to another (IP is here) Data link: provides a link between two directly connected nodes (MAC is here) Physical: the electrical and physical spec the data connection (Bits are here)
For each of the following determine to which OSI layer it belongs:
- Error correction
- Packets routing
- Cables and electrical signals
- MAC address
- IP address
- Sessions between applications
- 3 way handshake
What delivery schemes are you familiar with?
Unitcast: One to one communication where there is one sender and one receiver.
Broadcast: Sending a message to everyone in the network. The address ff:ff:ff:ff:ff:ff is used for broadcasting. Two common protocols which use broadcast are ARP and DHCP.
Multicast: Sending a message to a group of subscribers. It can be one-to-many or many-to-many.
What is CSMA/CD? Is it used in modern ethernet networks?
CSMA/CD stands for Carrier Sense Multiple Access / Collision Detection. Its primarily focus it to manage access to shared medium/bus where only one host can transmit at a given point of time.
CSMA/CD algorithm:
- Before sending a frame, it checks whether another host already transmitting a frame.
- If no one transmitting, it starts transmitting the frame.
- If two hosts transmitted at the same time, we have a collision.
- Both hosts stop sending the frame and they send to everyone a 'jam signal' notifying everyone that a collision occurred
- They are waiting for a random time before sending again
- Once each host waited for a random time, they try to send the frame again and so the
Describe the following network devices and the difference between them:
- router
- switch
- hub
How does a router works?
What is NAT?
What is a proxy? How it works? What do we need it for?
What is TCP? How it works? What is the 3 way handshake?
How does SSL handshake work?
What is the difference between TCP and UDP?
TCP establishes a connection between the client and the server to guarantee the order of the packages, on the other hand, UDP does not establish a connection between client and server and doesn't handle package order. This makes UDP more lightweight than TCP and a perfect candidate for streaming services.
True or False? TCP is better than UDP
What TCP/IP protocols are you familiar with?
Explain "default gateway"
What is ARP? How it works?
What is TTL?
What is DHCP? How it works?
What is SSL tunneling? How it works?
What is a socket? Where can you see the list of sockets in your system?
What is IPv6? Why should we consider using it if we have IPv4?
What is VLAN?
What is MTU?
True or False?. Ping is using UDP because it doesn't care about reliable connection
What is SDN?
What is ICMP? What is it used for?
What is NAT? How it works?
What is latency?
What is bandwidth?
Which factors affect network performances
Explain Spanning Tree Protocol (STP)
What is link aggregation? Why is it used?
What is Asymmetric Routing? How do deal with it?
What overlay (tunnel) protocols are you familiar with?
What is GRE? How it works?
What is VXLAN? How it works?
What is SNAT?
Explain OSPF
Explain Spine & Leaf
What is Network Congestion? What can cause it?
What can you tell me about UDP packet format? What about TCP packet format? How is it different?
Using Hamming code, what would be the code word for the following data word 100111010001101?
00110011110100011101
What is your experience with Linux?
An open question. Answer based on your real experience. You can highlight one or more of the following:
- Troubleshooting & Debugging
- Storage
- Networking
- Development
- Deployments
Explain what each of the following commands does and give an example on how to use it:
-
ls
-
rm
-
rmdir (can you achieve the same result by using rm
?)
-
grep
-
wc
-
curl
-
touch
-
man
-
nslookup or dig
-
df
ls
rm
rmdir (can you achieve the same result by using rm
?)
grep
wc
curl
touch
man
nslookup or dig
df
ls - list files and directories. You can highlight common flags like -d, -a, -l, ...
rm - remove files and directories. You should mention -r for recursive removal
rmdir - remove directories but you should mention it's possible to use rm for that
grep - print lines that match patterns. Could be nice to mention -v, -r, -E flags
wc - print newline, word, and byte counts
curl - tranfer a URL or mention common usage like downloading files, API calls, ...
touch - update timestamps but common usage is to create files
man - reference manuals
nslookup or dig - query nameservers
df - provides info regarding file system disk space usage
Running the command df
you get "command not found". What could be wrong and how to fix it?
Most likely the default/generated $PATH was somehow modified or overridden thus not containing /bin/
where df would normally go.
This issue could also happen if bash_profile or any configuration file of your interpreter was wrongly modified, causing erratics behaviours.
You would solve this by fixing your $PATH variable:
As to fix it there are serveral options:
- Manually adding what you need to your $PATH
PATH="$PATH":/user/bin:/..etc
- You have your weird env variables backed up.
- You would look for your distro default $PATH variable, copy paste using method #1
Note: There are many ways of getting errors like this: if bash_profile or any configuration file of your interpreter was wrongly modified; causing erratics behaviours, permissions issues, bad compiled software (if you compiled it by yourself)... there is no answer that will be true 100% of the time.
How do you schedule tasks periodically?
You can use the commands cron
and at
.
With cron, tasks are scheduled using the following format:
*/30 * * * * bash myscript.sh
Executes the script every 30 minutes.
The tasks are stored in a cron file, you can write in it using crontab -e
Alternatively if you are using a distro with systemd it's recommended to use systemd timers.
Have you scheduled tasks in the past? What kind of tasks?
Normally you will schedule batch jobs.
How to change the permissions of a file?
Using the chmod
command.
What does the following permissions mean?:
- 777
- 644
- 750
777 - You give the owner, group and other: Execute (1), Write (2) and Read (4); 4+2+1 = 7. 644 - Owner has Read (4), Write (2), 4+2 = 6; Group and Other have Read (4). 750 - Owner has x+r+w, Group has Read (4) and Execute (1); 4+1 = 5. Other have no permissions.
Explain what is setgid, setuid and sticky bit
You try to delete a file but it fails. Name at least three different reason as to why it could happen
- No more disk space
- No more indoes
- No permissions
What is systemd?
Systemd is a daemon (System 'd', d stands from daemon).
A daemon is a program that runs in the background without direct control of the user, although the user can at any time talk to the daemon.
systemd has many features such as user processes control/tracking, snapshot support, inhibitor locks..
If we visualize the unix/linux system in layers, systemd would fall directly after the linux kernel.
Hardware -> Kernel -> Daemons, System Libraries, Server Display.
On a system which uses systemd, how would you display the logs?
journalctl
Describe how to make a certain process/app a service
How do you kill a process in D state?
What are you using for troubleshooting and debugging network issues?
dstat -t
is great for identifying network and disk issues.
netstat -tnlaup
can be used to see which processes are running on which ports.
lsof -i -P
can be used for the same purpose as netstat.
ngrep -d any metafilter
for matching regex against payloads of packets.
tcpdump
for capturing packets
wireshark
same concept as tcpdump but with GUI (optional).
What are you using for troubleshooting and debugging disk & file system issues?
dstat -t
is great for identifying network and disk issues.
opensnoop
can be used to see which files are being opened on the system (in real time).
What are you using for troubleshooting and debugging process issues?
strace
is great for understanding what your program does. It prints every system call your program executed.
What are you using for debugging CPU related issues?
top
will show you how much CPU percentage each process consumes
perf
is a great choice for sampling profiler and in general, figuring out what your CPU cycles are "wasted" on
flamegraphs
is great for CPU consumption visualization (http://www.brendangregg.com/flamegraphs.html)
You get a call from someone claiming "my system is SLOW". What do yo do?
- Check with
top
for anything unusual - Run
dstat -t
to check if it's related to disk or network. - Check if it's network related with
sar
- Check I/O stats with
iostat
Explain iostat output
How to debug binaries?
What kind of information one can find in /proc?
What is the difference between CPU load and utilization?
How you measure time execution of a program?
How do you find out which Kernel version your system is using?
What is a Linux kernel module and how do you load a new module?
Explain user space and kernel space
Wildcards are implemented on user or kernel space?
What is KVM?
What is SSH key? How is it used?
What is the difference between SSH and SSL?
What is SSH port forwarding?
Explain redirection
What are wildcards? Can you give an example of how to use them?
What do we grep for in each of the following commands?:
grep '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' some_file
grep -E "error|failure" some_file
grep '[0-9]$' some_file
grep '[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}' some_file
grep -E "error|failure" some_file
grep '[0-9]$' some_file
- An IP address
- The word "error" or "failure"
- Lines which end with a number
Tell me everything you know about the Linux boot process
Another way to ask this: what happens from the moment you turned on the server until you get a prompt
What is an exit code? What exit codes are you familiar with?
An exit code (or return code) represents the code returned by a child process to its parent process.
0 is an exit code which represents success while anything higher than 1 represents error. Each number has different meaning, based on how the application was developed.
I consider this as a good blog post to read more about it: https://shapeshed.com/unix-exit-codes
What's an inode?
For each file (and directory) in Linux there is an inode, a data structure which stores meta data related to the file like its size, owner, permissions, etc.
Which of the following is not included in inode:
- Link count
- File size
- File name
- File timestamp
How to check which disks are currently mounted?
You run mount command but you get no output. How would you check what mounts you have on your system?
What is the difference between a soft link and hard link?
Hard link is the same file, using the same inode. Soft link is a shortcut to another file, using a different inode.
True or False? You can create an hard link for a directory
False
True or False? You can create a soft link between different filesystems
True
What happens when you delete the original file in case of soft link and hard link?
What is a swap partition? What is it used for?
How to create a * new empty file * a file with text (without using text editor) * a file with given size
You are trying to create a new file but you get "File system is full". You check with df for free space and you see you used only 20% of the space. What could be the problem?
How would you check what is the size of a certain directory?
What do you know about LVM?
Explain the following in regards to LVM:
- PV
- VG
- LV
What is NFS? What is it used for?
What RAID is used for? Can you explain the differences between RAID 0, 1, 5 and 10?
Describe the process of extending a filesystem disk space
What is lazy umount?
What is tmpfs?
Fix the following commands:
- sed "s/1/2/g' /tmp/myFile
- find . -iname *.yaml -exec sed -i "s/1/2/g" {} ;
sed 's/1/2/g' /tmp/myFile
find . -iname "*.yaml" -exec sed -i "s/1/2/g" {} \;
Explain what is stored in each of the following paths and if there is anything unique about it:
- /tmp
- /var/log
- /bin
- /usr/local
How to run a process in the background and why to do that in the first place?
You can achieve that by specifying & at end of the command. As to why, since some commands/processes can take a lot of time to finish execution or run forever
How can you find how much memory a specific process consumes?
What signal is used by default when you run 'kill *process id*'?
The default signal is SIGTERM (15). This signal kills process gracefully which means it allows it to save current state configuration.
What signals are you familiar with?
SIGTERM - default signal for terminating a process SIGHUP - common usage is for reloading configuration SIGKILL - a signal which cannot caught or ignored
To view all available signals run kill -l
What kill 0
does?
What kill -0
does?
What is a trap?
What happens when you press ctrl + c?
What are daemons?
What are the possible states of a process in Linux?
Running (R) Uninterruptible Sleep (D) - The process is waiting for I/O Interruptible Sleep (S) Stopped (T) Dead (x) Zombie (z)
What is a zombie process?
A process which has finished to run but has not exited.
One reason it happens is when a parent process is programmed incorrectly. Every parent process should execute wait() to get the exit code from the child process which finished to run. But when the parent isn't checking for the child exit code, the child process can still exists although it finished to run.
How to get rid of zombie processes?
You can't kill a zombie process the regular way with kill -9
for example as it's already dead.
One way to kill zombie process is by sending SIGCHLD to the parent process telling it to terminate its child processes. This might not work if the parent process wasn't programmed properly. The invocation is kill -s SIGCHLD [parent_pid]
You can also try closing/terminating the parent process. This will make the zombie process a child of init (1) which does periodic cleanups and will at some point clean up the zombie process.
How to find all the
- Processes executed/owned by a certain user
- Process which are Java processes
- Zombie Processes
If you mention at any point ps command with arugments, be familiar with what these arguments does exactly.
What is the init process?
How to change the priority of a process? Why would you want to do that?
Can you explain how network process/connection is established and how it's terminated?>
What are system calls? What system calls are you familiar with?
What strace
does? What about ltrace
?
Find all the files which end with '.yml' and replace the number 1 in 2 in each file
find /some_dir -iname *.yml -print0 | xargs -0 -r sed -i "s/1/2/g"
How to check how much free memory a system has? How to check memory consumption by each process?
You can use the commands top
and free
You run ls and you get "/lib/ld-linux-armhf.so.3 no such file or directory". What is the problem?
The ls executable is built for an incompatible architecture.
How would you split a 50 lines file into 2 files of 25 lines each?
You can use the split
command this way: split -l 25 some_file
What is a file descriptor? What file descriptors are you familiar with?
Kerberos File descriptor, also known as file handler, is a unique number which identifies an open file in the operating system.
In Linux (and Unix) the first three file descriptors are:
- 0 - the default data stream for input
- 1 - the default data stream for output
- 2 - the default data stream for output related to errors
This is a great article on the topic: https://www.computerhope.com/jargon/f/file-descriptor.htm
What is NTP? What is it used for?
Explain Kernel OOM
What is chroot? In what scenarios would you consider using it?
What is SELiunx?
What is Kerberos?
What is nftables?
What firewalld daemon is responsible for?
Do you have experience with hardening servers? Can you describe the process?
What is a network namespace? What is it used for?
How to check if a certain port is being used?
One of the following would work:
netstat -tnlp | grep <port_number>
lsof -i -n -P | grep <port_number>
How can you turn your Linux server into a router?
What is a virtual IP? In what situation would you use it?
Can you have more than one default gateway in a given system?
Technically, yes.
Which port is used in each of the following protocols?:
-
SSH
-
HTTP
-
DNS
-
HTTPS
SSH
HTTP
DNS
HTTPS
SSH - 22
HTTP - 80
DNS - 53
HTTPS - 443
What is the routing table? How do you view it?
How can you send an HTTP request from your shell?
Using nc is one way
What are packet sniffers? Have you used one in the past? If yes, which packet sniffers have you used and for what purpose?
How to list active connections?
How to trigger neighbor discovery in IPv6?
One way would be ping6 ff02::1
What the file /etc/resolv.conf
is used for? What does it include?
What commands are you using for performing DNS queries (or troubleshoot DNS related issues)?
You can specify one or more of the following:
dig
nslookup
Do you have experience with packaging? Can you explain how it works?
RPM: explain the spec format(what it should and can include)
How do you list the content of a package without actually installing it?
How to know to which package a file on the system belongs to? Is it a problem if it doesn't belongs to a package?
What can you find in /etc/services?
How to make sure a Service starts automatically after a reboot or crash?
Depends on the init system.
Systemd: systemctl enable [service_name]
System V: update-rc.d [service_name]
and add this line id:5678:respawn:/bin/sh /path/to/app
to /etc/inittab
Upstart: add Upstart init script at /etc/init/service.conf
You run ssh 127.0.0.1
but it fails with "connection refused". What could be the problem?
- SSH server is not installed
- SSH server is not running
How to print the shared libraries required by a certain program? What is it useful for?
How do you create users? Where user information is stored?
Do you know how to create a new user without using adduser/useradd command?
What information is stored in /etc/passwd?
How to add a new user to the system without providing him the ability to log-in into the system?
- adduser user_name --shell=/bin/false --no-create-home
What can you do if you lost/forogt the root password?
Re-install the OS IS NOT the right answer :)
What is sudo? How do you set it up?
Give 5 commands which are two letters long
ls, wc, dd, df, du, ps, ip, cp, cd ...
What a double dash (--) mean?
It's used in commands to mark the end of commands options. One common example is when used with git to discard local changes: git checkout -- some_file
What the lsof
command does? Have you used it? What for?
What the awk
command does? Have you used it? What for?
Explain the fork system call
fork() is used for creating a new process. It does so by cloning the calling process but the child process has its own PID and any memory locks, I/O operations and semaphores are not inherited.
Explain the exec system call
What are the differences between exec() and fork()?
Why do we need the wait system call?
wait() is used by a parent process to wait for the child process to finish execution. If wait is not used by a parent process then a child process might become a zombie process.
What execve() does?
Executes a program. The program is passed as a filename (or path) and must be a binary executable or a script.
What happens when you execute ls -l
?
-
Shell reads the input using getline() which reads the input file stream and stores into a buffer as a string
-
The buffer is broken down into tokens and stored in an array this way: {"ls", "-l", "NULL"}
-
Shell checks if an expansion is required (in case of ls *.c)
-
Once the program in memory, its execution starts. First by calling readdir()
Notes:
- getline() originates in GNU C library and used to read lines from input stream and stores those lines in the buffer
What happens when you execute ls -l *.log
?
What readdir() system call does?
How to create a file of a certain size?
There are a couple of ways to do that:
- dd if=/dev/urandom of=new_file.txt bs=2MB count=1
- truncate -s 2M new_file.txt
- fallocate -l 2097152 new_file.txt
Can you describe how processes are being created?
What does the following block do?:
open("/my/file") = 5
read(5, "file content")
open("/my/file") = 5
read(5, "file content")
These system calls are reading the file /my/file
and 5 is the file descriptor number.
What system call is used for listing files?
What system call is used for creating a new process?
What is the difference between a process and a thread?
You found there is a server with high CPU load but you didn't find a process with high CPU. How is that possible?
When you run ip a
you see there is a device called 'lo'. What is it and why do we need it?
What the traceroute
command does? How does it works?
Another common way to task this questions is "what part of the tcp header does traceroute modify?"
What is network bonding? What types are you familiar with?
How to link two separate network namespaces so you can ping an interface on one namespace from the second one?
What are cgroups?
Explain Process Descriptor and Task Structure
What are the differences between threads and processes?
Explain Kernel Threads
What happens when socket system call is used?
This is a good article about the topic: https://ops.tips/blog/how-linux-creates-sockets
You executed a script and while still running, it got accidentally removed. Is it possible to restore the script while it's still running?
What is the difference between MemFree and MemAvailable in /proc/meminfo?
MemFree - The amount of unused physical RAM in your system MemAvailable - The amount of available memory for new workloads (without pushing system to use swap) based on MemFree, Active(file), Inactive(file), and SReclaimable.
What is an operating system?
There are many ways to answer that. For those who look for simplicity, the book "Operating Systems: Three Easy Pieces" offers nice version:
"responsible for making it easy to run programs (even allowing you to seemingly run many at the same time), allowing programs to share memory, enabling programs to interact with devices, and other fun stuff like that"
Can you explain what is a process?
A process is a running program. A program is one or more instructions and the program (or process) is executed by the operating system.
If you had to design an API for processes in an operating system, what would this API look like?
It would support the following:
- Create - allow to create new processes
- Delete - allow to remove/destroy processes
- State - allow to check the state of the process, whether it's running, stopped, waiting, etc.
- Stop - allow to stop a running process
How a process is created?
- The OS is reading program's code and any additional relevant data
- Program's bytes are loaded into the memory or more specifically, into the address space of the process.
- Memory is allocated for program's stack (aka run-time stack). The stack also initialized by the OS with data like argv, argc and parameters to main()
- Memory is allocated for program's heap which is required for data structures like linked lists and hash tables
- I/O initialization tasks like in Unix/Linux based systems where each process has 3 file descriptors (input, output and error)
- OS is running the program, strarting from main()
Note: The loading of the program's code into the memory done lazily which means the OS loads only partial relevant pieces required for the process to run and not the entire code.
True or False? The loading of the program into the memory is done eagerly (all at once)
False. It was true in the past but today's operating systems perform lazy loading which means only the relevant pieces required for the process to run are loaded first.
What are different states of a process?
- Running - it's executing instructions
- Ready - it's ready to run but for different reasons it's on hold
- Blocked - it's waiting for some operation to complete. For example I/O disk request
Explain what is Semaphore and what its role in operating systems
What is cache? What is buffer?
Buffer: Reserved place in RAM which is used to hold data for temporary purposes Cache: Cache is usually used when processes reading and writing to the disk to make the process faster by making similar data used by different programs easily accessible.
Explain what is Virtualization
What is "time sharing"?
Even when using a system with one physical CPU, it's possible to allow multiple users to work on it and run programs. This is possible with time sharing where computing resources are shared in a way it seems to the user the system has multiple CPUs but in fact it's simply one CPU shared by applying multiprogramming and multi-tasking.
What is "space sharing"?
Somewhat the opposite of time sharing. While in time sharing a resource is used for a while by one entity and then the same resource can be used by another resource, in space sharing the space is shared by multiple entities but in a way it's not being transfered between them.
It's used by one entity until this entity decides to get rid of it. Take for example storage. In storage, a file is your until you decide to delete it.
Describe each of the following components in Ansible, including the relationship between them:
- Task
- Module
- Play
- Playbook
- Role
Task – a call to a specific Ansible module Module – the actual unit of code executed by Ansible on your own host or a remote host. Modules are indexed by category (database, file, network, …) and also referred as task plugins.
Play – One or more tasks executed on a given host(s)
Playbook – One or more plays. Each play can be executed on the same or different hosts
Role – Ansible roles allows you to group resources based on certain functionality/service such that they can be easily reused. In a role, you have directories for variables, defaults, files, templates, handlers, tasks, and metadata. You can then use the role by simply specifying it in your playbook.
How Ansible is different from other Automation tools?
Ansible is:
- Agent-less
- Minimal run requirements (Python & SSH) and simple to use
- Default mode is "push" (it supports also pull)
- Focus on simpleness and ease-of-use
What kind of automation you wouldn't do with Ansible and why?
What is an inventory file and how do you define one?
An inventory file defines hosts and/or groups of hosts on which Ansible tasks executed upon.
An example of inventory file:
192.168.1.2
192.168.1.3
192.168.1.4
[web_servers]
190.40.2.20
190.40.2.21
190.40.2.22
What is a dynamic inventory file? When you would use one?
A dynamic inventory file tracks hosts from one or more sources like cloud providers and CMDB systems.
You should use one when using external sources and especially when the hosts in your environment are being automatically
spun up and shut down, without you tracking every change in these sources.
How do you list all modules and how can you see details on a specific module?
- Ansible online docs
ansible-doc -l
for list of modules andansible [module_name]
for detailed information on a specific module
Write a task to create the directory ‘/tmp/new_directory’
- name: Create a new directory
file:
path: "/tmp/new_directory"
state: directory
You want to run Ansible playbook only on specific minor version of your OS, how would you achieve that?
What the "become" directive used for in Ansible?
What are facts? How to see all the facts of a certain host?
What would be the result of the following play?
---
- name: Print information about my host
hosts: localhost
gather_facts: 'no'
tasks:
- name: Print hostname
debug:
msg: "It's me, {{ ansible_hostname }}"
When given a written code, always inspect it thoroughly. If your answer is “this will fail” then you are right. We are using a fact (ansible_hostname), which is a gathered piece of information from the host we are running on. But in this case, we disabled facts gathering (gather_facts: no) so the variable would be undefined which will result in failure.
What would be the result of running the following task? How to fix it?
- hosts: localhost
tasks:
- name: Install zlib
package:
name: zlib
state: present
- hosts: localhost
tasks:
- name: Install zlib
package:
name: zlib
state: present
Which Ansible best practices are you familiar with?. Name at least three
Explain the directory layout of an Ansible role
What 'blocks' are used for in Ansible?
How do you handle errors in Ansible?
You would like to run a certain command if a task fails. How would you achieve that?
Write a playbook to install ‘zlib’ and ‘vim’ on all hosts if the file ‘/tmp/mario’ exists on the system.
---
- hosts: all
vars:
mario_file: /tmp/mario
package_list:
- 'zlib'
- 'vim'
tasks:
- name: Check for mario file
stat:
path: "{{ mario_file }}"
register: mario_f
- name: Install zlib and vim if mario file exists
become: "yes"
package:
name: "{{ item }}"
state: present
with_items: "{{ package_list }}"
when: mario_f.stat.exists
Write a playbook to deploy the file ‘/tmp/system_info’ on all hosts except for controllers group, with the following content
I'm <HOSTNAME> and my operating system is <OS>
Replace and with the actual data for the specific host you are running on
The playbook to deploy the system_info file
---
- name: Deploy /tmp/system_info file
hosts: all:!controllers
tasks:
- name: Deploy /tmp/system_info
template:
src: system_info.j2
dest: /tmp/system_info
The content of the system_info.j2 template
# {{ ansible_managed }}
I'm {{ ansible_hostname }} and my operating system is {{ ansible_distribution }
The variable 'whoami' defined in the following places:
- role defaults -> whoami: mario
- extra vars (variables you pass to Ansible CLI with -e) -> whoami: toad
- host facts -> whoami: luigi
- inventory variables (doesn’t matter which type) -> whoami: browser
According to variable precedence, which one will be used?
The right answer is ‘toad’.
Variable precedence is about how variables override each other when they set in different locations. If you didn’t experience it so far I’m sure at some point you will, which makes it a useful topic to be aware of.
In the context of our question, the order will be extra vars (always override any other variable) -> host facts -> inventory variables -> role defaults (the weakest).
A full list can be found at the link above. Also, note there is a significant difference between Ansible 1.x and 2.x.
For each of the following statements determine if it's true or false:
- A module is a collection of tasks
- It’s better to use shell or command instead of a specific module
- Host facts override play variables
- A role might include the following: vars, meta, and handlers
- Dynamic inventory is generated by extracting information from external sources
- It’s a best practice to use indention of 2 spaces instead of 4
- ‘notify’ used to trigger handlers
- This “hosts: all:!controllers” means ‘run only on controllers group hosts
What is ansible-pull? How is it different from how ansible-playbook works?
What is Ansible Vault?
Demonstrate each of the following with Ansible:
- Conditionals
- Loops
What are filters? Do you have experience with writing filters?
Write a filter to capitalize a string
def cap(self, string):
return string.capitalize()
You would like to run a task only if previous task changed anything. How would you achieve that?
How do you test your Ansible based projects?
What are callback plugins? What can you achieve by using callback plugins?
File '/tmp/exercise' includes the following content
Goku = 9001
Vegeta = 5200
Trunks = 6000
Gotenks = 32
With one task, switch the content to:
Goku = 9001
Vegeta = 250
Trunks = 40
Gotenks = 32
Goku = 9001
Vegeta = 5200
Trunks = 6000
Gotenks = 32
Goku = 9001
Vegeta = 250
Trunks = 40
Gotenks = 32
- name: Change saiyans levels
lineinfile:
dest: /tmp/exercise
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- { regexp: '^Vegeta', line: 'Vegeta = 250' }
- { regexp: '^Trunks', line: 'Trunks = 40' }
...
What benefits infrastructure-as-code has?
- fully automated process of provisioning, modifying and deleting your infrastructure
- version control for your infrastructure which allows you to quickly rollback to previous versions
- validate infrastructure quality and stability with automated tests and code reviews
- makes infrastructure tasks less repetitive
Why Terraform and not other technologies? (e.g. Ansible, Puppet, CloufFormation)
A common wrong answer is to say that Ansible and Puppet are configuration management tools and Terraform is a provisioning tool. While technically true, it doesn't mean Ansible and Puppet can't be used for provisioning infrastructure. Also, it doesn't explain why Terraform should be used over CloudFormation if at all.
The benefits of Terraform over the other tools:
- It follows the immutable infrastructure approach which has benefits like avoiding a configuration drift over time
- Ansible and Puppet are more procedural (you mention what to execute in each step) and Terraform is declarative since you describe the overall desired state and not per resource or task. You can give the example of going from 1 to 2 servers in each tool. In Terraform you specify 2, in Ansible and puppet you have to only provision 1 additional server so you need to explicitly make sure you provision only another one server.
Explain what is "Terraform configuration"
A configuration is a root module along with a tree of child modules that are called as dependencies from the root module.
What is HCL?
HCL stands for Hashicorp Conviguration Language. It is the language Hashicorp made to use as the configuration language for a number of its tools, including terraform.
Explain each of the following:
- Provider
- Resource
- Provisioner
* Provider is any cloud based technology - github, aws, postgresql etc - which one can make an API call to with its unique terraform provider binary to provision available services and components.
* Resources are the services and components you provision on these platforms.
* Provisioner in terraform's lingo specifically refers to configuration tools like ansible or salt-stack which are used in combination with terraform to orchestrate a system.
What terraform.tfstate
file is used for?
It keeps track of the IDs of created resources so that Terraform knows what it is managing.
Explain what the following commands do:
terraform init
terraform plan
terraform validate
terraform apply
terraform init
terraform plan
terraform validate
terraform apply
terraform init
scans your code to figure which providers are you using and download them.
terraform plan
will let you see what terraform is about to do before actually doing it.
terraform validate
checks if configuration is syntactically valid and internally consistent within a directory.
terraform apply
will provision the resources specified in the .tf files.
How to write down a variable which changes by an external source or during terraform apply
?
You use it this way: variable “my_var” {}
Give an example of several Terraform best practices
Explain how implicit and explicit dependencies work in Terraform
What is local-exec
and remote-exec
in the context of provisioners?
What is a "tainted resource"?
It's a resource which was successfully created but failed during provisioning. Terraform will fail and mark this resource as "tainted".
What terraform taint
does?
What types of variables are supported in Terraform?
string number bool list() set() map() object({<ATTR_NAME> = , ... }) tuple([, ...])
What is a data source? In what scenarios for example would need to use it?
Data sources lookup or compute values that can be used elsewhere in terraform configuration.
There are quite a few cases you might need to use them:
- you want to reference resources not managed through terraform
- you want to reference resources managed by a different terraform module
- you want to cleanly compute a value with typechecking, such as with
aws_iam_policy_document
What are output variables and what terraform output
does?
Output variables are named values that are sourced from the attributes of a module. They are stored in terraform state, and can be used by other modules through
remote_state
Explain Modules
What is the Terraform Registry?
Explain remote-exec
and local-exec
Explain "Remote State". When would you use it and how?
Terraform generates a `terraform.tfstate` json file that describes components/service provisioned on the specified provider. Remote State stores this file in a remote storage media to enable collaboration amongst team.
Explain "State Locking"
State locking is a mechanism that blocks an operations against a specific state file from multiple callers so as to avoid conflicting operations from different team members. Once the first caller's operation's lock is released the other team member may go ahead to carryout his own operation. Nevertheless Terraform will first check the state file to see if the desired resource already exist and if not it goes ahead to create it.
What is the "Random" provider? What is it used for
The random provider aids in generating numeric or alphabetic characters to use as a prefix or suffix for a desired named identifier.
How do you test a terraform module?
Many examples are acceptable, but the most common answer would likely to be using the tool
terratest
, and to test that a module can be initialized, can create resources, and can destroy those resources cleanly.
Aside from .tfvars
files or CLI arguments, how can you inject dependencies from other modules?
The built-in terraform way would be to use
remote-state
to lookup the outputs from other modules.
It is also common in the community to use a tool called terragrunt
to explicitly inject variables between modules.
What is Docker? What are you using it for?
Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings.
How containers are different from VMs?
The primary difference between containers and VMs is that containers allow you to virtualize multiple workloads on the operating system while in the case of VMs the hardware is being virtualized to run multiple machines each with its own OS.
- Containers don't require an entire guest operating system as VMs
- It's usually takes a few seconds to set up a container as opposed to VMs which can take minutes or at least more time than containers as there is an entire OS to boot and initialize as opposed to container where you mainly lunch the app itself
- Docker is one of the technologies allowing you to manage containers - run multiple containers on a host, move containers between hosts, etc.
In which scenarios would you use containers and in which you would prefer to use VMs?
You should choose VMs when:
- you need run an application which requires all the resources and functionalities of an OS
- you need full isolation and security
You should choose containers when:
- you need a lightweight solution
- Running multiple versions or instances of a single application
Explain Docker architecture
Describe in detail what happens when you run `docker run hello-world`?
Docker CLI passes your request to Docker daemon. Docker daemon downloads the image from Docker Hub Docker daemon creates a new container by using the image it downloaded Docker daemon redirects output from container to Docker CLI which redirects it to the standard output
How do you run a container?
docker run
What `docker commit` does?. When will you use it?
Create a new image from a container’s changes
How would you transfer data from one container into another?
What happens to data of the container when a container exists?
Explain what each of the following commands do:
- docker run
- docker rm
- docker ps
- docker pull
- docker build
- docker commit
How do you remove old, non running, containers?
- To remove one or more Docker images use the docker container rm command followed by the ID of the containers you want to remove.
- The docker system prune command will remove all stopped containers, all dangling images, and all unused networks
- docker rm $(docker ps -a -q) - This command will delete all stopped containers. The command docker ps -a -q will return all existing container IDs and pass them to the rm command which will delete them. Any running containers will not be deleted.
What is Dockerfile
Docker can build images automatically by reading the instructions from a Dockerfile. A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image.
What is the difference between ADD and COPY in Dockerfile?
COPY takes in a src and destination. It only lets you copy in a local file or directory from your host (the machine building the Docker image) into the Docker image itself. ADD lets you do that too, but it also supports 2 other sources. First, you can use a URL instead of a local file / directory. Secondly, you can extract a tar file from the source directly into the destination. Although ADD and COPY are functionally similar, generally speaking, COPY is preferred. That’s because it’s more transparent than ADD. COPY only supports the basic copying of local files into the container, while ADD has some features (like local-only tar extraction and remote URL support) that are not immediately obvious.
What is the difference between CMD and RUN in Dockerfile?
RUN lets you execute commands inside of your Docker image. These commands get executed once at build time and get written into your Docker image as a new layer. CMD is the command the container executes by default when you launch the built image. A Dockerfile can only have one CMD. You could say that CMD is a Docker run-time operation, meaning it’s not something that gets executed at build time. It happens when you run an image. A running image is called a container.
Do you perform any checks or testing related to your Dockerfile?
A common answer to this is to use hadolint project which is a linter based on Dockerfile best practices.
Explain what is Docker compose and what is it used for
Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a YAML file to configure your application’s services. Then, with a single command, you create and start all the services from your configuration.
What are the differences between Docker compose, Docker swarm and Kubernetes?
Explain Docker interlock
What is the difference between Docker Hub and Docker cloud?
Docker Hub is a native Docker registry service which allows you to run pull and push commands to install and deploy Docker images from the Docker Hub.
Docker Cloud is built on top of the Docker Hub so Docker Cloud provides you with more options/features compared to Docker Hub. One example is Swarm management which means you can create new swarms in Docker Cloud.
Where Docker images are stored?
In DockerHub
Explain image layers
A Docker image is built up from a series of layers. Each layer represents an instruction in the image’s Dockerfile. Each layer except the very last one is read-only. Each layer is only a set of differences from the layer before it. The layers are stacked on top of each other. When you create a new container, you add a new writable layer on top of the underlying layers. This layer is often called the “container layer”. All changes made to the running container, such as writing new files, modifying existing files, and deleting files, are written to this thin writable container layer. The major difference between a container and an image is the top writable layer. All writes to the container that add new or modify existing data are stored in this writable layer. When the container is deleted, the writable layer is also deleted. The underlying image remains unchanged. Because each container has its own writable container layer, and all changes are stored in this container layer, multiple containers can share access to the same underlying image and yet have their own data state.
What best practices are you familiar related to working with containers?
How do you manage persistent storage in Docker?
How can you connect from the inside of your container to the localhost of your host, where the container runs?
How do you copy files from Docker container to the host and vice versa?
What is Kubernetes? What use cases is it good for?
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications.
To understand what Kubernetes is good for, let's look at some examples:
-
You would like to run a certain application in a container on multiple different locations. Sure, if it's 2-3 servers/locations, you can do it by yourself but it can be challenging to scale. Also, running them is not only running the container but also react on different events.
-
Performing updates and changes across hundreds of containers
-
Handle cases where the current load requires to scale up (or down)
Describe the architecture of Kubernetes
What is a Kubernetes Cluster?
A cluster consists of a Master (which coordinates the cluster) and Nodes where the applications are running.
What the Master is responsible for?
The master coordinates all the workflows in the cluster:
- Scheduling applications
- Managing desired state
- Rolling out new updates
What is a Node?
A node is a virtual machine or a physical server that serves as a worker for running the applications. It's recommended to have at least 3 nodes in Kubernetes production environment.
Explain what is Kubelet
Kubelet is an agent running on each node and responsible for node communication with the master.
What is Minikube?
Minikube is a lightweight Kubernetes implementation. It create a local virtual machine and deploys a simple (single node) cluster.
Explain what is a Kubernetes pod
True or False? A pod can manage multiple containers
How do you monitor your Kubernetes?
You suspect one of the pods is having issues, what do you do?
Start by inspecting the pods status. we can use the command kubectl get pods
(--all-namespaces for pods in system namespace)
If we see "Error" status, we can keep debugging by running the command kubectl describe pod [name]
. In case we still don't see anything useful we can try stern for log tailing.
In case we find out there was a temporary issue with the pod or the system, we can try restarting the pod with the following kubectl scale deployment [name] --replicas=0
Setting the replicas to 0 will shut down the process. Now start it with kubectl scale deployment [name] --replicas=1
What the Kubernetes Scheduler does?
What happens to running pods if if you stop Kubelet on the worker nodes?
Describe how roll-back works
What is kubectl?
How do you:
- Check the cluster status?
- Check the status of the nodes?
What the following commands do?
- kubectl get nodes
- kubectl
What is kubconfig? What do you use it for?
What programming language do you prefer to use for DevOps related tasks? Why specifically this one?
Explain expressions and statements
An expression is anything that results in a value (even if the value is None). Basically, any sequence of literals so, you can say that a string, integer, list, ... are all expressions.
Statements are instructions executed by the interpreter like variable assignments, for loops and conditionals (if-else).
What is Object Oriented Programming? Why is it important?
Are you familiar with SOLID design principals?
SOLID design principals are about:
- Make it easier to extend the functionality of the system
- Make the code more readable and easier to maintain
SOLID is:
- Single Responsibility - A class should only have a single responsibility
- Open-Closed - An entity should be open for extension, but closed for modification. What this practically means is that you should extend functionality by adding a new code and not by modifying it. Your system should be separated into components so it can be easily extended without breaking everything.
- Liskov Substitution - Any derived class should be able to substitute the its parent without altering its corrections. Practically, every part of the code will get the expected result no matter which part is using it
- Interface segregation - A client should never depend on anything it doesn't uses
- Dependency Inversion - High level modules should depend on abstractions, not low level modules
What are the four pillars of object oriented programming?
Explain recursion
Explain Inversion of Control
Explain Dependency Injection
Explain what are design patterns and describe three of them in detail
Explain big O notation
Binary search:
- How it works?
- Can you implement it? (in any language you prefer)
- What is the average performance of the algorithm you wrote?
It's a search algorithm used with sorted arrays/lists to find a target value by dividing the array each iteration and comparing the middle value to the target value. If the middle value is smaller than target value, then the target value is searched in the right part of the divided array, else in the left side. This continues until the value is found (or the array divided max times)
The average performance of the above algorithm is O(log n). Best performance can be O(1) and worst O(log n).
What are your code-review best practices?
Do you agree/disagree with each of the following statements and why?:
- The commit message is not important. When reviewing a change/patch one should focus on the actual change
- You shouldn't test your code before submitting it. This is what CI/CD exists for.
In any language you want, write a function to determine if a given string is a palindrome
In any language you want, write a function to determine if two strings are Anagrams
In any language you would like, print the numbers from 1 to a given integer. For example for input: 5, the output is: 12345
Describe what would be the time complexity of the operations access
, search
insert
and remove
for the following data structures:
- Stack
- Queue
- Linked List
- Binary Search Tree
What is the complexity for the best, worst and average cases of each of the following algorithms?:
- Quick sort
- Merge sort
- Bucket Sort
- Radix Sort
Implement Stack in any language you would like
Implement Hash table in any language you would like
Name 3 design patterns. Do you know how to implement (= provide an example) these design pattern in any language you'll choose?
Given an array/list of integers, find 3 integers which are adding up to 0 (in any language you would like)
def find_triplets_sum_to_zero(li):
li = sorted(li)
for i, val in enumerate(li):
low, up = 0, len(li)-1
while low < i < up:
tmp = var + li[low] + li[up]
if tmp > 0:
up -= 1
elif tmp < 0:
low += 1
else:
yield li[low], val, li[up]
low += 1
up -= 1
What are some characteristics of the Python programming language?
1. It is a high level general purpose programming language created in 1991 by Guido Van Rosum.
2. The language is interpreted, being the CPython (Written in C) the most used/maintained implementation.
3. It is strongly typed. The typing discipline is duck typing and gradual.
4. Python focuses on readability and makes use of whitespaces/identation instead of brackets { }
5. The python package manager is called PIP "pip installs packages", having more than 200.000 available packages.
6. Python comes with pip installed and a big standard library that offers the programmer many precooked solutions.
7. In python **Everything** is an object.
There are many other characteristics but these are the main ones that every python programmer should know.
What built-in types Python has?
List
Dictionary
Set
Numbers (int, float, ...)
String
Bool
Tuple
Frozenset
What is mutability? Which of the built-in types in Python are mutable? How can you show that a certain data type is mutable?
Mutability determines whether you can modify an object of specific type.
The mutable data types are:
List
Dictionary
Set
The immutable data types are:
Numbers (int, float, ...)
String
Bool
Tuple
Frozenset
You can usually use the function hash() to check an object mutability. If an object is hashable, it is immutable (although this does not always work as intended as user defined objects might be mutable and hashable).
In Python, functions are first-class objects. What does it mean?
In general, first class objects in programming languages are objects which can be assigned to variable, used as a return value and can be used as arguments or parameters.
In python you can treat functions this way. Let's say we have the following function
def my_function():
return 5
You can then assign a function to a variables like this x = my_function
or you can return functions as return values like this return my_function
What is the result of running [] is not []
? explain the result
It evaluates to True.
The reason is that the two created empty list are different objects. x is y
only evaluates to true when x and y are the same object.
Explain inheritance and how to use it in Python
By definition inheritance is the mechanism where an object acts as a base of another object, retaining all its
properties.
So if Class B inherits from Class A, every characteristics from class A will be also available in class B.
Class A would be the 'Base class' and B class would be the 'derived class'.
This comes handy when you have several classes that share the same functionalities.
The basic syntax is:
class Base: pass
class Derived(Base): pass
A more forged example:
class Animal:
def __init__(self):
print("and I'm alive!")
def eat(self, food):
print("ñom ñom ñom", food)
class Human(Animal):
def __init__(self, name):
print('My name is ', name)
super().__init__()
def write_poem(self):
print('Foo bar bar foo foo bar!')
class Dog(Animal):
def __init__(self, name):
print('My name is', name)
super().__init__()
def bark(self):
print('woof woof')
michael = Human('Michael')
michael.eat('Spam')
michael.write_poem()
bruno = Dog('Bruno')
bruno.eat('bone')
bruno.bark()
>>> My name is Michael
>>> and I'm alive!
>>> ñom ñom ñom Spam
>>> Foo bar bar foo foo bar!
>>> My name is Bruno
>>> and I'm alive!
>>> ñom ñom ñom bone
>>> woof woof
Calling super() calls the Base method, thus, calling super().__init__() we called the Animal __init__.
There is a more advanced python feature called MetaClasses that aid the programmer to directly control class creation.
Explain and demonstrate class attributes & instance attributes
In the following block of code x
is a class attribute while self.y
is a instance attribute
class MyClass(object):
x = 1
def __init__(self, y):
self.y = y
What is an error? What is an exception? What types of exceptions are you familiar with?
# Note that you generally don't need to know the compiling process but knowing where everything comes from
# and giving complete answers shows that you truly know what you are talking about.
Generally, every compiling process have a two steps.
- Analysis
- Code Generation.
Analysis can be broken into:
1. Lexical analysis (Tokenizes source code)
2. Syntactic analysis (Check whether the tokens are legal or not, tldr, if syntax is correct)
for i in 'foo'
^
SyntaxError: invalid syntax
We missed ':'
3. Semantic analysis (Contextual analysis, legal syntax can still trigger errors, did you try to divide by 0,
hash a mutable object or use an undeclared function?)
1/0
ZeroDivisionError: division by zero
These three analysis steps are the responsible for error handlings.
The second step would be responsible for errors, mostly syntax errors, the most common error.
The third step would be responsible for Exceptions.
As we have seen, Exceptions are semantic errors, there are many builtin Exceptions:
ImportError
ValueError
KeyError
FileNotFoundError
IndentationError
IndexError
...
You can also have user defined Exceptions that have to inherit from the `Exception` class, directly or indirectly.
Basic example:
class DividedBy2Error(Exception):
def __init__(self, message):
self.message = message
def division(dividend,divisor):
if divisor == 2:
raise DividedBy2Error('I dont want you to divide by 2!')
return dividend / divisor
division(100, 2)
>>> __main__.DividedBy2Error: I dont want you to divide by 2!
Explain Exception Handling and how to use it in Python
Exceptions: Errors detected during execution are called Exceptions.
Handling Exception: When an error occurs, or exception as we call it, Python will normally stop and generate an error message.
Exceptions can be handled using try
and except
statement in python.
Example: Following example asks the user for input until a valid integer has been entered.
If user enter a non-integer value it will raise exception and using except it will catch that exception and ask the user to enter valid integer again.
while True:
try:
a = int(input("please enter an integer value: "))
break
except ValueError:
print("Ops! Please enter a valid integer value.")
For more details about errors and exceptions follow this https://docs.python.org/3/tutorial/errors.html
What _ is used for in Python?
- Translation lookup in i18n
- Hold the result of the last executed expression or statement in the interactive interpreter.
- As a general purpose "throwaway" variable name. For example: x, y, _ = get_data() (x and y are used but since we don't care about third variable, we "threw it away").
Explain what is GIL
What is Lambda? How is it used?
A lambda
expression is an 'anonymous' function, the differnce from a normal defined function using the keyword `def`` is the syntax and ussage.
The syntax is:
lambda[parameters]: [expresion]
Examples:
- A lambda function add 10 with any argument passed.
x = lambda a: a + 10
print(x(10))
- An addition function
addition = lambda x, y: x + y
print(addition(10, 20))
- Squaring function
square = lambda x : x ** 2
print(square(5))
Generally it is considered a bad practice under PEP 8 to asign a lambda expresion, they are meant to be used as parameters and inside of other defined functions.
Are there private variables in Python? How would you make an attribute of a class, private?
Explain the following:
- getter
- setter
- deleter
Explain what is @property
How do you swap values between two variables?
x, y = y, x
Explain the following object's magic variables:
- dict
Write a function to return the sum of one or more numbers. The user will decide how many numbers to use
First you ask the user for the amount of numbers that will be use. Use a while loop that runs until amount_of_numbers becomes 0 through subtracting amount_of_numbers by one each loop. In the while loop you want ask the user for a number which will be added a variable each time the loop runs.
def return_sum():
amount_of_numbers = int(input("How many numbers? "))
total_sum = 0
while amount_of_numbers != 0:
num = int(input("Input a number. "))
total_sum += num
amount_of_numbers -= 1
return total_sum
Print the average of [2, 5, 6]. It should be rounded to 3 decimal places
li = [2, 5, 6]
print("{0:.3f}".format(sum(li)/len(li)))
How do you get the maximum and minimum values from a list? How to get the last item from a list?
Maximum: max(some_list)
Minimum: min(some_list)
Last item: some_list[-1]
How to get the top/biggest 3 items from a list?
sorted(some_list, reverse=True)[:3]
Or
some_list.sort(reverse=True)
some_list[:3]
How to sort list by the length of items?
sorted_li = sorted(li, key=len)
Or without creating a new list:
li.sort(key=len)
Do you know what is the difference between list.sort() and sorted(list)?
-
sorted(list) will return a new list (original list doesn't change)
-
list.sort() will return None but the list is change in-place
-
sorted() works on any iterable (Dictionaries, Strings, ...)
-
list.sort() is faster than sorted(list) in case of Lists
Convert every string to an integer: [['1', '2', '3'], ['4', '5', '6']]
nested_li = [['1', '2', '3'], ['4', '5', '6']]
[[int(x) for x in li] for li in nested_li]
How to merge two sorted lists into one sorted list?
sorted(li1 + li2)
Another way:
i, j = 0
merged_li = []
while i < len(li1) and j < len(li2):
if li1[i] < li2[j]:
merged_li.append(li1[i])
i += 1
else:
merged_li.append(li2[j])
j += 1
merged_li = merged_li + merged_li[i:] + merged_li[j:]
How to check if all the elements in a given lists are unique? so [1, 2, 3] is unique but [1, 1, 2, 3] is not unique because 1 exists twice
There are many ways of solving this problem:
# Note: :list and -> bool are just python typings, they are not needed for the correct execution of the algorithm.
Taking advantage of sets and len:
def is_unique(l:list) -> bool:
return len(set(l)) == len(l)
This one is can be seen used in other programming languages.
def is_unique2(l:list) -> bool:
seen = []
for i in l:
if i in seen:
return False
seen.append(i)
return True
Here we just count and make sure every element is just repeated once.
def is_unique3(l:list) -> bool:
for i in l:
if l.count(i) > 1:
return False
return True
This one might look more convulated but hey, one liners.
def is_unique4(l:list) -> bool:
return all(map(lambda x: l.count(x) < 2, l))
You have the following function
def my_func(li = []):
li.append("hmm")
print(li)
If we call it 3 times, what would be the result each call?
def my_func(li = []):
li.append("hmm")
print(li)
['hmm']
['hmm', 'hmm']
['hmm', 'hmm', 'hmm']
How to iterate over a list in reverse order?
Method 1
for i in reversed(li):
...
Method 2
n = len(li) - 1
while n > 0:
...
n -= 1
Sort a list of lists by the second item of each nested list
li = [[1, 4], [2, 1], [3, 9], [4, 2], [4, 5]]
sorted(li, key=lambda l: l[1])
or
li.sort(key=lambda l: l[1)
Combine [1, 2, 3] and ['x', 'y', 'z'] so the result is [(1, 'x'), (2, 'y'), (3, 'z')]
nums = [1, 2, 3]
letters = ['x', 'y', 'z']
list(zip(nums, letters))
How to sort a dictionary by values?
{k: v for k, v in sorted(x.items(), key=lambda item: item[1])}
How to sort a dictionary by keys?
dict(sorted(some_dictionary.items()))
How to merge two dictionaries?
some_dict1.update(some_dict2)
How to write to a file?
with open('file.txt', 'w') as file:
file.write("My insightful comment")
How to print the 12th line of a file?
How to reverse a file?
Sum all the integers in a given file
Can you write a function which will print all the file in a given directory? including sub-directories
How do you perform regular expressions related operations in Python? (match patterns, substitute strings, etc.)
Using the re module
How to substitute the string "green" with "blue"?
How to find all the IP addresses in a variable? How to find them in a file?
You have the following list: [{'name': 'Mario', 'food': ['mushrooms', 'goombas']}, {'name': 'Luigi', 'food': ['mushrooms', 'turtles']}]
Extract all type of foods. Final output should be: {'mushrooms', 'goombas', 'turtles'}
brothers_menu = \
[{'name': 'Mario', 'food': ['mushrooms', 'goombas']}, {'name': 'Luigi', 'food': ['mushrooms', 'turtles']}]
# "Classic" Way
def get_food(brothers_menu) -> set:
temp = []
for brother in brothers_menu:
for food in brother['food']:
temp.append(food)
return set(temp)
# One liner way (Using list comprehension)
set([food for bro in x for food in bro['food']])
What is List Comprehension? Is it better than a typical loop? Why? Can you demonstrate how to use it?
How to extract the unique characters from a string? for example given the input "itssssssameeeemarioooooo" the output will be "mrtisaoe"
x = "itssssssameeeemarioooooo"
y = ''.join(set(x))
Find all the permutations of a given string
def permute_string(string):
if len(string) == 1:
return [string]
permutations = []
for i in range(len(string)):
swaps = permute_string(string[:i] + string[(i+1):])
for swap in swaps:
permutations.append(string[i] + swap)
return permutations
print(permute_string("abc"))
Short way (but probably not acceptable in interviews):
from itertools import permutations
[''.join(p) for p in permutations("abc")]
Detailed answer can be found here: http://codingshell.com/python-all-string-permutations
How to check if a string contains a sub string?
Find the frequency of each character in string
Count the number of spaces in a string
Given a string, find the N most repeated words
Given the string (which represents a matrix) "1 2 3\n4 5 6\n7 8 9" create rows and colums variables (should contain integers, not strings)
What is the result of each of the following?
>> ', '.join(["One", "Two", "Three"])
>> " ".join("welladsadgadoneadsadga".split("adsadga")[:2])
>> "".join(["c", "t", "o", "a", "o", "q", "l"])[0::2]
>> ', '.join(["One", "Two", "Three"])
>> " ".join("welladsadgadoneadsadga".split("adsadga")[:2])
>> "".join(["c", "t", "o", "a", "o", "q", "l"])[0::2]
>>> 'One, Two, Three'
>>> 'well done'
>>> 'cool'
How to reverse a string? (e.g. pizza -> azzip)
The correct way is:
my_string[::-1]
A more visual way is:
Careful: this is very slow
def reverse_string(string):
temp = ""
for char in string:
temp = char + temp
return temp
What is the output of the following code: "".join(["a", "h", "m", "a", "h", "a", "n", "q", "r", "l", "o", "i", "f", "o", "o"])[2::3]
mario
Explain data serialization and how do you perform it with Python
How do you handle argument parsing in Python?
What is an iterator?
What is a generator? Why using generators?
What is yeild
? When would you use it?
Explain the following types of methods and how to use them:
- Static method
- Class method
- instance method
How to reverse a list?
How to combine list of strings into one string with spaces between the strings
You have the following list of nested lists: [['Mario', 90], ['Geralt', 82], ['Gordon', 88]]
How to sort the list by the numbers in the nested lists?
One way is:
the_list.sort(key=lambda x: x[1])
Explain the following:
- zip()
- map()
- filter()
How do you debug Python code?
pdb :D
How to check how much time it took to execute a certain script or block of code?
What empty return
returns?
Short answer is: It returns a None object.
We could go a bit deeper and explain the difference between
def a ():
return
>>> None
And
def a ():
pass
>>> None
Or we could be asked this as a following question, since they both give the same result.
We could use the dis module to see what's going on:
2 0 LOAD_CONST 0 (<code object a at 0x0000029C4D3C2DB0, file "<dis>", line 2>)
2 LOAD_CONST 1 ('a')
4 MAKE_FUNCTION 0
6 STORE_NAME 0 (a)
5 8 LOAD_CONST 2 (<code object b at 0x0000029C4D3C2ED0, file "<dis>", line 5>)
10 LOAD_CONST 3 ('b')
12 MAKE_FUNCTION 0
14 STORE_NAME 1 (b)
16 LOAD_CONST 4 (None)
18 RETURN_VALUE
Disassembly of <code object a at 0x0000029C4D3C2DB0, file "<dis>", line 2>:
3 0 LOAD_CONST 0 (None)
2 RETURN_VALUE
Disassembly of <code object b at 0x0000029C4D3C2ED0, file "<dis>", line 5>:
6 0 LOAD_CONST 0 (None)
2 RETURN_VALUE
An empty return
is exactly the same as return None
and functions without any explicit return
will always return None regardless of the operations, therefore
def sum(a, b):
global c
c = a + b
>>> None
How to improve the following block of code?
li = []
for i in range(1, 10):
li.append(i)
li = []
for i in range(1, 10):
li.append(i)
[for i in in range(1, 10)]
Given the following function
def is_int(num):
if isinstance(num, int):
print('Yes')
else:
print('No')
What would be the result of is_int(2) and is_int(False)?
def is_int(num):
if isinstance(num, int):
print('Yes')
else:
print('No')
Implement Stack in Python
Implement Hash table in Python
What is your experience with writing tests in Python?
What is PEP8? Give an example of 3 style guidelines
PEP8 is a list of coding conventions and style guidelines for Python
5 style guidelines:
1. Limit all lines to a maximum of 79 characters.
2. Surround top-level function and class definitions with two blank lines.
3. Use commas when making a tuple of one element
4. Use spaces (and not tabs) for indentation
5. Use 4 spaces per indentation level
How would you check if two strings are equal? What about booleans?
How to test if an exception was raised?
What assert
does in Python?
Explain mocks
How do you measure execution time of small code snippets?
Why one shouldn't use assert
in non-test/production code?
You wrote you have experience with Django/Flask. Can you describe what is Django/Flask and how you have used it? Why Flask and not Djano? (or vice versa)
What is a route?
How do you manage DB integration?
Given x = [1, 2, 3]
, what is the result of list(zip(x))?
[(1,), (2,), (3,)]
What is the result of each of the following:
list(zip(range(5), range(50), range(50)))
list(zip(range(5), range(50), range(-2)))
list(zip(range(5), range(50), range(50)))
list(zip(range(5), range(50), range(-2)))
[(0, 0, 0), (1, 1, 1), (2, 2, 2), (3, 3, 3), (4, 4, 4)]
[]
Implement simple calculator for two numbers
def add(num1, num2):
return num1 + num2
def sub(num1, num2):
return num1 - num2
def mul(num1, num2):
return num1*num2
def div(num1, num2):
return num1 / num2
operators = {
'+': add,
'-': sub,
'*': mul,
'/': div
}
if __name__ == '__main__':
operator = str(input("Operator: "))
num1 = int(input("1st number: "))
num2 = int(input("2nd number: "))
print(operators[operator](num1, num2))
What data types are you familiar with that are not Python built-in types but still provided by modules which are part of the standard library?
This is a good reference https://docs.python.org/3/library/datatypes.html
Explain what is a decorator
In python, everything is an object, even functions themselves. Therefore you could pass functions as arguments for another function eg;
def wee(word):
return word
def oh(f):
return f + "Ohh"
>>> oh(wee("Wee"))
<<< Wee Ohh
This allows us to control the before execution of any given function and if we added another function as wrapper, (a function receiving another function that receives a function as parameter) we could also control the after execution.
Sometimes we want to control the before-after execution of many functions and it would get tedious to write
f = function(function_1())
f = function(function_1(function_2(*args)))
every time, that's what decorators do, they introduce syntax to write all of this on the go, using the keyword '@'.
Can you show how to write and use decorators?
These two decorators (ntimes and timer) are usually used to display decorators functionalities, you can find them in lots of
tutorials/reviews. I first saw these examples two years ago in pyData 2017. https://www.youtube.com/watch?v=7lmCu8wz8ro&t=3731s
Simple decorator:
def deco(f):
print(f"Hi I am the {f.__name__}() function!")
return f
@deco
def hello_world():
return "Hi, I'm in!"
a = hello_world()
print(a)
>>> Hi I am the hello_world() function!
Hi, I'm in!
This is the simplest decorator version, it basically saves us from writting a = deco(hello_world())
.
But at this point we can only control the before execution, let's take on the after:
def deco(f):
def wrapper(*args, **kwargs):
print("Rick Sanchez!")
func = f(*args, **kwargs)
print("I'm in!")
return func
return wrapper
@deco
def f(word):
print(word)
a = f("************")
>>> Rick Sanchez!
************
I'm in!
deco receives a function -> f wrapper receives the arguments -> *args, **kwargs
wrapper returns the function plus the arguments -> f(*args, **kwargs) deco returns wrapper.
As you can see we conveniently do things before and after the execution of a given function.
For example, we could write a decorator that calculates the execution time of a function.
import time
def deco(f):
def wrapper(*args, **kwargs):
before = time.time()
func = f(*args, **kwargs)
after = time.time()
print(after-before)
return func
return wrapper
@deco
def f():
time.sleep(2)
print("************")
a = f()
>>> 2.0008859634399414
Or create a decorator that executes a function n times.
def n_times(n):
def wrapper(f):
def inner(*args, **kwargs):
for _ in range(n):
func = f(*args, **kwargs)
return func
return inner
return wrapper
@n_times(4)
def f():
print("************")
a = f()
>>>************
************
************
************
Write a decorator that calculates the execution time of a function
Write a script which will determine if a given host is accessible on a given port
Are you familiar with Dataclasses? Can you explain what are they used for?
You wrote a class to represent a car. How would you compare two cars instances if two cars are equal if they have the same model and color?
Explain Context Manager
Tell me everything you know about concurrency in Python
Explain the Buffer Protocol
Explain Descriptors
Do you have experience with web scraping? Can you describe what have you used and for what?
Can you implement Linked List in Python?
Can you implement Linux's tail
command in Python? Bonus: implement head
as well
You have created a web page where a user can upload a document. But the function which reads the uploaded files, runs for a long time, based on the document size and user has to wait for the read operation to complete before he/she can continue using the web site. How can you overcome this?
How yield works exactly?
Explain monitoring. What is it? What its goal?
What is wrong with the old approach of watching for a specific value and trigger an email/phone alert while value is exceeded?
This approach require from a human to always check why the value exceeded and how to handle it while today, it is more effective to notify people only when they need to take an actual action. If the issue doesn't require any human intervention, then the problem can be fixed by some processes running in the relevant environment.
What types of monitoring outputs are you familiar with and/or used in the past?
Alerts Tickets Logging
What is the different between infrastructure monitoring and application monitoring? (methods, tools, ...)
Tell me something about Python that you think most people don't know
What is Prometheus? What are some of Prometheus's main features?
Describe Prometheus architecture and components
Have you set up Prometheus? How did you do it? Describe the process
Can you compare Prometheus to other solutions like InfluxDB for example?
What is an Alert?
Describe the following Prometheus components:
- Prometheus server
- Push Gateway
- Alert Manager
Prometheus server responsible for scraping the storing the data
Push gateway is used for short-lived jobs
Alert manager is responsible for alerts ;)
What is an Instance? What is a Job?
What core metrics types Prometheus supports?
What is an exporter? What is it used for?
Which Prometheus best practices are you familiar with?. Name at least three
How to get total requests in a given period of time?
What HA in Prometheus means?
How do you join two metrics?
How to write a query that returns the value of a label?
How do you convert cpu_user_seconds to cpu usage in percentage?
What is the difference between git pull
and git fetch
?
Shortly, git pull = git fetch + git merge
When you run git pull, it gets all the changes from the remote or central repository and attaches it to your corresponding branch in your local repository.
git fetch gets all the changes from the remote repository, stores the changes in a separate branch in your local repository
Explain the following: git directory
, working directory
and staging area
The Git directory is where Git stores the meta data and object database for your project. This is the most important part of Git, and it is what is copied when you clone a repository from another computer.
The working directory is a single checkout of one version of the project. These files are pulled out of the compressed database in the Git directory and placed on disk for you to use or modify.
The staging area is a simple file, generally contained in your Git directory, that stores information about what will go into your next commit. It’s sometimes referred to as the index, but it’s becoming standard to refer to it as the staging area.
This answer taken from git-scm.com
How to resolve git merge conflicts?
First, you open the files which are in conflict and identify what are the conflicts. Next, based on what is accepted in your company or team, you either discuss with your colleagues on the conflicts or resolve them by yourself After resolving the conflicts, you add the files with `git add ` Finally, you run `git rebase --continue`
What is the difference between git reset
and git revert
?
git revert
creates a new commit which undoes the changes from last commit.
git reset
depends on the usage, can modify the index or change the commit which the branch head
is currently pointing at.
You would like to move forth commit to the top. How would you achieve that?
Using git rebase>
command
In what situations are you using git rebase
?
What merge strategies are you familiar with?
Mentioning two or three should be enough and it's probably good to mention that 'recursive' is the default one.
recursive resolve ours theirs
This page explains it the best: https://git-scm.com/docs/merge-strategies
How can you see which changes have done before committing them?
git diff
How do you revert a specific file to previous commit?
git checkout HEAD~1 -- /path/of/the/file
What is the .git
directory? What can you find there?
The
.git
folder contains all the information that is necessary for your project in version control and all the information about commits, remote repository address, etc. All of them are present in this folder. It also contains a log that stores your commit history so that you can roll back to history.
This info copied from https://stackoverflow.com/questions/29217859/what-is-the-git-folder
What are some Git anti-patterns? Things that you shouldn't do
- Not waiting too long between commits
- Not removing the .git directory :)
How do you remove a remote branch?
You delete a remote branch with this syntax:
git push origin :[branch_name]
Are you familiar with gitattributes? When would you use it?
gitattributes allow you to define attributes per pathname or path pattern.
You can use it for example to control endlines in files. In Windows and Unix based systems, you have different characters for new lines (\r\n and \n accordingly). So using gitattributes we can align it for both Windows and Unix with * text=auto
in .gitattributes for anyone working with git. This is way, if you use the Git project in Windows you'll get \r\n and if you are using Unix or Linux, you'll get \n.
How do you discard local file changes? (before commit)
git checkout -- <file_name>
How do you discard local commits?
git reset HEAD~1
for removing last commit
If you would like to also discard the changes you `git reset --hard``
True or False? To remove a file from git but not from the filesystem, one should use git rm
False. If you would like to keep a file on your filesystem, use git reset <file_name>
Explain Git octopus merge
Probably good to mention that it's:
- It's good for cases of merging more than one branch (and also the default of such use cases)
- It's primarily meant for bundling topic branches together
This is a great article about Octopus merge: http://www.freblogg.com/2016/12/git-octopus-merge.html
What are some characteristics of the Go programming language?
- Strong and static typing - the type of the variables can't be changed over time and they have to be defined at compile time
- Simplicity
- Fast compile times
- Built-in concurrency
- Garbage collected
- Platform independent
- Compile to standalone binary - anything you need to run your app will be compiled into one binary. Very useful for version management in run-time.
Go also has good community.
What is the difference between var x int = 2
and x := 2
?
The result is the same, a variable with the value 2.
With var x int = 2
we are setting the variable type to integer while with x := 2
we are letting Go figure out by itself the type.
True or False? In Go we can redeclare variables and once declared we must use it.
False. We can't redeclare variables but yes, we must used declared variables.
What libraries of Go have you used?
This should be answered based on your usage but some examples are:
- fmt - formatted I/O
What is the problem with the following block of code? How to fix it?
func main() {
var x float32 = 13.5
var y int
y = x
}
func main() {
var x float32 = 13.5
var y int
y = x
}
The following block of code tries to convert the integer 101 to a string but instead we get "e". Why is that? How to fix it?
package main
import "fmt"
func main() {
var x int = 101
var y string
y = string(x)
fmt.Println(y)
}
package main
import "fmt"
func main() {
var x int = 101
var y string
y = string(x)
fmt.Println(y)
}
It looks what unicode value is set at 101 and uses it for converting the integer to a string.
If you want to get "101" you should use the package "strconv" and replace y = string(x)
with y = strconv.Itoa(x)
What is wrong with the following code?:
package main
func main() {
var x = 2
var y = 3
const someConst = x + y
}
package main
func main() {
var x = 2
var y = 3
const someConst = x + y
}
What will be the output of the following block of code?:
package main
import "fmt"
const (
x = iota
y = iota
)
const z = iota
func main() {
fmt.Printf("%v\n", x)
fmt.Printf("%v\n", y)
fmt.Printf("%v\n", z)
}
package main
import "fmt"
const (
x = iota
y = iota
)
const z = iota
func main() {
fmt.Printf("%v\n", x)
fmt.Printf("%v\n", y)
fmt.Printf("%v\n", z)
}
What _ is used for in Go?
What will be the output of the following block of code?:
package main
import "fmt"
const (
_ = iota + 3
x
)
func main() {
fmt.Printf("%v\n", x)
}
package main
import "fmt"
const (
_ = iota + 3
x
)
func main() {
fmt.Printf("%v\n", x)
}
What are the advantages of MongoDB? Or in other words, why choosing MongoDB and not other implementation of NoSQL?
MongoDB advantages are as followings:
- Schemaless
- Easy to scale-out
- No complex joins
- Structure of a single object is clear
What is the difference between SQL and NoSQL?
The main difference is that SQL databases are structured (data is stored in the form of tables with rows and columns - like an excel spreadsheet table) while NoSQL is unstructured, and the data storage can vary depending on how the NoSQL DB is set up, such as key-value pair, document-oriented, etc.
In what scenarios would you prefer to use NoSQL/Mongo over SQL?
- Heterogeneous data which changes often
- Data consistency and integrity is not top priority
- Best if the database needs to scale rapidly
What is a document? What is a collection?
What is an aggregator?
What is better? Embedded documents or referenced?
Have you performed data retrieval optimizations in Mongo? If not, can you think about ways to optimize a slow data retrieval?
Explain this query: db.books.find({"name": /abc/})
Explain this query: db.books.find().sort({x:1})
What is OpenShift? Did you use it? If yes, how?
Can you explain the difference between OpenShift and Kubernetes?
Define Pods and explain what are stateful pods
What types of build strategies are you familiar with?
Explain what are labels and what they are used for
Explain what are annotations and how they are different from labels
Explain what is Downward API
Tell me about your experience with shell scripting
What this line in scripts mean?: #!/bin/bash
#!/bin/bash
is She-bang
/bin/bash is the most common shell used as default shell for user login of the linux system. The shell’s name is an acronym for Bourne-again shell. Bash can execute the vast majority of scripts and thus is widely used because it has more features, is well developed and better syntax.
What do you tend to include in every script you write?
Few example:
- Comments on how to run it and/or what it does
- Adding "set -e" since I want the script to exit if a certain command failed
You can have an entirely different answer. It's based only on your experience.
True or False?: when a certain command/line fails, the script, by default, will exit and will no keep running
Depends on the language and settings used. When a script written in Bash fails to run a certain command it will keep running and will execute all other commands mentioned after the command which failed. Most of the time we would actually want the opposite to happen. In order to make Bash exist when a specific command fails, use 'set -e' in your script.
Today we have tools and technologies like Ansible. Why would someone still use shell scripting?
- Speed
- The module we need doesn't exist
- We are delivering the scripts to customers who don't have access to the public network and don't necessarily have Ansible installed on their systems.
Explain what would be the result of each command:
echo $0
echo $?
echo $$
echo $@
echo $#
echo $0
echo $?
echo $$
echo $@
echo $#
How do you debug shell scripts?
Answer depends on the language you are using for writing your scripts. If Bash is used for example then:
- Adding -x to the script I'm running in Bash
- Old good way of adding echo statements
If Python, then using pdb is very useful.
How do you get input from the user in shell scripts?
Using the keyword read
so for example read x
will wait for user input and will store it in the variable x.
Explain conditionals and how do you use them
What is a loop? What types of loops are you familiar with?
Explain continue
and break
. When do you use them if at all?
How to store the output of a command in a variable?
How do you check variable length?
What is the difference between single and double quotes?
Write a script which will list the differences between two directories
Write a script to determine whether a host is up or down
EXAMPLE ONE
#!/bin/bash
SERVERIP=<IP Address>
NOTIFYEMAIL=test@example.com
ping -c 3 $SERVERIP > /dev/null 2>&1
if [ $? -ne 0 ]
then
# Use mailer here:
mailx -s "Server $SERVERIP is down" -t "$NOTIFYEMAIL" < /dev/null
fi
Write a script to remove all the empty files in a given directory (also nested directories)
EXAMPLE ONE
#! /bin/bash
for x in *
do
if [ -s $x ]
then
continue
else
rm -rf $x
fi
done
Explain the following code:
:(){ :|:& };:
:(){ :|:& };:
Can you give an example to some Bash best practices?
What is the ternary operator? How do you use it in bash?
A short way of using if/else. An example:
[[ $a = 1 ]] && b="yes, equal" || b="nope"
What does the following code do and when would you use it?
diff <(ls /tmp) <(ls /var/tmp)
diff <(ls /tmp) <(ls /var/tmp)
It is called 'process substitution'. It provides a way to pass the output of a command to another command when using a pipe
|
is not possible. It can be used when a command does not support STDIN
or you need the output of multiple commands.
https://superuser.com/a/1060002/167769
What does SQL stand for?
Structured Query Language
How is SQL Different from NoSQL
The main difference is that SQL databases are structured (data is stored in the form of tables with rows and columns - like an excel spreadsheet table) while NoSQL is unstructured, and the data storage can vary depending on how the NoSQL DB is set up, such as key-value pair, document-oriented, etc.
What does it mean when a database is ACID compliant?
ACID stands for Atomicity, Consistency, Isolation, Durability. In order to be ACID compliant, the database much meet each of the four criteria
Atomicity - When a change occurs to the database, it should either succeed or fail as a whole.
For example, if you were to update a table, the update should completely execute. If it only partially executes, the update is considered failed as a whole, and will not go through - the DB will revert back to it's original state before the update occurred. It should also be mentioned that Atomicity ensures that each transaction is completed as it's own stand alone "unit" - if any part fails, the whole statement fails.
Consistency - any change made to the database should bring it from one valid state into the next.
For example, if you make a change to the DB, it shouldn't corrupt it. Consistency is upheld by checks and constraints that are pre-defined in the DB. For example, if you tried to change a value from a string to an int when the column should be of datatype string, a consistent DB would not allow this transaction to go through, and the action would not be executed
Isolation - this ensures that a database will never be seen "mid-update" - as multiple transactions are running at the same time, it should still leave the DB in the same state as if the transactions were being run sequentially.
For example, let's say that 20 other people were making changes to the database at the same time. At the time you executed your query, 15 of the 20 changes had gone through, but 5 were still in progress. You should only see the 15 changes that had completed - you wouldn't see the database mid-update as the change goes through.
Durability - Once a change is committed, it will remain committed regardless of what happens (power failure, system crash, etc.). This means that all completed transactions must be recorded in non-volatile memory.
Note that SQL is by nature ACID compliant. Certain NoSQL DB's can be ACID compliant depending on how they operate, but as a general rule of thumb, NoSQL DB's are not considered ACID compliant
When is it best to use SQL? NoSQL?
SQL - Best used when data integrity is crucial. SQL is typically implemented with many businesses and areas within the finance field due to it's ACID compliance.
NoSQL - Great if you need to scale things quickly. NoSQL was designed with web applications in mind, so it works great if you need to quickly spread the same information around to multiple servers
Additionally, since NoSQL does not adhere to the strict table with columns and rows structure that Relational Databases require, you can store different data types together.
What is a Cartesian Product?
A Cartesian product is when all rows from the first table are joined to all rows in the second table. This can be done implicitly by not defining a key to join, or explicitly by calling a CROSS JOIN on two tables, such as below:
Select * from customers CROSS JOIN orders;
Note that a Cartesian product can also be a bad thing - when performing a join on two tables in which both do not have unique keys, this could cause the returned information to be incorrect.
For these questions, we will be using the Customers and Orders tables shown below:
Customers
Customer_ID | Customer_Name | Items_in_cart | Cash_spent_to_Date |
---|---|---|---|
100204 | John Smith | 0 | 20.00 |
100205 | Jane Smith | 3 | 40.00 |
100206 | Bobby Frank | 1 | 100.20 |
ORDERS
Customer_ID | Order_ID | Item | Price | Date_sold |
---|---|---|---|---|
100206 | A123 | Rubber Ducky | 2.20 | 2019-09-18 |
100206 | A123 | Bubble Bath | 8.00 | 2019-09-18 |
100206 | Q987 | 80-Pack TP | 90.00 | 2019-09-20 |
100205 | Z001 | Cat Food - Tuna Fish | 10.00 | 2019-08-05 |
100205 | Z001 | Cat Food - Chicken | 10.00 | 2019-08-05 |
100205 | Z001 | Cat Food - Beef | 10.00 | 2019-08-05 |
100205 | Z001 | Cat Food - Kitty quesadilla | 10.00 | 2019-08-05 |
100204 | X202 | Coffee | 20.00 | 2019-04-29 |
How would I select all fields from this table?
Select *
From Customers;
How many items are in John's cart?
Select Items_in_cart
From Customers
Where Customer_Name = "John Smith";
What is the sum of all the cash spent across all customers?
Select SUM(Cash_spent_to_Date) as SUM_CASH
From Customers;
How many people have items in their cart?
Select count(1) as Number_of_People_w_items
From Customers
where Items_in_cart > 0;
How would you join the customer table to the order table?
You would join them on the unique key. In this case, the unique key is Customer_ID in both the Customers table and Orders table
How would you show which customer ordered which items?
Select c.Customer_Name, o.Item
From Customers c
Left Join Orders o
On c.Customer_ID = o.Customer_ID;
Using a with statement, how would you show who ordered cat food, and the total amount of money spent?
with cat_food as (
Select Customer_ID, SUM(Price) as TOTAL_PRICE
From Orders
Where Item like "%Cat Food%"
Group by Customer_ID
)
Select Customer_name, TOTAL_PRICE
From Customers c
Inner JOIN cat_food f
ON c.Customer_ID = f.Customer_ID
where c.Customer_ID in (Select Customer_ID from cat_food);
Although this was a simple statement, the "with" clause really shines when a complex query needs to be run on a table before joining to another. With statements are nice, because you create a pseudo temp when running your query, instead of creating a whole new table.
The Sum of all the purchases of cat food weren't readily available, so we used a with statement to create the pseudo table to retrieve the sum of the prices spent by each customer, then join the table normally.
Explain Azure's architecture
Explain availability sets and availability zones
An availability set is a logical grouping of VMs that allows Azure to understand how your application is built to provide redundancy and availability. It is recommended that two or more VMs are created within an availability set to provide for a highly available application and to meet the 99.95% Azure SLA.
What is Azure Policy?
What is the Azure Resource Manager? Can you describe the format for ARM templates?
Explain Azure managed disks
What's an Azure region?
What is the N-tier architecture?
What storage options Azure supports?
What is the Azure Security Center? What are some of its features?
It's a monitoring service that provides threat protection across all of the services in Azure. More specifically, it:
- Provides security recommendations based on your usage
- Monitors security settings and continuously all the services
- Analyzes and identifies potential inbound attacks
- Detects and blocks malware using machine learning
What is Azure Active Directory?
Azure AD is a cloud-based identity service. You can use it as a standalone service or integrate it with existing Active Directory service you already running.
What is Azure Advanced Threat Protection?
What components are part of Azure ATP?
Explain GCP's architecture
What are the main components and services of GCP?
What GCP management tools are you familiar with?
Tell me what do you know about GCP networking
Tell me about your experience with OpenStack. What do you think are the advantages and disadvantages of OpenStack?
What components/projects of OpenStack are you familiar with?
Can you tell me what each of the following components/projects is responsible for?:
- Nova
- Neutron
- Cinder
- Glance
- Keystone
Describe in detail how you bring up an instance with an IP you can reach from outside the cloud
You get a call from a customer saying: "I can ping my instance but can't connect (ssh) it". What might be the problem?
What types of networks OpenStack supports?
How do you debug OpenStack storage issues? (tools, logs, ...)
How do you debug OpenStack compute issues? (tools, logs, ...)
Are you familiar with TripleO? What benefits it has?
What is a provider network?
What components and services exist for L2 and L3?
What is the ML2 plug-in? Explain its architecture
What is the L2 agent? How it works and what is it responsible for?
What is the L3 agent? How it works and what is it responsible for?
Explain what the Metadata agent is responsible for
What networking entities Neutron supports?
How do you debug OpenStack networking issues? (tools, logs, ...)
Explain BGP dynamic routing
What is the role of network namespaces in OpenStack?
Can you describe the DevSecOps core principals?
What DevOps security best practices are you familiar with?
What security techniques are you familiar with?
Explain Authentication and Authorization
Authentication is the process of identifying whether a service or a person is who they claim to be. Authorization is the process of identifying what level of access the service or the person have (after authentication was done)
How do you manage passwords in different tools and platforms?
Explain what is Single Sign-On
SSO (Single Sign-on), is a method of access control that enables a user to log in once and gain access to the resources of multiple software systems without being prompted to log in again.
Explain MFA (Multi-Factor Authentication)
Multi-Factor Authentication (Also known as 2FA). Allows the user to present two pieces of evidence, credentials, when logging into an account.
- The credentials fall into any of these three categories: something you know (like a password or PIN), something you have (like a smart card), or something you are (like your fingerprint). Credentials must come from two different categories to enhance security.
Explain RBAC (Role-based Access Control)
Access control based on user roles (i.e., a collection of access authorizations a user receives based on an explicit or implicit assumption of a given role). Role permissions may be inherited through a role hierarchy and typically reflect the permissions needed to perform defined functions within an organization. A given role may apply to a single individual or to several individuals.
- RBAC mapped to job function, assumes that a person will take on different roles, overtime, within an organization and different responsibilities in relation to IT systems.
Explain Symmetric encryption
A symmetric encryption is any technique where the same key is used to both encrypt and decrypt the data.
Explain Asymmetric encryption
A asymmetric encryption is any technique where the there is two different keys that are used for encryption and decryption, these keys are known as public key and private key.
Explain the following:
- Vulnerability
- Exploits
- Risk
- Threat
What is XSS?
Cross Site Scripting (XSS) is an type of a attack when the attacker inserts browser executable code within a HTTP response. Now the injected attack is not stored in the web application, it will only affact the users who open the maliciously crafted link or third-party web page. A successful attack allows the attacker to access any cookies, session tokens, or other sensitive information retained by the browser and used with that site
You can test by detecting user-defined variables and how to input them. This includes hidden or non-obvious inputs such as HTTP parameters, POST data, hidden form field values, and predefined radio or selection values. You then analyze each found vector to see if their are potential vulnerabilities, then when found you craft input data with each input vector. Then you test the crafted input and see if it works.
What is an SQL injection? How to manage it?
SQL injection is an attack consists of inserts either a partial or full SQL query through data input from the browser to the web application. When a successful SQL injection happens it will allow the attacker to read sensitive information stored on the database for the web application.
You can test by using a stored procedure, so the application must be sanitize the user input to get rid of the tisk of code injection. If not then the user could enter bad SQL, that will then be executed within the procedure
What is Certification Authority?
How do you identify and manage vulnerabilities?
Explain "Privilege Restriction"
How HTTPS is different from HTTP?
What types of firewalls are there?
What is DDoS attack? How do you deal with it?
What is the difference between asynchronous and synchronous encryption?
Explain Man-in-the-middle attack
Explain CVE and CVSS
What is ARP Poisoning?
Describe how do you secure public repositories
How do cookies work?
What is DNS Spoofing? How to prevent it?
DNS spoofing occurs when a particular DNS server’s records of “spoofed” or altered maliciously to redirect traffic to the attacker. This redirection of traffic allows the attacker to spread malware, steal data, etc.
Prevention
- Use encrypted data transfer protocols - Using end-to-end encryption vian SSL/TLS will help decrease the chance that a website / its visitors are compromised by DNS spoofing.
- Use DNSSEC - DNSSEC, or Domain Name System Security Extensions, uses digitally signed DNS records to help determine data authenticity.
- Implement DNS spoofing detection mechanisms - it’s important to implement DNS spoofing detection software. Products such as XArp help product against ARP cache poisoning by inspecting the data that comes through before transmitting it.
What can you tell me about Stuxnet?
Stuxnet is a computer worm that was originally aimed at Iran’s nuclear facilities and has since mutated and spread to other industrial and energy-producing facilities. The original Stuxnet malware attack targeted the programmable logic controllers (PLCs) used to automate machine processes. It generated a flurry of media attention after it was discovered in 2010 because it was the first known virus to be capable of crippling hardware and because it appeared to have been created by the U.S. National Security Agency, the CIA, and Israeli intelligence.
What can you tell me about Spectre?
Spectre is an attack method which allows a hacker to “read over the shoulder” of a program it does not have access to. Using code, the hacker forces the program to pull up its encryption key allowing full access to the program
Explain OAuth
Explain "Format String Vulnerability"
Explain DMZ
Explain TLS
What is CSRF? How to handle CSRF?
Cross-Site Request Forgery (CSRF) is an attack that makes the end user to initate a unwanted action on the web application in which the user has a authenticated session, the attacker may user an email and force the end user to click on the link and that then execute malicious actions. When an CSRF attack is successful it will compromise the end user data
You can use OWASP ZAP to analyze a "request", and if it appears that there no protection against cross-site request forgery when the Security Level is set to 0 (the value of csrf-token is SecurityIsDisabled.) One can use data from this request to prepare a CSRF attack by using OWASP ZAP
Explain HTTP Header Injection vulnerability
HTTP Header Injection vulnerabilities occur when user input is insecurely included within server responses headers. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.
What security sources are you using to keep updated on latest news?
What TCP and UDP vulnerabilities are you familiar with?
Do using VLANs contribute to network security?
What are some examples of security architecture requirements?
What is air-gapped network (or air-gapped environment)? What its advantages and disadvantages?
Explain what is Buffer Overflow
A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write the data to the buffer overwrites adjacent memory locations.
What security measures are you taking when dealing with containers?
Explain what is Docker Bench
Explain MAC flooding attack
MAC address flooding attack (CAM table flooding attack) is a type of network attack where an attacker connected to a switch port floods the switch interface with very large number of Ethernet frames with different fake source MAC address.
What is "Diffie-Hellman key exchange" and how does it work?
Explain "Forward Secrecy"
What is Cache Poisoned Denial of Service?
CPDoS or Cache Poisoned Denial of Service. It poisons the CDN cache. By manipulating certain header requests, the attacker forces the origin server to return a Bad Request error which is stored in the CDN’s cache. Thus, every request that comes after the attack will get an error page.
What is Puppet? How it works?
Explain Puppet architecture
Can you compare Puppet to other configuration management tools? Why did you chose to use Puppet?
Explain the following:
- Module
- Manifest
- Node
Explain Facter
What is MCollective?
Do you have experience with writing modules? Which module have you created and for what?
Explain what is Hiera
What is the Elastic Stack?
The Elastic Stack consists of:
- Elasticsearch
- Elastic Hadoop
- Kibana
- Logstash
- Beats
- APM Server
The most used projects are the Elasticserach, Logstash and Kibana. Also known as the ELK stack.
Describe what happens from the moment the app logged some information until it's displayed to the user in the dashboard when the Elastic stack is used
- The data logged by the application is sent to Elasticsearch
- Elasticsearch stores the document it got and the document is indexed for quick future access
- Logstash processes the data
- The user creates visualizations which uses the index in elasticsearch and more specifically the data there (this is done in Kibana).
- The user creates a dashboard which composed out of the visualization created earlier
Explain what is Elasticsearch
From the official docs:
"Elasticsearch is a distributed document store. Instead of storing information as rows of columnar data, Elasticsearch stores complex data structures that have been serialized as JSON documents"
What is an Index?
Index in Elastic is in most cases compared to a whole database from the SQL/NoSQL world.
You can choose to have one index to hold all the data of your app or have multiple indices where each index holds different type of your app (e.g. index for each service your app is running).
The official docs also offer a great explanation (in general, it's really good documentation, as every project should have):
"An index can be thought of as an optimized collection of documents and each document is a collection of fields, which are the key-value pairs that contain your data"
What is an Inverted Index?
From the official docs:
"An inverted index lists every unique word that appears in any document and identifies all of the documents each word occurs in."
What is a Document?
Continuing with the comparison to SQL/NoSQL a Document in Elastic is a row in table in the case of SQL or a document in a collection in the case of NoSQL. As in NoSQL a Document is a JSON object which holds data on a unit in your app. What is this unit depends on the your app. If your app related to book then each document describes a book. If you are app is about shirts then each document is a shirt.
True or False? Elasticsearch indexes all data in every field and each indexed field has the same data structure for unified and quick query ability
False.
From the official docs:
"Each indexed field has a dedicated, optimized data structure. For example, text fields are stored in inverted indices, and numeric and geo fields are stored in BKD trees."
What reserved fields a document has?
- _index
- _id
- _type
Explain Mapping
What are the advantages of defining your own mapping? (or: when would you use your own mapping?)
- You can optimize fields for partial matching
- You can define custom formats of known fields (e.g. date)
- You can perform language-specific analysis
Explain Shards
An index is split into shards and documents are hashed to a particular shard. Each shard may be on a different node in a cluster and each one of the shards is a self contained index.
This allows Elasticsearch to scale to an entire cluster of servers.
Explain Replicas
In a network/cloud environment where failures can be expected any time, it is very useful and highly recommended to have a failover mechanism in case a shard/node somehow goes offline or disappears for whatever reason. To this end, Elasticsearch allows you to make one or more copies of your index’s shards into what are called replica shards, or replicas for short.
Can you explain Term Frequency & Document Frequency?
Term Frequency is how often a term appears in a given document and Document Frequency is how often a term appears in all documents. They both are used for determining the relevance of a term by calculating Term Frequency / Document Frequency.
Explain Elasticsearch query syntax (Booleans, Fields, Ranges)
Explain what is Relevance Score
Explain Query Context and Filter Context
From the official docs:
"In the query context, a query clause answers the question “How well does this document match this query clause?” Besides deciding whether or not the document matches, the query clause also calculates a relevance score in the _score meta-field."
"In a filter context, a query clause answers the question “Does this document match this query clause?” The answer is a simple Yes or No — no scores are calculated. Filter context is mostly used for filtering structured data"
What are Logstash plugins? What plugins types are there?
- Input Plugins - how to collect data from different sources
- Filter Plugins - processing data
- Output Plugins - push data to different outputs/services/platforms
What are Logstash Codecs?
What is Kibana?
From the official docs:
"Kibana is an open source analytics and visualization platform designed to work with Elasticsearch. You use Kibana to search, view, and interact with data stored in Elasticsearch indices. You can easily perform advanced data analysis and visualize your data in a variety of charts, tables, and maps."
What visualization types are supported/included in Kibana?
What visualization type would you use for statistical outliers
Describe in detail how do you create a dashboard in Kibana
What is Filebeat?
Describe how would an architecture of production environment with large amounts of data would be different from a small-scale environment
There are several possible answers for this question. One of them is as follows:
A small-scale architecture of elastic will consist of the elastic stack as it is. This means we will have beats, logstash, elastcsearch and kibana.
A production environment with large amounts of data can include some kind of buffering component (e.g. Reddis or RabbitMQ) and also security component such as Nginx.
What is DNS? What is it used for?
DNS (Domain Name Systems) is a protocol used for converting domain names into IP addresses.
As you know computer networking is done with IP addresses (layer 3 of the OSI model) but for as humans it's hard to remember IP addresses, it's much easier to remember names. This why we need something such as DNS to convert any domain name we type into an IP address. You can think on DNS as a huge phonebook or database where each corresponding name has an IP.
How DNS works?
In general the process is as follows:
- The user types an address in the web browser (some_site.com)
- The operating system gets a request from the browser to translate the address the user entered
- A query created to check a local entry of the address exists in the system. In case it doesn't, the request is forwarded to the DNS resolver
- The Resolver is a server, usually configured by your ISP when you connect to the internet, that responsible for resolving your query by contacting other DNS servers
- The Resolver contacts the root nameserver (aka as .)
- The root nameserver responds with the address of the relevant Top Level Domain DNS server (if your address ends with org then the org TLD)
- The Resolver then contacts the TLD DNS and TLD DNS responds with the IP address that matches the address the user typed in the browser
- The Resolver passes this information to the browser
- The user is happy :D
What types of DNS records are there?
- A
- PTR
- MX
- AAAA
What is a A record?
A (Address) Maps a host name to an IP address. When a computer has multiple adapter cards and IP addresses, it should have multiple address records.
What is a AAAA record?
What is a PTR record?
While an A record points a domain name to an IP address, a PTR record does the opposite and resolves the IP address to a domain name.
What is a MX record?
MX (Mail Exchange) Specifies a mail exchange server for the domain, which allows mail to be delivered to the correct mail servers in the domain.
Is DNS using TCP or UDP?
What is Round Robin DNS?
What is DNS Record TTL? Why do we need it?
What is a zone? What types of zones are there?
Explain Distributed Computing (or Distributed System)
According to Martin Kleppmann:
"Many processes running on many machines...only message-passing via an unreliable network with variable delays, and the system may suffer from partial failures, unreliable clocks, and process pauses."
Do you know what is "CAP theorem"? (aka as Brewer's theorem)
According to the CAP theorem, it's not possible for a distributed data store to provide more than two of the following at the same time:
- Availability: Every request receives a response (it doesn't has to be the most recent data)
- Consistency: Every request receives a response with the latest/most recent data
- Partition tolerance: Even if some the data is lost/dropped, the system keeps running
What is "Shared-Nothing" architecture?
It's an architecture in which data is and retrieved from a single, non-shared, source usually exclusively connected to one node as opposed to architectures where the request can get to one of many nodes and the data will be retrieved from one shared location (storage, memory, ...).
What is HTTP?
Describe HTTP request lifecycle
- Resolve host by request to DNS resolver
- Client SYN
- Server SYN+ACK
- Client SYN
- HTTP request
- HTTP response
True or False? HTTP is stateful
False. Server doesn't maintain state for incoming request.
How HTTP request looks like?
It consits of:
- Request line - request type
- Headers - content info like length, enconding, etc.
- Body (not always included)
What HTTP method types are there?
- GET
- POST
- HEAD
- PUT
- DELETE
- CONNECT
- OPTIONS
- TRACE
What HTTP response codes are there?
- 1xx - informational
- 2xx - Success
- 3xx - Redirect
- 4xx - Error, client fault
- 5xx - Error, server fault
What is HTTPS?
Explain HTTP Cookies
HTTP is stateless. To share state, we can use Cookies.
TODO: explain what is actually a Cookie
What is HTTP Pipelining?
What is a proxy?
What is a reverse proxy?
What is CDN?
When you publish a project, you usually publish it with a license. What types of licenses are you familiar with and which one do you prefer to use?
What is a load balancer?
What load balancer algorithms are you familiar with?
What is an Application Load Balancer?
How a search engine works?
What is faster than RAM?
What is a memory leak?
What is your favorite protocol?
SSH HTTP DHCP DNS ...
What is Cache API?
Although the following questions are not DevOps related, they are still quite common and part of the DevOps interview process so it's better to prepare for them as well.
Tell us little bit about yourself
Tell me about your last big project/task you worked on
What was most challenging part in the project you worked on?
Why do you want to work here?
How did you hear about us?
Tell them how did you hear about them :D Relax, there is no wrong or right answer here...I think.
How would you describe a good leadership? What makes a good boss for you?
Tell me about a time where you didn't agree on an implementation
How do you deal with a situation where key stakeholders are not around and a big decision needs to be made?
Where do you see yourself in 5 years?
Some ideas (some of them bad and should not be used):
- Senior DevOps
- Manager
- Retirement
- Your manager
Give an example of a time you were able to change the view of a team about a particular tool/project/technology
Have you ever caused a service outage? (or broke a working project, tool, ...?)
If you worked in this area for more than 5 years it's hard to imagine the answer would be no. It also doesn't have to be big service outage. Maybe you merged some code that broke a project or its tests. Simply focus on what you learned from such experience.
Rank the following in order 1 to 5, where 1 is most important: salaray, benefits, career, team/people, work life balance
You know best your order just have a good thought if you really want to put salary in top or bottom....
You have three important tasks scheduled for today. One is for your boss, second for a colleague who is also a friend, third is for a customer. All tasks are equally important. What do you do first?
You have a colleague you don‘t get along with. Tell us some strategies how you create a good work relationship with them anyway.
Bad answer: I don't. Better answer: Every person has strengths and weaknesses. This is true also for colleagues I don't have good work relationship with and this is what helps me to create good work relationship with them. If I am able to highlight or recognize their strengths I'm able to focus mainly on that when communicating with them.
What do you love about your work?
You know the best, but some ideas if you find it hard to express yourself:
- Diversity
- Complexity
- Challenging
- Communication with several different teams
What are your responsibilities in your current position?
You know the best :)
Why should we hire you for the role?
You can use and elaborate on one or all of the following:
- Passion
- Motivation
- Autodidact
- Creativity (be able to support it with some actual examples)
How would you improve productivity in your team?
A list of questions you as a candidate can ask the interviewer during or after the interview. These are only a suggestion, use them carefully. Not every interviewer will be able to answer these (or happy to) which should be perhaps a red flag warning for your regarding working in such place but that's really up to you.
What do you like about working here?
How does the company promote personal growth?
What is the current level of technical debt you are dealing with?
Be careful when asking this question - all companies, regardless of size, have some level of tech debt.
Phrase the question in the light that all companies have the deal with this, but you want to see the current
pain points they are dealing with
This is a great way to figure how managers deal with unplanned work, and how good they are at setting expectations with projects.
What was your favorite project you've worked on?
This can give you insights in some of the cool projects a company is working on, and if you would enjoy working on projects like these. This is also a good way to see if the managers are allowing employees to learn and grow with projects outside of the normal work you'd do.
If you could change one thing about your day to day, what would it be?
Similar to the tech debt question, this helps you identify any pain points with the company.
Additionally, it can be a great way to show how you'd be an asset to the team.
For Example, if they mention they have problem X, and you've solved that in the past, you can show how you'd be able to mitigate that problem.
Let's say that we agree and you hire me to this position, after X months, what do you expect that I have achieved?
Not only this will tell you what is expected from you, it will also provide big hint on the type of work you are going to do in the first months of your job.
What types of tests would you run for web application?
What are unit tests?
Explain test harness?
What is A/B testing?
What is network simulation and how do you perform it?
What types of performances tests are you familiar with?
Explain the following types of tests:
- Load Testing
- Stress Testing
- Capacity Testing
- Volume Testing
- Endurance Testing
What is a connection pool?
Connection Pool is a cache of database connections and the reason it's used is to avoid an overhead of establishing a connection for every query done to a database.
What is a connection leak?
A connection leak is a situation where database connection isn't closed after being created and is no longer needed.
What is Table Lock?
Your database performs slowly than usual. More specifically, your queries are taking a lot of time. What would you do?
- Query for running queries and cancel the irrelevant queries
- Check for connection leaks (query for running connections and include their IP)
- Check for table locks and kill irrelevant locking sessions
What is a connection leak?
What is a Data Warehouse?
"A data warehouse is a subject-oriented, integrated, time-variant and non-volatile collection of data in support of organisation's decision-making process"
What is a data lake?
A single data source (at least usually) which is stored in a raw format.
What is OLTP (Online transaction processing)?
What is OLAP (Online Analytical Processing)?
Given a text file, perform the following exercises
Extract all the numbers
Extract the first word of each line
Bonus: extract the last word of each line
Extract all the IP addresses
Extract dates in the format of yyyy-mm-dd or yyyy-dd-mm
Extract email addresses
Replace tabs with four spaces
Replace 'red' with 'green'
Explain "3-Tier Architecture" (including pros and cons)
What are the drawbacks of monolithic architecture?
- Not suitable for frequent code changes and the ability to deploy new features
- Not designed for today's infrastructure (like public clouds)
- Scaling a team to work monolithic architecture is more challenging
What are the advantages of micro-services architecture over a monolithic architecture?
Explain Vertical Scaling
Vertical Scaling is the process of adding resources to increase power of existing servers. For example, adding more CPUs, adding more RAM, etc.
Explain Horizontal Scaling
Horizontal Scaling is the process of adding more resources that will be able handle requests as one unit
How would you update each of the services in the following drawing without having app (foo.com) downtime?
What is the problem with the following architecture and how would you fix it?
The load on the producers or consumers may be high which will then cause them to hang or crash.
Instead of working in "push mode", the consumers can pull tasks only when they are ready to handle them. It can be fixed by using a streaming platform like Kafka, Kinesis, etc. This platform will make sure to handle the high load/traffic and pass tasks/messages to consumers only when the ready to get them.
Users report that there is huge spike in process time when adding little bit more data to process as an input. What might be the problem?
How would you scale the architecture from the previous question to hundreds of users?
How you prepare for a migration? (or plan a migration)
You can mention:
roll-back & roll-forward cut over dress rehearsals DNS redirection
Explain "Branch by Abstraction" technique
Exercises are all about:
- Setting up environments
- Writing scripts
- Designing and/or developing infrastructure apps
- Fixing existing applications
Below you can find several exercises
- Writing a Dockerfile and running a container
- Elasticsearch & Kibana on AWS
- Ansible, Minikube and Docker
- Cloud Slack bot
- Jenkins: writing scripts
- Jenkins: writing pipelines
- CI for open source project
- Flask, Containers and CI
- Flask, Containers and CI 2
Thanks to all of our amazing contributors who make it easy for everyone to learn new things :)
Logos credits can be found here