531 Final Kettles

Which IT group featured in this chapter does NOT benefit from releasing new software? A. DBAs B. Software developers C. Operations Staff D. Data Center Engineers

C. Operations Staff (They then have to deal with outages and issues)

Which of the following is an innovation that most directly supports DevOps? A. SCRUM B. Lean Software Development C. Infrastructure As Code D. Cloud Computing E. Retrospectives

C. Infrastructure As Code

Only AWS has a service that supports Infrastructure as Code? A. True B. False

B. False

Which of the following is required in a CloudFormation template? A. Parameters B. Mappings C. Conditions D. Outputs E. None of the Above

E. None of the Above (Resources is required)

Which language can you use for creating CloudFormation templates? A. CloudFormation template language (CTL) B. JSON C. Python D. JavaScript

B. JSON (and YAML)

Which is not one of the steps in a code pipeline? A. Planning B. Coding C. Building D. Configuration E. Testing F. Deployment

D Configuration

This term means that software is deployed to production as soon as it passes automated tests A. Continuous Delivery B. Constant Delivery C. Continuous Integration D. Continuous Deployment

D. Continuous Deployment (Continuous Deployment automates production releases.
Continuous Delivery prepares code for release but requires manual deployment.
Continuous Integration ensures frequent and reliable merging and testing of code changes.)

A synonym for code pipeline is A. Continuous Integration/Continuous Delivery Pipeline B. Continuous Compilation/Continuous Delivery Pipeline C. Continuous Integration/Testing Pipeline D. Continuous Integration Pipeline E. Continuous Deployment Pipeline F. DevOps Pipeline

A. Continuous Integration/Continuous Delivery Pipeline

With blue/green deployment, changes to an environment are rolled out in increments until an entire fleet of servers is updated. True or False

False

Which type of deployment involves releasing software in waves, with more and more instances getting the new software in each wave? A. Canary Testing B. A/B Testing C. Rolling Deployment D. Blue/Green Deployment E. Big Bang Deployment

C. Rolling Deployment

Who is most responsible for the majority of the software found on a typical Linux machine (i.e. the GNU project software)? A. Bill Gates B. Steve Jobs C. Linus Torvalds D. Richard Stallman

D. Richard Stallman

You can configure a Windows server computer so that a desktop GUI is not installed or running True or False

True

Which is NOT a common daily task for a systems administrator? A. Creating and modifying scripts that run at selected intervals B. Checking hard drive utilization C. Adding new services/program D. Tracking all systems changes E. Deploying custom applications written by developers F. None of the above (they do all of those things)

F. None of the above (they do all of those things)

Which of the following is NOT one of the folders in the root directory of Amazon Linux? A. bin B. etc C. root D. home E. program files F. var G. sbin

E. program files

If the file permissions for a particular resource were '-rwxrw----', which of the following statements is true? A. The file owner cannot write to the file B. The resource is a directory C. The world users can read the file D. The world users can not write to the file E. The group users can not write the file F. The group users can not read the file

D. The world users can not write to the file (r = 4, w = 2, x = 1, and - = 0. 760 Owner, Group, Others)

If all of the code for an application you are developing can be deployed by copying and pasting the contents of a single folder, which type of architecture are you using? A. Microservices B. Monolithic

B. Monolithic

Which is a feature of a software container? A. Uses all of a computer's compute resources B. Solves the problem of deploying an application as a monolithic application C. Solves the problem of having an application ship with its environment dependencies

C. Solves the problem of having an application ship with its environment dependencies

A container is sometimes called operating system virtualization True or False

True

Software containers are an innovation that Windows experts have been leveraging since the early 70s. True or False

False (Software containers, as they are known today, are a relatively modern innovation, emerging prominently in the 2010s with tools like Docker. While the concept of isolating processes dates back to the 1970s (e.g., with chroot in Unix, introduced in 1979), these early techniques were not considered "containers" in the modern sense.)

Docker containers use a lot of computer resources, and so it is uncommon to have production servers with more than two or three containers running on them. True or False

False (efficiency allows production servers to run dozens or even hundreds of containers simultaneously, depending on the available system resources (CPU, memory, storage, and network).

The only portion that is required in a CloudFormation template is the

Resources section.

**What is the primary purpose of Infrastructure as Code (IaC)? A. To replace developers with automated tools B. To build and manage IT infrastructures using software scripts C. To eliminate the need for cloud services D. To create manual workflows for building infrastructure

B. To build and manage IT infrastructures using software scripts

**Which of the following is NOT a goal of IT Operations? A. Ensuring constant service availability B. Avoiding software updates C. Scaling software infrastructure D. Frequently deploying new features

D. Frequently deploying new features

**What key principle distinguishes DevOps from traditional IT operations? A. Manual software deployment B. Large, infrequent feature releases C. Incremental, frequent updates D. Avoidance of automated workflows

C. Incremental, frequent updates

**Which open-source tool enables cross-platform infrastructure scripting? A. CloudFormation B. Deployment Manager C. Terraform D. Puppet

C. Terraform

**In the context of IaC, what is the benefit of creating infrastructure using code? A. Infrastructure becomes difficult to update B. Manual adjustments are required less frequently C. Errors and risks are reduced, and recovery becomes easier D. IT specialists are no longer needed

C. Errors and risks are reduced, and recovery becomes easier

**The goals of software development and IT operations are completely aligned

False

**DevOps is a methodology that primarily focuses on software development, ignoring IT operations

False

**The Agile movement primarily improved the pace of feature delivery by software teams

True

**IaC makes it possible to rebuild infrastructure by re-running scripts, reducing the need for manual troubleshooting

True

**Terraform scripts can be used interchangeably with cloud-specific IaC platforms like AWS CloudFormation

False

**What cultural shift does DevOps introduce to software development and operations?

DevOps integrates software development and operations teams, emphasizing collaboration, incremental releases, and automated workflows to streamline software delivery and deployment.

**Name two books that capture the principles of DevOps

The Phoenix Project (2013) and The DevOps Handbook (2016).

**What are some benefits of using Infrastructure as Code?

IaC simplifies knowledge requirements, speeds up environment creation, reduces risks, enhances compliance, and makes errors less likely.

**Why might an organization choose Terraform over a cloud-specific IaC platform?

Terraform allows for cross-platform infrastructure scripting, making it ideal for environments that use multiple cloud providers.

**What is the primary advantage of using automation in IT workflows?

Automation reduces manual effort, minimizes errors, and speeds up deployment processes.

The AWS::EC2::SecurityGroup resource in AWS CloudFormation supports the following properties:
(There are 6) DNGeGiTV

1. GroupDescription: A description for the security group. This property is required.
2. GroupName: The name of the security group. If not specified, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.
3. SecurityGroupEgress: A list of egress (outbound) rules associated with the security group.
4. SecurityGroupIngress: A list of ingress (inbound) rules associated with the security group.
5. Tags: An array of key-value pairs to associate with the security group.
6. VpcId: The ID of the VPC for the security group.

IaC: does 3 things

Simplifies infrastructure management
Quickly replicates infrastructure
Tracks and controls changes

"!Ref" property is used to ...

make a reference to an AWS Logical ID name.

Threats to linux server functionality

The disk drive fills up
• You are getting too much traffic for the server to handle
• A process running on your computer is out of control (memory, CPU, or disk are used up)
• Your server has been hacked
• A component fails (network card, memory, hard drive)

Linux can run...

Running a firewall
• Running a file share
• Running a user authentication service
• Running a database
• Running a website
• Running an email server
• Running a DNS Server
• Running a streaming media server
• Running almost any network/internet-based application
• Running any custom built application that customers or organizations dream up

A shell script will always begin with a line such as the following:

#!/bin/sh. The first portion, called the shebang, identifies the program that should process the content of the file. The /bin/sh lets our system know that the program at that location will execute the commands in the remainder of the file. Typically the program at that location is called "bash" or one of its equivalents such as dash

The -s switch will make your typing silent so that others can't read
what you write. T F

T

In Linux, Standard Input (stdin), Standard Output (stdout), and Standard Error (stderr) are streams used for process communication. Describe them

stdin (ID 0) provides input, typically from the keyboard; stdout (ID 1) outputs normal data, usually to the terminal; and stderr (ID 2) handles error messages or diagnostics. These streams can be redirected to files or other programs using redirection (> for output, 2> for errors) or connected via pipes (|) to chain program outputs and inputs. This system facilitates efficient data handling between users, programs, and the system.

static vs dynamic library

Static libraries are self-contained, embedding all required code into the executable, which ensures faster execution and portability. However, they lead to larger file sizes and require recompilation to update the library. Dynamic libraries, on the other hand, are loaded at runtime, resulting in smaller executables and easier updates, as changes to the library propagate automatically. However, they may introduce slightly slower execution and runtime dependency issues if the library is missing or incompatible.

Roles vs Users

Users rely on fixed credentials like a username and password, whereas roles get a set of credentials that expire quickly. Think of a role like a parking pass (it can expire in an hour, a day,
etc.). Typically, we assign users to real people and roles to computer services

In place vs blue green deployment

In-place deployments update applications directly on existing instances, stopping and restarting them during the process. This approach is cost-effective but may cause downtime and complicate rollbacks. Blue/green deployments, on the other hand, use separate environments for updates, minimizing downtime and simplifying rollbacks by redirecting traffic to the new environment once it's verified. However, this method requires more resources and is costlier to maintain. Each approach suits different priorities, balancing cost, uptime, and complexity.

Docker commands

Docker pull -- node or mysql or popular precreated containers
Docker images
Docker ps -- whats running
Run starts the container and creates it
Start container just starts a preexisting container that was stopped
Ti- attached the docker terminal to your container
Dit- detached mode, alive in the background but not connected to terminal
Exec -- allows you to intestect with a running container
--name names it
Stop

In the Linux root directory (/), you typically find the following folders, each serving a specific purpose:

/bin: Essential binary executables for all users.
/boot: Files necessary for the boot process, including the kernel.
/dev: Device files that represent hardware components.
/etc: Configuration files for the system and applications.
/home: Home directories for user accounts.
/lib: Shared libraries and kernel modules required by binaries in /bin and /sbin.
/media: Mount points for removable media like USB drives.
/mnt: Temporary mount points for file systems.
/opt: Optional or third-party software packages.
/proc: Virtual filesystem providing process and system information.
/root: Home directory for the root user.
/run: Runtime data for processes since the last boot.
/sbin: System binaries for administrative tasks.
/srv: Data for services provided by the system, like web servers.
/sys: Virtual filesystem for system information related to hardware.
/tmp: Temporary files, often cleared on reboot.
/usr: Secondary hierarchy containing user programs and libraries.
/var: Variable data like logs, mail spools, and caches.
These directories provide a structured layout for organizing files and managing system functionality.

Examples of Container Managment /orchestration

Kubernetes, faregate, Openshift Hasicorp, Nomad, Docker Swarm