# DevOps Interview Secrets They Don’t Tell You 🤫| CAN YOU CLEAR THIS? 😳#devops #aws #interview #cloud ## Метаданные - **Канал:** DevOps Cloud and AI Labs - **YouTube:** https://www.youtube.com/watch?v=W3aUoF8g6cY - **Дата:** 05.05.2026 - **Длительность:** 28:54 - **Просмотры:** 2,538 - **Источник:** https://ekstraktznaniy.ru/video/50018 ## Описание 💜 Booking Link for My Live Projects and Programs: https://topmate.io/cloud 💙 Join Our WhatsApp Group: https://chat.whatsapp.com/LsFkkWKDUSoL0JKFowR1bq 💚 Join Our Telegram Group: https://t.me/+xjZA3ZS-OQkxZTk1 💚 Subscribe to the Channel: http://www.youtube.com/channel/UCYDlBuxE7BEtYR5r4q3WRrQ?sub_confirmation=1 About The Channel : DevOps and Cloud Labs empowers you to thrive in the dynamic world of DevOps and Cloud Computing. We offer comprehensive learning resources covering AWS, Azure, and essential DevOps tools like Ansible, Packer, SonarQube, Trivy, Jenkins, Datadog, GitHub, GitHub Actions, GitOps, Argo CD, JFrog Artifactory, Terraform, Kubernetes, and Docker. Our content includes tutorials, engaging shorts, realistic mock interviews (covering devops interview questions, devops engineer interview, aws devops interview questions, devops mock interview, cloud engineer interview questions, devops fresher interview questions, and senior devops engineer interview questions), ## Транскрипт ### Segment 1 (00:00 - 05:00) [] So, hi everyone. My name is Grover and I have close to 11 years of experience into IT and nine plus is into DevOps, cloud, SRE and platform engineering. I worked for multiple MNCs like Deutsche Telekom, T-Mobile, Nike, Google Fiber in the past and for startups like Cloudwick and Excalibur Infotech at Pune. So, [snorts] I have knowledge of most of the DevOps and CICD tools which are currently used in the industry. And yeah. So, we are here to connect so that like I can help you and assist you and prep you for an interview so that you can excel in that kind of thing an environment. Over to you for your introduction. Thank you, sir, for sharing the materials. It has helped to me to improve my skills. So, coming to my myself, I'm Prasad. I'm from Andhra Pradesh. So, earlier I learned I worked as a L2 support engineer. I almost worked 1. 5 years over there. Then I learned the DevOps and switched to Infosys. Infosys provided opportunity to learn the DevOps skill. So, so in my day-to-day life, I use the tools like GitHub and Docker, Terraform, Kubernetes. So, I use these tools in my day-to-day life. So, through the GitHub, we build the pipelines to automatically delete trigger the pipelines. So, for that we trigger for that we use the webhook to trigger this pipeline automatically. Using the Docker and Kubernetes, we make the these applications as containerization and deploy into the cluster. And for that after deployment after deployment, we configure the some alerts and some rules to monitor the this deployment to monitor the application. For that I use the CloudWatch. And to provision the infrastructure in the AWS, I use the Terraform. So, these are the main little bit of answers. Amazing. So, in DevOps, there are five pillars of DevOps and I'll try to rate you and help you out in these five particular parameters only so that like you're able to identify like how much you are you have reached and how much more you need to do it. Agree? — Okay. Yeah. So, I'll ask you like how much you rate yourself and then I'll ask few questions and based on that I'll judge where we are. So, like if I ask about Linux, how comfortable are you in Linux? In Linux, I would rate myself 3. 54 out of five. Amazing. So, have you done any sort of a course preparation like RHCL or something else? No, I haven't done any certification. So, before I purchased one DevOps course, in that using the Linux command, I build the application. Amazing. In manual people. So, can you give me like five commands which you use on a day-to-day basis which are like you would say an experienced person would use? Okay. For creating the folders, I use the MKDIR. To check the current directory, I use the PWD. To list the files, I use LS. To check the connectivity, I use the ping command. To check the DNS, I use the NSLOOKUP. And for filter of for to check the CPU, I use the top command and stop command. To check the DCU disk, I use the DF -S 2 to know the what is the current disk use of the folders, I use the DU -S 2 — What is the difference top and S top? Uh both if you use the top and S top, we can get the process CPU utilization. When you run the top command, you get the all the data uh real time. When you use the S top command, you will only get the one the same one snapshot. Okay. Let's say that there is an application, a Java-based application and it is using a port called as 8089 and you want to deploy one application which also wants to use the same port. So, you want to identify you are not aware that which application is using that particular port. So, what command will you run to check the name of the application which is using that particular port right now? SS test T U N L P uh pipe grep and that process name. So, I can use the process which are using that port that port. SSH you said? SS {slash} T U L N P uh pipe grep that port number. Yeah. Yeah. Very good. All right. And do you know what are I nodes in Linux? Yeah, I nodes actually it is a related to some files. ### Segment 2 (05:00 - 10:00) [5:00] There are two ways of hard link and soft link. So, if you use the hard link, um Actually, I need to go through this question. — No problem. Do you know what are IP tables? Yeah, I know the IP tables. Have you — has the Yeah. It has the routing information of the instance. So, if the if the user hit the this IP address, so what are the instance you should connect. So, it has the that information routing information. The routing table. Amazing. Have you ever created any cron expression in Linux? — Cron expression? Yeah, I have used them. To if you use the cron expression, we schedule the some task. Suppose if I want to suppose if shed if I want to monitor the one instance CPU usage every one hour, I use the cron tab. Using the cron tab, we can schedule the this task. Okay. So, there is a one I know. If I give you a very simple scripting task in Linux, will you be willing to do it? Yeah, I can write it. Amazing. So, this gives or tells me that you have confidence in yourself. And not willing to do this. Yeah, so this is a very good plus point for you, I would say. I give you a task. I like your confidence as well. I couldn't keep it till myself here till the end. I've added in the chat. With your expertise, I don't think it would take longer than two, three minutes because I've kind of understood like you have decent knowledge in Linux. You shared interview coding task. There is a task Should I write it now? Yeah. In the chat. Yeah, I've got it from the gist itself. This will not work because like you are mixing a perfect like position-wise field reference like the name is Ramesh Kumar Sukhija, three words and the second one is Anil Sadhana. That is two words. So, you are trying to pick the third element I would ### Segment 3 (10:00 - 15:00) [10:00] say of the string, right? I need to change the position. You cannot fix it. The thing is this because there are some people who have four words in their names as well. If — Okay. Yeah. You might have also heard, right? Like if you might have seen Golmaal, people have names like Muthuswami Venugopal Aiyer. Very long names, right? I need to get the whole phone number. I don't know. Yes, yes. You need to pick the strings, 10-digit string out of it. I can't do it after this call. No problem. Do you know any other like keyword which through which you can do this? I can use the seed command. Yes, with said also you can do this. Seed command also I can And with grep also you can do this. Yeah, yeah. So, let's move from Linux. I've understood that you have a decent good understanding of Linux and you have the willing to do it this task as well. Let's move to cloud or Kubernetes. How much would you rate yourself in cloud and how much in Kubernetes? In Kubernetes, I would rate myself four out of five. In the cloud, three to five. Three to five. Okay. Uh like if I ask you like when I write a command kubectl like deploy or install or anything. Like let's say I have written kubectl scale replicas equals to five minus N the namespace name. Right? How will this command direct like in the master or how will it redirect to the master plane? Which all components will get involved? How will this request flow? Okay. If you run any kubectl run command, first it will write to the API server. API server does the authentication and authorization. Once it is done, it will store the that required object in the ETCD. Once the Once it is stored in the ETCD, there is a one scheduler. Scheduler is always trying to find the node for this object. So, while selecting the nodes, it considered the request limits and node selectors and node affinities and taints and tolerances. All it select All it check and find the one suitable node. Once it is find the suitable node, it will give the information to the API server. API server just update the that node spec in the object. Once the node spec is updated in the object in the ETCD, every node there is a one kubelet. So, kubelet continuously watches this API server and it and it generates the container runtime and pod will be created and application will be running. So, this is how this entire master nodes and worker nodes work work to the work together when we run the kubectl run command. Do you know how many types of services are there in Kubernetes? Yeah, we have three types of the services. One is the cluster IP, one is the node import, and third one is the load balance. And when do we use which one? So, in the cluster if you use the cluster IP, no external access to the this is the cluster inside the pods. If you use the node port, suppose if I add the that node port to the node node IP address, so those who know that port number node IP address, those who those users are able to access the service and pods inside the cluster. If you use the load balancer service service, it will created the one load balancer in the cloud provider and it will access from the external external to the cluster. And when do we use ingress? So, suppose if you use the load balance service, so every service it will created the one load balancer in the cloud. But if you use the ingress, it will create the one application load balancer. In the ingress, we can write the we can maintain the rule book. Suppose if the path is a slash path, the that traffic will route to the this service and this port. If we use the slash home, the the that traffic will route to the this service and this port. Like that thing we maintain the ingress. ### Segment 4 (15:00 - 20:00) [15:00] Okay. So, it will And let's say that you want to stop pod to pod communication within the namespace. How will you do that? To stop the pod to pod communication, I use the network policies. So, in the network policy, we can use the selectors and labels. Through the labels and selectors and so we we configure this network the pod to pod communication. By default in the every pod can communicate to the every pod in the cluster. Using the this network network policies, we can control the this communication between the pods. Okay. Let's say that you have been given a requirement to I would say deploy a CockroachDB uh database in Kubernetes. And what will you use here? So, if we want to deploy the any stateful application in deployment, the pod identity should be should not be changed even though if it is run. The pod identity should be same and and it provide the stable network. For that thing, I use the stateful set deployment model. If you use the this stateful set deployment model, even though pods are restarted and dead, it will come up with the same names. In the while writing the this stateful set YAML file, we mentioned the headless service is goes to none. So, if you use the headless service in none, there is no any service. So, when request is directly see that this these pods are which are in the stateful set application. So, there is no any service communication between But apart from IP, there is something else also like which needs to be stay consistent. What is that? The pod name should be constant constant. How about the How about Yeah, yeah. Volume should be also. Before that, we use the PV and PVC techniques in the this stateful set application. Okay. Storage components. All right. Yeah. Uh Yeah. So, in cloud, do you know what is difference between pairing and transit gateway? Pairing and transient gateway. So, suppose my applications in the in one VPC and this application instance should connect with the in the VPC and that we use the this VPC pairing. Suppose the my multiple VPCs are there that should connected, I use the transient gateway. So, if I have paired A with B and B with C, can I expect data from A to C? A to B, B to C. No. It will connect with A to B, B to A only. And if I have paired B to C also, then? What? If I have paired A to C as well. It won't work, I guess. No, if I have paired A to C as well, then also it will not work. It will work if I paired A to C. It will work. Can you give me the differences between NACL and security group? So, NACL at the subnet level and security groups at the instance level. If you block If you want to block the any IP address any traffic from the some practical zone, at the subnet level, we use the this NACL. If you want to stop the traffic from the from this instance from the outside world, we use the security groups. To the NACL, we can configure the both incoming and outgoing of the traffic. But the in the subnet level, so we can only configure the incoming traffic. If you configure the incoming traffic, by default outgoing traffic also will automatically But in the subnet Let's take a situation that you are working for a client with your colleague whose name is uh Saurabh. And you both were working for a client called as XYZ. So, the security was tight and you have to whitelist the IPs like your personal IPs, public IPs, if you want to do anything within the VPC or if you want to reach EC2 instances. So, you guys used to whitelist the IPs. Your IPs are already added. Now, he has resigned last week and you want to like or your manager said like block his public IP. So, you've got his IP from one of the emails and you're you have to deny it. You've denied it and added it with a priority 101. The whitelist happened with the priority 95. So, what will happen? Will the allow work or the deny work? ### Segment 5 (20:00 - 25:00) [20:00] In the secure travel, always denies first priority, even if it is the allow, but always deny will work. If you even if even it is the allow in the multiple stages, always deny will run. But what about the priority rule priority? Rule priority If it is 95 allow, 101 is deny. I'll check that rule thing. Actually, there will priority thing that allow and deny will work in the subject level. I can't forget. Okay. Can you tell me how many types of load balancers are there in AWS? And if you have used any? Yeah, I have used uh two type of the load balancer. One is application load balancer, and second one is the network load balancer. For the application uh load balancer, it will work on the layer seven. It will route the traffic to HTTP some routing rules. If you use a network load balancer, it will works on the layer four network layer. It will route the traffic to TCP UDP commands. If you want to uh if you use a network load balancer, the latency will be very low when compared to the application load balancer. So, uh for the uh if you want to use the gaming some any high speeding and gaming and streaming, we can use this network load balancer. For the web apps, we can use this application load balancer. Okay. Uh Like Let's say that we are on a Zoom application. We are chatting, and we are able to hear each one of us. So, what kind of load balancer is being used right now? It is in a network load balancer. And what kind of protocol is it using? TCP and UDP protocol. How can it use both? Only network load balancer uses UDP. So, how is it using TCP or UDP? It cannot use both, right? — [snorts] — Okay. Yeah. ALB uses TCP. Uh like if I ask out of these two load balancers, which one receives acknowledgement that the packets have been received at the receiver's end? Which one is it? Packet acknowledgement sinking acknowledgement uh I think it's a network load balance. Other one. No problem. And third type of load balancer? Sorry. There are three types of load balancers in AWS. Network, application, third one, latest one. Latest. I need to go through that one. Gateway. You are telling me the name correctly. You can say that I've not read or worked with that, but you can at least give me the name, right? Okay. All right. How about CI/CD? Which tools are you familiar with? Uh Jenkins, I can name. Okay. CI/CD Let's say that you have a Java application, and now you're working as a DevOps who have to deploy uh Java application like to Kubernetes. And as a as the one expertise only a DevOps expertise in the team, create a CI/CD pipeline who will deploy it to production from like multiple non-production environments like dev, QA, non-stage non-prod, then to prod. How will you create all these stages? How where will you ship the artifacts from to? And how will you build the image? Tell me like how many stages will a CI/CD have as per your expertise? Okay. So, first one something code is checked out from the Git. Pipeline is a pipeline will automatically trigger. For that I will use a webhook. So, once the code is checked out, the pipeline will automatically start. For every stages, we we check the security. Security scans security and scanning. First stage, once the code is checked out, we use the static code analysis to find any code vulnerabilities any third-party vulnerabilities. After that static code analysis, we have a quality gate check stage. In this stage, there is a pre pre-defined rules. So, what is the rules means? The code should not have any bugs. And that test case that smoke test all the all all test cases should be passed like that this like that these tools in the quality gate checks. Once the if any stage is failed, the pipeline will stop and the developer will notified to the email as well. Let's assume that this stage also passed, then we have a build stage. For Java application, we use the Maven. So ### Segment 6 (25:00 - 28:00) [25:00] when the once the build stage is passed, the artifact will be stored in the Nexus. So, after that we have a doctor docker image creation. Once the docker image will be created, the artifact will be stored to the ECR. So, after that we have a deployment process. First, we deploy into the lower environment UAT. So, once it is we deploy the UAT cluster using the Kubernetes. Once it is deployed into the UAT, business teams and some few clients are tested. Once they are approved, then we just promote the this image to the prod. So, in this way I configure the stages and I integrated the tools between the uh source code to deployment. Okay. Uh have you like done any sort of monitoring tasks like creating Grafana dashboards or anything else? We use the CloudWatch for the monitoring tool. So, we create the rules based on the Do you know how to monitor memory in EC2 instances? Uh monitor the memory. We We can use the Linux commands like free dot in. And for And using the Like you want to have a dashboard and an alarm system or based on memory. This is a very important and critical aspect, right? While monitoring an EC2 instance. You can study about this later on. Uh I guess this sums up most of my questions and the experience I wanted to give you. You are very good right now. You just need to brush up few things, and you'll be good to start for the interviews. All the best to you. Actually, one question. I may I have a some stammering. Will it affect anything in the interview? Actually, I'm more fear I fear than that I If your knowledge is good, nothing will come in between. between, man. It's all in your mind. If you think you stammer, you will stammer. If you forget that not stammer at all in the interview. So, don't let it come into your mind that you stammer. Never think about it. You should just think I'll focus on my knowledge, and the interviewer will also come like focus on my knowledge. No one wants like you to look bad, or everyone wants the knowledge to come into picture. The knowledge comes first. Nothing else. So, am I good giving the L1 interviews? Yeah. Yes. Like if you want to start for a three-to-five-year role, you can start. But just pick up on the observability aspect. I'll go on to it. Yeah. And do you have any expertise in Python? Actually, I'm starting learning Yeah, it's very easy for you, man. You have good script like command over user I would say scripting in Linux, so you can pick up Python very easily. Do add that and observability in your resume. And one more feedback, your resume is very bad. Please take some external help to make it look good. You have good knowledge. You have good experience. Add your day-to-day or weekly tasks in your resume. Your resume is not good. Okay, got it. I'll take that one. — It doesn't talk about your 10% of the knowledge you have. Okay. Thank you, sir. I'll leave with the confidence, too. Yeah. Thank you so much, man. You'll do great. Yeah. Bye-bye.