RESTRICTED

Azure DevOps Interview Questions

Complete CI/CD Pipeline process:

Scenario: How does the Azure DevOps CI/CD Pipeline look in your organization?

Continuous Integration (CI):

Triggers on code changes.

Clones code from repository.
Runs unit tests and static code analysis.
Builds artifacts (e.g., compiled code, container images).
Stores artifacts in Azure Pipelines artifacts for deployment.
Continuous Delivery (CD):

Triggers on successful CI completion or manually.

Deploys artifacts to designated environments (staging, production).
Runs environment-specific tests (e.g., integration, acceptance).
Approvals or gates can be implemented before deployment.
Optionally, rolls back deployments if issues arise.

Securing Sensitive Information in Pipelines:

Scenario: You need to securely store API keys and other secrets used in your pipeline
tasks. How would you ensure their protection while maintaining pipeline functionality?

Answer: Explain using Azure Key Vault to store secrets and access them using
managed identities or service connections with minimal privileges. Emphasize avoiding
hardcoding secrets in the pipeline script.

Integrating Azure Container Registry (ACR) with Pipelines:

Scenario: Your application uses Docker containers. How would you integrate ACR with
Azure Pipelines for building, pushing, and deploying container images?

Answer: Describe the process of configuring Docker tasks in the pipeline to build
images, authenticate with ACR using service connections, push images to the registry,
and deploy them to specific environments.

Debugging Pipeline Failures:

Scenario: Your pipeline consistently fails at a specific stage. How would you approach
troubleshooting and identifying the root cause of the issue?

Answer: Highlight utilizing built-in debugging tools like logs, pipeline diagnostics, and
Azure Monitor, alongside manual code review and environment checks. Mention
potential causes like resource constraints, task configuration errors, or infrastructure
issues.

Handling Code Merges and Rollbacks in Pipelines:

 RESTRICTED

Scenario: You discover a critical bug in the recently deployed production environment.
How would you leverage Azure Pipelines for a rollback and ensure safe merging of a
fix?

Answer: Explain using deployment environments and conditional triggers to target

specific environments. Discuss leveraging branching strategies and continuous
deployment practices to revert changes and integrate a fix seamlessly.

Utilizing Azure Runners for Self-Hosted Environments:

Scenario: Your company has specific infrastructure requirements and needs to run
pipelines on self-hosted machines. How would you leverage Azure Runners for this
purpose?

Answer: Discuss configuring and managing self-hosted runners, ensuring security

considerations like network isolation and access control. Mention using the appropriate
runner OS and tools based on your project needs.

Implementing Role-Based Access Control (RBAC) in Pipelines:

Scenario: Your team has various roles with different access needs. How would you
configure RBAC within Azure Pipelines to ensure users have appropriate permissions?

Answer: Explain leveraging built-in roles and custom definitions to grant access to
pipelines, repositories, and resources. Highlight the importance of least privilege and
separation of duties principles.

Automating Infrastructure Provisioning with Pipelines:

Scenario: You want to automate infrastructure provisioning and deployment alongside

your application code. How would you integrate infrastructure as code (IaC) tools like
Terraform with Azure Pipelines?

Answer: Discuss using tasks like Azure Resource Manager or Terraform tasks to
manage infrastructure creation and deletion within the pipeline workflow. Mention
benefits like faster deployments and improved consistency.

Maintaining Pipeline Security Throughout the CI/CD Process:

Scenario: How would you ensure overall security within your Azure Pipelines throughout
the CI/CD process, from code building to deployment?

Answer: Discuss a holistic approach, including secure code practices, vulnerability

scanning, container image scanning, service principal usage with least privilege, and
regular pipeline audits.

Create VM using Azure CLI

Start with creating a Resource Group

 RESTRICTED

az group create --name learn-azure-cli --location eastus

Set the Resource Group as default (Optional)

az config set defaults.group=learn-azure-cli

Create VM with Vnet

az vm create \
--resource-group learn-azure-cli \
--name vmName \
--image Ubuntu2204 \
--vnet-name default \
--subnet default \
--generate-ssh-keys \
--output json \
--verbose

Delete the Resource Group to delete all the resources

az group delete --name learn-azure-cli

Steps to deploy storage account arm template

Create resource group

az group create --name vscode --location 'Central US'

Create the storage account

Switch to the folder where you have the 01-storage-account.json or similar file
az deployment group create --resource-group vscode --template-file 01-storage-
account.json

01-storage-account.json
{
"$schema":
"https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.jso
n#",
"contentVersion": "1.0.0.0",
"parameters": {},
"functions": [],
 RESTRICTED

"variables": {},
"resources": [
{
"name": "abhioshekveeramalla11232",
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2023-01-01",
"tags": {
"displayName": "abhioshekveeramalla11232"
},
"location": "[resourceGroup().location]",
"kind": "StorageV2",
"sku": {
"name": "Premium_LRS",
"tier": "Premium"
}
}
],
"outputs": {}
}
 RESTRICTED

# Azure CLI 2.0 Cheatsheet

Azure CLI 2.0 cheatsheet for Login, Resources, VMs, Resource groups, Storage,
Batch, and Containers.

## Logging in

### Login with web

```

az login
```

### Login in CLI

```
az login -u [email protected]
```

### List accounts

```
az account list
```
### Set subscription
```
az account set --subscription "xxx"
```
## Listing locations and resources / general

### List all locations

 RESTRICTED

az account list-locations
```

### List all my resource groups

```

az resource list
```

### Get what version of the CLI you have

```
azure --version
```

### Get help

```
azure help
```

## Creating a basic VM / Resource Group / Storage Account

### Get all available VM sizes

```
az vm list-sizes --location eastus
```

### Get all available VM images for Windows and Linux

```

az vm image list --output table

 RESTRICTED

```

### Create a Linux VM

```
az vm create --resource-group myResourceGroup --name myVM --image ubuntults
```

### Create a Windows VM

```
az vm create --resource-group myResourceGroup --name myVM --image
win2016datacenter
```

### Create a Resource group

```
az group create --name myresourcegroup --location eastus
```

### Create a Storage account.

```

az storage account create -g myresourcegroup -n mystorageaccount -l eastus --sku

Standard_LRS
```
## DELETING A RESOURCE GROUP

### Permanetly deletes a resource group

```

az group delete --name myResourceGroup

```
 RESTRICTED

## Managing VM's

### List your VMs

```
az vm list
```

### Start a VM
```
az vm start --resource-group myResourceGroup --name myVM
```

### Stop a VM
```
az vm stop --resource-group myResourceGroup --name myVM
```

### Deallocate a VM
```

az vm deallocate --resource-group myResourceGroup --name myVM

```

### Restart a VM
```

az vm restart --resource-group myResourceGroup --name myVM

```

```
### Redeploy a VM
```
 RESTRICTED

az vm redeploy --resource-group myResourceGroup --name myVM

``

### Delete a VM
```
az vm delete --resource-group myResourceGroup --name myVM
```

### Create image of a VM

```

az image create --resource-group myResourceGroup --source myVM --name myImage

```

### Create VM from image

```

az vm create --resource-group myResourceGroup --name myNewVM --image

myImage
```
### List VM extensions
```
az vm extension list --resource-group azure-playground-resources --vm-name azure-
playground-vm
```

### Delete VM extensions

```
az vm extension delete --resource-group azure-playground-resources --vm-name
azure-playground-vm
```
 RESTRICTED

--name bootstrapper

```
 RESTRICTED

## Managing Batch Account

### Create a Batch account.

```
az batch account create -g myresourcegroup -n mybatchaccount -l eastus
```

### Create a Storage account.

```
az storage account create -g myresourcegroup -n mystorageaccount -l eastus --sku
Standard_LRS
```

### Associate Batch with storage account.

```
az batch account set -g myresourcegroup -n mybatchaccount --storage-account
mystorageaccount
```

We can now authenticate directly against the account for further CLI interaction.

```
az batch account login -g myresourcegroup -n mybatchaccount
```

### Display the details of our created account.

```
```
az batch account show -g myresourcegroup -n mybatchaccount
```

### Create a new application.

 RESTRICTED

```

az batch application create --resource-group myresourcegroup --name

mybatchaccount --application-id myapp --display-name "My Application"
```

### Add zip files to application

```
az batch application package create --resource-group myresourcegroup --name
mybatchaccount
--application-id myapp --package-file my-application-exe.zip --version 1.0
```

### Assign the application package as the default version.

```
az batch application set --resource-group myresourcegroup --name mybatchaccount --
application-id myapp --default-version 1.0
```

### Retrieve a list of available images and node agent SKUs.

```

az batch pool node-agent-skus list

```

### Create new Linux pool with VM config

```
az batch pool create \
--id mypool-linux \
--vm-size Standard_A1 \
--image canonical:ubuntuserver:16.04.0-LTS \
--node-agent-sku-id “batch.node.ubuntu 16.04”
```
 RESTRICTED

### Now let's resize the pool to start up some VMs.

```

az batch pool resize --pool-id mypool-linux --target-dedicated 5

```

### We can check the status of the pool to see when it has finished resizing.
```

az batch pool show --pool-id mypool-linux

```

### List the compute nodes running in a pool.

```
az batch node list --pool-id mypool-linux
```

If a particular node in the pool is having issues, it can be rebooted

or reimaged. A typical node ID will be in the format 'tvm-
xxxxxxxxxx_1-<timestamp>'.
```
az batch node reboot --pool-id mypool-linux --node-id tvm-123_1-20170316t000000z
```

### Re-allocate work to another node.

```
az batch node delete \
--pool-id mypool-linux \
--node-list tvm-123_1-20170316t000000z tvm-123_2-20170316t000000z \
--node-deallocation-option requeue
```
 RESTRICTED

### Create a new job to encapsulate the tasks that we want to add.
```

az batch job create --id myjob --pool-id mypool

```

### Add tasks to the job.

…where <shell> is your preferred shell for execution (/bin/sh, /bin/bash, /bin/ksh etc.),
and
/path/to/script.sh is, of course, the full path of the shell script you’re invoking to get
things started.

```
az batch task create --job-id myjob --task-id task1 --application-package-references
myapp#1.0
--command-line "/bin/<shell> -c /path/to/script.sh"
```

### Add many tasks at once

```

az batch task create --job-id myjob --json-file tasks.json

```

Now that all the tasks are added - we can update the job so that it will automatically be
marked as completed once all the tasks are finished.

```
az batch job set --job-id myjob --on-all-tasks-complete terminateJob
```

### Monitor the status of the job.

```
az batch job show --job-id myjob
 RESTRICTED

```

### Monitor the status of a task.

```
az batch task show --job-id myjob --task-id task1
```

### Delete a job

```
az batch job delete --job-id myjob
```

## Managing Containers

If you HAVE AN SSH run this to create an Azure Container Service Cluster (~10 mins)

```

az acs create -n acs-cluster -g acsrg1 -d applink789

```

If you DO NOT HAVE AN SSH run this to create an Azure Container Service Cluster
(~10 mins)

```
az acs create -n acs-cluster -g acsrg1 -d applink789 --generate-ssh-keys
```

### List clusters under your whole subscription

```

az acs list --output table

 RESTRICTED

```

### List clusters in a resource group

```
az acs list -g acsrg1 --output table
```

### Display details of a container service cluster

```
az acs show -g acsrg1 -n acs-cluster --output list
```

### Scale using ACS

```
az acs scale -g acsrg1 -n acs-cluster --new-agent-count 4
```

### Delete a cluster

```

az acs delete -g acsrg1 -n acs-cluster

```