Add questions on ArgoCD

As well as on other topics.

Author: abregman

README.md

@@ -78,6 +78,7 @@
   </tr>
   <tr>
       <td align="center"><a href="topics/kafka/README.md"><img src="images/logos/kafka.png" width="70px;" height="80px;" alt="Kafka"/><br /><b>Kafka</b></a></td>
+      <td align="center"><a href="topics/argo/README.md"><img src="images/logos/argo.png" width="80px;" height="80px;" alt="Argo"/><br /><b>Argo</b></a></td>
   </tr>
 </table>
 </center>
@@ -5548,6 +5549,23 @@ A configuration->deployment which has some advantages like:
 2. More immutable infrastructure - with configuration->deployment it's not likely to have very different deployments since most of the configuration is done prior to the deployment. Issues like dependencies errors are handled/discovered prior to deployment in this model.
 </b></details>
 
+## Release
+
+<details>
+<summary>Explain Semantic Versioning</summary><br><b>
+
+[This](https://semver.org/) page explains it perfectly:
+
+```
+Given a version number MAJOR.MINOR.PATCH, increment the:
+
+MAJOR version when you make incompatible API changes
+MINOR version when you add functionality in a backwards compatible manner
+PATCH version when you make backwards compatible bug fixes
+Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format.
+```
+</b></details>
+
 ## Certificates
 
 If you are looking for a way to prepare for a certain exam this is the section for you. Here you'll find a list of certificates, each references to a separate file with focused questions that will help you to prepare to the exam. Good luck :)

images/logos/argo.png

@@ -0,0 +1,115 @@
+# Argo
+
+## ArgoCD Exercises
+
+TODO
+
+## Argo Questions
+
+### ArgoCD 101
+
+<details>
+<summary>What is Argo CD?</summary><br><b>
+
+[ArgoCD](https://argo-cd.readthedocs.io/en/stable): "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes."
+
+As to why Argo CD, they provide the following explanation: "Application definitions, configurations, and environments should be declarative and version controlled. Application deployment and lifecycle management should be automated, auditable, and easy to understand."
+
+</b></details>
+
+<details>
+<summary>There been a lot of CI/CD systems before ArgoCD (Jenkins, Teamcity, CircleCI, etc.) What added value ArgoCD brought?</summary><br><b>
+
+Simply said, ArgoCD is running on Kubernetes, it's part of its ecosystem, as opposed to some other CI/CD systems.
+
+Easier to explain the need for ArgoCD by direct comparison to another CI/CD system. Let's use Jenkins for this.
+
+With Jenkins, you need make sure to install k8s related tools and set access for commands like kubectl.
+With ArgoCD you simply need to install it in your namespace but no need to install additional tools as it's part of k8s.
+
+With Jenkins, managing access is usually done per pipeline and even if set globally in Jenkins, you still need to configure each pipeline to use that access configuration.
+With ArgoCD access management to k8s and other resources is given as it runs already on the cluster, in one or multiple namespaces.
+
+With Jenkins, tracking the status of what got deployed to k8s can be done only as an extra step, by running the pipeline. This is because Jenkins isn't part of the k8s cluster.
+With ArgoCD you get much better tracking and visibility of what gets deployed as it runs in the same cluster and the same namespace.
+
+With ArgoCD it's really easy to roll back to a previous version because all the changes done, are done to git which is a versioned source control. So it's enough to get to a previous commit for ArgoCD to detect a change and sync to the cluster. Worth to mention, this point specifically is true for Jenkins as well :)
+</b></details>
+
+<details>
+<summary>Describe an example of workflow where ArgoCD is used</summary><br><b>
+
+1. A developer submitted change to an application repository
+2. Jenkins pipeline is triggered to run CI on the change
+3. If the Jenkins Pipeline completed successfully, build an image out of the new code
+4. Push to image to a registry
+5. Update K8S manifest file(s) in a separate app config repository
+6. ArgoCD tracks changes in the app config repository. Since there was a change in the repository, it will apply the changes from the repo
+7. 
+</b></details>
+
+<details>
+<summary>True or False? ArgoCD support Kubernetes YAML files but not other manifests formats like Helm Charts and Kustomize</summary><br><b>
+
+False. It supports Kubernetes YAML files as well as Helm Charts and Kustomize.
+
+</b></details>
+
+<details>
+<summary>What "GitOps Repository" means in regards to ArgoCD?</summary><br><b>
+
+It's the repository that holds app configuration, the one updated most of the time by CI/CD processes or DevOps, SRE engineers. In regards to ArgoCD it's the repository ArgoCD tracks for changes and apply them when they are detected.
+
+</b></details>
+
+<details>
+<summary>What are the advantages in using GitOps approach/repository?</summary><br><b>
+
+* Your whole configuration is one place, defined as code so it's completely transparent, adjustable for changes and easily reproducible
+* Everyone go through the same interface hence you have more people experiencing and testing the code, even if not intentionally
+* Engineers can use it for testing, development, ... there is no more running manual commands and hoping to reach the same status as in the cluster/cloud.
+* 
+</b></details>
+
+<details>
+<summary>What are the advantages in using GitOps approach/repository?</summary><br><b>
+
+* Your whole configuration is one place, defined as code so it's completely transparent, adjustable for changes and easily reproducible
+* Everyone go through the same interface hence you have more people experiencing and testing the code, even if not intentionally
+* Engineers can use it for testing, development, ... there is no more running manual commands and hoping to reach the same status as in the cluster/cloud.
+* Single source of truth: you know that your GitOps is the repo from which changes can be done to the cluster. So even if someone tries to manually override it, it won't work.
+</b></details>
+
+<details>
+<summary>Sorina, one of the engineers in your team, made manual changes to the cluster that override some of the configuration in a repo traced by ArgoCD. What will happen?</summary><br><b>
+
+Once Sorina made the modifications, ArgoCD will detect the state diverged and will sync the changes from the GitOps repository, overwriting the manual changes done by Sorina.
+
+</b></details>
+
+<details>
+<summary>Nate, one of the engineers in your organization, asked whether it's possible if ArgoCD didn't sync for changes done manually to the cluster. What would be your answer?</summary><br><b>
+
+The answer is yes, it's possible. You can configure ArgoCD to sync to desired state when changes done manually and instead do something like sending alerts.
+
+</b></details>
+
+<details>
+<summary>How cluster disaster recovery becomes easier with ArgoCD?</summary><br><b>
+
+Imagine you have a cluster in the cloud, in one of the regions. Something happens to that cluster and it's either crashes or simply no longer opertional.
+
+If you have all your cluster configuration in a GitOps repository, ArgoCD can be pointed to that repository while be configured to use a new cluster you've set up and apply that configuration so your cluster is again up and running with the same status as o
+</b></details>
+
+
+### Access Control
+
+<details>
+<summary>What is Argo CD?</code></summary><br><b>
+
+[ArgoCD](https://argo-cd.readthedocs.io/en/stable): "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes."
+
+As to why Argo CD, they provide the following explanation: "Application definitions, configurations, and environments should be declarative and version controlled. Application deployment and lifecycle management should be automated, auditable, and easy to understand."
+
+</b></details>

topics/argo/README.md

@@ -1,32 +1,30 @@
 # Containers
 
-## Exercises - Index
-
-* [Running Containers](#exercises-running-containers)
-* [Images](#exercises-containers-images)
-* [Misc](#exercises-containers-misc)
-
-## Questions - Index
-
-* [Containers 101](#questions-containers-101)
-* [Common Commands](#questions-common-commands)
-* [Images](#questions-containers-images)
-  * [Tags](#questions-containers-images-tags)
-  * [Registry](#questions-containers-images-registry)
-* [Storage](#questions-containers-storage)
-* [Containerfile](#questions-containerfile)
-* [Architecture](#questions-architecture)
-* [Docker Architecture](#questions-docker-architecture)
-* [Docker Compose](#questions-docker-compose)
-* [Networking](#questions-networking)
-* [Docker Networking](#questions-docker-networking)
-* [Security](#questions-security)
-* [Docker In Production](#questions-docker-in-production)
-* [Rootless Containers](#questions-rootless-containers)
-* [OCI](#questions-oci)
-* [Scenarios](#questions-scenarios)
-
-## Containers Exercises
+- [Containers](#containers)
+  - [Exercises](#exercises)
+    - [Running Containers](#running-containers)
+    - [Images](#images)
+    - [Misc](#misc)
+  - [Questions](#questions)
+    - [Containers 101](#containers-101)
+    - [Commands Commands](#commands-commands)
+    - [Images](#images-1)
+      - [Registry](#registry)
+      - [Tags](#tags)
+      - [Containerfile](#containerfile)
+    - [Storage](#storage)
+    - [Architecture](#architecture)
+    - [Docker Architecture](#docker-architecture)
+    - [Docker Compose](#docker-compose)
+    - [Networking](#networking)
+    - [Docker Networking](#docker-networking)
+    - [Security](#security)
+    - [Docker in Production](#docker-in-production)
+    - [OCI](#oci)
+    - [Scenarios](#scenarios)
+
+
+## Exercises
 
 <a name="exercises-running-containers"></a>
 ### Running Containers
@@ -514,8 +512,7 @@ True. For mounted files you can use `podman inspec CONTAINER_NAMD/ID`
 Registry
 </b></details>
 
-<a name="questions-containers-images-registry"></a>
-#### Images - Registry
+#### Registry
 
 <details>
 <summary>What is a Registry?</summary><br><b>
@@ -582,8 +579,7 @@ You can specify a specific registry: `podman push IMAGE REGISTRY_ADDRESS`
 2. Using `podman commit` on a running container after making changes to it
 </b></details>
 
-<a name="questions-containers-images-tags"></a>
-#### Images - Tags
+#### Tags
 
 <details>
 <summary>What are image tags? Why is it recommended to use tags when supporting multiple releases/versions of a project?</summary><br><b>
@@ -613,7 +609,7 @@ False. You can run `podman rmi IMAGE:TAG`.
 True.
 </b></details>
 
-### Containerfile
+#### Containerfile
 
 <details>
 <summary>What is a Containerfile/Dockerfile?</summary><br><b>
@@ -660,8 +656,6 @@ It specifies the base layer of the image to be used. Every other instruction is
 
 COPY takes in a source and destination. It lets you copy in a file or directory from the build context into the Docker image itself.<br>
 ADD lets you do the same, but it also supports two other sources. You can use a URL instead of a file or directory from the build context. In addition, you can extract a tar file from the source directly into the destination.
-
-Although ADD and COPY are functionally similar, generally speaking, COPY is preferred. That’s because it’s more transparent than ADD. COPY only supports the basic copying of files from build context into the container, while ADD has some features (like local-only tar extraction and remote URL support) that are not immediately obvious.
 </b></details>
 
 <details>

topics/containers/README.md

@@ -433,6 +433,7 @@ Read more [here](https://about.gitlab.com/topics/gitops)
 
 * It introduces limited/granular access to infrastructure
 * It makes it easier to trace who makes changes to infrastructure
+
 </b></details>
 
 <details>
@@ -442,6 +443,14 @@ Read more [here](https://about.gitlab.com/topics/gitops)
 * Apply review/approval process for changes
 </b></details>
 
+<details>
+<summary>Two engineers in your team argue on where to put the configuration and infra related files of a certain application. One of them suggests to put it in the same repo as the application repository and the other one suggests to put to put it in its own separate repository. What's your take on that?</summary><br><b>
+
+One might say we need more details as to what these configuration and infra files look like exactly and how complex the application and its CI/CD pipeline(s), but in general, most of the time you will want to put configuration and infra related files in their own separate repository and not in the repository of the application for multiple reasons:
+
+* Every change submitted to the configuration, shouldn't trigger the CI/CD of the application, it should be testing out and applying the modified configuration
+</b></details>
+
 #### SRE
 
 <details>