# Real DevOps Interview Breakdown🔥| CAN HE PASS? 😳 | AWS , K8s, Git, Terraform + Feedback #devops #15 ## Метаданные - **Канал:** DevOps Cloud and AI Labs - **YouTube:** https://www.youtube.com/watch?v=Nq0fFSUnUL4 - **Дата:** 20.04.2026 - **Длительность:** 30:20 - **Просмотры:** 4,966 ## Описание 💜 Booking Link for My Live Projects and Programs: https://topmate.io/cloud 💙 Join Our WhatsApp Group: https://chat.whatsapp.com/LsFkkWKDUSoL0JKFowR1bq 💚 Join Our Telegram Group: https://t.me/+xjZA3ZS-OQkxZTk1 💚 Subscribe to the Channel: http://www.youtube.com/channel/UCYDlBuxE7BEtYR5r4q3WRrQ?sub_confirmation=1 About The Channel : DevOps and Cloud Labs empowers you to thrive in the dynamic world of DevOps and Cloud Computing. We offer comprehensive learning resources covering AWS, Azure, and essential DevOps tools like Ansible, Packer, SonarQube, Trivy, Jenkins, Datadog, GitHub, GitHub Actions, GitOps, Argo CD, JFrog Artifactory, Terraform, Kubernetes, and Docker. Our content includes tutorials, engaging shorts, realistic mock interviews (covering devops interview questions, devops engineer interview, aws devops interview questions, devops mock interview, cloud engineer interview questions, devops fresher interview questions, and senior devops engineer interview questions), insightful podcasts, downloadable PDFs, and helpful books. We focus on practical application through complex, industry-grade projects, encompassing 3-tier architectures, database management (RDS, DynamoDB), data warehousing, secrets management, Azure DevOps, CI/CD pipelines, and various deployment strategies. Whether you're a fresher starting your journey (devops interview for freshers, devops mock interview for freshers) or an experienced professional looking to enhance your expertise (devops interview questions for experienced), DevOps and Cloud Labs is your trusted partner. Prepare for devops interviews with our resources, including devops interview recordings, and gain insights into the future of devops (devops future scope). Explore DevOps Cloud, AWS Projects, DevOps projects for practice, AWS, Azure, Terraform, Infrastructure, Kubernetes (K8s), Docker, and IaC (Infra as Code) with us. Subscribe now and unlock the power of DevOps and Cloud! ## Содержание ### [0:00](https://www.youtube.com/watch?v=Nq0fFSUnUL4) Segment 1 (00:00 - 05:00) God. Shaker. Yeah, hi Shaker. I should call you Soma or Shaker? Yeah, you can call me Som Shaker. Okay. So, hi Som Shaker. Uh this is Sayam Grover. I have around 11 years of experience into IT and I have worked for multiple MNCs and startups in the past. I worked as a DevOps as I would say platform engineer, SRE and even as a cloud engineer. So, this is my experience. Let's start with your introduction and then we'll deep dive into the interview. I'm Som Shaker. I have graduated from BMS College of Engineering. I have around 5 and 1/2 years of experience as a So, as a DevOps engineer. I first worked at Concentrix and later worked with IBM as a So, as a DevOps engineer. My core focus has been on uh on on infrastructure automations and container orchestration and CI/CD implementation. Uh in my career I've extensively worked with AWS services such as EC2, VPC, S3, Mhm. ASG, EKS to build highly available and scalable solutions on cloud. I have also experience in in containerization using Docker. Uh where I write optimized Dockerfile and in addition to this I for container orchestration I use a Kubernetes and manage deployments through Helm and Argo CD. I have also uh managed and monitored the end-to-end CI/CD pipelines using Jenkins declarative Okay, using Jenkins declarative syntax and so these pipeline automate the build, test, and deploy the applications. For infrastructure as a code I use Terraform to manage and provision the cloud infrastructure. And for configuration management and to automate the server provisioning I use Ansible. I also ensure system reliability through Prometheus and Grafana monitoring. Okay. So, how many observability tools have you used in the past? So, I in my project we have used Prometheus, Grafana, and CloudWatch. Mhm. How do you trace the request like in a Java-based application? So, trace the request we can use X-Ray where so the modern applications are microservice based applications which contains multiple app components or the microservices. Mhm. So, in this case we can use X-Ray that traces the request as it goes through the entire application. Uh so, it records the latency and the error rate and the process. Okay. Do you know what is Terraform workspaces? I'm sorry. Uh Terraform workspaces it is used to manage multiple Terraform state files where we can handle multiple environments state files by keeping the same Terraform configuration scripts. We can just change the variables. — State file in our we are still storing in S3 bucket where we can enable the versioning. Uh for to What if I don't want to store it in an S3 bucket? What are the other options? So, other options we can store in local machines. Uh or else S3. Uh apart from that we can store in on on on GitHub we can store. GitHub? Yeah. Don't you think it is a security risk? No, no. Okay, we cannot store it in GitHub. Uh one is S3 I'm aware. Okay, we used to store it in S3. Okay, let's take an example that your colleague has uh like hit Terraform apply and you also had did hit the same command at a similar time. Like there's a difference of 10 to 20 seconds. And — Okay. what will happen like whose apply will be successful, yours or his? And if not then if Mhm. like if it is if the changes has not happened or deployed, how you'll deploy it? So, when multiple people apply at the same time, uh it will first apply the first one Okay, first who has applied it. Okay, for that person to apply. So, to to overcome this we can use a state locking file system where we can lock the file once Okay, we can Okay, lock the state ### [5:00](https://www.youtube.com/watch?v=Nq0fFSUnUL4&t=300s) Segment 2 (05:00 - 10:00) file. Okay, which prevents multiple applies at the same time. Okay. So, let's say that both of you have hit apply at the same minute. What will happen next? I think it will wait for the first apply and then the second will be applied. It will wait for the first apply and second will be applied? I got confused. — Exactly. Yeah. I didn't get you. Uh the first will be applying Okay, the first one will be applied. And the and it will wait for it to to complete the apply and then the second apply will be applied there. Have you heard of the concept called as a deadlock? Yes, when multiple apply has been applied Okay, like applied so it will go into that deadlock situation. Exactly. Yeah. So, you need to read about that a bit more. Do you know what all things are performed like when you hit Terraform in it? When we apply Terraform in it, it will initialize a working directory. It will initialize the provider plugins and it will initialize backend modules. Mhm. Let's say that there is a colleague of yours whose name is Rakesh and he has made some changes in the AWS console without using Terraform. So, he has destroyed few resources and now you have like resumed your work after a day or two of your vacation and let me know like what will happen once you do a Terraform plan and apply and your team like team manager has informed you yeah, the changes done by Rakesh are correct, but you need to inculcate it in Terraform. Okay, so when Okay, in this case when the manual changes has been made to the Terraform resources. So, when we apply the Terraform plan in the output of that command will be will be getting to know what changes will be applied to the Okay, to the infrastructure. And we can know about the Okay, drift here. Okay, drift in the sense when the actual uh actual infrastructure it doesn't matches the state that is recorded in the state file. Uh so, we can uh apply it to revert the changes back to the configurations one thing. Uh and else we can update the our Terraform configurations to match the infrastructure changes. Like how will you achieve the same configuration as what Rakesh had proposed or had made done? Same. Uh Okay, well like we need to change manually in the Terraform scripts again. You're right. Okay. Are you comfortable with Git? Yes. How many uh branching strategies are there in Git? So, in our project we have used a development branch uh where all the development activities will be happening and all the feature will all the feature branch will be integrated here. And the and the feature branch which is used to enhance or work on a on an on a new feature by the Okay, the by the developer. And once it is done we it can be merged to the Okay, develop uh branch. And third one is we is a main branch which contains the production ready code changes. Uh and we can and Okay, we'll be creating the tag for each release there. And we have hotfix. It is used for uh for the for the crucial incidents in the production. Once the hotfix is done we'll be merging it to the development as well as the main branch. Okay. How do you deploy to your production? From which branch? Uh we'll be deploying from the main branch. Don't you create a release branch first? A release? I'm sorry, I didn't get you. Do you create a release tag? Yes, yes. We'll be creating a release tag and for each release we'll pick like Okay, deploy to the production. So, what kind of strategy is that? ### [10:00](https://www.youtube.com/watch?v=Nq0fFSUnUL4&t=600s) Segment 3 (10:00 - 15:00) I didn't get you. What kind of strategy? — Is it trunk-based strategy, feature branch-based strategy, release-based strategy? Multiple types of branching strategies are there. Like we are having the release branch as well, which contains all the releases to be deployed in the production. So, it's a release branch. Okay, base branch strategy. Okay. Do you know what is a Git pull? It's a combination of two commands. Uh Git pull, it will pull the changes from the remote repository and it will merge in the Okay, to the local repository. The Git pull equals to Git pull plus merge, you're saying? Yes. Okay, merge to the local. Yeah, how can it be a combination of itself? Git pull Yeah, you were saying Git pull equals to Git pull plus merge. It will bring [clears throat] all the changes from the remote repository. Git fetch is the answer what I was looking at. No, I'm sorry. I didn't get it. Can you come again? — plus merge is the answer. Okay, Git fetch. I'm sorry. Yeah. Yeah. Do you know what is a Git rebase? Git rebase that Okay, rewrite the entire Okay, the history of the of the commits. It will bring all the changes from the source branch and it will place it at the destination branch. So, it will create a like Okay, sort of linear branch. Any other uh feature of Git rebase? And it does not contains any information from the other branches. Mhm. Uh Let's say that you have to rename your branch. How will you do that? Git checkout and the branch name will be given there. This is to check out the branch. That Sorry. Git uh rename the branch. I'll look into it and I'm not sure. No problem. And what if I want you to remove the second last commit from the history? Second last commit. Yes. Uh so, we can use Git Okay, Git revert and the commit name. Uh so, the ID commit ID. Okay. What does a Git history show us? Git history that shows all the commit history of that branch. Okay. Let's jump to AWS. Uh How much would you rate yourself in Kubernetes? Kubernetes Okay, out of uh Five. Mhm. Uh-huh. Out of five. Uh out of five, I uh Three or four, something like that. Or AWS? The same. Three or four. What is the difference between NACL and SG? Uh NACL, it's a firewall at a subnet level and it's a stateless where we need to explicitly provide inbound and outbound rules. Whereas a security group is a firewall So, it's a virtual of firewall at the instance level and it's a stateful where we If we allow the inbound and the outbound will be automatically allowed. Uh let's say that you have an IP address 100. 2. 3. 4 and I have like denied or blocked your IP into my particular VM. And you log in uh next day and you allowed your whitelisted that particular IP in the NACL. So, what will happen? Like will you be able to log in to the VM or not? If it is allowed at the NACL, then we can So, it can access it. I have denied it and you have allowed it. It based on the rules Okay, rules number. If it is Okay, allowed at the higher priority, then it will be Okay, allowed to access. If it is denied at the lower priority, then it won't and then Okay, to it won't come to the picture. Uh deny has priority 100 and allow is 99. ### [15:00](https://www.youtube.com/watch?v=Nq0fFSUnUL4&t=900s) Segment 4 (15:00 - 20:00) I think the first deny will be having higher priority. You sure? Mhm. It uh Okay. What is the difference between ALB and NLB? ALB, it's a application load balancer that operates at layer seven. So, which can interpret the HTTPS traffic. It can read the headers and path. And based on that, it will route the traffic to the back-end server. Whereas NLB is a network load balancer that operates at layer four. It does not decrypt the traffic. It just forward it. So, it will just forward the traffic to the back-end servers. So, it is used in in in gaming servers or in video streaming. And ALB, it is used in web applications. ALB applications and NLB? It will be used in video streaming or in gaming servers. Mhm. So, what we are doing right now? Like what kind of a load balancer is used right now? Where I'm looking at Okay, where uh The video call we are having right now. This will be a network load balancer. Why is that? Uh because of faster and for Okay, for faster connection. Okay. And like what is the benefit of uh network load balancer which is not or I would say the negative point of NLB which is not present in ALB. Or the benefit of ALB which is not present in NLB. In NLB, it doesn't route the traffic based on path or based on the headers. But in the ALB, we So, it can be done. Based on the path, we can traffic the route. — acknowledgement like once we transfer the packets in NLB? I'm sorry. Do we receive an acknowledgement once the packets have been transferred in NLB? Yes. Yeah, I think after the receiving the Okay, sync acknowledgement, you're saying, right? Yeah. Acknowledge — [clears throat] — I actually didn't get your question. Can Can come again? No, let's not waste waste more time on this. Okay. Yeah, let's jump to Kubernetes. What are the key components of master Kubernetes? Okay, master nodes. Uh master node components are the API server which is the main management hub. So, all the components of the worker of all the components are connected through the API server and it is responsible for authenticating the request, authorizing the actions, and validating the request and authenticating the user. Sorry. And it is a communication hub. And the second one is the scheduler. So, it is the database of the cluster where it stores all the information about the cluster. It stores the desired state and the actual state of the cluster. And the third one is the scheduler. Okay, ETCD. Okay, so I'm sorry. Okay, that is about Okay, ETCD and the scheduler is that it watches for the new pod and it will based on the node resources and the constraints, it will schedule a node. Uh pod on the node and then we have uh a a controller manager which continuously monitors the cluster and it will always try matches the actual state with the desired state. And last one, we have the cloud controller manager which is responsible for the interaction between the cloud and the and the So, the and the Kubernetes cluster. Okay. One minute, explain about worker node as Mhm. What will happen if I run a command kubectl scale five hyphen n namespace So, it will scale the deployment setting uh to five. Yeah, like how will this request flow in ### [20:00](https://www.youtube.com/watch?v=Nq0fFSUnUL4&t=1200s) Segment 5 (20:00 - 25:00) master node? So, the request will go first it will go to the to the Kubernetes server and from that the request will be sent to the the to the scheduler and it will check for the node availability. And based on that it will so, it will it will okay, decide the node. And then the request will be again sent to the API server and it will schedule a pod on the okay, nodes. Okay. Uh let's say that you have a dev team in your organization and a devops team. The dev team needs the view only access for the production account and the other team needs uh write access to the production account. How would you define that in Kubernetes? So, to define to give the access to the cluster uh based on the roles we can use uh R back where it will provide the access to the cluster based on the okay, roles. Like in the roles we'll be okay, mentioning the actions. Um based on that actions the for that for the developer tools we for the developers we can create account which has the access only to read. And for that for the devops account we can add all the read and write operations. And from this we can give the access to that okay, to the respective teams with the okay, with the required actions. How many types of services are there in Kubernetes? In services we have cluster IP, node port and headless. Okay. What is the purpose of ingress? Ingress that will bring the external traffic to the okay, to the internal cluster. And based on the routing rules it will forward the traffic to the respective uh okay, respective services. How will you block pod to pod communication in Kubernetes? With a namespace we can restrict it. The pods are in the same namespace. Based in the networking policies we can okay, define there. The networking policies. Pod to pod. Yeah, [clears throat] like what policies, right? So, in that our routing rules we can prevent the communication, I think. Okay. How does scaling happen in Kubernetes? Different forms of scaling. Scaling uh we can use the okay, by default rolling update is the is supported in the deployment. Mhm. Where a small amount of around okay, by default 25 percent of the pods will be upgraded with a new version. Gradually it will replace the old pods with a new pods. So, this is a default that is okay, supported in the uh okay, in the deployment and we can also implement uh blue green or canary deployment. Okay. Um do you know what is PDB in Kubernetes? PDB pod disruption uh so uh so pod disruption budget. So, it allows to define the minimum number of pods or the instances to be present while training the pod. So, it makes sure the availability of the system. Okay. Do you know what is max unavailable and max search? Yeah, like max search is the where we can max okay, unavailable and max unavailable is the number which we can define to remove the pod okay, to to remove or to replace it. And max search is is a number which we define to keep the the okay, the number of the pods while training. Do you know how to do like prevent a ### [25:00](https://www.youtube.com/watch?v=Nq0fFSUnUL4&t=1500s) Segment 6 (25:00 - 30:00) DDoS attack in AWS or cloud? DDoS attack we can implement shield uh at the okay, at the application load balancer. We can implement shield or WAF which will prevent that DDoS attack. — Yeah, in WAF there is what will you use in WAF? The WAF will use the rules for the WAF so, in the WAF we'll be using some rules which will prevent the uh okay, this like unwanted actions. Okay. All right. So, so Shekhar I'm done with my set of questions. Do you have any question for me? I just need okay, like feedback where like can I improve? Uh where I'm lagging? — are very much accurate, I would say. Uh you need to like brush up your skills and I would say improve. I did not get a chance to ask about Linux. How much would you rate yourself in Linux or Python? Uh Python I have so, I actually I can understand the script and I can debug it but to to write from the beginning I need some resource help there. I'll use that some resource wherein our organization. Practice something in Python because for automation perspective you will need to write Python scripts. Okay. And how about bash scripting? Yeah, I have practiced the bash script as well. Uh not in detail in depth I have not practiced but some basics I have okay, I have practiced it. — Do you know what is an inode in Linux? Yes, I'm sorry. What is an inode? Inode? Uh I'm No, I don't know inode. Yeah. So, you need to like revise or brush up through a particular course, right? Like in Kubernetes also there are lots of things which you need to brush up. There is a Piyush Sachdeva playlist in on YouTube which you can follow to say that yeah, okay, I have completed my Kubernetes playlist and I'm full fully comfortable in it right now. After that you can come back — tell me the name of the uh okay, like YouTube channel? Piyush Sachdeva. Piyush Sachdeva, okay, fine. Yeah. I'll check it now. Yeah. And there is one more Abhishek Viramalla. Huh huh, yeah, okay, I know about that. Yeah. I used to watch it. Yeah, yeah. Abhishek Viraman Viramalla Linux is very good. Mhm. — [clears throat] — Sure. Yeah. Thank you so much. I'll share the feedback with you and — I actually have one like question. Mhm. So, I have stammering. Will that be a like constant in the real interviews? No. And don't you don't have to say this that I stammer, right? Like I have like I like like like So, actually I have I I thought to okay, tell you in the at the beginning only. See, it's from the beginning you didn't stammer this much since the time you told me actually. You know this? — Yes, yes. I have noticed Once you showcase your weaknesses then you are very much open. Right? So, do not showcase your weaknesses on the first day because otherwise the person is going to judge you anyhow, right? Mhm. Yeah, yeah. So, if you're not we have to keep it with ourself. Once we join the organization someone is our friend then we showcase them oh my god, man, yeah, this is my weakness. You have to like bear with me. But don't showcase the interviewer in the first minute. — Okay, I think you have around 11 years of experience, right? Have you okay, encountered the actually this kind of interviews okay, where the okay, the candidate have stammering? Bro, your knowledge is very good. Only this thing is going to matter. Do not think about it. It's all in your mind. Okay. Knowledge tops everything. Sure. You got it? There is nothing above knowledge, yeah. The client will need work and you will be able to achieve it with your knowledge. Anything else doesn't matter at all. Okay. You got it? Your knowledge is very good but you need to keep it like this Mhm. so that everything else is forgotten. Okay, sure. — Yeah. And I'm just not saying about for your stammering part, everything else. Like let's say that you didn't comb your hair someday or you didn't do anything else or you did something bad. You were cheating or any other thing. They'll forget everything ### [30:00](https://www.youtube.com/watch?v=Nq0fFSUnUL4&t=1800s) Segment 7 (30:00 - 30:00) once your knowledge is immaculate. Okay. All right? Yeah. Be confident in your interviews and do not showcase this on the first minute. Okay. All right? Okay, thank you. Okay, bye. Bye-bye. --- *Источник: https://ekstraktznaniy.ru/video/50019*