In this tutorial, we have provided the most important Chef Interview Questions & their Answers with Explanation:
Every organization has an IT support system where system administrators are responsible for installation, configuration, and troubleshooting of any failed system, server, and network services. In case multiple systems fail, the system administrator has to repair and fix these systems on priority.
Installation of configuration automation tools like Chef will help and safeguard system admin from fixing multiple failed systems. With Chef, the system administrator can create scripts or code that resets the configuration of the failed system back to their running and stable stage.
Table of Contents:
What Is Chef Software
Chef is an automation tool that writes system configuration scripts using domain-specific language and Ruby. It helps design programmable infrastructure, deploying an application and managing configuration across the network for infrastructure deployed over on-premise or public cloud.
It is an automated script that manages the infrastructure such as a physical server, virtual machines and in Cloud, by automatically running the script that correctly configures the multiple infrastructures OR, in case of multiple system failure, the script gets executed and reset the failed system’s configuration back to that of a healthy and running system.
The system configuration set up is described in a script which is written in Ruby language. These scripts are called Chef Recipe. Collections of the recipe are stored in a Cookbook. The Chef server stores these cookbooks, the recipes from the cookbook, and instructs new node of chef-client how to configure it.
Most Frequently Asked Chef Interview Questions
To help you move to a more rewarding position in the area of system and server maintenance and administrative roles, we have come up with the most frequently asked interview questions and answers on the Chef infrastructure configuration tool.
Q #1) Explain the DevOps Life Cycle?
Answer: DevOps Life Cycle is made up of stages such as Continuous Development, Integration, Testing, Deployment, and Monitoring. We explain the stages below.
Continuous Development
This phase comprises project planning and development of the application by coding. The system design team is involved in planning. Project planning involves deciding on what technology, IDE, programming language, the framework will be suitable for the application, type of application (desktop, web or mobile), resource availability, pain points, and impediments integrating modules.
Coding involves the design, unit test, deploy, and integration programs to develop features and functionalities as expected in requirement documents. Version control tools such as Git, SVN, JIRA are used that will keep track of various builds and versions and maintain codebase. It uses code building tools such as Ant and Maven for building Java-based projects.
Continuous Integration
Developers commit source codes multiple times in a week or even day. Codebase collected in the version control tools is continuously integrated using Jenkins that integrates the code, tests the build after integration for any mismatch, and deploys the build.
Continuous Testing
The build is then deployed on a testing server for testing the functionality and any defects that occur because of integration or change requests. Regression testing is carried out with Selenium in the case of web-based application and UFT for desktop applications, it reports test status using TestNG. The defects are reported in the JIRA bug tracking tool.
Continuous Deployment
In this stage, the code is deployed on the production server, Jenkins continuously integrates, tests builds, codebase, and deploys on the client’s on-premise or cloud server. During this configuration management tools such as Chef, Ansible, and Puppet help in achieving continuous deployment.
Continuous Monitoring
After deploying the application on the production server, the operation team has to monitor how application deployed runs on the server with available infrastructure (hardware configurations), connection, or network issues if any should be attended and resolved with minimum downtime.
Various user activities, feature usage, improper system behavior during load conditions can be monitored and analyzed using continuous monitoring tools like Nagios.
Recommended Reading=>The Ultimate Guide To DevOps
Q #2) What are the responsibilities of system administrators in an organization?
Answer: System administrator is responsible for effective planning, installation, configuration, and optimizing the IT infrastructure to achieve high availability and performance.
Q #3) What do you mean by IT infrastructure?
Answer: IT infrastructure includes all the physical hardware such as systems, servers, network systems, switch, routers, legacy interfaces and facilities like data centers, data storage, and its retrieval and all the elements that are utilized to manage and use data and information securely to protect business goals of an organization.
Q #4) What is Configuration management?
Answer: Configuration management maintains infrastructure such as servers, storage, networks, and software in the desired state for the systems. It offers automation software responsible for maintaining the desired state of targeted systems and software.
It provides consistency and correctness of configuration management; automates the time-consuming manual configuration processes, improving efficiency and accuracy with fewer resources. Popular automation tools for configuration management are Red Hat Ansible, Chef, and Puppet.
Q #5) Can you please compare Chef and Puppet?
Answer: Both Chef and Puppet are DevOps tools for configuration management of on-premise and cloud-based infrastructure. Both require familiarity in Ruby language. The differences between the two are enlisted in the below table:
Chef | Puppet |
---|---|
On availability front, a backup server will take over operations, in case Chef's primary server stops for any reason. | Puppet has a multiple master architecture; a standby master takes care of operations, in case Puppet’s active master stops. |
Chef use recipes and cookbooks in order to configure the infrastructure. | Puppet use manifests and modules in order to manage the configuration of systems and servers. |
Chef consists of Workstation, server, and nodes as its main components | Puppet uses Servers as master machines and client machines as agents. |
Chef require RubyDSL language for configuration management. | Puppet uses its own PuppetDSL language in order to automate and reset configurations. |
Chef is code-driven, gives more flexibility and control to developers in configuration management. | Puppet has a User interface and reporting features. |
The ‘Knife’ tool in Chef reduces installation issues. | Puppet is command-line language, |
Q #6) List the products offered by Chef for DevOps operations.
Answer: Products offered include:
- Chef Desktop
- Chef Compliance
- Chef Infra
- Chef Habitat
- Chef Inspec
- Chef Automate
Q #7) Explain about Chef Desktop
Answer: It helps control IT resources like laptops, desktops, and kiosk workstations remotely from a centralized location. It automates deployment, management, and secures the maintenance of IT resources. It automates tasks such as implementing policy-driven configuration and eliminates manual time-consuming processes.
Q #8) What are the features of Chef Compliance?
Answer: Chef Compliance helps enforce and maintain compliances and prevent security incidents with standard audit and remediation content across heterogeneous estates to provide visibility and control across hybrid and multi-cloud environments.
Q #9) How Chef Infra is used by the DevOps team in Infrastructure management?
Answer: Chef Infra automates configuration of infrastructure, ensures consistent, correct, flexible, testable, versionable, and human-readable configuration policy, and any modification in configuration will be applied universally across the entire infrastructure.
Q #10) Explain the features of Chef Habitat.
Answer: It offers automation in defining, packaging, and delivering applications to any environment, irrespective of deployment platform or operating system. It creates deployable artifacts for virtual machines or containers without refactoring or rewriting. It also helps scale the adoption of agile delivery practices across operations and development.
Q #11) Explain the importance of Chef Inspec in compliance with automation.
Answer: Chef Inspec provides security and compliance rules across security engineers, operations, and software developers. It enforces consistent standards in the managed environment and in each stage of development by running automated tests for compliance, security, and other policy requirements across servers, containers, and cloud APIs.
Q #12) How Chef Automate is utilized?
Answer: Chef Automate offers an analytics dashboard for developers, operations, and security personnel in one place, delivering changes in infrastructure and application. It also offers actionable insights on performance and scaling across multiple data centers and cloud providers.
Q #13) Explain Chef components.
Answer: Chef consists mainly of three components: viz. Chef Workstation, Chef Server, and Chef Node.
- Chef Workstation: It is installed on a local machine, has features such as ad hoc remote execution, scanning, configuration tasks, and tools for the creation of a cookbook. Workstation, a replacement to ChefDK, contains Chef Infra Client, InSpec, testing tools like Test Kitchen, ChefSpec, and Cookstyle, Chef and Knife command-line tools.
- Chef Server: It is a storage place where configuration policies defined in cookbooks and searchable managed metadata for each node are saved. Nodes that are managed by Chef check in regularly with Chef Server, in order to keep their local configurations up to date.
- Chef Node: It contains run-list and node attributes, described in the JSON file stored on Chef Server. Chef client gets a copy of node object during each Chef client-run, which in turn, replaces an updated copy of Chef Server at the end of the chef-client run.
Q #14) Explain Resource in Chef.
Answer: Resource in Chef is a document on configuration policy that,
- Specifies the state desired for a configuration item.
- Lists steps required to bring this item to the desired state.
- Outlines a resource type like package, template, or service.
- Display the necessary resource properties.
- Resources are working configurations grouped into recipes.
The syntax in Ruby for resources is made of four components, a type, a name, one or more properties, and one or more actions with their corresponding values as shown below:
Q #15) Explain the use of Recipe in Chef.
Answer: Recipe is a collection of resources that decides the policy or configuration of a node. To run a recipe, it must reside on the node’s run list. They are created using Ruby and have all the instructions about everything that is required to run, update, or create on Chef Client’s node.
Q #16) What does a Node represent in Chef?
Answer: Node can be any device, physical, virtual, cloud, or network device managed by Chef Infra.
- Physical node can be either an on-premise server or a virtual machine connected to a network and can send, receive, and forward the information over the Internet.
- Virtual node is a physical machine that runs as software implementation.
- Cloud-based node is an external cloud-based service that is hosted with Amazon web services, Google Cloud Platform, or Microsoft Azure. Chef Infra client is installed to deploy, maintain, or configure these instances created with plug-in with the help of the knife tool.
- Network node is a network device such as a switch, a router, connected to physical or logical Ethernet and VLANs, for Chef to automate common network configurations.
Q #17) What is the role of OHAI in Chef?
Answer: OHAI is a tool that Chef Infra runs and collects system configuration data used within Cookbooks. It detects common configuration details with help of built-in plug-in. It also collects attributes from Operating System, Network, Memory, Disk, CPU, Kernel, Hostnames, and Cloud provider metadata.
Q #18) Explain the use of Knife in Chef.
Answer: Knife is a command-line tool that acts as an interface between Chef Workstation and Chef Server where it helps Chef Workstation to communicate the content of its chef-repo directory with a Chef Server. Chef-Workstation contains the chef-repo directory where cookbooks, roles, data bags, and environments are stored.
With Knife commands users can manage (create, delete, edit, list, show) nodes, roles, JSON data storage, environments, cookbooks and recipes, cloud resources using Knife plug-ins.
Q #19) Explain dpkg_package resource.
Answer: To manage packages for dpkg platform, on a node, dpkg program from the Debian package applies to install, remove, and retrieve information about .deb packages. Various actions such as :install, :nothing, :remove of dpkg_package resource are used to manage Debian package.
Q #20) Explain metadata.rb in Chef.
Answer: metadata.rb file has information that guides Chef Infra client and server deploying cookbooks to each node, this file is available at Cookbook’s directory. When Cookbook is uploaded to Chef Infra Server, or command knife cookbook metadata is run, metadata.rb file gets compiled and is stored in the cookbook as JSON data.
Q #21) List Knife plug-ins sub-commands available for Cloud hosting platforms?
Answer: Following table enlists the knife plug-ins sub-commands available for cloud hosting platforms:
Subcommand | Description |
---|---|
knife-azure | ‘knife azure’ subcommand is used to manage API-driven cloud servers hosted by Microsoft Azure. |
knife-ec2 | ‘knife ec2’ subcommand is used to manage API-driven cloud servers hosted by Amazon EC2. |
knife-google | ‘knife google’ subcommand is used to manage API-driven cloud servers hosted by Compute Engine from Google. |
knife-openstack | ‘knife openstack’ subcommand is used to manage API-driven cloud servers hosted by OpenStack. |
knife-rackspace | ‘knife rackspace’ subcommand is used to manage API-driven cloud servers from Rackspace. |
knife-vcenter | ‘knife vcenter’ subcommand is for provision systems with VMware vCenter |
knife-vsphere | ‘knife vsphere’ subcommand is for provision systems with VMware vSphere. |
Q #22) List types of handlers in Chef.
Answer: ‘Chef_handler’ resource makes sure that all the handlers are enabled and are available for Chef Infra Client run. The Chef handlers are of three types.
These are listed below:
- Exception Handler
- Report Handler
- Start Handler
Q #23) Explain the Exception handler in Chef.
Answer: When Chef Infra client fails while running, this handler can be used at Chef Infra Client run where a recipe containing chef handler resource is added to node’s run-list. Exception handler runs with run_status object, returning its property value for ‘failed?’ as true.
Q #24) Explain Report handler in Chef.
Answer: When Chef Infra Client runs successfully, sending a report on this run, we can use this handler. A recipe containing chef handler resource is used to run a list of the node. Report handler runs with run_status object returning its property value for ‘success?’ as true.
Q #25) Explain Start handler in Chef.
Answer: As the name suggests, these handlers are applied in the client.rb setting while starting Chef Infra Client, to run events, or by applying gem resources that are available in chef-client cookbook recipe.
Q #26) Explain Handler DSL in Chef.
Answer: Events like sending email when Chef Infra Client run fails, or updation of aggregating statistics about resources during Chef Infra Client runs to StatsD, Handler DSL is used to attach a callback to such events.
Q #27) What if you forget to specify a Resource’s action in Chef?
Answer: In case action property (attribute) and its value are not included in Chef’s resource, Chef will apply the default action. Resource’s default action is Create.
For example,
Q #28) Are these two Chef recipes the same?
1 package ‘httpd’
2 service ‘httpd’ do
3 action [:enable, :start]
4 end
&&
1 service ‘httpd’ do
2 action [:enable, :start]
3 end
4 package ‘httpd’
Answer: No, the recipe file gets to run in the order in which it is written. In the first recipe, httpd package gets installed and then configures the service. Whereas in the second recipe, configures the service and then httpd package is installed.
Q #29) Explain the difference between Chef-apply and Chef-client.
Answer: The differences are enlisted below:
Chef-Apply | Chef-Client |
---|---|
Chef-apply is an executable program making chef execution to converge single recipe on the local desktop machine, to configure the local system. | chef-client is an executable command line code that runs one specific cookbook. |
chef-apply provides basic understanding about chef, and is ideal for learning and exploring chef resources. | chef-client applied over single or multiple cookbook(s), and is ideal for production purpose. |
Q #30) Explain Run-list in Chef.
Answer: Run-list contains information required by Chef to configure a node in the desired state. Run-list has a list of roles, recipes, or both, which is run in the exact order they are listed in it. They are stored on Chef Server as a part of a node object, maintained using a knife uploaded from the Chef workstation. Run-list formats are fully qualified, cookbook, or default.
Example: “role[role_name]”, or “recipe[COOKBOOK::RECIPE_NAME]”
Q #31) What details are required to bootstrap a node in Chef.
Answer: Following are a mandatory requirement:
- Username and password as login credentials into a specific node.
- Public IP address or Hostname of the node.
- Key-based authentication, in place of username and password credentials.
Q #32) Explain ways to apply an updated Cookbook in Chef to a node.
Answer: There are three possible ways of applying an updated Cookbook to a node in a Chef.
These are:
- Running knife ssh subcommand to invoke SSH commands from the workstation.
- Running Chef-client command to direct ssh connection into the server.
- Running Chef-client as a daemon or a service in order to regularly review Chef Server.
Q #33) What is Test Kitchen?
Answer: Test kitchen is a built-in tool that tests the recipe – (code to configure an infrastructure), in an isolated environment, for any potential defects, that may change the production environment. It allows testing code to configure infrastructure over any platform or operating system using Chef Inspec.
With Test Kitchen, cookbook data can be verified across any combination of platforms and test suites, kitchen.yml file gets created. Multiple kitchen instances can be created with this yml file.
Q #34) How organizations benefit by installing Chef for configuration management?
Answer: Organizations benefit in the following way:
- Management of newly installed systems and servers by automatic configuration with the help of Chef.
- Eliminates downtime and improves the availability of failed systems by automatic resetting configuration back to their default running state.
- Automatic installation and configuration of hardware and network infrastructure using chef improves software delivery, and quick recovery from a failed state.
- Improves risk management by fixing quickly discovered malfunctioning or vulnerable systems.
Q #35) How important is it to install SSL certificates in Chef?
Answer: SSL certificate is a digital signature or authentication for a website, and provides an encrypted connection, which will secure our website from the hacker’s attack with the intension to access sensitive data. It helps to create private keys and ensures secured data transmission between Chef Server and Chef Client.
Q #36) List the companies that have installed Chef in their configuration management system.
Answer: Following is the list of some companies that have Chef an automated tool installed that runs the code to reset infrastructure’s configuration settings.
- IBM
- Alaska
- Nordstorm
- SAP
- Cerner
- Walmart IRL
- Carfax
- Haventec
- Rakuten
- CapitalOne
- Danske Bank
Conclusion
Companies with a large customer base have to maintain their infrastructure comprising systems and servers on-premise or over the cloud. To manage and configure new systems and servers and maintain existing infrastructure to keep them in good health, configuration management automated tool namely Chef should be installed.
Chef helps in continuous deployment, identifying and removing any defects from the infrastructure before deploying on-premise or over the cloud platform.
Best of luck with the interview!!