Chef and Puppet Interview Questions and Answers

1. What are the chef and puppet used for?
Answer: Puppet and Chef are the major configuration management systems on Linux, along with CFEngine, Ansible. More than a configuration management tool, Chef, along with Puppet and Ansible, is one of the industry’s most notable Infrastructure as Code (IAC) tools. (Chef and Puppet Interview Questions)

2. What Is A Resource?
A resource represents a piece of infrastructure and its desired state, such as a package that should be installed, a service that should be running, or a file that should be generated.

3. What is Puppet?
I will advise you to first give a small definition of Puppet. Puppet is a Configuration Management tool which is used to automate administration tasks.

4. What is Node definition in Puppet?
A node definition or node statement is a block of Puppet code that will only be included in matching nodes’ catalogs. This feature allows you to assign specific configurations to specific nodes. 

5. My Servers Are All Unique; Can Puppet Still Help?
All servers are at least somewhat unique, but very few servers are entirely unique; hostnames and IP addresses (e.g.) will always differ, but nearly every server runs a relatively standard operating system. Servers are also often very similar to other servers within a single organization — all Solaris servers might have similar security settings, or all web servers might have roughly equivalent configurations — even if they’re very different from servers in other organizations. Finally, servers are often needlessly unique, in that they have been built and managed manually with no attempt at retaining appropriate consistency.

Puppet can help both on the side of consistency and uniqueness. Puppet can be used to express the consistency that should exist, even if that consistency spans arbitrary sets of servers based on any type of data like operating system, data center, or physical location. Puppet can also be used to handle uniqueness, either by allowing the special provision of what makes a given host unique or through specifying exceptions to otherwise standard classes. [E Learning Portal]

6. How Do I Manage Passwords On Red Hat Enterprise Linux, Centos, And Fedora Core?
As described in the Type reference, you need the Shadow Password Library, which is provided by the ruby-shadow package. The ruby-shadow library is available natively for fc6 (and higher) and should build on the corresponding RHEL and CentOS variants. 

7. How do you test your manifest files?

  • Explain how you will first run syntax checks with puppet parser validate command. If you are using VIM, you can use plugins like Syntastic to verify code (or else) use a full-fledged IDE like Geppetto. Also, use puppet-lint to verify in addition to puppet parser.
  • You can add RSpec/cucumber tests to your application. (BE CAREFUL: RUBY skills are required) and use Cucumber in standalone mode to test your manifests.

8. Which scripting language is most important for a DevOps engineer?

  • Software development and Operational automation require programming. In terms of scripting
  • Bash is the most frequently used Unix shell which should be your first automation choice. It has a simple syntax and is
  • designed specifically to execute programs in a non-interactive manner. The same stands for Perl which owes a great deal of its popularity to being very good at manipulating text and storing data in databases.
  • Next, if you are using Puppet or Chef it’s worth learning Ruby which is relatively easy to learn, and so many of the automation tools have been specifically with it.
    Java has a huge impact on IT backend, although it has a limited spread across Operations.

9. How Database fits in a DevOps?
In a perfect DevOps world, the DBA is an integral part of both Development and Operations teams and database changes should be as simple as code changes. So, you should be able to version and automate your Database scripts as your application code. In terms of choices between RDBMS, NoSQL or another kind of storage solutions a good database design means fewer changes to your schema of Data and more efficient testing and service virtualization. Treating database management as an afterthought and not choosing the right database during the early stages of the software development lifecycle can prevent successful adoption of the true DevOps movement.

10. Describe the most significant gain you made from automating a process through Puppet?
“I automated the configuration and deployment of Linux and Windows machines using Puppet. In addition to shortening the processing time from one week to 10 minutes, I used the roles and profiles paradigm and documented the purpose of each module in README to ensure that others could update the module using Git. The modules I wrote are still being used, but they’ve been improved by my teammates and members of the community.”

11. What is Puppet Kick?
By default Puppet Agent request to Puppet Master after a periodic time which was known as “run interval”. Puppet Kick is a utility which allows you to trigger Puppet Agent from Puppet Master.

12. Why shouldn’t I use auto-sign for all my clients?

  • It is very tempting to enable auto-sign for all nodes, as it cuts down on the manual steps required to bootstrap a new node (or indeed to move it to a new puppet master).
  • Typically this would be done with a * or even * in the auto-sign.conf file.
  • This, however, can be very dangerous as it can enable a node to masquerade as another node and get the configuration intended for that node. The reason for this is that the node chooses the certificate common name (‘CN’ – usually its fqdn, but this is fully configurable), and the puppet master then uses this CN to look up the node definition to serve. The certificate itself is stored, so two nodes could not connect with the same CN (e.g., but this is not the problem.
  • The problem lies in the fact that the puppet master does not make a 1-1 mapping between a node and the first certificate it saw for it, and hence multiple certificates can map to the same node, for example:
  • Alice. connects, gets node Alice { } definition. connects with CN and also matches the node Alice { } definition.
    Without auto signing, it would be apparent that bob was trying to get Alice’s configuration – as the puppet cert process lists the full fqdn/CN presented. With auto-sign turned on, bob silently retrieves Alice’s configuration.

13. Does signing a CLA change who owns Puppet?
The change in license and the requirement for a CLA doesn’t change who owns the code. This is a pure license agreement and NOT a Copyright assignment. If you sign a CLA, you maintain full copyright to your code and are merely providing a license to Puppet Labs to use your code.

14. What Happens During The Bootstrap Process?
During the bootstrap process, the node downloads and installs chef-client registers itself with the Chef server, and does an initial check-in. During this check-in, the node applies any cookbooks that are part of its run-list.

15. What types of testing are needed?
Software teams will often look for the “fair weather” path to system completion; that is, they start from an assumption that software will usually work and only occasionally fail. I believe to practice defensive programming in a pragmatic way, which often means assuming that the code will fail and planning for those failures. I try to incorporate unit test strategy, use of test harnesses, early load testing; network simulation, A/B and multivariate testing, etc. 

16. What other tools are you familiar with that might help you in this role?
DevOps is so diverse and inclusive that it rarely ends with coding, testing, and systems. A DevOps project might rely on database platforms like SQL or NoSQL, data structure servers like Redis, or configuration and management issue tracking systems like Redmine. Web applications are popular for modern enterprises, making a background with Web servers, like Microsoft Internet Information Services, Apache Tomcat or other Web servers, beneficial. Make sure to bring across that you are familiar with Agile application lifecycle management techniques and tools.

17. What is version control and why should VCS be used?

  • Define version control and talk about how this system records any changes made to one or more files and saves them in a centralized repository.
  • VCS tools will help you recall previous versions and perform the following:
  • Go through the changes made over a period of time and check what works versus what doesn’t.
  • Revert specific files or specific projects back to an older version.
  • Examine issues or errors that have occurred due to a particular change.
  • Using VCS gives developers the flexibility to simultaneously work on a particular file and all modifications can be logically combined later.

18. How is IaC implemented using AWS?
Start by talking about the age-old mechanisms of writing commands onto script files and testing them in a separate environment before deployment and how this approach is being replaced by IaC. Similar to the codes written for other services, with the help of AWS, IaC allows developers to write, test, and maintain infrastructure entities in a descriptive manner, using formats such as JSON or YAML. This enables easier development and faster deployment of infrastructure changes.

As a DevOps engineer, an in-depth knowledge of processes, tools, and relevant technology are essential. You must also have a holistic understanding of the products, services, and systems in place. If your answers matched the answers we’ve provided above, you’re in great shape for future DevOps interviews. Good luck! If you’re looking for answers to specific DevOps interview questions that aren’t addressed here, ask them in the comments below. Our DevOps experts will help you craft the perfect answer. 

19. How can you configure systems with Puppet?
You can configure systems with Puppet either in a client/server architecture, using the Puppet agent and Puppet master applications, or in a stand-alone architecture, using the Puppet apply application. 

20. In Puppet where coded is configured?
The location of the coder can be configured in puppet.conf with the coder setting, but note that Puppet Server doesn’t use that setting; it has its own JRuby-puppet.master-code-dir setting in puppetserver.conf. If you’re using a non-default coder, you must change both settings.

21. What is Module layout in Puppet?

On disk, a module is a directory tree with a specific, predictable structure:

  • manifests
  • files
  • templates
  • lib
  • facts
  • examples
  • spec
  • functions
  • types
  • Puppet Real Time Scenarios

22. Explain the process of Installing modules from the Puppet Forge?
To install a module from the Puppet Forge, use the puppet module install command with the full name of the module you want.

The full name of a Forge module is formatted as a username-module name. For example, to install puppetlabs-apache:

puppet module install puppet labs-apache

23. What’s Special About Puppet’s Model-driven Design?
Traditionally, managing the configurations of a large group of computers has meant a series of imperative steps; in its rawest state, SSH and a for a loop. This general approach grew more sophisticated over time, but it retained the more profound limitations at its root.

Puppet takes a different approach, which is to model everything — the current state of the node, the desired configuration state, the actions taken during configuration enforcement — as data: each node receives a catalog of resources and relationships, compares it to the current system state, and makes changes as needed to bring the system into compliance.

The benefits go far beyond just healing the headaches of configuration drift and unknown system state: modeling systems as data let Puppet simulate configuration changes, track the history of a system over its lifecycle, and prove that refactored manifest code still produces the same system state. It also drastically lowers the barrier to entry for hacking and extending Puppet: instead of analyzing code and reverse-engineering the effects of each step, a user can just parse data, and sysadmins have been able to add significant value to their Puppet deployments with an afternoon’s worth of Perl scripting. 

24. What Size Organizations Should Use Puppet?
There is no minimum or maximum organization size that can benefit from Puppet, but there are sizes that are more likely to benefit. Organizations with only a handful of servers are unlikely to consider maintaining those servers to be a real problem, while those that have more need to consider carefully how they eliminate manual management tasks.

25. How Do I Document My Manifests?
The puppet language includes a simple documentation syntax, which is currently documented on the Puppet Manifest Documentation wiki page. The puppet doc command uses this inline documentation to automatically generate RDoc or HTML documents for your manifests and modules.

26. What if I haven’t signed a CLA?

  • If you haven’t signed a CLA, then we can’t yet accept your code contribution into Puppet or Factor. Signing a CLA is very easy: simply log into your GitHub account and go to our CLA page to sign the agreement.
  • We’ve worked hard to try to find to everyone who has contributed code to Puppet, but if you have questions or concerns about a previous contribution you’ve made to Puppet and you don’t believe you’ve signed a CLA, please sign a CLA or contact us for further information.

27. How would you make software deployable?
The ability to script the installation and reconfiguration of software systems is essential towards controlled and automated change. Although there is an increasing trend for new software to enable this, older systems and products suffer from the assumption that changes would be infrequent and minor, and so make automated changes difficult. As a professional who appreciates the need to expose configuration and settings in a manner accessible to automation, I will work with concepts like Inversion of Control (IoC) and Dependency Injection, scripted installation, test harnesses, separation of concerns, command-line tools, and infrastructure as code. 

28. How do you expect you would be required to multitask as a DevOps professional?

I believe I’ll be expected to:

  1. Focus attention on bridging communication gaps between Development and Operations teams.
  2. Understand system design from an architect’s perspective, software development from a developer’s perspective, operations and infrastructure from the perspective of a seasoned Systems Administrator.
  3. Execute – to be able to actually do what needs to be done.

29. Describe two-factor authentication?
Two-factor authentication is a security process in which the user provides two means of identification from separate categories of credentials; one is typically a physical token, such as a card, and the other is typically something memorized, such as a security code.

30. How much have you interacted with cloud-based software development?
Share your knowledge around the use of cloud platforms, provisioning new instances, coding new software iterations with the cloud provider’s APIs or software development kits, configuring clusters to scale computing capacity, managing workload lifecycles and so on. This is the perfect opportunity to discuss container-based cloud instances as an alternative to conventional VMs. Event-based cloud computing, such as AWS Lambda offers another approach to software development, a boon for experienced DevOps candidates. In your interview, mention experience handling big data, which uses highly scalable cloud infrastructures to tackle complex computing tasks.

31. What was your greatest achievement on a recent project?
Make sure you demonstrate your perfect understanding of both development and operations. Do not let your answer lean towards one particular skillset ignoring the other. Even if you have worked in an environment wherein you had to work more with one skillset, assure the interviewer that you are agile according to the needs of your organization.

32. What special training or education did it require for you to become a DevOps engineer?
DevOps is more of a mindset or philosophy rather than a skill-set. The typical technical skills associated with DevOps Engineers today is Linux systems administration, scripting, and experience with one of the many continuous integration or configuration management tools like Jenkins and Chef. What it all boils down to is that whatever skill-sets you have, while important, are not as important as having the ability to learn new skills quickly to meet the needs. It’s all about pattern recognition and having the ability to merge your experiences with current requirements. Proficiency in Windows and Linux systems administration, script development, an understanding of structured programming and object-oriented design, and experience creating and consuming RESTful APIs would take one a long way.

33. What information do you need in order to bootstrap in Chef?
Just mention the information you need in order to bootstrap:

  • Your node’s hostname or public IP address.
  • A user name and password you can log on to your node with.
  • Alternatively, you can use key-based authentication instead of providing a user name and password.

34. Why do we use the chef-Jenkins plugin in chef?
Chef-Jenkins adds the ability to use Jenkins to drive continuous deployment and synchronization of environments from a git repository. 

35. What are the benefits of Devops?
There are many benefits of using devops, explain about your devops experience.

Technical benefits:

  • Continuous software delivery
  • Less complex problems to fix
  • Faster resolution of problems

Business benefits:

  • Faster delivery of features
  • More stable operating environments
  • More time available to add value (rather than fix/maintain)

Note: Browse latest Devops Interview Questions and Devops Tutorial. Here you can check Devops Training details and Devops Training Videos for self learning. Contact +91 988 502 2027 for more information.

All Devops Interview Questions

Devops Videos

Duration: 25+ Hours
  • Experienced Faculty
  • Real-time Scenarios
  • Free Bundle Access
  • Course Future Updates
  • Sample CV/Resume
  • Interview Q&A
  • Complimentary Materials