devops1

Question 1

Difference between Ansible Playbook and Role

Answer 1

Role is a set of tasks and additional files to configure host to serve for a certain role. Playbook is a mapping between hosts and roles.

Question 2

how do you get a list of all the variables available on a remote machine in ansible

Answer 2

Ansible -m setup

Question 3

how do you check all the inventory variables for a host in ansible

Answer 3

Ansible -m debug- a “var=hostvars[‘hostname’]” localhost

Question 4

how do you test connectivity with all the hosts in your hostfile in ansible

Answer 4

Ansible - m ping all

Question 5

How do you make Ansible code reusable

Answer 5

by using roles

Question 6

How do you create an Ansible Role file structure

Answer 6

ansible-galaxy init azavea.packer

Question 7

how to syntax check an ansible file

Answer 7

ansible-playbook –syntax-check buildmachine.yml

Question 8

how do you call an ansible handler

Answer 8

(handler are used to restart services and do other things when another action is performed.) with a notify: - restart memcached - restart apache

Question 9

list hosts effected by a playbook

Answer 9

ansible-playbook playbook.yml –list-hosts

Question 10

In terraform how do you include a module

Answer 10

Inside a resource you run: user_data = “${element(data.template_file.userdata01.*.rendered, count.index)}” and then you have a data section to render the template with variables data “template_file” “userdata01” { count = “${var.instanceCount}” template = “${file(“${path.module}/templates/cloud.tpl”)}” vars { cluster = “${var.cluster}” env = “${var.env}” fqdn = “${format(“${var.serverFunction}-${var.cluster}-%02d.${var.env}.inteliquent.net”, count.index+1)}” hostname = “${format(“${var.serverFunction}-${var.cluster}-%02d”, count.index+1)}” saltRoles = “${var.saltRoles}” serverFunction = “${var.serverFunction}” } }

Question 11

Limit memory on a docker container

Answer 11

docker run -m=4m limit it to 4meg

Question 12

Limit cpu on a docker containers

Answer 12

docker run -cpus=1.5

Question 13

Write a Docker file that uses ubuntu and runs ping www.google.com

Answer 13

FROM ubuntu

run “ping www.google.com”

Question 14

What is the difference between a docker container and a image?

Answer 14

An instance of an image is called a container. You have an image, which is a set of layers as you describe. If you start this image, you have a running container of this image. You can have many running containers of the same image.

You can see all your images with docker images whereas you can see your running containers with docker ps (and you can see all containers with docker ps -a).

So a running instance of an image is a container.

Question 15

how to do you clean unused docker stuff

Answer 15

docker system prune -a

Question 16

Configure iptables to allow all traffic

Answer 16

iptables –policy INPUT ACCEPT
iptables –policy OUTPUT ACCEPT
iptables –policy FORWARD ACCEPT

Question 17

configure iptables to drop all traffic

Answer 17

iptables –policy INPUT DROP
iptables –policy OUTPUT DROP
iptables –policy FORWARD DROP

Question 18

Configure iptables to block incoming connections from 10.10.10.10

Answer 18

iptables -A INPUT -s 10.10.10.10 -j DROP

Question 19

Configur iptables to drop traffic from the 10.10.10.0/24 network

Answer 19

iptables -A INPUT -s 10.10.10.0/24 -j DROP

or

iptables -A INPUT -s 10.10.10.0/255.255.255.0 -j DROP

Question 20

configure iptables to inbound ssh but disable outbound ssh (alothough allow ssh outbound if it’s from a inbound connection)

Answer 20

iptables -A INPUT -p tcp –dport ssh -s 10.10.10.10 -m state –state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p tcp –sport 22 -d 10.10.10.10 -m state –state ESTABLISHED -j ACCEPT

Question 21

configure iptables to drop ssh connection from 10.10.10.10

Answer 21

iptables -A INPUT -p tcp –dport ssh -s 10.10.10.10 -j DROP

Question 22

iptables list rules with line numbers

Answer 22

iptables -L -n –line-numbers

Question 23

Delete an iptables rule with it’s line number

Answer 23

iptables -D INPUT 2

Question 24

Insert a rule at the top of the chain in iptables

Answer 24

iptables -I INPUT 1 -s 59.45.175.10 -j ACCEPT

Question 25

Iptables drop multiple ports from a network range

Answer 25

iptables -A INPUT -p tcp -m multiport –dports 22,5901 -s 59.45.175.0/24 -j DROP

Question 26

configure iptables to only allow ports 22,80 and 443

Answer 26

iptables -A INPUT -p tcp -m multiport ! –dports 22,80,443 -j DROP

Question 27

Create a iptables custom chain called ssh-rules and add configure it to be in the main input chain.

Answer 27

iptables -N ssh-rules

iptables -A ssh-rules -s 18.130.0.0/16 -j ACCEPT

iptables -A ssh-rules -s 18.11.0.0/16 -j ACCEPT

iptables -A ssh-rules -j DROP

iptables -A INPUT -p tcp -m tcp –dport 22 -j ssh-rules

Question 28

make iptables persistant in centos/rhel

Answer 28

sudo yum install iptables-services

Question 29

make iptables persistant in ubuntu

Answer 29

sudo apt install iptables-persistent