Kubernetes Secrets securely store sensitive data like API keys, passwords, and tokens.

Example: Creating and using a Secret.

# Create a secret
kubectl create secret generic my-secret --from-literal=DB_PASSWORD=my-password

# Access it in a pod
env:
  - name: DB_PASSWORD
    valueFrom:
      secretKeyRef:
        name: my-secret
        key: DB_PASSWORD

DevOps is a combination of "Development" and "Operations." It is a set of practices aimed at automating and integrating the processes of software development and IT operations to enhance collaboration, reduce the development cycle, and deliver high-quality software efficiently.

Benefits:

1. Faster delivery of features.
2. Improved collaboration between teams.
3. Higher software quality with fewer bugs.
4. Automated workflows reduce manual errors.
5. Continuous integration and continuous delivery (CI/CD).

Example:
A DevOps pipeline might use Jenkins for CI/CD, Docker for containerization, and Kubernetes for orchestration, enabling rapid deployment of scalable applications.

• Agile focuses on iterative development and customer collaboration.
• DevOps emphasizes automation, collaboration, and the integration of development and operations.

CI/CD stands for Continuous Integration/Continuous Delivery/Deployment, automating code integration, testing, and deployment.

Components:

1. CI (Continuous Integration): Frequent code integration into a shared repository.
2. CD (Continuous Delivery): Ensures the code is always in a deployable state.
3. CD (Continuous Deployment): Automatically deploys to production without manual intervention.

Example:
Using Jenkins, a pipeline could:

1. Pull code from GitHub.
2. Run tests using Selenium.
3. Deploy builds to AWS EC2 if tests pass.

A DevOps pipeline automates the software delivery lifecycle, including building, testing, and deploying applications.

Stages:

1. Source: Code is committed to a version control system (e.g., Git).
2. Build: Code is compiled and packaged.
3. Test: Automated tests are executed.
4. Deploy: Application is deployed to production or staging.

Example:
A Jenkins pipeline:

pipeline {
  agent any
  stages {
    stage('Build') {
      steps {
        echo 'Building...'
      }
    }
    stage('Test') {
      steps {
        echo 'Testing...'
      }
    }
    stage('Deploy') {
      steps {
        echo 'Deploying...'
      }
    }
  }
}

Version control systems (VCS) manage changes to code, enabling collaboration and tracking history.

Importance:

• Enables rollback to previous versions.
• Facilitates team collaboration.
• Tracks changes and identifies who made them.

Example Tools: Git, SVN.

Docker is a platform for containerization, packaging applications with their dependencies to run consistently across environments.

Benefits:

• Portability: Runs the same on any system.
• Isolation: Containers are independent of the host system.
• Scalability: Easy to scale applications.

Example:
A Dockerfile for a Python application:

FROM python:3.8
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
CMD ["python", "app.py"]

Kubernetes is an orchestration platform for managing containerized applications at scale.

How It Works:

1. Applications are deployed in containers.
2. Kubernetes manages load balancing, scaling, and self-healing.
3. Uses YAML configuration files to define desired states.

Example: A Kubernetes deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-app
spec:
  replicas: 3
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: app-container
        image: my-app-image:v1
        ports:
        - containerPort: 80

IaC involves managing infrastructure (servers, networks) using code rather than manual configurations.

Tools: Terraform, Ansible.

Example: Terraform script:

provider "aws" {
  region = "us-east-1"
}

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"
}

Ansible is a configuration management tool that automates application deployment, configuration, and management.

Example: Ansible playbook to install Apache:

- hosts: webservers
  tasks:
    - name: Install Apache
      apt:
        name: apache2
        state: present

CI/CD as Code defines CI/CD pipelines in code form, typically YAML files, ensuring consistency and scalability.

Example: GitHub Actions pipeline:

name: CI/CD Pipeline
on:
  push:
    branches:
      - main
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
      - name: Run tests
        run: python -m unittest
      - name: Deploy
        run: echo "Deploying to production..."

Blue-green deployment minimizes downtime by having two environments:

• Blue: Current production.
• Green: New version being tested.

Process:

1. Deploy to green.
2. Test in green.
3. Switch traffic from blue to green.

A service mesh manages communication between microservices in a distributed system.

Tools: Istio, Linkerd.

Example Use Case: Load balancing, service-to-service authentication.

DevSecOps integrates security practices into DevOps, ensuring secure application development.

Example Tools: Snyk, Aqua Security.

Chaos engineering involves intentionally introducing failures to test system resilience.

Example: Netflix's Chaos Monkey terminates random servers to test fault tolerance.

Secrets management tools securely store sensitive data like API keys and credentials.

Tools: HashiCorp Vault, AWS Secrets Manager.

Example: Using Vault to store database passwords:

vault kv put secret/db password=mysecurepassword

Automation is a cornerstone of DevOps, ensuring consistency, efficiency, and reliability by automating repetitive tasks like testing, deployments, and infrastructure provisioning.

Example:
Using Jenkins, a build pipeline can automate the process of:

1. Pulling code from GitHub.
2. Running unit tests.
3. Deploying the code to a staging server.

Microservices are a software architecture style where applications are built as a collection of small, independently deployable services.

Relation to DevOps:
DevOps provides the automation and orchestration tools necessary for managing the complexities of microservices (e.g., Docker for containers, Kubernetes for orchestration).

Example:
A retail application might have separate microservices for:

• User authentication.
• Product catalog.
• Payment processing.

Git is a distributed version control system used to track code changes, collaborate on code, and manage branches.

How It Works:

• Developers push code to a Git repository (e.g., GitHub).
• CI tools like Jenkins pull the code, build it, and trigger tests.

Example Commands:

# Clone a repository
git clone https://github.com/example/repo.git

# Commit changes
git add .
git commit -m "Initial commit"

# Push to remote
git push origin main

Monitoring tracks system performance, availability, and user experience to detect and resolve issues proactively.

Example Tools: Prometheus, Grafana, Datadog.

Use Case:
Prometheus scrapes application metrics, while Grafana visualizes the data in dashboards.

• Cultural Resistance: Promote collaboration through team workshops.
• Tool Overload: Use integrated tools like GitLab or Azure DevOps.
• Security: Embed security early using DevSecOps practices.
• Scalability: Use container orchestration tools like Kubernetes.

Jenkins is an open-source automation server that enables building, testing, and deploying applications as part of a CI/CD pipeline.

Example Workflow:

1. Jenkins pulls code from GitHub.
2. Runs test cases.
3. Deploys the build to a staging environment.

Jenkinsfile:

pipeline {
  agent any
  stages {
    stage('Build') {
      steps { echo 'Building...' }
    }
    stage('Test') {
      steps { echo 'Testing...' }
    }
    stage('Deploy') {
      steps { echo 'Deploying...' }
    }
  }
}

The ELK Stack consists of Elasticsearch, Logstash, and Kibana for log management and analysis.

• Elasticsearch: Stores logs and provides search functionality.
• Logstash: Ingests and processes log data.
• Kibana: Visualizes logs and metrics.

Example Use Case:
Monitoring server logs to detect errors using Kibana dashboards.

• Docker: A platform for containerization, packaging applications with dependencies.
• Kubernetes: Orchestrates and manages containers at scale.

Canary deployment releases a new version of an application to a small subset of users while others use the existing version. This minimizes risk.

Steps:

1. Deploy to 5% of servers.
2. Monitor performance.
3. Gradually increase rollout.

Example:
Using AWS Elastic Load Balancer to split traffic between old and new versions.

Prometheus is an open-source monitoring tool that collects metrics from applications and infrastructure.

How It Works:

1. Scrapes metrics from endpoints.
2. Stores metrics in a time-series database.
3. Triggers alerts based on predefined rules.

Example Alert Rule:
Trigger an alert if CPU usage exceeds 80%:

- alert: HighCPUUsage
  expr: cpu_usage > 0.8
  for: 2m
  labels:
    severity: warning
  annotations:
    summary: "High CPU usage detected"

GitOps uses Git repositories as the single source of truth for defining and managing infrastructure and applications.

Example Workflow:

1. Push Kubernetes manifests to a Git repo.
2. A GitOps tool (e.g., ArgoCD) applies these manifests to the cluster.

Benefits:

• Version-controlled infrastructure.
• Easy rollbacks.

A service mesh is a layer that handles service-to-service communication in microservices architectures.

Tools: Istio, Linkerd.

Use Case:
Enabling mutual TLS (mTLS) for secure communication between microservices.

• DevOps: Focuses on automation, CI/CD, and collaboration.
• DevSecOps: Embeds security practices into the DevOps pipeline.

Example Tools:

• Static code analysis with SonarQube.
• Vulnerability scanning with Snyk.

Helm charts are templates for deploying Kubernetes applications.

Example: Deploying a Nginx Helm chart:

helm repo add nginx-stable https://helm.nginx.com/stable
helm install my-nginx nginx-stable/nginx-ingress

Immutable infrastructure ensures servers or containers are replaced rather than updated.

Importance:

• Reduces configuration drift.
• Improves system reliability.

Example Tools: AWS AMIs, Docker images.

StatefulSets manage stateful applications, ensuring stable identifiers, while Deployments are stateless.

Use tools like HashiCorp Vault or Kubernetes Secrets to store sensitive data securely.

Chaos engineering introduces failures to test system resilience.
Example: Netflix Chaos Monkey terminates random servers.

• Enable RBAC (Role-Based Access Control).
• Use namespaces for resource isolation.
• Encrypt etcd (Kubernetes' key-value store).

• Build success rate.
• Deployment frequency.
• Mean time to recovery (MTTR).
• Lead time for changes.

IaC is the practice of managing and provisioning infrastructure using machine-readable configuration files instead of manual processes.

Benefits:

1. Consistency: Reduces errors caused by manual configuration.
2. Version Control: Changes are trackable using tools like Git.
3. Automation: Quickly provision and decommission environments.

Example:
Using Terraform to provision an AWS EC2 instance:

provider "aws" {
  region = "us-west-1"
}

resource "aws_instance" "example" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"
}

• Vertical Scaling (Scaling Up): Increasing the resources (CPU, RAM) of a single server.
• Horizontal Scaling (Scaling Out): Adding more servers or instances to distribute the load.

Example:

• Vertical Scaling: Upgrading an AWS EC2 instance from t2.micro to t2.large.
• Horizontal Scaling: Adding more replicas to a Kubernetes Deployment to handle traffic.

• Reverse Proxy: Forwards client requests to servers and can handle caching, SSL termination, and URL rewriting.
• Load Balancer: Distributes traffic across multiple servers to ensure high availability and performance.

Example Tools:

• Reverse Proxy: Nginx, Apache HTTP Server.
• Load Balancer: AWS Elastic Load Balancer, HAProxy.

1. Use Load Balancers: Distribute traffic across multiple instances.
2. Implement Redundancy: Duplicate critical systems and services.
3. Use Auto Scaling: Automatically adjust resources based on demand.
4. Monitoring: Use tools like Prometheus to detect and respond to failures.

Example:
Deploying a Kubernetes cluster with multiple replicas ensures availability even if one pod fails.

Rolling updates gradually update Pods in a Deployment to minimize downtime.

Example YAML for a Rolling Update:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: rolling-update-demo
spec:
  replicas: 3
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
      maxSurge: 1
  template:
    metadata:
      labels:
        app: demo
    spec:
      containers:
      - name: demo-container
        image: nginx:1.19

A multistage pipeline breaks down CI/CD into stages like build, test, deploy, and release.

Example: GitLab CI/CD Pipeline:

stages:
  - build
  - test
  - deploy

build:
  stage: build
  script:
    - echo "Building the application..."

test:
  stage: test
  script:
    - echo "Running tests..."

deploy:
  stage: deploy
  script:
    - echo "Deploying to production..."

A hybrid cloud combines public and private cloud environments to achieve flexibility and scalability.

Benefits:

• Cost optimization: Use private clouds for sensitive data and public clouds for scaling.
• Disaster recovery: Back up data in the public cloud.
• Flexibility: Migrate workloads as needed.

Example Use Case:
A company uses AWS for scalable workloads while retaining sensitive data on-premises.

• Observability: Provides insights into system performance using logs, metrics, and traces to diagnose issues.
• Monitoring: Tracks predefined metrics and alerts on failures.

Example Tools:

• Monitoring: Prometheus.
• Observability: Grafana with Jaeger for tracing.

• SRE: Focuses on improving system reliability using engineering practices.
• DevOps: Focuses on collaboration and automation for faster delivery.

Key Difference:
SRE uses Service Level Indicators (SLIs), Objectives (SLOs), and Agreements (SLAs) to measure system reliability.

Example:
An SRE might automate incident response for downtime, ensuring the SLO is met.

Serverless architecture lets developers build and run applications without managing servers.

Benefits:

• Focus on code, not infrastructure.
• Auto-scaling.
• Pay-per-use.

Example Tool: AWS Lambda.
A Lambda function processes a user upload:

def handler(event, context):
    print("Processing event:", event)
    return "File processed successfully"

1. Automate Tests: Use unit and integration tests.
2. Parallel Builds: Run steps simultaneously to save time.
3. Fail Fast: Exit pipelines on errors.
4. Version Control: Manage pipeline definitions as code.
5. Monitor Pipelines: Detect failures early.

Example: A Jenkins pipeline with automated tests.

pipeline {
  agent any
  stages {
    stage('Build') { steps { sh 'make build' } }
    stage('Test') { steps { sh 'make test' } }
    stage('Deploy') { steps { sh 'make deploy' } }
  }
}

A load balancer distributes incoming traffic across multiple servers to ensure availability and reliability.

Example Tool: AWS Elastic Load Balancer (ELB).

Types of Load Balancing:

• HTTP Load Balancing: For web applications.
• TCP Load Balancing: For non-HTTP traffic.

1. Unit Testing: Validates individual components.
2. Integration Testing: Ensures components work together.
3. Performance Testing: Measures speed and scalability.
4. Security Testing: Identifies vulnerabilities.

Example Tool: Selenium for integration testing.

• Proactive Monitoring: Identifies and resolves potential issues before they occur.
• Reactive Monitoring: Responds to incidents after they occur.

Example Tools:

• Proactive: Prometheus with custom alert rules.
• Reactive: PagerDuty for incident response.

This manifest deploys an Nginx pod and exposes it via a service.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  selector:
    app: nginx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: LoadBalancer

This script finds logs older than 7 days, compresses them, and moves them to an archive directory.

#!/bin/bash

LOG_DIR="/var/logs"
ARCHIVE_DIR="/var/logs/archive"

mkdir -p $ARCHIVE_DIR

find $LOG_DIR -type f -name "*.log" -mtime +7 | while read file; do
  gzip "$file"
  mv "$file.gz" $ARCHIVE_DIR
done

echo "Old logs archived successfully."