part2 Flashcards
what is remote-exec in terraform and when will you use it ?
the remote exec provisioner invokes a script on a remote resource after it is created, it allows you to run scripts directly on the remote resource using ssh or WinRM
your development team needs your help to monitor the API endpoint, which http response would you monitor and when will you trigger the alert ?
first i will make sure i have a good understanding of HTTP response codes, then i will write a script that will alert if the code exceeds a threshold. eg 400 is for client errors and 500 for server errors.
can you have a docker container as a Jenkins agent ?
yes, it is is one of the best approaches when you have a multi node Jenkins setup, because it provides isolation, scalability, and easy management of build environments.
what are some ways in which you have set up alerting ?
in the past i have used Prometheus and alert manager, if there are any issues with the application we get an email and phone call right away. In AWS i have used cloud watch and SNS
which helm repository do you use to store and access helm charts ?
Based on my experience, the choice of a Helm repository to store and access Helm charts depends on the specific use case, infrastructure, and organizational preferences. I’ve worked with Nexus(I’ve used it in scenarios where access control, versioning, and artifact lifecycle management are critical.), JFrog Artifactory, and AWS S3(especially when cost and simplicity are key), each of which has unique advantages for managing Helm repositories.
how do you add a new worker node to a Jenkins master node ?
Go to Manage Jenkins > Manage Nodes and Clouds click new node, provide a name and set up connection methos ie ssh or other, test the connection to ensure its working
explain how you would block an IAM user from accessing a specific s3 bucket.
To block an IAM user from accessing a specific S3 bucket, first i will make sure i have permissions to that bucket policy then i will an explicit deny in the S3 bucket policy using the user’s arn. It is difficult to do this in IAM
what is multi architecture docker image builds ?
Multi-architecture Docker image builds allow you to create Docker images that work on multiple CPU architectures, such as x86_64, ARM64, or ARMv7, from a single build process. These images include binaries compatible with the target architectures and enable your application to run seamlessly on different hardware platforms. i haven’t come across it in any project yet but i have read about it
you encounter a docker image 2.7GB is that a problem ?
A 2.7GB Docker image can be a problem depending on the use case and context.
- Large images take longer to download
- Consumes more disk space
- Autoscaling environments (e.g., Kubernetes) may struggle if nodes take too long to pull large images
For applications requiring large datasets, machine learning models, or extensive dependencies, a large image may be justified.
- Use smaller base images (e.g., alpine instead of ubuntu).
what is pv and pvc what role do they play ?
Persistent Volume (PV) and Persistent Volume Claim (PVC) are concepts in Kubernetes used for managing storage.
- PV: A piece of storage provisioned in the cluster, either dynamically or statically, by an administrator. It is a resource like CPU or memory.
- PVC: A request made by a pod for storage. It specifies the size, access mode (e.g., ReadWriteOnce), and other requirements.