Virtusa DevOps interview Q&A Set-1

Docker Scenarios

1. Diagnosing Performance Issues in a Docker Container

o Check container logs: docker logs <container_id>
o Inspect resource usage: docker stats
o Analyze CPU/Memory limits: docker inspect <container_id>
o Profile application inside the container
o Check for network bottlenecks
2. Preventing Outdated Application Versions in Docker Containers
o Implement CI/CD with versioned images
o Use image digest instead of latest tag
o Automate vulnerability scans with tools like Trivy
o Set up alerts for outdated container versions
3. Deploying Dockerized Applications in an Air-Gapped Environment
o Set up a private Docker registry (Harbor, JFrog, or self-hosted Docker
Registry)
o Export images (docker save) and import (docker load)
o Use docker pull on a connected machine and transfer via USB
4. Secure Secrets Management in Dockerized Applications
o Use Docker secrets (for Swarm) or environment variables with caution
o Implement external secret stores (Vault, AWS Secrets Manager, Azure Key
Vault)
o Preventing Secrets in Image Layers: Use .dockerignore, pass secrets at
runtime
5. Allowing Containers to Access Host Hardware (GPUs)
o Use --gpus all flag in docker run
o Enable NVIDIA runtime (nvidia-container-runtime)
o Ensure security by limiting device access with --device flags

Kubernetes Scenarios

6. Troubleshooting a Crashing Kubernetes Pod

o Check pod logs: kubectl logs <pod>
o Describe the pod: kubectl describe pod <pod>
o Check events: kubectl get events
o Investigate OOM (Out of Memory) issues
7. Canary Deployment Strategy in Kubernetes
o Use Deployment with multiple ReplicaSets
o Implement Istio or Traefik for traffic splitting
o Gradually increase traffic percentage to new pods
8. Automating Kubernetes Deployment with Azure DevOps
o Use Azure DevOps pipelines with Kubernetes Service Connection
o Implement kubectl apply -f in pipeline scripts
o Use Helm charts for version-controlled deployments
9. Disaster Recovery for a Kubernetes Cluster
 o Regular backups with etcdctl snapshot save
o Store manifests and Helm releases in Git
o Multi-region deployments for high availability
10. High Availability for Stateful Kubernetes Applications
o Use StatefulSets with Persistent Volumes
o Distribute workloads across multiple availability zones
o Implement database clustering (e.g., MySQL, PostgreSQL with HA)
11. Managing Secrets in Kubernetes Securely
o Use Kubernetes Secrets (kubectl create secret generic)
o Implement tools like Sealed Secrets or HashiCorp Vault
o Use RBAC to control secret access
12. Preventing Resource Overuse with Kubernetes Quotas
o Define LimitRange for pods (cpu, memory)
o Set ResourceQuota at namespace level

Jenkins Scenarios

13. Triggering Builds on Code Push in Jenkins

o Use Git webhooks with Jenkins
o Configure Jenkins Multibranch Pipeline
14. Implementing a Shared Library in Jenkins
o Store shared libraries in a Git repo
o Load in Jenkinsfile using @Library('my-library') _
15. Conditional Deployment Based on Integration Tests
o Use when directive in a Jenkins declarative pipeline
o Example:

groovy
CopyEdit
stage('Deploy') {
when {
expression { currentBuild.result == 'SUCCESS' }
}
steps {
sh 'deploy.sh'
}
}

16. Scaling Jenkins for High Demand

o Implement Jenkins Master-Slave Architecture
o Use Kubernetes for dynamic agent provisioning
17. Migrating Jenkins Jobs Without Downtime
o Use Jenkins Configuration as Code (JCasC)
o Migrate jobs using Job DSL plugin
o Backup Jenkins_home and restore on the new server
Ansible Scenarios

18. Using the Same Playbook for Different Environments

o Use inventory files and variable substitution
o Example:

yaml
CopyEdit
- name: Deploy app
hosts: "{{ target_env }}"
tasks:
- debug: msg="Deploying to {{ target_env }}"

19. Rolling Updates in Ansible Without Downtime

o Implement rolling updates with batch-size
o Example:

yaml
CopyEdit
serial: 1
tasks:
- name: Restart service
service:
name: myapp
state: restarted

20. Running Tasks Conditionally in Ansible

o Use the when condition:

yaml
CopyEdit
- name: Restart if service is running
service:
name: myapp
state: restarted
when: ansible_facts['services']['myapp']['state'] ==
'running'

21. Deploying Ansible in Restricted SSH Environments

o Use Ansible Pull Mode
o Configure Bastion Hosts for controlled access

Azure DevOps Scenarios

22. Secure Service Connections in Azure DevOps Pipelines

o Use Service Connections in Azure DevOps
o Store credentials in Azure Key Vault
23. Implementing Infrastructure as Code (IaC) with Azure DevOps
o Use Terraform/Bicep for provisioning
o Example pipeline step for Terraform:

yaml
 CopyEdit
- task: TerraformTaskV1
inputs:
command: 'apply'

24. Managing Azure Service Principal Credentials Securely

o Store in Azure Key Vault
o Rotate secrets automatically with Azure policies
25. Deploying to Multiple Azure Subscriptions Securely
o Use multiple service connections
o Define different AZURE_SUBSCRIPTION_ID per environment
26. Migrating CI/CD from Jenkins to Azure DevOps
o Export Jenkins pipelines as YAML
o Use Azure DevOps Multi-Stage Pipelines
o Migrate artifacts to Azure Artifacts
27. Implementing GitOps with Azure DevOps
o Use FluxCD or ArgoCD
o Store Kubernetes manifests in Git and sync automatically