Here’s a breakdown of what I tackled, how I solved it, and what I learned:

🔧 Task 1: CI/CD Pipeline for a Sample App

I created a Jenkins Pipeline job using a declarative Jenkinsfile with three stages:

• Build: Compiled the app and created a Docker image.

• Test: Ran unit tests inside a container.

• Deploy: Deployed the container locally and verified using docker ps.

📌 Lesson: Declarative pipelines simplify CI/CD by enforcing structure and readability. Breaking stages improves debugging and visibility.

🌐 Task 2: Multi-Branch Pipeline for Microservices

I configured a Multi-Branch Pipeline to scan multiple Git repos and build services concurrently. Each service had its own Jenkinsfile with parallel test stages.

📌 Lesson: Multi-branch pipelines streamline microservices CI by isolating builds per branch. Merge simulations helped me test PR workflows effectively.

🖥️ Task 3: Scaling Jenkins Agents

I added two agents:

• A Linux-based Docker container

• A Windows VM

Each was labeled and used selectively in the pipeline via agent { label 'linux' }.

📌 Lesson: Distributed builds reduce bottlenecks and improve reliability. Labeling agents ensures platform-specific tasks run where they belong.

🔐 Task 4: RBAC for Multi-Team Access

Using the Role Strategy Plugin, I created roles for Admin, Developer, and Tester. Each had tailored permissions, and I verified access using test accounts.

📌 Lesson: RBAC is critical for securing Jenkins. Without it, a misconfigured role could expose sensitive jobs or credentials.

📦 Task 5: Jenkins Shared Library

I built a shared library repo with reusable functions like:

def notifySlack(String message) {
    sh "curl -X POST --data '${message}' https://hooks.slack.com/services/..."
}

Then I loaded it in pipelines using:

@Library('my-shared-library') _

📌 Lesson: Shared libraries reduce duplication and enforce consistency across pipelines.

🛡️ Task 6: Vulnerability Scanning with Trivy

I added a Vulnerability Scan stage:

stage('Scan') {
    steps {
        sh 'trivy image my-app:v1.0'
    }
}

📌 Lesson: Trivy helps catch known CVEs early. I configured the pipeline to fail on critical vulnerabilities—security-first mindset!

⚙️ Task 7: Dynamic Parameterization

I added runtime parameters:

parameters {
    string(name: 'TARGET_ENV', defaultValue: 'staging')
    string(name: 'APP_VERSION', defaultValue: '1.0.0')
}

📌 Lesson: Parameterization makes pipelines flexible for multi-environment deployments.

📧 Task 8: Email Notifications

Configured SMTP and added:

emailext (
    subject: "Build #${env.BUILD_NUMBER} Status",
    body: "Check details at ${env.BUILD_URL}",
    recipientProviders: [[$class: 'DevelopersRecipientProvider']]
)

📌 Lesson: Automated alerts keep teams informed and reduce response time to failures.

🧠 Task 9: Troubleshooting & Monitoring

I simulated pipeline failures and used:

• docker logs

• Jenkins console output

• echo statements for debugging

• Jenkins Replay feature for quick fixes

Docker has revolutionized the way applications are built, deployed, and managed in today’s DevOps ecosystem. Let’s dive into its fundamentals, setup a sample project, and explore optimization techniques for security and performance.

🔹 Task 1: Introduction & Conceptual Understanding

Docker simplifies software development by packaging applications and their dependencies into containers. This ensures consistency across environments, reducing the infamous “works on my machine” issue.

Virtualization vs. Containerization

🚀 Why Containerization?
For microservices & CI/CD pipelines, containerization enables faster deployments, improved scalability, and minimal resource usage.

🔹 Task 2: Dockerfile for a Sample Project

I chose a simple Python web app:

# Use official Python image as the base
FROM python:3.9-slim

# Set working directory inside container
WORKDIR /app

# Copy application files
COPY app.py .

# Run the application
CMD ["python", "app.py"]

Building & Running

docker build -t mridul/sample-app:latest .
docker run -d -p 8080:80 mridul/sample-app:latest
docker ps
docker logs <container_id>

🔹 Task 3: Key Docker Terminologies

• Image: Blueprint for containers

• Container: Running instance of an image

• Dockerfile: Script defining how an image is built

• Volume: Data persistence mechanism

• Network: Enables container communication

🔹 Docker Engine & Docker Hub facilitate image creation, storage, and distribution.

🔹 Task 4: Multi-Stage Build Optimization

A multi-stage build reduces the final image size by eliminating unnecessary files.

Modified Dockerfile:

# Build Stage
FROM python:3.9 AS builder
WORKDIR /app
COPY app.py .
RUN pip install --no-cache-dir flask

# Production Stage
FROM python:3.9-slim
WORKDIR /app
COPY --from=builder /app .
CMD ["python", "app.py"]

📉 Comparison of Image Sizes
Before optimization: 500MB → After optimization: 50MB

Multi-stage builds reduce image bloat, improving security and efficiency.

🔹 Task 5: Pushing Image to Docker Hub

docker tag mridul/sample-app:latest mridul/sample-app:v1.0
docker login
docker push mridul/sample-app:v1.0
docker pull mridul/sample-app:v1.0  # Verification

🔹 Task 6: Persisting Data with Docker Volumes

docker volume create my_volume
docker run -d -v my_volume:/app/data mridul/sample-app:v1.0

🔹 Why Volumes?
They ensure data persistence across container restarts, making stateful applications reliable.

🔹 Task 7: Docker Networking

docker network create my_network
docker run -d --name sample-app --network my_network mridul/sample-app:v1.0
docker run -d --name my-db --network my_network -e MYSQL_ROOT_PASSWORD=root mysql:latest

🔹 Inter-container communication enables seamless service interaction.

🔹 Task 8: Orchestrating with Docker Compose

version: '3'
services:
  web:
    image: mridul/sample-app:v1.0
    ports:
      - "8080:80"
    networks:
      - app_net

  db:
    image: mysql:latest
    environment:
      MYSQL_ROOT_PASSWORD: root
    networks:
      - app_net

networks:
  app_net:

docker-compose up -d
docker-compose down

📌 Docker Compose simplifies multi-container applications.

🔹 Task 9: Security with Docker Scout

docker scout cves mridul/sample-app:v1.0 > scout_report.txt

🔹 Fork the repository on GitHub
🔹 Clone your fork locally (replace <your-fork-url>):

git clone <your-fork-url>
cd 2025/git/01_Git_and_Github_Basics

2️⃣ Initialize a Local Repository & Create a File

🔹 Create a new directory for the challenge

mkdir week-4-challenge && cd week-4-challenge

🔹 Initialize Git & add a file

git init
echo "Hello, I’m [Your Name]!" > info.txt

🔹 Stage & commit the file

git add info.txt
git commit -m "Initial commit: Added info.txt"

3️⃣ Configure Remote with PAT & Push Changes

🔹 Add remote using your PAT (replace placeholders)

git remote add origin https://<your-username>:<your-PAT>@github.com/<your-username>/90DaysOfDevOps.git

🔹 Push changes to GitHub

git push -u origin main

🔹 Pull latest changes if needed

git pull origin main

4️⃣ View Commit History

🔹 Check previous commits

git log

✍️ Take note of commit hashes for documentation.

5️⃣ Advanced Branching & Switching

🔹 Create & switch to a new branch

git branch feature-update
git switch feature-update

🔹 Modify info.txt, then stage & commit changes

git add info.txt
git commit -m "Feature update: Improved info.txt"
git push origin feature-update

🔹 Merge changes via a GitHub Pull Request (PR).

📌 Extra Challenge: Try handling a merge conflict with a second branch (experimental), then resolve and commit.

6️⃣ Explain Branching Strategies

🔹 Create solution.md in your repo
🔹 Document all Git commands used
🔹 Write why branching strategies matter:
✅ Isolating features & bug fixes
✅ Parallel development for teams
✅ Reducing merge conflicts
✅ Enhancing code reviews

🔹 BONUS: SSH Authentication

🔹 Generate SSH key & add to GitHub

ssh-keygen
cat ~/.ssh/id_ed25519.pub

🔹 Switch to SSH-based remote URL

git remote set-url origin git@github.com:<your-username>/90DaysOfDevOps.git
git push origin feature-update

Completing this challenge strengthens your Git and GitHub workflow, making collaborative development smoother.

Steps:

1. Check if the username already exists before creating the account.

2. Prompt for username and password securely.

3. Create the new account and set the password.

4. Confirm successful account creation.

Execution:

#!/bin/bash

# Function to create a user account
create_user() {
    read -p "Enter new username: " username
    if id "$username" &>/dev/null; then
        echo "Error: User '$username' already exists."
        exit 1
    fi
    read -s -p "Enter password for $username: " password
    echo
    sudo useradd "$username"
    echo "$username:$password" | sudo chpasswd
    echo "User '$username' created successfully."
}

create_user

Explanation:

• id "$username" checks if the user already exists.

• read -s -p ensures password entry is hidden.

• useradd creates the account.

• chpasswd sets the password.

• Prints success confirmation.

Task 2: Account Deletion

Steps:

1. Check if the username exists before deletion.

2. Prompt for username to be deleted.

3. Delete the account and confirm.

Execution:

delete_user() {
    read -p "Enter username to delete: " username
    if ! id "$username" &>/dev/null; then
        echo "Error: User '$username' does not exist."
        exit 1
    fi
    sudo userdel -r "$username"
    echo "User '$username' deleted successfully."
}

delete_user

Explanation:

• id "$username" ensures the user exists before deletion.

• userdel -r removes the user along with their home directory.

• Prints a success message.

Task 3: Password Reset

Steps:

1. Check if the username exists before resetting password.

2. Prompt for username and new password.

3. Reset the password securely.

4. Confirm password change.

Execution:

reset_password() {
    read -p "Enter username to reset password: " username
    if ! id "$username" &>/dev/null; then
        echo "Error: User '$username' does not exist."
        exit 1
    fi
    read -s -p "Enter new password: " password
    echo
    echo "$username:$password" | sudo chpasswd
    echo "Password for '$username' reset successfully."
}

reset_password

Explanation:

• Ensures the account exists before modifying credentials.

• Uses chpasswd to securely reset passwords.

• Prints confirmation.

Task 4: List User Accounts

Steps:

1. Fetch all system users and their corresponding UIDs.

2. Format the output for readability.

Execution:

list_users() {
    echo "User Accounts on the System:"
    cut -d: -f1,3 /etc/passwd | column -t -s:
}

list_users

Explanation:

• Extracts usernames and their UIDs from /etc/passwd.

• Formats output neatly using column -t -s:.

Task 5: Help and Usage

Steps:

1. Display available command options and their usage.

Execution:

usage() {
    echo "Usage: user_management.sh [OPTION]"
    echo "Options:"
    echo "  -c, --create    Create a new user account"
    echo "  -d, --delete    Delete an existing user account"
    echo "  -r, --reset     Reset password for an existing user account"
    echo "  -l, --list      List all user accounts"
    echo "  -h, --help      Display usage information"
}

usage

Explanation:

• Prints all available command-line options.

• Ensures users understand script functionality.

Final Implementation: Running the Full Script

Now, let's package everything into one script (user_management.sh) with proper argument handling:

#!/bin/bash

# Function to display usage
usage() {
    echo "Usage: $0 [-c|--create] [-d|--delete] [-r|--reset] [-l|--list] [-h|--help]"
}

create_user() {
    read -p "Enter new username: " username
    if id "$username" &>/dev/null; then
        echo "Error: User '$username' already exists."
        exit 1
    fi
    read -s -p "Enter password for $username: " password
    echo
    sudo useradd "$username"
    echo "$username:$password" | sudo chpasswd
    echo "User '$username' created successfully."
}

delete_user() {
    read -p "Enter username to delete: " username
    if ! id "$username" &>/dev/null; then
        echo "Error: User '$username' does not exist."
        exit 1
    fi
    sudo userdel -r "$username"
    echo "User '$username' deleted successfully."
}

reset_password() {
    read -p "Enter username to reset password: " username
    if ! id "$username" &>/dev/null; then
        echo "Error: User '$username' does not exist."
        exit 1
    fi
    read -s -p "Enter new password: " password
    echo
    echo "$username:$password" | sudo chpasswd
    echo "Password for '$username' reset successfully."
}

list_users() {
    echo "User Accounts on the System:"
    cut -d: -f1,3 /etc/passwd | column -t -s:
}

case "$1" in
    -c|--create) create_user ;;
    -d|--delete) delete_user ;;
    -r|--reset) reset_password ;;
    -l|--list) list_users ;;
    -h|--help) usage ;;
    *) echo "Invalid option! Use -h or --help for usage."; exit 1 ;;
esac

How to Use the Script

1. Create a User → ./user_management.sh -c

2. Delete a User → ./user_management.sh -d

3. Reset a Password → ./user_management.sh -r

4. List Users → ./user_management.sh -l

5. Show Help → ./user_management.sh -h

This script follows DevOps best practices, ensuring security, error handling, and user-friendly execution.

If you're diving into DevOps, understanding Linux system administration is crucial! Here’s a beginner-friendly breakdown of key concepts, covering user management, permissions, log analysis, disk usage, process monitoring, and automation.

🔹 1️⃣ User & Group Management

Linux users and groups help organize access control.

• Every user is stored in /etc/passwd, and group details are in /etc/group.

• You can create a user and add them to a group for better access management.

• Grant sudo access to allow administrative privileges.

• Restrict SSH logins for security in /etc/ssh/sshd_config.

💡 Example:
To create a user devops_user and add them to devops_team:

sudo useradd -m devops_user sudo groupadd devops_team sudo usermod -aG devops_team devops_user sudo passwd devops_user # Set a password

sudo useradd -m devops_user  
sudo groupadd devops_team  
sudo usermod -aG devops_team devops_user  
sudo passwd devops_user  # Set a password

📁 2️⃣ File & Directory Permissions

File permissions define who can read, write, or execute files in Linux.

• The ls -l command shows file permissions.

• Use chmod to modify them.

• A secure directory structure ensures controlled access to files.

💡 Example:
To create a workspace directory and restrict access:

mkdir /devops_workspace  
touch /devops_workspace/project_notes.txt  
chmod 740 /devops_workspace/project_notes.txt  # Owner can edit, group can read, others denied

📝 3️⃣ Log File Analysis with AWK, Grep & Sed

Logs help monitor system activity. Using Linux tools, we can analyze them efficiently.

• grep finds specific error messages in log files.

• awk extracts useful data like timestamps and log levels.

• sed replaces sensitive details for security.

💡 Example:
To filter logs containing errors and hide IP addresses:

grep "error" Linux_2k.log  
awk '{print $1, $2, $3}' Linux_2k.log  # Extract timestamp and log level  
sed 's/[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}/[REDACTED]/g' Linux_2k.log

💾 4️⃣ Volume Management & Disk Usage

Efficient storage management prevents performance bottlenecks.

• Mount new storage volumes for expanding data capacity.

• Use df -h to check disk space usage.

• Verify mounts with mount | grep devops_data.

💡 Example:
To create and mount a new directory:

mkdir /mnt/devops_data  
mount /dev/sdb1 /mnt/devops_data  # Mount a new volume  
df -h | grep devops_data  # Verify disk space

🔍 5️⃣ Process Management & Monitoring

Processes keep systems running, but monitoring them prevents overload.

• Use ps, top, and htop to monitor system performance.

• Stop unwanted processes with kill.

💡 Example:
To start a background process and monitor it:

ping google.com > ping_test.log &  
ps aux | grep ping  
top  # Real-time monitoring  
kill $(pgrep ping)  # Stop the process

🔄 6️⃣ Automate Backups with Shell Scripting

Automate backups to protect important data!

💡 Example:
A simple script to create daily backups:

#!/bin/bash  
tar -czf /backups/backup_$(date +%F).tar.gz /devops_workspace  
echo -e "\e[32mBackup successful!\e[0m"

• Save this script in /backups and schedule it with cron for automatic execution!

Networks function like a well-organized postal system for data, ensuring information is efficiently transmitted, received, and understood. The OSI Model (7 layers) and TCP/IP Model (4 layers) are frameworks that describe this process. Each layer has a specific role in managing data transmission.

OSI Model (7 Layers)

The OSI (Open Systems Interconnection) model provides a structured approach to how data moves through a network, from the user interface to physical transmission.

1. Application Layer

• Acts as the interface between users and the network.

• Handles services like web browsing, email, and messaging.

• Common protocols: HTTP, HTTPS, FTP, SMTP, POP3, IMAP, DNS.

2. Presentation Layer

• Formats and encrypts data for secure communication.

• Ensures compatibility across different systems.

• Handles compression, encoding, and encryption.

• Example formats: JPEG, MP3, TLS, SSL.

3. Session Layer

• Establishes, manages, and terminates connections between devices.

• Ensures data exchanges happen properly between sender and receiver.

• Protocols: RPC, NetBIOS, PPTP, SOCKS.

4. Transport Layer

• Guarantees reliable communication between devices.

• Provides error checking and ensures complete data delivery.

• Common protocols: TCP (reliable) and UDP (fast, but less reliable).

5. Network Layer

• Determines the best path for data to travel.

• Assigns IP addresses to packets.

• Handles routing decisions.

• Protocols: IP, ICMP, IGMP.

6. Data Link Layer

• Ensures error-free transmission between directly connected nodes.

• Divides data into frames for delivery.

• Protocols: Ethernet, MAC (Media Access Control), ARP (Address Resolution Protocol).

7. Physical Layer

• Transmits raw data as electrical, optical, or radio signals.

• Defines hardware aspects like cables, switches, and wireless networks.

TCP/IP Model (4 Layers)

The TCP/IP (Transmission Control Protocol/Internet Protocol) model is a more simplified version of OSI, widely used for real-world internet communication.

1. Application Layer

• Functions similarly to the OSI Application, Presentation, and Session layers.

• Handles protocols such as HTTP, SMTP, FTP, DNS.

2. Transport Layer

• Ensures reliable or fast communication using TCP (error-checked) or UDP (speed-focused) protocols.

3. Internet Layer

• Defines how packets move across networks using IP addressing, routing, and forwarding.

4. Network Access Layer

• Combines OSI's Data Link and Physical layers to manage the actual data transmission.

🔗 DevOps Protocols & Ports

Different network services use specific protocols and port numbers to communicate. Some of the most important ones in DevOps include:

• HTTP/HTTPS (80/443) – Loads websites securely.

• FTP (21) – Transfers files between systems.

• SSH (22) – Secure remote login to servers.

• DNS (53) – Converts domain names (like google.com) into IP addresses.

These protocols keep applications running smoothly and securely across networks!

☁️ AWS EC2 & Security Groups – Cloud Basics

AWS EC2 lets you create a virtual server in the cloud. But security matters!

• Security Groups act like firewalls, controlling access to your cloud instance.

• They define rules for what kind of traffic can enter or leave your server.

By setting up security rules, you ensure your cloud environment is safe and efficient

🔍 Essential Networking Commands

DevOps engineers often use commands to check connectivity, troubleshoot networks, and interact with servers. Here are some useful ones:

• ping – Tests if a system is reachable.

• traceroute / tracert – Tracks how data moves across networks.

• netstat – Shows active network connections.

• curl – Sends HTTP requests via the command line.

• dig / nslookup – Looks up domain names and IPs.

These commands help diagnose and optimize network performance!