Devops Interview Questions & Answers for 2026

Continuous Integration (CI) means developers merge code to the main branch frequently (multiple times daily), and automated tests run on every merge to catch integration bugs early. Continuous Delivery extends CI by automatically building and testing to a staging environment, keeping the codebase always deployable — but deployment to production is a manual decision. Continuous Deployment goes one step further: every passing build is automatically deployed to production with no human intervention. Most companies practice CI + Continuous Delivery; full Continuous Deployment requires very high test confidence and feature flag support.

Docker uses OS-level containerisation — containers share the host OS kernel and isolate processes using Linux namespaces and cgroups. Virtual machines emulate entire hardware and run a complete guest OS on a hypervisor. Docker containers start in milliseconds, use tens of MB of memory, and have near-native performance. VMs take minutes to boot, use GBs of RAM, and have hypervisor overhead. Docker is ideal for microservices, CI pipelines, and environment consistency. VMs provide stronger isolation and are better for running different operating systems. Docker images are portable and reproducible using a Dockerfile.

Kubernetes is a container orchestration platform that automates deployment, scaling, and management of containerised applications. Problems it solves: manually restarting failed containers (Kubernetes restarts them via health checks), distributing containers across multiple machines (scheduling), scaling up/down based on load (Horizontal Pod Autoscaler), rolling updates with zero downtime, service discovery, load balancing, secret management, and storage orchestration. Key concepts: Pod (smallest deployable unit, one or more containers), Deployment (manages pod replicas), Service (stable network endpoint), and Ingress (HTTP routing).

Blue-green deployment maintains two identical production environments (blue = current, green = new version). Traffic switches instantly from blue to green. Rollback is instant by switching back. It requires double infrastructure during the transition. Canary deployment gradually routes a small percentage of traffic (5-10%) to the new version, monitors error rates and metrics, and slowly increases traffic if stable. Canary deployment reduces blast radius — only a small portion of users see the new version initially. Most cloud providers and Kubernetes support both patterns via load balancer weights or ingress controllers.

Nginx is a high-performance web server and reverse proxy. Common production uses: serve static files (images, CSS, JS) faster than application servers, act as a reverse proxy forwarding requests to backend application servers (Node.js, Python, PHP-FPM), SSL/TLS termination (handle HTTPS at the proxy layer), load balancing across multiple application server instances using round-robin or least-connections, rate limiting, and HTTP caching. Nginx is event-driven and handles thousands of concurrent connections with low memory, making it much more efficient than Apache for high-concurrency workloads.

Never hardcode secrets in source code or commit them to version control. Environment variables in CI/CD pipelines (GitHub Actions Secrets, GitLab CI Variables) inject secrets at build/deploy time. For production runtime use a dedicated secrets manager: AWS Secrets Manager, HashiCorp Vault, or GCP Secret Manager — these provide versioning, rotation, and audit logs. In Kubernetes use native Secrets (base64 encoded, encrypted at rest with etcd encryption) or integrate with external secret managers via External Secrets Operator. Rotate secrets regularly and restrict access using least privilege IAM policies.

Infrastructure as Code (IaC) manages and provisions infrastructure through code files rather than manual processes. Benefits: version control, repeatable environments, faster provisioning, and reduced human error. Terraform (by HashiCorp) is the most popular — it is cloud-agnostic, declarative, and uses a plan/apply workflow to show what will change before applying. AWS CloudFormation is AWS-native. Pulumi allows IaC using general-purpose languages like Python or TypeScript. Ansible is used for configuration management and application deployment. In a modern stack Terraform provisions the infrastructure and Ansible or Helm configures it.

A CI/CD pipeline is an automated sequence of stages that code changes pass through from commit to deployment. Typical stages: Source (trigger on git push/PR), Build (compile code, build Docker image), Test (unit tests, integration tests, code coverage, SAST security scan), Artifact (push Docker image to registry, store build artefacts), Deploy to Staging (deploy and run smoke tests), Manual Approval (optional gate for critical deployments), Deploy to Production (rolling or blue-green deploy). Popular platforms: GitHub Actions, GitLab CI, Jenkins, CircleCI, and AWS CodePipeline. Each stage should fail fast and provide clear feedback.