DevOps(Day-39) : Jenkins Interview Questions (Part-2)

 

    1. How to create a continuous deployment in Jenkins?

      • First, create a pipeline for your application and set up the environment.

      • Provide the necessary build stages with steps.

      • Configure the webhook on GitHub.

      • Make sure to make the enable the Git hook in Jenkins configure section.

      • Now when any changes are made in the code the build automatically gets triggered to build and deploy the code.

    2. How build a job in Jenkins?

      • Log in to the Jenkins dashboard and navigate to create a new item.

      • create a freestyle project or pipeline for your application.

      • Configure the specifications of the project by enabling features.

      • Write the appropriate groovy or shell script required to run the project.

      • Click on Save and then build now.

    3. Why do we use pipelines in Jenkins?

      It is a combination of plugins that supports the integration and implementation of continuous delivery pipelines. It has an extensible automation server to create simple and complex delivery pipelines as code. A Pipeline is a group of events interlinked with each other in a sequence.

    4. Is only Jenkins enough for automation?

      No, many tools need to be configured to have smooth automation in DevOps.

      Jenkins puts focus only on automating the project pipeline from building a code to deploying a code. But, in order to have fully automation there are tools like Ansible, Terraform, Chef,etc.

    5. How will you handle secrets?

      1. One-Time Passwords (OTPs)
      One-time passwords help prevent user account takeovers by ensuring that a username-password combination can not be used more than once. While the account retains the username throughout, the user is sent an OTP every time they log in. This keeps Jenkins administrators’ and users’ accounts safe, preventing secrets from being exposed to unwanted individuals.

      2. Avoid Hard-Coding Secrets
      Remove any secrets that have been hardcoded into CI/CD configuration and Jenkins files. This keeps sensitive credential information away from the pipeline, making it inaccessible to malicious actors.

      3. Reduce Attack Surface by Storing Secrets in Multiple Jenkins Files
      Storing secrets in multiple files helps enforce the principle of least exposure for credentials. This makes credentials available to the minimum number of applications and users possible.

      4. Use Authorization Controls to Manage Secrets Permissions
      Developer teams should configure security checks to ensure the application requesting resource access has the properties of a valid application. These applications should be able to access various resources based on permissions assigned in RBAC policies.

      5. Follow the Principle of Least Privilege
      Only grant permissions to applications that absolutely need access to secrets within the pipeline. Teams should consistently audit permissions to maintain the principle of least privilege throughout the pipeline’s lifecycle.

    6. Explain diff stages in CI-CD setup.

      • Source Code Management: GitHub needs to be integrated with Jenkins or any CI-CD tool to fetch the source code from a remote repository.

      • Build steps: The shell commands or the Groovy pipeline code are written to build the code. For example, this can be used to create docker images.

      • Test: Some automated tests are run to check if the code is meeting the requirement.

      • Deploy: If the code passes all test cases it is deployed to Production.

      • Monitoring: To check the health status of the instance or the application some monitoring tools are used like Grafana, Prometheus, etc. This would help to determine the issue which can be fixed quickly.

    7. Name some of the plugins in Jenkins.

      • Git Plugin

      • Docker plugin

      • Docker-compose plugin

      • Kubernetes plugin

      • Ansible Plugin

      • GitHub Plugin

Thanks for reading my article. Have a nice day.

Comments

Post a Comment

Popular posts from this blog

DevOps(Day-97): Meta-Arguments in Terraform

Image
  TABLE OF CONTENTS Write about meta-arguments and their use in Terraform. Task-01: Meta-Arguments HandsOn Count for-each When you define a resource block in Terraform, by default, this specifies one resource that will be created. To manage several of the same resources, you can use either count or for_each, which removes the need to write a separate block of code for each one. Using these options reduces overhead and makes your code neater. count is what is known as a ‘meta-argument’ defined by the Terraform language. Meta-arguments help achieve certain requirements within the resource block. Write about meta-arguments and their use in Terraform. Meta-arguments in Terraform refer to a set of special arguments that can be used to define how a particular resource or module behaves within a Terraform configuration. These arguments provide additional configuration options and enable fine-grained control over the behaviour of resources or modules. Meta-arguments are prefixed with the...
Read more

DevOps(Day-95): Auto Scaling with Terraform

Image
  TABLE OF CONTENTS Understanding Scaling Pre-requisites Task 1: Create an Auto Scaling Group Task 2: Test Scaling Yesterday, we learned how to AWS S3 Bucket with Terraform. Today, we will see how to scale our infrastructure with Terraform. Understanding Scaling Scaling is the process of adding or removing resources to match the changing demands of your application. As your application grows, you will need to add more resources to handle the increased load. And as the load decreases, you can remove the extra resources to save costs. Terraform makes it easy to scale your infrastructure by providing a declarative way to define your resources. You can define the number of resources you need and Terraform will automatically create or destroy the resources as needed. Pre-requisites Create a  terraform.tf  file declaring the providers to be installed in the system according to the resources required. Create a  provider.tf  file to declare the region. Create a  vp...
Read more

DevOps (Day-1) Introduction

Image
  TABLE OF CONTENTS Infrastructure Automation Why DevOps is Important? What is DevOps? As the name indicates:- Dev + Ops = Development + Operations. Development i) Backend Developers ii) Front-end Developers iii) QA Operations i) System admins ii) Network admins iii) Database admins The practice of operations and development engineers participating together in the entire service lifecycle through a pipeline from design through the development process to production support. This process is known as DevOps. This is a process of automating the whole infrastructure. Now here comes a query, what are we automating? We are automating the whole team's work from the code-building stage to code deployment. Scenario 1:- In a company, there is a project in which developers are writing the code and deploying it to the QA environment frequently for each sprint. This code is then tested by the testing team. Suppose there is a situation of mishap happens where the testing team used the older code ...
Read more