Complete Full-Stack & DevOps Interview Master Guide
Complete Full-Stack & DevOps Interview Master Guide
Hey everyone! Welcome to the Complete Full-Stack & DevOps Interview Master Guide!
This guide is a consolidated question bank covering everything you need to ace your next full-stack or DevOps interview — from JavaScript basics to Kubernetes orchestration.
What we will cover:
- JavaScript Fundamentals & Express.js
- React.js Frontend Architecture
- Node.js Runtime & NestJS Framework
- Authentication, Authorization & Security
- Microservices Architecture, Performance & Scalability
- Database Design, Operations & Internals
- Cloud Infrastructure (AWS), Docker & Kubernetes
- CI/CD — GitHub Actions & Jenkins
Interview Preparation Map:
==========================
Full-Stack & DevOps
│
├── Frontend ──── JavaScript, React.js
│
├── Backend ───── Node.js, NestJS, Express.js
│
├── Security ──── Auth, JWT, OAuth, RBAC
│
├── Architecture ─ Microservices, Scalability
│
├── Database ───── SQL, NoSQL, Indexing, Sharding
│
└── DevOps ──────── AWS, Docker, Kubernetes, CI/CD
01 — JavaScript Fundamentals & Express.js
Core language concepts, async patterns, and Express.js server-side fundamentals.
Core JavaScript Questions:
- What is JavaScript?
- Explain data types in JavaScript.
- Difference between var, let, and const?
- What is Hoisting?
- What is the Temporal Dead Zone?
- Explain Promises, callbacks, and async/await.
- What is async/await? Explain sync and async. (Important)
- Explain closure.
- Difference between normal functions and Arrow functions?
- What is scope and Lexical scope?
- What are the new features introduced in ES6?
- Explain Debounce and Throttle.
- Explain Promise combinators: Promise.all, Promise.any, Promise.race, and Promise.allSettled.
- Explain call, apply, and bind methods.
- Explain Event Loop in JavaScript.
- Difference between Shallow copy vs Deep copy?
- Tell common array in-built methods.
- Explain Destructuring and Spread operator.
- What is the Rest operator?
- Explain the this keyword in different contexts.
- Explain map, filter, and reduce methods.
Express.js Questions:
- What is middleware in Express.js? How does middleware work internally?
- How do you handle errors in Express.js?
- What is error handling middleware?
- What is CORS? How do you enable CORS in Express?
- What is Helmet? Why is Helmet used?
- What is rate-limiting? How do you implement rate limiting?
- What is centralized error handling?
- What is a REST API?
- Difference between PUT and PATCH?
- How do you upload files in Express? What is Multer?
- How do you secure an Express application?
Express.js Request Lifecycle:
==============================
Incoming Request
│
▼
┌─────────────────────┐
│ Global Middleware │ ← Helmet, CORS, Body Parser
└─────────┬───────────┘
│
▼
┌─────────────────────┐
│ Route Middleware │ ← Auth, Rate Limiter
└─────────┬───────────┘
│
▼
┌─────────────────────┐
│ Route Handler │ ← Your Logic
└─────────┬───────────┘
│
▼
┌─────────────────────┐
│ Error Middleware │ ← Centralized Error Handler
└─────────────────────┘
02 — React.js Frontend Architecture
Hooks, state management, rendering optimizations, and advanced React patterns.
Core React Questions:
- What is React?
- What is lifting state up?
- What is React Fiber?
- Explain useMemo and useCallback.
- What is React.memo?
- Explain useEffect hook in detail.
- Explain React strict mode.
- What are the rules of React hooks?
- What is Virtualization in long lists?
- SSR vs CSR (Server-Side Rendering vs Client-Side Rendering).
- What triggers a re-render in React?
- Difference between functional and class components.
- What are React hooks?
- What is useState?
- Why is state update asynchronous in React?
- What is batching in React?
- How do you optimize React performance?
- What is prop-drilling? How do you avoid prop-drilling?
- What is Redux? Explain Redux flow.
- Controlled vs uncontrolled components.
- What are render props?
- What is lazy loading in React?
- What is code splitting?
- What is concurrent rendering?
- What is Suspense?
- What is hydration in React?
- What is Next.js?
- Difference between state and props.
- How do you handle API calls in React?
- How do you prevent unnecessary API calls in React?
- How do you manage authentication in React?
- What are Error Boundaries?
- Can Error Boundaries catch async errors?
- How do you structure a large React app?
- What is tree shaking?
- What is bundle optimization?
- What are stale closures in React?
- Explain custom hooks.
- What is Context API?
- What is Virtual DOM and the Diffing algorithm?
- What is a Higher Order Component (HOC)?
- What are Portals in React?
- What is Reconciliation?
- What is JSX?
React Re-render Triggers: ========================= State Change ──────────────────────────┐ Props Change ──────────────────────────┤ Context Change ─────────────────────────┤──► Component Re-renders Parent Re-render ───────────────────────┤ forceUpdate() ──────────────────────────┘ How to Prevent Unnecessary Re-renders: ======================================= React.memo → Memoize component useMemo → Memoize computed value useCallback → Memoize function reference
03 — Node.js Runtime & NestJS Framework
Event loop, streams, clustering, worker threads, and NestJS dependency injection patterns.
Node.js Questions:
- What is Node.js?
- Explain the Node.js Event Loop.
- Why is Node.js single-threaded?
- If Node.js is single-threaded, how does it handle multiple requests concurrently?
- What are the phases of the Event Loop?
- Difference between sync and async code?
- Difference between process.nextTick() and setImmediate()?
- Difference between setTimeout() and setImmediate()?
- What is callback hell? How do you solve it?
- How does async/await work internally?
- What are streams in Node.js?
- Why are streams better for large file handling?
- What is backpressure in streams?
- What are buffers? Difference between streams & buffers?
- What are worker threads?
- What is the cluster module in Node?
- Difference between cluster & worker threads?
- How do you scale a Node.js application?
- Explain Node.js memory management and memory leaks.
- How does Node.js handle file uploads?
- How do you improve Node.js application performance?
- What are the advantages & disadvantages of a Node.js app?
- Explain Node.js architecture.
- How would you design a scalable Node.js backend?
- How would you identify & fix performance issues in Node?
- What is profiling? What is benchmarking?
- What is unhandled promise rejection?
- How do you secure a Node.js application?
Node.js Event Loop Phases:
==========================
┌──────────────────────────┐
│ timers │ ← setTimeout, setInterval
└────────────┬─────────────┘
│
┌────────────▼─────────────┐
│ pending callbacks │ ← I/O errors
└────────────┬─────────────┘
│
┌────────────▼─────────────┐
│ idle, prepare │ ← Internal use
└────────────┬─────────────┘
│
┌────────────▼─────────────┐
│ poll │ ← Fetch new I/O events
└────────────┬─────────────┘
│
┌────────────▼─────────────┐
│ check │ ← setImmediate
└────────────┬─────────────┘
│
┌────────────▼─────────────┐
│ close callbacks │ ← socket.on('close')
└──────────────────────────┘
process.nextTick() → Runs before next phase (highest priority)
NestJS Questions:
- What is NestJS?
- What is dependency injection in NestJS?
- What are modules in NestJS?
- What are controllers in NestJS?
- What are providers/services in NestJS?
- What is a decorator?
- What are DTOs (Data Transfer Objects) in NestJS?
- Difference between middleware, guards, interceptors, and pipes in NestJS?
- What are guards in NestJS?
- What are interceptors in NestJS?
- What is the lifecycle of a request in NestJS?
- What is AuthGuard in NestJS?
- How do you create protected routes in NestJS?
- How do you implement role-based access control (RBAC)?
- What is RolesGuard?
NestJS Request Lifecycle:
=========================
Incoming Request
│
▼
Middleware → Runs before route handler
│
▼
Guards → Authentication / Authorization check
│
▼
Interceptors (pre) → Transform request
│
▼
Pipes → Validation & transformation of input
│
▼
Route Handler → Your controller method
│
▼
Interceptors (post)→ Transform response
│
▼
Exception Filters → Handle errors
│
▼
Response
04 — Authentication, Authorization & Security
JWT, OAuth, sessions, RBAC, bcrypt, and secure API design.
- Difference between authentication and authorization?
- What is JWT? Explain the structure of JWT.
- What is an access token? What is a refresh token?
- Why are refresh tokens needed?
- Difference between session-based auth and JWT auth?
- Where should JWT tokens be stored securely?
- How does the refresh token workflow work?
- How does logout work in JWT authentication?
- How do you invalidate a JWT token?
- Why should passwords be hashed? (Bcrypt)
- Difference between hashing and encryption?
- What is OAuth? OAuth vs JWT?
- What is RBAC (Role-Based Access Control)?
- How do you secure APIs against vulnerabilities?
- How do you handle multiple device logins?
- Explain the complete login flow from frontend to backend.
- LocalStorage vs cookies for token storage?
- Password hashing with bcrypt.
- Logout flow design in JWT Auth.
JWT Structure:
==============
Header.Payload.Signature
│ │ │
▼ ▼ ▼
Base64 Base64 HMAC/RSA
Encoded Encoded Hash
Example:
eyJhbGciOiJIUzI1NiJ9 ← Header
.eyJ1c2VySWQiOiIxMjMifQ ← Payload (userId, role, exp)
.SflKxwRJSMeKKF2QT4fw ← Signature
Complete Login Flow:
====================
User enters credentials
│
▼
Frontend sends POST /login
│
▼
Backend validates credentials
│
▼
Backend hashes password → bcrypt.compare()
│
▼
Generate Access Token (15min) + Refresh Token (7d)
│
▼
Store Refresh Token in DB / Redis
│
▼
Send Access Token to client
05 — Microservices Architecture, Performance & Scalability
Service decomposition, messaging, caching, load balancing, and distributed patterns.
Microservices Questions:
- What are microservices?
- Difference between monolith and microservices architecture?
- What are the advantages and disadvantages of microservices?
- When should you USE and NOT USE microservices?
- What is service decomposition?
- How do you split services in a microservices architecture?
- Database-per-service pattern vs shared database?
- Why is a shared database discouraged in microservices?
- What is loose coupling? What is high cohesion?
- Synchronous vs asynchronous communication between services.
- REST vs gRPC vs Message Queues.
- What is service discovery?
- What is an API Gateway? Explain clearly.
- What is load balancing? Explain in detail.
- Explain client-side vs server-side load balancing.
- Explain reverse proxy.
- What is a circuit breaker pattern? What problem does it solve?
- What is a retry mechanism? What is exponential backoff?
- What is distributed tracing? What is centralized logging?
- What is a Correlation ID?
- What is eventual consistency? Difference between strong and eventual consistency?
- What is the Saga pattern? What are distributed transactions?
- What is a message broker? RabbitMQ vs Kafka.
- What is event-driven architecture?
Performance & Scalability Questions:
- What is scalability?
- Horizontal scaling vs vertical scaling?
- How does a load balancer distribute incoming traffic?
- What is caching? What are the common types of caching?
- Client-side cache vs server-side cache.
- What is Redis? Why does Redis improve application performance?
- What is cache invalidation? Explain cache invalidation strategies.
- What is a CDN (Content Delivery Network)? How does a CDN improve performance?
- What is lazy loading? What is pagination?
Monolith vs Microservices:
==========================
Monolith Microservices
───────── ─────────────
┌───────────────┐ ┌───────┐ ┌───────┐
│ │ │ Auth │ │ User │
│ Auth │ │Service│ │Service│
│ User │ └───────┘ └───────┘
│ Payment ────┼──────►
│ Orders │ ┌───────┐ ┌───────┐
│ Products │ │Payment│ │Orders │
│ │ │Service│ │Service│
└───────────────┘ └───────┘ └───────┘
Single deployable unit Independent deployable services
Single DB Database per service
Easier to develop Harder to manage
Hard to scale Easy to scale individually
Circuit Breaker Pattern:
========================
Service A ──────► Service B (DOWN!)
│
▼
Circuit OPENS after
N failed attempts
│
▼
Return fallback response
(Don't call B for 30 sec)
│
▼
Circuit tries HALF-OPEN
(Test one request)
│
┌────────┴────────┐
│ │
Success Failure
│ │
CLOSED OPEN again
06 — Database Design, Operations & Internals
SQL, NoSQL, indexing, ACID properties, sharding, replication, and query optimization.
SQL Fundamentals:
- What is SQL? Difference between SQL and NoSQL?
- What is DDL, DML, DCL, and TCL?
- What is primary key and foreign key? Difference between primary and unique key?
- What is commit, rollback, and savepoint?
- What is indexing? How do indexes improve performance?
- What is a view? Difference between a view and a table?
- What is a join? Explain types of joins.
- What is GROUP BY? Difference between WHERE and HAVING?
- What is UNION? UNION vs UNION ALL?
- What is ORDER BY? What is DISTINCT? What is LIMIT?
- What are aggregation functions?
- Difference between DELETE, DROP, and TRUNCATE?
- Difference between CHAR and VARCHAR?
- What is a constraint? Explain in detail.
- How do you improve SQL query performance?
- What is SQL injection? How do you prevent SQL injection?
SQL Coding Questions:
- Write a query to find the second highest salary.
- Write a query to find average salary department-wise.
- Write a query to find the nth highest salary.
Second Highest Salary: ====================== SELECT MAX(salary) AS SecondHighest FROM employees WHERE salary < (SELECT MAX(salary) FROM employees); -- OR using LIMIT/OFFSET: SELECT salary FROM employees ORDER BY salary DESC LIMIT 1 OFFSET 1; Nth Highest Salary: =================== SELECT salary FROM employees ORDER BY salary DESC LIMIT 1 OFFSET (N-1);
Advanced Database Questions:
- When would you choose SQL over NoSQL?
- What is normalization and denormalization?
- What are ACID properties?
- What is the CAP theorem?
- Clustered index vs non-clustered index? Drawbacks of too many indexes?
- What is query optimization? How do you optimize slow queries?
- What is an execution plan? What is a full table scan?
- What is connection pooling? Why does it improve performance?
- What is database replication? Explain primary-replica architecture.
- Read replicas vs primary database?
- What is database sharding?
- Horizontal partitioning vs vertical partitioning? What is partitioning?
- What are transactions? What is a deadlock? How do you handle deadlocks?
- What is the N+1 query problem?
- What is an aggregation pipeline?
- What is database migration? Why is it important?
- What is caching in a database? Redis vs database caching?
- What is distributed caching?
- How do you scale databases? Vertical vs Horizontal scaling?
- What causes slow database performance? How do you monitor it?
- What is database failover? What is a backup and recovery strategy?
- What are common database optimization techniques?
- How do you design a DB for high-traffic systems?
- How do you maintain data integrity in microservices?
- SQL injection vs NoSQL injection? How do you secure databases in production?
ACID Properties:
================
A → Atomicity - All or nothing. If one part fails,
entire transaction is rolled back.
C → Consistency - DB moves from one valid state
to another valid state.
I → Isolation - Concurrent transactions don't
interfere with each other.
D → Durability - Once committed, data persists
even after system crash.
CAP Theorem:
============
Only 2 of 3 can be guaranteed at a time:
Consistency
△
/│\
/ │ \
/ │ \
/ │ \
▼ │ ▼
Availability─────Partition Tolerance
CA → Traditional RDBMS (MySQL, PostgreSQL)
CP → MongoDB, HBase
AP → Cassandra, CouchDB
07 — Cloud Infrastructure (AWS), Docker & Kubernetes
EC2, S3, RDS, VPC, containerization, orchestration, and cluster management.
AWS Questions:
- What is AWS? What is cloud computing?
- What is EC2? What is an EC2 instance?
- What is S3? What is a bucket in S3? Why is S3 used?
- How do you upload files to S3? Difference between public and private bucket?
- What is RDS? Difference between RDS and an EC2-hosted DB?
- What is a read replica in AWS RDS?
- What is an AMI (Amazon Machine Image)?
- What is a Security Group? What is an Elastic IP?
- How do you connect to an EC2 instance using SSH?
- What is a VPC? What is a subnet?
- What is a NAT Gateway? What is an Internet Gateway?
Docker Questions:
- What is Docker? Why is Docker used? What problem does Docker solve?
- Difference between Docker and a Virtual Machine? What is containerization?
- What is a Docker container? What is a Docker image? Difference between image and container?
- What is Docker Engine? What is Docker Hub?
- What is a Dockerfile? What are common Dockerfile instructions?
- What is FROM, WORKDIR, EXPOSE, and ENV in a Dockerfile?
- Difference between COPY and ADD? What is the RUN command?
- Difference between RUN, CMD, and ENTRYPOINT?
- What is a .dockerignore file?
- How do you create a Docker image and run/stop a container?
- What is port mapping in Docker?
- What is a volume in Docker? Why are volumes needed?
- How do containers communicate with each other?
- What is docker-compose? Why is it used? Difference between Docker and docker-compose?
- How do you dockerize a Node.js application? How do you dockerize a React application?
- What is container orchestration? What happens if a container crashes?
- How do you restart containers automatically? What is a health check in Docker?
- What are environment variables and how do you pass secrets/configurations in Docker?
- What are common Docker security best practices? Docker image optimization.
- What is a Docker registry? Public vs private registry?
- How do you push/pull images to/from Docker Hub?
- What is the lifecycle of a Docker container?
Docker vs Virtual Machine: ========================== Virtual Machine: Docker Container: ──────────────── ───────────────── ┌─────────────────┐ ┌─────────────────┐ │ App A App B │ │ App A App B │ ├────────┬────────┤ ├────────┬────────┤ │Guest OS│Guest OS│ │ Libs │ Libs │ ├────────┴────────┤ ├─────────────────┤ │ Hypervisor │ │ Docker Engine │ ├─────────────────┤ ├─────────────────┤ │ Host OS │ │ Host OS │ ├─────────────────┤ ├─────────────────┤ │ Hardware │ │ Hardware │ └─────────────────┘ └─────────────────┘ Heavy (GBs), Slow boot Lightweight (MBs), Fast start Dockerfile for Node.js App: ============================ FROM node:18-alpine ← Base image WORKDIR /app ← Set working directory COPY package*.json ./ ← Copy dependencies RUN npm install ← Install deps COPY . . ← Copy source code EXPOSE 3000 ← Document port CMD ["node", "server.js"] ← Start command
Kubernetes Questions:
- What is Kubernetes? Why is Kubernetes used? What problem does it solve?
- Difference between Docker and Kubernetes?
- What is a Kubernetes cluster? What are master/control plane and worker nodes?
- What is a Pod? Why is it the smallest deployable unit? Can a Pod contain multiple containers?
- What is a Deployment in Kubernetes? What is a ReplicaSet? Difference between Pod and Deployment?
- What is a Service in Kubernetes? Explain the types of services.
- What is a scheduler? What is a controller manager?
- What happens when a pod crashes? How does Kubernetes handle self-healing?
- What is a rolling update? What is a rollback in Kubernetes?
- What is autoscaling? What is load balancing and service discovery in Kubernetes?
- What is a persistent volume? Why is persistent storage needed?
- Explain Kubernetes architecture briefly.
Kubernetes Architecture:
========================
Control Plane (Master Node)
┌─────────────────────────────────────────┐
│ API Server │ Scheduler │ etcd │
│ Controller Manager │ Cloud Manager │
└─────────────────────┬───────────────────┘
│
┌──────────┼──────────┐
│ │ │
Worker Node Worker Node Worker Node
┌─────────┐ ┌─────────┐ ┌─────────┐
│ kubelet │ │ kubelet │ │ kubelet │
│ kube- │ │ kube- │ │ kube- │
│ proxy │ │ proxy │ │ proxy │
│ │ │ │ │ │
│ Pod Pod │ │ Pod Pod │ │ Pod Pod │
└─────────┘ └─────────┘ └─────────┘
Kubernetes Service Types:
=========================
ClusterIP → Internal cluster access only (default)
NodePort → Exposes service on each node's IP
LoadBalancer→ External load balancer (cloud provider)
ExternalName→ Maps service to external DNS name
08 — CI/CD — GitHub Actions & Jenkins
Pipelines, workflows, runners, artifacts, secrets, and deployment automation.
- What is CI/CD? What problems does it solve?
- What is Continuous Integration, Continuous Delivery, and Continuous Deployment?
- Difference between Continuous Delivery and Continuous Deployment?
- What is a CI/CD pipeline? What are stages in a pipeline?
- What happens in the Build, Testing, and Deployment stages?
- What is automated testing in CI/CD? Why is it important?
- What is build automation? What is deployment automation?
- What is a rollback in deployment?
- What is GitHub Actions? What is Jenkins? GitHub Actions vs Jenkins?
- Why is GitHub Actions used? What problem does it solve?
- What is CI/CD in GitHub Actions? What is a workflow?
- Where are workflow files stored? Why are they written in YAML?
- What is the .github/workflows directory?
- What is a runner in GitHub Actions?
- What are jobs and steps in GitHub Actions? Difference between them?
- How are workflows triggered? How do you trigger workflows manually (workflow_dispatch)?
- Explain your GitHub Actions pipeline configuration.
- How does a workflow get triggered after a code push?
- How do you optimize GitHub Actions pipelines?
- What triggers a CI/CD pipeline? What is a webhook in CI/CD?
- What is an artifact in CI/CD?
- How do you securely store secrets in a CI/CD pipeline?
- What is Docker's role in CI/CD? How does CI/CD work with Docker?
- What is Infrastructure as Code (IaC)?
- What are common CI/CD configuration challenges?
CI/CD Pipeline Stages:
======================
Code Push (git push)
│
▼
┌─────────────────┐
│ 1. BUILD │ ← npm install, compile, docker build
└────────┬────────┘
│
▼
┌─────────────────┐
│ 2. TEST │ ← Unit tests, integration tests, lint
└────────┬────────┘
│
▼
┌─────────────────┐
│ 3. SCAN │ ← Security scan, code quality check
└────────┬────────┘
│
▼
┌─────────────────┐
│ 4. PACKAGE │ ← Build Docker image, push to registry
└────────┬────────┘
│
▼
┌─────────────────┐
│ 5. DEPLOY │ ← Deploy to staging / production
└────────┬────────┘
│
▼
┌─────────────────┐
│ 6. MONITOR │ ← Health checks, alerts
└─────────────────┘
GitHub Actions Workflow Example:
=================================
name: CI/CD Pipeline
on:
push:
branches: [main]
jobs:
build-and-deploy:
runs-on: ubuntu-latest ← Runner
steps:
- uses: actions/checkout@v3
- run: npm install
- run: npm test
- run: docker build -t myapp .
- run: docker push myapp
| Feature | GitHub Actions | Jenkins |
|---|---|---|
| Hosting | Cloud (GitHub) | Self-hosted |
| Setup | Zero configuration | Complex setup required |
| Config | YAML in .github/workflows | Jenkinsfile (Groovy) |
| Runners | GitHub-hosted or self-hosted | Jenkins agents |
| Cost | Free for public repos | Free (self-hosted infra cost) |
| Best for | GitHub-based projects | Complex enterprise pipelines |
Quick Recap
| Topic | Key Concepts |
|---|---|
| JavaScript | Closures, Event Loop, Promises, Hoisting, ES6+ |
| React.js | Hooks, Virtual DOM, Reconciliation, Fiber, SSR/CSR |
| Node.js | Event Loop Phases, Streams, Cluster, Worker Threads |
| NestJS | DI, Guards, Interceptors, Pipes, Request Lifecycle |
| Auth | JWT, OAuth, RBAC, bcrypt, Refresh Tokens |
| Microservices | Circuit Breaker, Saga, Message Queues, API Gateway |
| Databases | ACID, CAP, Indexing, Sharding, Replication, N+1 |
| AWS | EC2, S3, RDS, VPC, Security Groups, NAT Gateway |
| Docker | Images, Containers, Volumes, docker-compose, Registry |
| Kubernetes | Pods, Deployments, Services, Self-healing, Autoscaling |
| CI/CD | Pipelines, GitHub Actions, Runners, Artifacts, Secrets |
Key Points to Remember
- JavaScript is single-threaded but handles async via the Event Loop
- React Fiber enables concurrent rendering and prioritized updates
- Node.js Event Loop has 6 phases — understand each phase's role
- JWT is stateless; sessions are stateful — know when to use which
- Microservices solve scalability but add operational complexity
- ACID is for relational DBs; CAP theorem applies to distributed DBs
- Docker containers share the host OS kernel — much lighter than VMs
- Kubernetes handles self-healing, scaling, and rolling deployments automatically
- CI/CD ensures code is always in a deployable state through automation
- Use consistent types in functions to avoid V8 deoptimization
What's Next?
You now have a complete question bank covering the full stack! Here's how to use this guide:
- Go through each section and try to answer every question out loud
- Draw the architecture diagrams from memory
- Practice the SQL queries hands-on
- Build small projects using Docker, GitHub Actions, and AWS
- Revisit weak areas and focus on diagram-based explanations
Good luck with your interviews! Keep coding, keep learning!
Post a Comment