SRE/DevOps Interview Questions — Tooling — Part 1

In continuation of my previous blog [SRE/DevOps Interview Questions — Linux Troubleshooting], this blog I will try to focus on the Tooling (at least a few of them) and provide handy details about frequent questions and resources.

Tools and Tooling

For any DevOps or SRE Team, Tools and Tooling are very important. Though it is not a deal-breaker if you haven’t worked with some specific tools, there are some universal ones which pretty much everybody expects you to be familiar with.

Source Control (Git)

Git has dominated source control management in the industry and is used almost everywhere. Here are some of the questions I have been asked or I have asked:

• Difference between git fetch and git pull? (Explanation)
• Fork or Branch? Which? and Why? (Explanation)
• What is git reflog used for? (Explanation)
• Explain git squash and why would one use it? (Explanation)
• How do you perform Garbage Collection in git? (Explanation)
• How to perform cherry-pick with git? (Explanation)
• How to use git bisect? (Explanation)
• Find the list of files changed in a particular git commit? (Explanation)
• What are git submodules and how to keep them in sync? (Explanation)
• Explain git lfs? (Explanation)
• What are Git Hooks? Pre-commit and Post-commit hooks? (Good Read)

Containers (Docker)

Docker has dominated the container world as we speak, though there are other alternatives like Podman and Containerd. However, mostly people use docker, so I am going to share some commonly and frequently asked questions.

• What is Docker BuildKit? (Explanation)
• What is Docker multi-stage build and why bother? (Explanation)
• Explain what is /var/run/docker.sock? (Explanation)
• How to run a container without using the docker command? (Explanation)
• How to change Docker API Version forcefully? (Explanation)
• How to get low-level information of a Docker object? (Explanation)
• Have you used the escape directive in Dockerfile? (Explanation)
• Explain CMD vs ENTRYPOINT? (Explanation)
• How will you run something only at the building stage? (Explanation)
• How to audit your docker image for vulnerabilities locally? (Explanation)
• How to make changes in dockerd daemon? (Explanation)

How do you Increase your Docker IP space?

Add the following to /etc/docker/daemon.json:

{
  "default-address-pools": [
    { "base": "172.20.0.0/16", "size": 24 },
    { "base": "172.21.0.0/16", "size": 24 }
  ]
}

How to change default ulimits for docker daemon?

Add the following in /etc/docker/daemon.json:

{
  "default-ulimits": {
    "nofile": {
      "Hard": 1024000,
      "Name": "nofile",
      "Soft": 1024000
    }
  }
}

Note: Kubernetes is a very vast topic and questions are also very frequent. I will have a separate blog for the same in future.

Infrastructure as Code (Terraform)

By now you all already know that I love terraform. Here are some of the questions I have been asked in interviews or I have asked:

Explain Terraform request flow in detail? (Explanation)

• How does terraform communicate with Providers? (Explanation)
• How to enable Providers or specific Provider logs? (Explanation)
• Advantages of using -replace instead of taint? (Explanation)
• How do you change provider in state file? (Explanation)
• How to get provider schema without looking at the code? (Explanation)
• Does terraform support parallelism? (Explanation)
• Explain .terraform.lock.hcl and its use? (Explanation)
• Explain .terraformrc file and how does it help? (Explanation)
• How do you tell terraform to ignore certain changes? (Explanation)
• What is the default way to provide overrides to terraform? (Explanation)
• Can source parameter in module be templatized? (Explanation)

This value must be a literal string with no template sequences; arbitrary expressions are not allowed.

• When should we use count vs for_each? (Explanation)
• Can module with provider block use count? (Explanation)
• What happens if you try to read resource with data block before it has been created? (Explanation)
• Can you define a variable which could be null in value? (Explanation)

Configuration Management (Chef)

Chef has been the de-facto for configuration management at-least for me in my career. So let me put some frequents for chef here.

• Explain Chef Attribute’s precedence hierarchy? (Explanation)
• Can certain attributes be denied for persistence? (Explanation)
• What are types of attributes? (Explanation)
• What is ohai and what information it collects, if any? (Explanation)
• What is Policyfile & how it is different from Berksfile? (Explanation)
• Why one should be caution of gem in metadata.rb? (Explanation)

Do not install native gems with the gem setting in metadata.rb. The gem setting is not a general purpose replacement for the chef_gem resource, and does not internally re-use the chef_gem resource.

• How to fetch specific version of cookbook as dependency from GitHub or Internal Source control? (Explanation)

cookbook 'chef-ingredient', git: 'https://github.com/chef-cookbooks/chef-ingredient.git', tag: 'v0.12.0'

• How to install package based on platform? (Explanation)

package_name = value_for_platform(
  ['centos', 'redhat', 'suse', 'fedora' ] => {
    'default' => 'httpd'
  },
  ['ubuntu', 'debian'] => {
    'default' => 'apache2'
  }
)

• How to check what Cloud your node is running? (Explanation)
• How do you send an email or alert if converge fails? (Explanation)

Trick Question: How do you provide Chef Credentials to Terraform chef provider? Export using following Env Variables CHEF_CLIENT_NAME and CHEF_KEY_MATERIAL.

Ok I think I will continue this on subsequent blog, as this one is getting little lengthy… Stay Tuned!!

Happy Interviewing and Best of luck!!