HOW TO ANSWER CICD PROCESS IN AN INTERVIEW| DEVOPS INTERVIEW QUESTIONS #cicd#devops#jenkins #argocd

00:00

hello everyone my name is Abhishek and

00:03

welcome back to my channel

00:05

so if you are a devops engineer or an

00:07

aspiring devops engineer planning to

00:09

give interviews CI CD is one of the most

00:12

anticipated topics that you will discuss

00:15

in your interviews

00:17

and many times the question that

00:20

interviewers will ask you is explain the

00:22

CI CD pipeline that you have implemented

00:25

in your current or previous projects

00:28

why because in your devops engineering

00:31

job role CI CD is one of the critical

00:33

components so you should be really

00:35

prepared for this and many of our

00:37

subscribers have been asking me that I

00:40

have implemented the CI CD pipeline I

00:42

have followed your videos but I am

00:43

finding it difficult to explain during

00:46

the interview about the CI CD pipeline

00:49

that I've implemented so watch the video

00:51

till the end because in this video I am

00:53

going to make it very simple for you to

00:56

explain the interviewer okay this is the

00:59

process that I have implemented

01:01

okay

01:03

always start with Git or any Version

01:06

Control System that's based on git you

01:08

can use GitHub git gitlab or bitbucket

01:10

and you can choose your target platform

01:13

as kubernetes so you will start seeing

01:15

the interviewer that we use GitHub or

01:18

gitlab or bitbucket as our source code

01:20

repository and our Target platform is

01:22

kubernetes so that tells the interviewer

01:24

that okay you are trying to use a

01:27

version control system and trying to

01:28

implement the CI CD on the target

01:30

platform kubernetes love

01:33

let's say there is a user who tries to

01:36

make a code commit okay the pull request

01:38

is reviewed and then the code commit

01:41

creates a commit in the version control

01:43

system for easy understanding let's

01:45

assume that is a GitHub repository so

01:48

user makes a code commit to a GitHub

01:50

repository then we use an orchestrator

01:53

The Continuous integration continuous

01:56

delivery orchestrators like Jenkins the

01:58

reason for using the orchestrators is

02:00

whenever there is a code coming to the

02:02

git repository git the book triggers the

02:07

pipeline in your orchestrator okay so in

02:10

this case there is a git web hook that

02:12

triggers the Jenkins pipeline now what

02:14

Jenkins does is the continuous

02:16

integration part then there is

02:18

continuous delivery part which will

02:19

cover later but using Jenkins you will

02:22

implement the continuous integration as

02:24

part of continuous integration there are

02:26

multiple stages okay so start with the

02:29

stage that is the checkout stage so

02:32

explain the interviewer that as part of

02:34

the first stage in the Jenkins pipeline

02:36

we will check out the code now what is

02:38

the code that you are checking out the

02:40

code commit that user has made okay so

02:43

you will check out the code commit that

02:44

user has made I mean all the code along

02:46

with that code commit and then you will

02:49

try to perform a build action along with

02:51

the unit test cases in the same state

02:54

some people also perform static code

02:56

analysis using some linting actions

02:58

formatting but it depends upon your use

03:01

case you can say that we use Maven for

03:03

building and we use the unit test cases

03:05

in the code repository if it is a Java

03:07

application if it is node.js or if it is

03:10

python then you can convert your unit

03:12

testing framework and the build language

03:14

accordingly but let's assume that you

03:17

are using a Java application so you can

03:18

say we check out the code in the first

03:20

stage then we perform the build and unit

03:22

testing in the second stage where we use

03:24

Maven and we use the unit testing

03:26

framework to test the unit test

03:30

and then once this is done the build

03:32

unit testing and static code analysis is

03:34

done then you will move towards the code

03:36

scanning as part of the code scanning

03:38

you can use some repositories like uh

03:41

sonar Cube or you can use any

03:43

self-hosted uh sonar Solutions or you

03:46

can use any code scanning Solutions okay

03:48

and you will tell them that okay we will

03:50

scan the code for any uh security

03:53

related vulnerabilities or even for the

03:55

static code analysis in this stage or

03:58

you can also tell them that you know we

04:00

perform some Security checks to ensure

04:03

that our code is free from any

04:05

Securities and in this stage we will

04:07

talk about sonar Cube after that once

04:10

this entire thing is done you will move

04:11

towards the image building okay what you

04:13

will do as part of image building so

04:15

because the target platform is

04:17

kubernetes you will try to build a

04:18

Docker image or a container image to be

04:21

very specific so let's not talk about

04:23

Docker because some people might use

04:25

Docker some people might use Builder but

04:27

end of the day you will create a

04:29

container image in this stage for that

04:31

you will use the docker file in the

04:33

GitHub repository

04:35

once the image is built it is very

04:38

important to perform the image scanning

04:40

what you will do as part of the image

04:42

scanning you will verify if the image

04:44

that you have created has any

04:46

vulnerabilities right so the binary is

04:49

that you are using the default packages

04:51

that you are using in the image or the

04:53

base image itself you have to verify

04:55

that the base image and the overall

04:57

image is free from any vulnerabilities

05:00

finally once this entire things is done

05:03

you will push the image to your image

05:05

registry so the image registry can be

05:07

Docker Hub or query.io ECR if you are on

05:11

AWS you can say that I am using ECR as a

05:14

registry or any any other things right

05:16

now this is about the continuous

05:18

integration so you will say these are

05:20

multiple stages that we have in

05:22

continuous integration and we write

05:24

Jenkins file in Jenkins for

05:26

orchestrating each of them now if the

05:28

interviewer asks you how do you write

05:30

that we use the declarative Jenkins

05:32

pipelines it is always good to go with

05:35

the declarative Jenkins pipelines over

05:37

the scripted scripted Jenkins pipelines

05:40

because scripted pipelines does not have

05:42

more flexibility or does not have uh you

05:45

know by the means of flexibility in

05:47

scripted pipelines you can write your

05:49

own code but declarative pipelines are

05:51

very easy to collaborate even with

05:52

people who does not have enough idea on

05:55

the scripting part the group is

05:57

scripting part

05:58

perfect now once this is done the image

06:01

is pushed now what is the next stage

06:03

that you have like you have there is a

06:05

user who has committed the code then

06:07

your Jenkins have triggered all of these

06:08

things the image is also created image

06:11

is pushed to the image registering that

06:13

can be Docker Hub now what will be the

06:15

next step is to get this image onto your

06:18

kubernetes platform because this image

06:20

has the new changes of your application

06:23

so to do that some people use the same

06:26

Jenkins pipeline that we have created

06:28

and update this image in the kubernetes

06:31

yaml manifests

06:33

and you know you need to again push this

06:36

updated image to a GitHub repository

06:39

which is hosting all of this kubernetes

06:41

manifest in some cases this can be the

06:44

same repository as well but it is

06:46

ideally preferred to have a different

06:47

GitHub repository one is your source

06:50

code repository that is here and then

06:52

you can have a different repository for

06:54

storing your image manifest or you can

06:57

also store them as Helm charts customize

06:59

any of the different things better to go

07:01

with plain manifest or Helm chats

07:04

and like I told you some people keep the

07:07

git repository common for the source

07:09

code and image manifest if you feel that

07:11

is easy you can say that using the

07:13

Jenkins same Jenkins pipeline we update

07:15

the git repository with the image that

07:18

we have created in the last stage of the

07:20

CI that is image push stage

07:23

now once this is done your image is

07:25

created your GitHub repository is

07:27

updated with the image manifest the helm

07:29

chart is updated with the values.aml any

07:31

of the things then you have the final

07:34

stage where you use Argo CD or any git

07:37

Ops tool such as flux CD better to go

07:39

with the github's approach if you feel

07:41

that you are not comfortable with Git

07:43

Ops okay I'll tell you the solution

07:45

watch the video till then but it is

07:48

always preferred to go with GitHub

07:49

solution and what you will do is using

07:52

Argo CD you will deploy this new change

07:54

onto the kubernetes

07:56

platform how do you do that Argo CD is

08:00

continuously watching this git

08:02

repository whether it can be this git

08:03

repository or git repository that you

08:06

have used in the first case here

08:08

wherever you are pushing uh the updated

08:11

K8 CML manifest

08:13

there you have to configure Argo CD to

08:15

watch that git repository and push the

08:18

changes to the kubernetes cluster

08:20

okay so advantage of using githubs is

08:23

you know githubs will make sure that git

08:25

is a single source of Truth and any

08:27

changes that is made to this repository

08:29

is automatically pulled and deployed to

08:31

kubernetes Cluster also it has multiple

08:33

other advantages like continuous

08:35

reconciliation let's not go into the

08:37

details of it you can watch my githubs

08:39

playlist

08:41

now let's say that you find this entire

08:43

git option complicated you don't know it

08:45

good about anything about githubs you

08:47

can replace this with any scripting like

08:50

ansible shell scripts or Python scripts

08:52

so you can say that once the images once

08:56

the updated kubernetes yaml manifest or

08:59

pushed to the GitHub repository what we

09:01

do is as part of the same pipeline we

09:03

use the shell script using the cube CTL

09:06

binary or using the helm command we just

09:09

push this new

09:11

commit in the git repository to the

09:13

kubernetes

09:14

platform right so either go with ansible

09:18

or go with shell script or python in any

09:20

ways you can push these things like the

09:23

helm chart onto the kubernetes cluster

09:25

the advantage of using ansible is if

09:27

there are multiple platforms like in

09:29

this case in this picture I have shown

09:30

only one kubernetes cluster but if there

09:32

are 10 kubernetes clusters ansible will

09:34

make your life easy if you know GitHub

09:37

solution go with GitHub solution because

09:38

in githubs you can manage 1 or 10 or 100

09:41

kubernetes clusters as well okay so you

09:44

can take uh this diagram as a reference

09:46

you can use this same diagram you can

09:48

take a screenshot screenshot of it write

09:50

your own notes but this is how you will

09:52

explain the interviewer that once the

09:55

user commits a code to a gate repository

09:57

then we use Jenkins as an orchestrator

09:59

which takes care of our continuous

10:01

integration part using multiple stages

10:04

we use Jenkins groovy scripting where we

10:07

use the declarative Jenkins pipelines

10:09

for writing multiple stages and as part

10:12

of it the first stage is the checkout

10:13

stage where we check out the code the

10:15

second stage is a build and unit testing

10:18

we also perform static code analysis in

10:20

this stage you can say that if required

10:22

then we move towards the code scanning

10:24

stage and once the code scanning is done

10:26

and if everything is fine we will move

10:28

towards the building of image in this

10:30

case we are building a container image

10:32

because the target platform is

10:33

kubernetes then we perform the image

10:36

scanning to verify that the image built

10:38

is safe from the security

10:39

vulnerabilities and finally we push this

10:42

image to the image registry

10:45

once the image is pushed to the image

10:47

registry what we do is we take this new

10:50

version of the image and we update the

10:52

kubernetes yaml Manifest or we update

10:55

the

10:56

Helm charts depending upon your use case

10:59

onto a git repository this git

11:01

repository can be a different one or the

11:03

same one

11:04

and finally we have a gitops tool called

11:07

Argo CD which is watching for this hand

11:09

charts Whenever there is a new version

11:10

or a code commit that is made to this

11:12

git repository it becomes the new coming

11:14

it picks up the new commit and deploys

11:16

it onto the kubernetes cluster so this

11:19

is the entire pipeline how you explain I

11:22

hope you watch this I mean I hope sorry

11:23

I hope you enjoy the video if you have

11:25

any questions put that in the comment

11:27

section if you want to talk anything

11:29

related to it yeah definitely let me

11:32

know that you know you are finding it

11:33

difficult to understand a specific stage

11:35

I'll definitely make a detailed video on

11:37

that as well see you all in the next

11:39

video take care everyone bye