Raj Saha Cloud With Raj: Instructor Bio

Raj Saha
cloudwithraj.com
Cloud With Raj
linkedin.com/in/rajdeep-sa-at-aws/
Instructor Bio:
Sr. Specialist SA – Containers/Serverless@
Bestselling Udemy/Pluralsight author
Tech Advisor of crypto startup
Public speaker and guest lecturer
Author of multiple official AWS blogs
YouTuber with 35K subscribers
Previously - Distinguished Cloud Architect @Verizon
Opinions are my own
Copyright © Rajdeep Saha - All Rights Reserved
Course Structure
DevOps Fundamentals
DevOps Pre-requisites
Jenkins – Basics to Advanced with Use Case Demos
DevOps Interview Q/A

DevOps Fundamentals
 DevOps – What and Why
 DevOps Benefits
 Challenges of DevOps
 CI vs CD vs CD!
 Different DevOps Tools
 Different DevOps Workflows
 DevOps Learning Path
 DevSecOps – What and Why
 DevSecOps Workflows including Kubernetes

DevOps Pre-requisites
Git and GitHub Basics Linux Basics
 Git – What and Why  Linux Basic Commands
 Git vs GitHub  Linux File and User Commands
 Git Workflow  Vi Editor
 Git Install and Setup  AWS CLI – What and Why
 Git Workflow Demo  AWS CLI using AWS CloudShell
 Comparing Files  Find and Run ANY AWS CLI Command
 DevOps Learning Path
 Git Branch and Merge Kubernetes Primer
 Branching Merging Demo  Container – What and Why
 What is Container Orchestrator
Infra as Code Basics  Enter Kubernetes!
 Infrastructure as Code – What and Why  Pods
 What is CloudFormation  Replicaset and Deployment
 Running our First CloudFormation  Ways to Spin Up Cluster
 CloudFormation vs Terraform  Intro to eksctl
 Spin our Very First Kubernetes Cluster!
Jenkins
 Jenkins – What and Why  Jenkinsfile Post Section
 Jenkins Installation on AWS  Trigger one Jenkins Job to Another
 Jenkins Installation on Local  Passing Parameters
 Jenkins Console Walkthrough  Jenkins Environment Variables
 Saving Credentials in Jenkins  Parallel Stages
 Jenkins Plugins  Build and Push Docker Image
 Declarative vs Scripted Pipeline  Run Shell Scripts from Jenkins
 Freestyle vs Pipeline Job  Build Unit Test using Docker Container
 Jenkinsfile – What and Why  Triggering Lambda from Jenkins
 Jenkinsfile Structure  Manual Approval in Pipeline
 Jenkins Permission  Convert Scripted Job to Pipeline
 Writing Jenkinsfile the Easy Way  GitHub Jenkins Automated Integration

Jenkins Continued..
 Run ANY CloudFormation from Jenkins
 Run Terraform from Jenkins
 Deploy to Kubernetes using Jenkins and GitOps
 Run Ansible with Jenkins

 Basic Interview Q/A
 Intermediate Interview Q/A
 Advanced Interview Q/A

DevOps – What and Why
Raj Saha
cloudwithraj.com
Cloud With Raj

Monolith
store/browse
Monolith
API
store/buy Gateway/Load Entry function check the Database
Balancer url/path and executes logic
store/refund accordingly

Issue of Scaling
store/browse
store/buy API Monolith

Gateway/Load Database
Balancer (Running on VM)
store/refund
CPU
Amazon EC2
(M5.12xlarge)

Issue of Scaling
store/browse
API Monolith
store/buy Gateway/Load Database
Balancer (Running on VM)
store/refund
CPU
Amazon EC2
(M5.12xlarge)

Entire Monolith Need to Scale
store/browse
Monolith
Monolith
(Running on VM)
API
store/buy Gateway/Load (Running on VM)
Database
Balancer
store/refund
CPU CPU
Amazon EC2 Amazon EC2

(M5.12xlarge) (M5.12xlarge)

APIs in Microservice
store/get backend DB
store/browse (smaller VM1) (t3.large)
API
store/buy store/post backend
Gateway/Load DB
(smaller VM2)
Balancer
store/refund
(t3.medium)
store/delete backend
(smaller VM3) DB
(t3.micro)

Scaling APIs in Microservice
store/get backend
(smaller VM1) (t3.large)
store/browse
(smaller VM1)
(t3.large)
API
Gateway/Load DB
(smaller VM2)
Balancer
store/refund
(t3.medium)
(smaller VM3) DB
(t3.micro)

Scaling APIs in Microservice
store/get backend
(smaller VM1) (t3.large)
store/browse
(smaller VM1)
(t3.large)
API
Gateway/Load DB
(smaller VM2)
Balancer
store/refund
(t3.medium)
(smaller VM3) DB
(t3.micro)
Polyglot
World is Moving towards Microservice
● Microservices require frequent implementation
Code deployed every 11.7 seconds! Delivery time reduced from Code deployed thousand times per day
hours to minutes

Traditional Deployment
Developer Operations
Check-in Build Deploy Test Deploy

WAIT WAIT WAIT WAIT
Code Code to Test Code to Prod
Hours/Days + Lot of Grief for Developer & Operations

When are When you
you gonna stop breaking
deploy my my servers
code?

WAIT WAIT WAIT WAIT

I just
wanna do
cool stuff

What is DevOps?
● Word “DevOps” coined in 2009 by Patrick Debois
● Combination of cultural philosophies, practices, and tools
● Job market is based on tools!
● Development and Operations teams are no longer “siloed”

When are When you
you gonna stop breaking
deploy my my servers
code?

WAIT WAIT WAIT WAIT

DevOps
Same Team
Automated End to End

● Whole flow done in seconds!

● Easy to rollback in case of errors

DevOps
Same Team

Monitor
Rollback to Previous Version

General DevOps Practices
● Automate everything!
● Deploy frequently rather than one mega deployment in months
● Codify every step - infrastructure, application and more
● Rome was not built in a day!

DevOps Benefits
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps Benefits
Technical benefits Cultural benefits

● Faster software delivery ● Improved communication and
● Faster problem remediation collaboration
● Easier to replicate best ● Greater professional
practices opportunities
● More time to innovate ● Happier, more productive
(rather than fix/maintain) teams

Why DevOps?
How long would it take your organization to deploy
a change that involves a single line of code?
Can you do this on a repeatable reliable basis?
DevOps Vs Non-Devops organizations:
4x 24x 200x 44%

Lower change Faster recovery times More frequent More time spent
failure rate deployments on new features
and code
Source: Puppet State of DevOps Report

DevOps Challenges
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps Challenges
Challenges
● Continuously adapt to changing landscape
● New tools
● New processes and technologies
● Developers unwilling to provide support
● Takes months/years to ramp up
● Resistance to change

DevOps Challenges
Challenges
● Continuously adapt to changing landscape
● Establish standard toolsets
● CCoE provides templates with best practices
● Developers unwilling to provide support
● Rotation, incentives
● Takes months/years to ramp up
● Utilize vendor trainings, workshops
● Resistance to change
● Cultural training

CI vs CD vs CD
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps
Same Team

Monitor
Remediate

DevOps Phases
AUTHOR SOURCE BUILD TEST DEPLOY MONITOR

• Write Code • Check-in • Compile Code • Integration • Deploy Artifacts • Logs, Metrics,
Source • Create Artifacts Testing and Traces
Code • Unit Testing • Load Testing
• UI Testing
• Penetration
Testing
Remediate

CI vs CD vs CD

• UI Testing
• Penetration
Continuous Integration (CI) Testing
Continuous Delivery (CD) Manual Approval
Continuous Deployment (CD)

DevOps Phases
Pipeline/CICD Pipeline
AUTHOR SOURCE BUILD TEST DEPLOY

• Write Code • Check-in • Compile Code • Integration • Deploy Artifacts
Source • Create Artifacts Testing
• UI Testing
• Penetration
Testing

DevOps Pipelines
Dev Environment Pipeline
Stage Environment Pipeline
SOURCE BUILD TEST DEPLOY
Prod Environment Pipeline

DevOps Pipelines
Dev Environment Pipeline
Stage Environment Pipeline
Prod Environment Pipeline

DevOps Tools
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps Phases

• UI Testing
• Penetration

DevOps Tools
AWS Cloud9 AWS CodeCommit AWS CodeBuild AWS CodeBuild AWS CodeDeploy CloudWatch AWS X-Ray

• UI Testing
• Penetration
Testing
AWS CodePipeline

Different DevOps Workflows
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps Tools
AWS Cloud9 AWS CodeCommit AWS CodeBuild AWS CodeBuild AWS CodeDeploy CloudWatch AWS X-Ray

• UI Testing
• Penetration
Testing
AWS CodePipeline

DevOps Workflow
CloudWatch
app.java

DevOps Workflow
CloudWatch
app.java app.java
Amazon EC2
AWS CodeArtifact

DevOps Workflow
CloudWatch
app.java app.java
Amazon EC2
AWS CodeArtifact

Where is CloudFormation/Terraform?
CloudWatch
AWS CloudFormation

Where is CloudFormation/Terraform
CloudWatch
WordPress
AWS CloudFormation AWS CloudFormation
Amazon Elastic Compute

Cloud (Amazon EC2)

Provisioning Kubernetes Cluster
CloudWatch
AWS CloudFormation AWS CloudFormation
Amazon Elastic Kubernetes

Service (Amazon EKS)

Deploy to Kubernetes – Old Way
CloudWatch AWS X-Ray
app.java

Dockerfile

app.java app.java

Dockerfile Dockerfile

app.java app.java

Dockerfile Dockerfile Amazon Elastic Container
Registry (Amazon ECR)

app.java app.java
manifest

app.java app.java
manifest

DevOps Learning Path
Raj Saha
cloudwithraj.com
Cloud With Raj

Linux Commands DevOps Learning Path
Git Commands
Infrastructure as Code
(CloudFormation or Terraform)
Must Have
DevOps Services
(Jenkins Recommended)
DevOps Pipelines
(Workflows)
Relevant Technology
(Kubernetes Recommended)
Highly Recommended
Interview Q/A Practice
DevOps Job
Linux Commands Covered In This Course
Essential Git Commands
CloudFormation Basics
DevOps Services Must Have

(Jenkins In-Depth)
DevOps Pipelines
(Multiple Workflows)
Kubernetes Primer
Highly Recommended
DevOps Job
Recommended Linux Commands (This Course)
Git & GitHub

Rocking Git & GitHub - A Real
World Guide
CloudFormation & Terraform
DevOps Services (This Course)

(Jenkins In-Depth)
Rocking AWS CloudFormation, CDK with

DevOps Pipelines (This Course) DevOps, Interview Guide
(Multiple Workflows)
Relevant Technology
Kubernetes
DevOps Interview Q/A (This Course)

Rocking Kubernetes with Amazon
EKS, Fargate, And DevOps
DevOps Job
How About Certs and Coding?
● Certs are good to get recruiter attention
● AWS Sysadmin Associate
● AWS DevOps Pro
● Kubernetes Certs
● Avoid super specific certs in the beginning
● Coding NOT a primary requirement

● Can be picked up at job
● No coding round in DevOps interview
● Pick Python if required

DevSecOps – What and Why
Raj Saha
cloudwithraj.com
Cloud With Raj

Challenges with DevOps and Security
● DevOps deploys at rapid pace
● No time for traditional security checks
● Integrate security with DevOps

● Automate security processes
● Auto-remediate security errors
● Codify security processes
● DevSecOps was born!

What Security?
● Infra as Code security
● Security groups too permissive
● Using non secure AMI
● Code security
● Static code analysis (SAST – Static Application Security Testing)
● Hardcoding passwords, SSH keys etc
● Poor secret management
● Code vulnerable to SQLInjection, Crosssite Scripting etc.
● Vulnerable package used
● Dynamic Security (DAST – Dynamic Application Security Testing)

● Vulnerability detected on code packages
● Vulnerability detected on OS packages

More Attack Areas with Kubernetes
● Image security
● Privilege escalation
● Root mode
● Host security
● CIS Kubebench non compliance
● Vulnerable AMI
● Pod and Runtime security

● Pod security group too open
● Network policy too permissive

DevSecOps Fancy Terms (For Interviews)
● Defense in Depth
● Apply security in layers
● Makes it harder to attack
● Shift Left
● Left (Starting of a process) to right (End stage of a process)
● Code > Build > Test > Deploy > Monitor
● Start integrating security from early (left) phase

Defense in Depth Public Subnet
Elastic Load Balancing
Auto Scaling Group

Availability Zone 1 Availability Zone 2
Private Subnet

Webserver Webserver
• Automate all the security Private Subnet
measures in the pipeline Elastic Load Balancing

= DevSecOps
Auto Scaling Group

Private Subnet
Appserver Appserver
Database

Shift Left Public Subnet
Auto Scaling Group

Private Subnet

Webserver Webserver
Private Subnet
Auto Scaling Group

Coding Build/Test
Private Subnet
Appserver Appserver
Database

DevSecOps Pipelines
Raj Saha
cloudwithraj.com
Cloud With Raj

DevSecOps Workflow
● Tooling will change based on the application
● Different tools for different languages
● Container security is different than EC2 security
● Popular workflows
● Infra as Code workflow
● EC2 applications
● Kubernetes applications

CloudFormation/Terraform Workflow
CloudWatch

• Scan template • AWS Config monitor
resources, Nagios
• Sample tools – CFN-NAG, monitors network etc.
AWS CloudFormation AWS CloudFormation Trend Micro Cloud One
Conformity, AWS Amazon Elastic Compute • Alert in case of
CloudFormation Guard etc. Cloud (Amazon EC2) deviation
• Scan EC2 AMI via

Amazon Inspector
• Can be invoked via shell

commands

CloudFormation/Terraform Workflow – Defense in Depth
CloudWatch

• Scan template • AWS Config monitor
resources, Nagios
• Sample tools – CFN-NAG, monitors network etc.
AWS CloudFormation AWS CloudFormation Trend Micro Cloud One
Conformity, AWS Amazon Elastic Compute • Alert in case of
CloudFormation Guard etc. Cloud (Amazon EC2) deviation
• Scan EC2 AMI via

Amazon Inspector
• How are EC2s exposed?
• Can be invoked via shell
commands
• Use private subnet, AWS
WAF, AWS Shield, AuthN/Z

EC2 Workflow
CloudWatch
app.java app.java
Amazon EC2

EC2 Workflow
CloudWatch
app.java app.java
Amazon EC2
• Static code analysis • Penetration • Dynamic
testing testing and
• Use AWS Secrets analysis
Manager • DDoS testing
• Sample tools
• Sample tools – – ZAP, Astra,
SonarQube, graudit etc. Invicti etc.
• Can be invoked via shell • Monitor host

commands configuration

EC2 Workflow – Defense in Depth
CloudWatch
app.java app.java
Amazon EC2
• Static code analysis • Penetration • Dynamic
testing testing and
• Use AWS Secrets analysis
Manager • DDoS testing
• Sample tools
• Sample tools – – Astra, Invicti
SonarQube, graudit etc. etc.
• How is the app exposed?
• Can be invoked via shell • Monitor host
• Use private subnet, AWS commands configuration
WAF, AWS Shield, AuthN/Z

Kubernetes GitOps

• Run penetration test • Run Dynamic Scan on
running containers
• Tools – Prisma Cloud,
Snyk etc.
• Run Kube-bench for K8s
Amazon Elastic Container config scan
• Analyze K8s Control
• Static code analysis Amazon Elastic Kubernetes Plane logs
• Lint image with Dockle, • Cordon node/pods if
Hadolint etc. for root and necessary
privilege escalation
• Run ECR enhanced
scan for code and OS
package scan
• Note – scan K8s worker
EC2 AMI with Amazon
Inspector

Kubernetes Security Areas
Amazon EKS
VPC Network security

Ingress

Image security Pod and runtime
security
Audit & forensics
Amazon ECR Amazon EC2 Amazon EC2 Amazon EC2
Infrastructure
security
https://aws.github.io/aws-eks-best-practices/security/docs/
Git – What and Why
Raj Saha
cloudwithraj.com
Cloud With Raj
Before Version Control System
Version 1.0
Version 1.0
Version 1.0
running code version 1.0

Version 1.0
I have a great
idea, send me
your code
Version 2.0
Version 1.0
Version 2.0
Version 1.0
Version 2.0
Version 1.0
• Rollback is time consuming
• No audit tracking
• Not scalable for large teams
Version 2.0
Version Control System
v1.0
Repository
v1.0
Repository
v1.0
Repository
v1.0
Fetch the code

v1.0
v1.0
Repository
v1.0
Fetch the code

v1.0
v2.0
Repository
v2.0
v1.0
v1.0
Repository
v2.0
v1.0
v2.0
Repository
v2.0
v1.0
v2.0
Repository
v2.0
v1.0
v2.0
Repository
Version Control System - Git
v2.0
Why Git?
v1.0 • Distributed
v1.0
Repository
Centralized Version Control System
Centralized
Repository
• Single point of failure

• Requires constant connectivity
• E.G – Subversion, Endevor
Distributed Version Control System
Local Repository
Local Repository Remote

Repository
Local Repository
Local Repository

Repository
• Each developer has a local copy

• More scalable than centralized
Local Repository • E.G – Mercurial, Git
v1.0
Local Repository
v1.0

Repository
Local Repository
Why Git?
• Distributed
• Performant
• Detailed audit tracking
• Open source
• Free!
• Implemented with Kubernetes GitOps,
integration with Jenkins and other DevOps
tools
• GitHub, GitLab, Code Commit are all based
on Git
Git vs GitHub
Raj Saha
cloudwithraj.com
Cloud With Raj
Git Vs. GitHub
• Version Control System • Git repository hosting services with other

features
• Installed locally on the system
• Runs on the cloud
• Created in 2005, by Linus Torvalds
• Created in 2008, currently owned by Microsoft
• Open source, and used in multiple cloud
repository services • Not open source, have free and paid tiers
v1.0
Local Repository
v1.0

Repository
Local Repository
Ways to use Git
 Command line interface (CLI)
 GUI
 Within DevOps tools

For our Course
 Command line interface (CLI)
 Visual studio code
 GUI
 Git Graph
 Repository
 GitHub
 Within DevOps tools

 Jenkins
Git Workflow
Raj Saha
cloudwithraj.com
Cloud With Raj
Local Repository
v1.0
v1.0
Remote
Repository
Local Repository
v1.0
Remote
Repository
Git Workflow
file1
Workspace Index/Staging Local Repository

Area
Remote
Repository
Local
Git Workflow
file1
add

Area
Remote
Repository
git add file1
Local
Git Workflow
file1
add commit

Area
Remote
file1 staged Repository
git commit file1 –m “Added file1”
Local
Git Workflow
file1 file1
add commit

Area
Remote
git commit file1 –m “Added file1”
Local
Git Workflow
file1 file1 file1
add commit push

Area
Remote
git push
Git Workflow
file1 file1 file1
add commit push

Area
Remote
Git Workflow
file1
file1 file1 file1
add commit push

Area
Remote
• Staging area still has the file!

file3
file2
file1
Modified file1 file1 file1
add commit push

Area
Remote
file3
file2
file1
Modified file1 file1 file1
add commit push

Area
Remote
git add file1 file2 file3
git add -A
(Stage all new, modified, and deleted files)

file3 file3
file2 file2
file1
Modified file1 Modified file1 file1
add commit push

Area
Remote
git commit file1 file2 file3 –m “Added new feature1”
git commit –m “Added new feature1”
(Move the changes from stage to local repo)

file3 file3 file3
file2 file2 file2
file1
Modified file1 Modified file1 Modified file1
add commit push

Area
Remote
git commit file1 file2 file3 –m “Added new feature1”
git commit –m “Added new feature1”
(Move the changes from stage to local repo)

file3 file3 file3
file2 file2 file2
file1
Modified file1 Modified file1 Modified file1
add commit push

Area
Remote
git push
file3 file3 file3 file3
Modified file1 Modified file1 Modified file1 Modified file1
add commit push

Area
Remote
git push
file3 file3 file3
add commit push

Area
Remote
Git add file1

git add -a
file3 file3
add commit push

Area
Remote
Git add file1

git add -a
file3 file3
add commit push

Area
Remote
git commit –m “Removing file1”

file3
add commit push

Area
Remote
git commit –m “Removing file1”

file3
add commit push

Area
Remote
git push
add commit push

Area
Remote
git push
add commit push

Area
Remote
• Each commit will have separate ID, full snapshot with details for
audit
Skipping the Staging Area
file7
add commit push

Area
Remote
Repository
git commit –a –m “Adding file7 skipping stage”
git commit –am “Adding file7 skipping stage”
 NOT RECOMMENDED
Git Branch and Merge
Raj Saha
cloudwithraj.com
Cloud With Raj
add commit push
Workspace Index/Staging Local

Area Repository Remote
file1
add commit push

Repository
I am working on
a new feature
feature1
file1
Branch: master
add commit push

Repository
Branch: feature1
file1
Branch: master
add commit push

Repository
Merge
Pull Request
Branch: feature1
Branch: master
Commit ID
for file1
• Branch can only be created
from existing branch
Branch: master Branch: feature1
Commit ID
for file1 • Important - Branches are
references to commit, no code
is copied
git branch feature1

HEAD
Commit ID
for file1
• HEAD determines which branch you are at

currently
HEAD
Commit ID
for file1
git switch feature1

git checkout feature1
HEAD
Commit ID
for file1
Modified file1
Added index.html  Switch Branch to feature1

 Modified file1, added index.html
 Commit to feature1 Branch
 All of this is in local repo
HEAD
Branch: feature1
Commit ID
for modified file1,
index.html
Branch: master
Commit ID
for file1
Modified file1
Added index.html  Switch Branch to feature1

 Modified file1, added index.html
 Commit to feature1 Branch
 All of this is in local repo
HEAD
Branch: feature1
Commit ID
for modified file1,
index.html
Branch: master
Commit ID
for file1
Modified file1
git switch master

Added index.html
Branch: feature1
Commit ID
for modified file1,
HEAD index.html
Branch: master
Commit ID
for file1
Modified file1
git switch master

Added index.html
git merge feature1
git merge <name of the branch to be merged into
the branch you are on>
HEAD
Commit ID
for modified file1,
index.html
Commit ID
for file1
Modified file1
git switch master

Added index.html
git merge feature1
HEAD
Commit ID
for modified file1,
index.html • Making master branch move to look at
latest commit ID
Commit ID • Fast forward merge

for file1
Modified file1 • NO CHANGES made on master branch
git switch master

Added index.html
git merge feature1
Changes in Multiple Branches
Branch: feature1
Commit ID
for modified file1,
index.html
Branch: master
Commit ID
for file1
Modified file1
Added index.html

Commit ID Commit ID
for file2 for modified file1,
index.html
Commit ID
for file1
Committed file2
in master
• Changes made on both

Commit ID branches
Commit ID
for modified file1,
for file2 index.html
• Just moving the branch to
look at new commit ID won’t
Commit ID
for file1 do merge
Committed file2
• Need three-way merge
in master
Fast Forward Merge Not Possible
Branch: master
Branch: feature1
Commit ID Commit ID
index.html
Commit ID
for file1
Fast Forward Merge Not Possible
Branch: feature1
Branch: master
Commit ID Commit ID
index.html
Commit ID
for file1
Recursive Three-Way Merge

Commit ID Commit ID
index.html
Commit ID
for file1
git switch master

git merge feature1
Recursive Three-Way Merge
This commit ID is for file2,
modified file1, and
Branch: master index.html
Commit ID
for Merge
Branch: feature1
Commit ID Commit ID
index.html
Commit ID
for file1
git switch master

git merge feature1
 feature1 merged into master

 Git will choose fast forward or three-way merge automatically
Delete Branch after Merge
This commit ID is for file2,
modified file1, and
Branch: master index.html
Commit ID
for Merge
Branch: feature1
Commit ID Commit ID
index.html
Commit ID
for file1
git branch –d feature1

Quiz!!

Commit ID Commit ID
index.html
Commit ID
for file1
git switch feature1

git branch feature2
o Which CommitID does feature2 branch look at?

o Where does the HEAD go?
Quiz Answer!!
Branch: feature2
Commit ID Commit ID
index.html
Commit ID
for file1
git switch feature1

git branch feature2
o Branches are just reference to CommitID

o New branch does NOT change HEAD unless switched
Alternate Method

Commit ID Commit ID
index.html
Commit ID
for file1
git branch feature2 feature1

git branch <new branch> <old branch to reference>
Alternate Method
Branch: feature2
Commit ID Commit ID
index.html
Commit ID
for file1
git branch feature2 feature1

git branch <new branch> <old branch to reference>
Linux Basic Commands
Raj Saha
cloudwithraj.com
Cloud With Raj

Basic Commands
● Change current working directory
● Display current working directory
● List files in the current directory except

hidden files

Basic Commands
● ls with long listing (still no hidden files)
● list all including hidden files (starts with .)

● Run “ls –al” for long listing

Basic Commands
● Set an environment variable
● Display the value of an argument

Basic Commands
● Make directory
● Move one directory up
● Join multiple commands with ;

Basic Commands
● Make multiple new directories
● Remove specific file or folder (Folder needs to be

empty)
● Remove files and directories
● Copy file to another folder
● Move file to another folder
● Move a directory to another directory

Linux File and User Commands
Raj Saha
cloudwithraj.com
Cloud With Raj

File Commands
● Create new blank file
● Code command in Visual Studio Code

creates new file and opens in IDE

File Commands
● Create new blank file
● Add content to the file (Note the redirect “>”

symbol)
● Press “Ctrl + D” to end input and save file
● Display content of the file
● Unfortunately, you have to use vi editor in most cases

User Commands
● Shows current user
● SSHs with username and IP
● Switch user

User Commands
● Don’t have root privileges
● Have super user do privileges to install packages

Calling API with Linux
Raj Saha
cloudwithraj.com
Cloud With Raj

Networking Commands
● Pinging an IP or domain

Networking Commands – API Endpoint
● Calling API endpoints

● Curl verbose
POST Method
● Postman
● Curl for POST

Vi Editor
Raj Saha
cloudwithraj.com
Cloud With Raj

AWS CLI
Raj Saha
cloudwithraj.com
Cloud With Raj

AWS CLI – What and Why
List/Create Create Provision

Amazon S3 buckets AWS Lambda Amazon Elastic Kubernetes
● AWS Command Line Interface is a unified tool to manage your AWS

services
● Run in command line
● Run in DevOps scripts
● Commands start with “aws” (e.g. aws s3 ls)
● Need to install AWS-CLI if not pre-installed

AWS CLI – Where to Run?
List/Create Create Provision

Amazon S3 buckets AWS Lambda Amazon Elastic Kubernetes
● Install AWS CLI in local IDE

● Cloud 9 Terminal
● AWS Cloud Shell (New)
● Any DevOps tool with AWS CLI installed

Finding Any AWS CLI Command
Raj Saha
cloudwithraj.com
Cloud With Raj

AWS CLI – Running Any AWS Commands
● https://docs.aws.amazon.com/cli/latest/reference/

AWS CLI – Set Up in Local
● https://docs.aws.amazon.com/cli/latest/reference/

AWS CLI – From DevOps Tool
AWS CLI using IAM creds

AWS CLI – From DevOps Tool
AWS CLI using IAM creds
AWS CLI using EC2 Role

Amazon EC2

Kubernetes Primer
Raj Saha
cloudwithraj.com
Cloud With Raj

Kubernetes Primer
Container – What and Why
What is Container Orchestrator
Enter Kubernetes!
Pods
Replicaset and Deployment
Ways to Spin Up Cluster
Intro to eksctl
Spin our Very First Kubernetes Cluster!

What is Docker
Container?
In The Beginning
Environment: Dev Environment: Test
Everything
working
great! I am
genius!
Code Code
Runtime Engine: Python 3.8 Runtime Engine: Python 3.6
import requests import requests

import kitchen-sink import kitchen-sink
Dependencies Dependencies
DNS Service Name DNS Service Name

Database connection Database connection
Configuration Configuration
In The Beginning
Environment: Dev Environment: Test Environment: Prod
Need to
change the
code. I guess
it’s okay.
Code Code Code
Runtime Engine: Python 3.8 Runtime Engine: Python 3.6 Runtime Engine: Python 2.7
import requests import requests import requests

import kitchen-sink import kitchen-sink import kitchen-sink
Dependencies Dependencies Dependencies
DNS Service Name DNS Service Name DNS Service Name

Database connection Database connection Database connection
Configuration Configuration Configuration

In The Beginning
Why did I
take this job
Code Code Code



Container
A container is an atomic, self contained package of software that includes

everything it needs to run (code, runtime, libraries, packages, etc.)
Docker Image Vs Container
Build Run
Docker Image Container

Container Image
The Big Picture
Amazon EKS
Dockerfile
Your App Repository
Dockerize Deploy Into
App Container Google Kubernetes Engine
Docker Image K8s Cluster
Docker Hub
K8s on EC2
……..
Elastic Container Registry Any other K8s Cluster
(ECR) Implementation
Virtual Machine Vs Container
VM
App 1 App 2 Container
Bins/Libs Bins/Libs App 1 App 2 App 3 App 4
Guest OS Guest OS Bins/Libs Bins/Libs Bins/Libs Bins/Libs

Hypervisor Docker
Host OS Host OS
Server (Host) Server (Host)
Advantages
Build Run
Runs reliably in any environment

Going Back to Our Sad Developer
Why did I
take this job
Code Code Code



Going Back to Our Sad Developer
Life is great
again!
Code
Runtime Engine: Python 3.8
import requests
import kitchen-sink Docker Image
Dependencies
Runs seamlessly in Dev, Test, Prod
DNS Service Name
Database connection
Configuration
Advantages
Build Run
Runs reliably in any environment
Better resource utilization

App isolation
Speed
Container Orchestration is SOLVED!
What is Container
Orchestrator??!!
What is Docker/Container?
● Docker packages software into standardized units called containers that have
everything your software needs to run including libraries, code and runtime
● Lets you quickly deploy and scale applications into any environment
What is Container Orchestrator?
How Does Docker Work?
Insert Video here

Draw a pentagon representations of 2 apps, color it different, then say it needs a host to
run, so we spin up EC2s, move the pentagons inside EC2.
EC2s are like hyenas, if you see one, other ones are nearby.
To make it Highly Available, you need another in Az

Then comes scaling, put it in ASG, to route traffic you need Load Balancer.
If one task fails then u need to spin up
Tasks Associated with Containers
● Deployment of Containers
● Redundancy and availability of Containers
● Scaling up or down of Containers
● Load Balancing
● Health Monitoring of Containers and Hosts
● Service Discovery
● And More...
Container Orchestrator
Say Hello to Container Orchestrators
● Docker Swarm
● Apache Mesos
● Cattle, Nomad, Empire
● AWS ECS (Elastic Container Service)
● Kubernetes
○ EKS (Elastic Container Service for Kubernetes)
● AWS Fargate
What is
Kubernetes?
(The most popular Container Orchestrator)
Working Backwards
Build Run

Your Application
Container Image
Kubernetes Architecture
Who Manages Nodes?
Control Plane manages, monitors,
plans, schedules nodes
Worker Nodes host Containers

Control Plane Components
Key Value Store for critical cluster info Ensures proper state of cluster components
Puts containers to proper nodes

Kubernetes Cluster State
Desired State: 3 Nodes

Current State: 2 Nodes
c-m brings one node up so current state = desired state
X
Who Specifies State?
Desired State: 6 Containers

Current State: 0 Containers
YOU
Manifest File
Run 6 copies of an container image
Who Specifies State?
Desired State: 6 Containers

Current State: 6 Containers
YOU
Manifest File
Run 6 copies of an container image
Gateway to Control Plane
Desired State Vs Current State
Exposes Kubernetes API

YOU
Manifest File
Do this on the cluster
Kubernetes Architecture
Puts containers to proper nodes Exposes Kubernetes API

What’s In Node?
Container Runtime Engine

Docker, Containerd, CRI-O, frakti
Control Plane - Node Communication
Status of the node and containers to

Control Plane
Container-Container Communication

Control Plane
Allows network communications

Putting it All Together
Puts containers to proper nodes Exposes Kubernetes API

Control Plane
Container Runtime Container Runtime Container Runtime
Allows network communications

K8s?!
Kubernetes
8 Letters
K8s
Pods
Pods
The Big Picture
K8 Cluster
Your App Repository

Dockerize Deploy
App Container
Docker Image
Docker Hub
Elastic Container Registry

(ECR)
NPC
K8 Cluster
NODE
POD
Container
● Smallest object you can create in Kubernetes

● Remember NPC (Node > Pod > Container)
Life of a Pod
NODE K8 Cluster
POD 10.15.25.215 POD 10.15.25.125 :80
App Container App Container Sidecar Container

Port 80 Port 1025
● One App Container per Pod

● Each POD has unique IP address
Sample Pods
10.16.10.01 Amazon EC2
Webserver
Nginx Nginx
10.16.48.53 10.16.93.80
Life Of A Simple Pod
10.16.10.01
Webserver
Nginx Nginx
10.16.48.53 10.16.93.80
10.18.10.21
Database
Redis Redis
10.18.32.61 10.18.16.23
Deployment
Deployment
+
Rolling Update
+
Replicaset
Pods In Real World
Webserver
Nginx:1.16 Nginx:1.16 Nginx:1.16

Deployment: Update of Container
Upgrade, Scale, Undo

Deployment: Manifest File
Manages pods with label environment:test
and manages replicaset defined within
Manages pods with label

environment:test

environment:test environment:test environment:test
K8 Deployment YAML + DEMO Manages pods with label environment:test
and manages replicaset defined within
Manages pods with label

environment:test

environment:test environment:test environment:test
Replicaset Restores Pods
Nginx:1.16 Nginx:1.16
X
Nginx:1.16 Nginx:1.16
Deployment Restores Replicaset
Deployment will restore replicaset with
running pods - super fast!
X
Deployment Rolling Update
Original New
Nginx:1.16 Nginx:1.16 Nginx:1.16 Nginx:1.17 Nginx:1.17 Nginx:1.17

Replicaset And Deployment Demo
● Implement Deployment
● Delete some stuff!
● Update Container Image via
Deployment
Ways To Spin Up EKS Cluster
AWS Console
CloudFormation
Amazon Elastic Container
AWS CLI
Service for Kubernetes
eksctl CLI
Learning Medium
AWS Console
CloudFormation
AWS CLI
eksctl CLI
Local PC AWS Cloud9 Amazon EC2

(Using AWS Creds) (Terminal) (Command Line)
Automation
AWS Console
CloudFormation
AWS CLI
eksctl CLI
DevOps Tools
What is eksctl?
● CLI tool for creating clusters on EKS
● Easier than console, for real!
● Abstracts lots of stuff - VPC, Subnet, Sec. Group etc.
using CloudFormation
eksctl create cluster Amazon Elastic Container

AWS Fargate (On EKS)

Available eksctl features (Only
Create, get, list and delete clusters
●
on EKS)
● Create, drain and delete nodegroups
● Scale a nodegroup
● Update a cluster
● Use custom AMIs
● Configure VPC Networking
● Configure access to API endpoints
● Support for GPU nodegroups
● Spot instances and mixed instances
● IAM Management and Add-on Policies
● List cluster Cloudformation stacks
● Install coredns
● Write kubeconfig file for a cluster
eksctl Commands
Command Brief Description
eksctl create cluster
Create EKS Cluster with one nodegroup containing 2
m5.large nodes
eksctl create cluster --name <name> --version 1.15 --node-type Create EKS Cluster with K8 version 1.15 with 2 t3.micro
t3.micro --nodes 2 nodes
eksctl create cluster --name <name> --version 1.15 --nodegroup-

Create EKS cluster with managed node group
name <nodegrpname> --node-type t3.micro --nodes 2 --managed
eksctl create cluster --name <name> --fargate

EKS Cluster with Fargate Profile
Jenkins – What and Why
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps Phases

• UI Testing
• Penetration

And More…
Continuous Integration (CI)


Jenkins is The Winner
Rest
23%
CircleCI
5%
Teamcity Jenkins
8% 64%
Source: https://www.datanyze.com/market-share/ci--319/jenkins-market-share
Why Jenkins?
● Open-source CI/CD tool for DevOps
● Started in 2004
● Package flexibility
● Run in your machine, on-prem, EC2, Docker, Fargate,
Kubernetes and more!
● Cloud agnostic
● Superior integration with numerous tools for all DevOps phases
● Vibrant community
● 1800+ plugins
● Easy to find quickstarts, workshops, and examples
● Extensive Q/A lists and documentation
● Enterprise offerings built on top
● Constantly evolving and progressing with technology

Jenkins and DevOps Job Market
● Average salary for Jenkins
● USA - $97K/Year
● India – 6.1 Lakh/Year
● Most DevOps job requires Jenkins
Salary Data:
https://www.payscale.com/research/US/Skill=Jenkins/Salary
https://www.upgrad.com/blog/jenkins-salary-in-india-for-freshers-experienced/
Job Info:
LinkedIn Jobs

Jenkins Setup on EC2
Raj Saha
cloudwithraj.com
Cloud With Raj

Install Jenkins on EC2
Amazon EC2
Jenkins
● All the demos will be under free tier

● Use t2.micro for EC2 instance type
● EKS has it’s own charge
● Require an AWS account

● Open for free - https://aws.amazon.com/

Optional: Jenkins Setup on Local
Raj Saha
cloudwithraj.com
Cloud With Raj

Install Jenkins on Docker
Jenkins Container Docker on Desktop

Image
● Require Docker on local machine
● Unable to do automatic GitHub integration
● Requires docker on docker for many use cases

● Prone to errors

Declarative vs Scripted Pipeline
Raj Saha
cloudwithraj.com
Cloud With Raj

Scripted Declarative
● Older way of writing pipeline ● Latest addition

● Ability to inject Groovy code ● Opinionated and streamlined syntax
● Harder to restart from a middle stage failures ● Easier to restart from a middle stage failure
● Harder to learn. Less number of examples available ● Easier to learn. Plenty of examples online
● Jenkins Blue Ocean help you write this
● Almost all modern CI/CD projects use this

Running Terraform from Jenkins
- Installation
Raj Saha
cloudwithraj.com
Cloud With Raj

Terraform + Jenkins SetUp
● Install terraform in Jenkins Agent
● Install terraform Jenkins Plugin
● Setup Path in Jenkins

● Agent must have appropriate IAM role

Running Terraform from Jenkins
- Provision Kubernetes Cluster
Raj Saha
cloudwithraj.com
Cloud With Raj

Terraform + EKS + Jenkins
● Terraform taken from official AWS EKS blueprints
● Require Helm
● What if Terraform/Helm errors due to version ?

● Agent must have appropriate IAM role

Building and Unit Testing Python
Code with Docker Agent
Raj Saha
cloudwithraj.com
Cloud With Raj

Building Testing Code on EC2
app.py
Amazon EC2
GitHub

Building Testing Code on EC2
• BUILD
• UNIT TEST
app.py app.py
Amazon EC2
GitHub EC2 needs to have
• Python installed
• Pytest installed
• Version sensitive

Building Testing Code on Docker Agent
app.py app.py
Amazon EC2
GitHub

Docker Agent • Build Container
• Proper python installed
app.py
• Test Container
• Pytest installed
app.py app.py
Amazon EC2
GitHub EC2 only needs Docker
installed

Triggering Downstream Jobs
Raj Saha
cloudwithraj.com
Cloud With Raj

Pass Parameters
JobA JobB

Pass Parameters Update
Build & Save
Kubernetes
Container Image
Manifest

Pass Parameters
Samplepipelinejob2 Downstreamjob

Jenkinsfile – What and Why
Raj Saha
cloudwithraj.com
Cloud With Raj

I have mastered
Jenkins console
with plugins!!
CICDJOB_UAT

Can you create
the same job
for ALL our
environments? Ugh, that’s lot of
manual work
CICDJOB_UAT
CICDJOB_STAGE
CICDJOB_PROD

This is beautiful!
CICDJOB_UAT
�� ð ��
CICDJOB_STAGE
CICDJOB_PROD

Jenkinsfile
● Jenkinsfile is pipeline as code for Jenkins job
● Like infrastructure as code
● Review like code
● Can be kept in Git repo (Best practice)
● Version controlled and rollback
● Audit trail
● Single source of truth for the pipeline
● Reduce human error for replicating Jenkins jobs

Jenkinsfile – Structure &
Required Fields
Raj Saha
cloudwithraj.com
Cloud With Raj

● JSON (Groovy Syntax)
● NO NEED TO LEARN GROOVY!
● agent – where to execute

● JSON (Groovy Syntax)
● No need to learn Groovy
● agent – where to execute
● Create as many “stage” as required
● All executable command goes in
“steps”

● DEMO THIS

Our Very First Jenkinsfile!
Raj Saha
cloudwithraj.com
Cloud With Raj

Jenkins Permission!
Raj Saha
cloudwithraj.com
Cloud With Raj

Let’s Write a Jenkinsfile!
● Copy (Checkout!) a GitHub repo
● Display the readme file from the repo
● Display list of S3 buckets
● Execute “aws s3 ls”
● The “agent” must have the required software/installed
with proper credentials
● AWS CLI Installed + Appropriate EC2 role

Writing Jenkinsfile – Easy Way!
Raj Saha
cloudwithraj.com
Cloud With Raj

Let’s Write a Jenkinsfile!
● Copy (Checkout!) a GitHub repo
● Display the readme file from the repo
● Display list of S3 buckets
● Execute “aws s3 ls”
● The “agent” must have the required software/installed
with proper credentials
● AWS CLI Installed + Appropriate EC2 role

Writing Jenkinsfile – Post
Raj Saha
cloudwithraj.com
Cloud With Raj

Jenkinsfile Post Section
● Run additional steps at the end of pipeline or stage

● Not a required field
● Used to handle failure conditions
● Supports different conditions

Jenkinsfile Post Conditions

Build and Push Container
Images
Raj Saha
cloudwithraj.com
Cloud With Raj

Docker Build and Push Flow
Code
docker build
Container Image
(in Jenkins Agent)
Dockerfile
Code
docker build docker push

Container Image Container Image
(in Jenkins Agent) Repo
Dockerfile
Code
docker build docker login

Container Image
(in Jenkins Agent) docker push Container
Repo
Image
docker logout
Dockerfile
Execute Lambda (or ANY AWS
Service!) from Jenkins
Raj Saha
cloudwithraj.com
Cloud With Raj

Steps to Execute Any AWS Service from Jenkins
● Find out the AWS CLI command

● Attach necessary policy to the Jenkins agent
● Use appropriate CLI command in the Jenkinsfile
● Gather response

GitHub Webhook
Raj Saha
cloudwithraj.com
Cloud With Raj
Branch: main
Modified file1
Calling API
Invoke GitHub API

every few minutes
Branch: main
Modified file1
• Most of the times API will return stagnant data

• GitHub server will be bombarded
• Apps will exceed API limits
Webhook
Webhook to notify
Jenkins
Branch: main
Modified file1
• GitHub will do a POST call to your app if repo changes

• Lightweight
• Realtime
Implementation
Webhook
Branch: main
Modified file1
All DevOps Tool

Deploy to EKS using GitOps
and Jenkins
Raj Saha
cloudwithraj.com
Cloud With Raj

The good old DevOps

CI/CD Flow for Kubernetes
CodeBuild Pushes Image
Code Repo Build Docker
Container 3
Image
1 2 Amazon ECR
GitHub
Dockerfile Buildspec deploys image
Manifest
Developer AWS CodeBuild
4
AWS CodeCommit
Amazon EKS
1 2 3 CI
4 CD

What if things go
WRONG!!??

I am more of a
cat person
X
kubectl apply -f
Hands-on guy
with access to live Amazon EKS
cluster

How would you go back
to stable previous
state??

Re-Run CD CodeBuild Pushes Image
Container 3
Image
1 2 Amazon ECR
GitHub
Buildspec deploys image
4
AWS CodeCommit
Amazon EKS
BUT
• ONLY AFTER SOMEONE DETECTS SOMETHING IS AMISS
• Re-running CD components is tedious, sometimes manual and error prone

Hence GitOps were
born!

CI/CD Flow for EKS (Push)
Container 3
Image
1 2 Amazon ECR
GitHub
Buildspec deploys image
4
AWS CodeCommit
Amazon EKS
1 2 3 CI
4 CD

GitOps (Push + Pull)
Container
Image
1 2 3
Dockerfile GitHub
Manifest
Developer AWS CodeBuild Amazon ECR
AWS CodeCommit K8s constantly checks with repo (Git)

and keeps in sync
Amazon EKS
1 2 3 CI
4 CD

The Cat Man is Back
CI
Code Repo I am more of a
cat person
GitHub
GitOps Tool
Amazon ECR
X
Manifest/Helm
Amazon EKS
1. Deviates from desired state defined in Git
2. Flux immediately reverts to state defined in
manifest files in Git
3. Sends alert to appropriate team with trails
4. Remove unnecessary access, only GitOps can
make changes

Not Just Git!
Build Docker CodeBuild Pushes Image

Container
Code Repo Image
Amazon ECR
AWS CodeBuild
Gitops
AWS CodeCommit GitHub
Amazon EKS

Changing Manifest
Code Repo
Amazon ECR
Changes the container
image in a deployment
GitHub
Manifest/Helm
Amazon EKS
1. Deviates from desired state defined in Git
2. Flux modify the manifest file in Git and update the
container image
3. Only advisable in Development, NOT in Staging or
Prod

GitOps Flow
app.py
GitHub

GitOps Flow
Job - buildimage test:10
Build Docker
2 Container Image
Repo - kubernetescode
app.py
1
GitHub
Repo - kubernetesmanifest
deployment.yaml
GitOps Flow
Build Docker
2 Container Image
app.py
3
Job - updatemanifest
test:10
Updates image in
deployment.yaml
1
GitHub
Deploys
deployment.yaml
Gitops
4
deployment.yaml
(references test:10)
GitOps Flow
Job - buildimage
test:11
test:10
Build Docker
2 Container Image
app.py
3
test:11
test:10
Updates image in
deployment.yaml
1
GitHub
Deploys
deployment.yaml
Gitops
4
deployment.yaml
test:11)
Traditional DevOps
Build Docker
2 Container Image
app.py
3
test:11
Updates image in
deployment.yaml
1 4
GitHub
deployment.yaml
test:11)
GitOps Flow
Build Docker
2 Container Image
app.py
3
test:11
Updates image in
deployment.yaml
1
GitHub
Deploys
deployment.yaml
Gitops
4
deployment.yaml
test:11)
In Summary
• Periodically syncs the running cluster with
the desired state in Git Repo
• Works with both vanilla manifest files or
Helm charts
• Reduced learning curve than DevOps
GitHub • Increased security
• CI (Developer) and CD (Ops) permissions
are separated
• Less number of components
• GitOps doesn’t mean getting rid of DevOps

Jenkins with Ansible

High Level Flow
Amazon EC2
GitHub
index.html

High Level Flow
Amazon EC2
GitHub

High Level Flow
Amazon EC2
GitHub

High Level Flow
Amazon EC2
GitHub

Encrypting Secrets with KMS
● Specify during EKS cluster creation time
● There is a cost associated with it
https://aws.amazon.com/blogs/containers/using-eks-encryption-provider-support-for-defense-in-depth/

DevOps Interview Q/A - Basic
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps Basic Questions
1. What is DevOps?
2. Mention some benefits of DevOps
3. How does DevOps help Microservice based projects?
4. What is the cultural change of DevOps?
5. Can you explain DevOps phases/flow?
6. Can you name some tools for each phase?
7. What is CI? What is CD?
8. What is the difference between Continuous Delivery and Continuous
Deployment?
9. Name a tool to monitor Kubernetes
10. What is Infrastructure as Code?
11. Name some benefits of IaC
12. What are the sequence of commands to run Terraform?
13. What is CloudFormation?
14. What is Jenkins?
DevOps Basic Questions – contd.
15. What are the types of Jenkins pipelines?
16. What is a Jenkins multibranch pipeline? When would you use it?
17. What are Jenkins plugins?
18. Name some of the plugins you have used with Jenkins
19. What is Jenkinsfile?
20. How do you set up a Jenkins job?
21. What are parameters in Jenkins?
22. What is a pipeline trigger?
23. How would you clone a git repository via Jenkins?
24. Jenkinsfile components:
• Agent
• Node
• Post actions
• etc.
DevOps Interview Q/A - Moderate
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps Moderate Questions
1. Mention some challenges of DevOps. How would you solve them?
2. Can you explain me the automated flow of provisioning AWS resources?
3. Do you recommend CloudFormation or Terraform? Why?
4. How can you perform automated testing in DevOps?
5. What is Jenkins agent? Give me some examples of different agents
6. How do you store credentials in Jenkins securely?
7. What are some ways to trigger a Jenkins job?
8. I want to trigger my Jenkins job as soon as I check in my code in GitHub. How
can you achieve that?
9. How will you pass values from one Jenkins job to another?
10. Tell me some examples of Jenkins environment variables
11. What is Jenkins post section? In which cases should I use it?
12. What is the difference between Jenkinsfile and CloudFormation(or Terraform)?
13. Explain the workflow to provision a Kubernetes cluster
14. Explain how will you implement a microservice to Kubernetes cluster using a
pipeline
DevOps Moderate Questions
15. What is the easiest way to convert a Jenkins scripted job to Pipeline job?
16. What is the difference between Jenkins DSL and Pipeline?
17. Can you tell me components of a Jenkinsfile?
18. How will you troubleshoot a failed Jenkins job?
19. How do you define and pass parameters from one Jenkins job to another?
20. How to create a backup copy of the files for your Jenkins?
21. How will you implement manual approval in a Jenkins pipeline?
22. What is GitOps? What are the advantages of GitOps?
DevOps Interview Q/A - Advanced
Raj Saha
cloudwithraj.com
Cloud With Raj

DevOps Advanced Questions
1. What DevOps tool have you used extensively? Tell me some challenges you
have faced with it.
2. How does Jenkins fit into a cloud computing environment? Explain with an
example
3. Why use CloudFormation when you can directly call AWS APIs from Jenkinsfile
to provision AWS resources?
4. How do you implement security in your DevOps pipeline?
5. What is the advantage of using Docker agents instead of EC2?
6. How will you migrate a traditional organization to DevOps?
Adopting DevOps
• Select a proof of concept
• Not a critical project
• Representative of the workloads
• Establish DevOps center of excellence

• Standardize tools and best practices
• Scale
• Educate people about process, and technology
• Process – cost control, incident management, securing workload
• Technology – Infra as code, CI/CD, Container orchestration
• Mass migration

Raj Saha Cloud With Raj: Instructor Bio

Uploaded by

Copyright:

Available Formats

Raj Saha Cloud With Raj: Instructor Bio

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Raj Saha Cloud With Raj: Instructor Bio

Uploaded by

Copyright:

Available Formats

Raj Saha

Jenkins – Basics to Advanced with Use Case Demos

DevOps Interview Q/A

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

store/buy API Monolith

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

● Microservices require frequent implementation

Copyright © Rajdeep Saha - All Rights Reserved

Check-in Build Deploy Test Deploy

Hours/Days + Lot of Grief for Developer & Operations

Copyright © Rajdeep Saha - All Rights Reserved

Check-in Build Deploy Test Deploy

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

● Development and Operations teams are no longer “siloed”

Copyright © Rajdeep Saha - All Rights Reserved

Check-in Build Deploy Test Deploy

Copyright © Rajdeep Saha - All Rights Reserved

Automated End to End

Check-in Build Deploy Test Deploy

● Whole flow done in seconds!

Copyright © Rajdeep Saha - All Rights Reserved

Automated End to End

Check-in Build Deploy Test Deploy

Rollback to Previous Version

Copyright © Rajdeep Saha - All Rights Reserved

● Deploy frequently rather than one mega deployment in months

● Codify every step - infrastructure, application and more

● Rome was not built in a day!

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Technical benefits Cultural benefits

Copyright © Rajdeep Saha - All Rights Reserved

Can you do this on a repeatable reliable basis?

DevOps Vs Non-Devops organizations:

4x 24x 200x 44%

Source: Puppet State of DevOps Report

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Copyright © Rajdeep Saha - All Rights Reserved

Automated End to End

Check-in Build Deploy Test Deploy

Copyright © Rajdeep Saha - All Rights Reserved

AUTHOR SOURCE BUILD TEST DEPLOY MONITOR

Copyright © Rajdeep Saha - All Rights Reserved

AUTHOR SOURCE BUILD TEST DEPLOY MONITOR