Shell845

Interview 101

2021-02-28T00:00:00+00:00

My summary of interview preparation.

Behavioral Interview

How to organize answers
How to talk about projects
FABQ

Technical Interview Preparation Materials

Behavioral Interview

1. How to organize answers

STAR: Situation → Task → Action → Result
CARL: Context → Action → Result → Learning
CART: Clarify → Assumption → Result → Test (to solve tech problem / case study)
SWOT: Strengths, Weaknesses, Opportunities, Threats
Mention memorable highlights for interviewers’ follow up questions

2. How to talk about projects

Include process, domain, structure/tools in your answer.

Project background (1 min - you should have an overview of the full picture):
- client, industry, business
- challenge (should be industrial recognized), existing situation (problem)
Project detail (3 min):
- include scope, deliverables, duration, team structure, report what report to who (knowledge in project management level)
- mention SDLC flow and process. plus: business input? data source? stakeholders’ requirements? etc
Project and performance evaluation (users, managements, teammates) (1 min)
Ask interviewers if any specific parts they want to know more

   Examples

   e.g. the project is to deliver a report: 
report usage/purpose; 
how frequent it generated;
data sources;
what does the report looks like (summary? chart? dashboard? ); 
KPI

   e.g. the project is to build a system: 
system purpose; 
data volume and user numbers of the system; 
overview of infrastructure design (e.g the infra is web server  → MQ → app server → DB, how the design achieve high available and scaling etc); 
detail implementation → your greatest contributions
Project and performance evaluation (users, managements, teammates) (1 min)
Ask interviewers if any specific parts they want to know more

3. FABQ

Tell me about your self? **

Answer structure: Present → Past → Future + Mention Highlight Points

Who I am (1 min)
- my current role (present)
- my prior experience / how I come to current position (past)
- my expectation (future)
Recent achievement (1 min)
- any highlight points in my projects / any special things I did
- anything makes me unique
Personal interests if the interest is work related (30 sec)
- e.g. enjoy writing tech blogs in spare time

What are your career goals? **

Short-term goals (2 - 3 years)
Long-term (5 - 10 years)
What actions I am taking to achieve my goals.

Why you are a good fit for this role?

What can I bring to the role (50%)
What I want to get from this role (30%)
What makes me unique (20%)

Why are you interested in this role / Why do you want to work here? **

Company (e.g. culture, future potential, industry, etc)
Role (what I am interested in for this role)
My experience/education/background fit the role/company Notes: Growth mindset, focus on the role, show enthusiasm

Example of successes **

define success (e.g. did sth above and beyond your level)
provide the success example, organize in STAR format
summary: what did you learn from this experience

Example of failure **

Define failure (e.g. over-promising but under-delivery)
Share the example in Context → Action → Result → Learning format. Only need 1 thing to go wrong and show only one-time mistake (avoid everything wrong or repeating wrong pattern)
End with a learning (My biggest take away from this experience is…)

Example of challenges and how you handled them **

answer in STAR format. Talk about the solution and the role you played.
End with your lesson learn and things to be improved

What is your weakness? **

the weakness should not be work-related

focus on how you improve it

 Example
 sometimes I focus too much on little details 
 improve → prfioritize tasks beforehand and back to little details after everything is done to avoid affecting progress

What is your strength? **

Provide an example to support your answer

Describe your ideal work environment **

Match your interest with the company culture

   Example
   My ideal work environment is one that emphasizes **collaboration** and encourages **creativity**. 
   I feel that my best results come when I work with different teams and share ideas. 
   Collaboration can always bridge the gap between teams and bring inspiration, and creativity moves the company forward and enables everyone's talents to flourish.

Any questions you want to ask the interviewer **

Questions should vary according to different stages of interviews

Examples
- Can you share more about the day-to-day responsibilities of this position?
- If I were hired, besides my teammates any other teams I will be working with?
- What does a typical word day look like?
- What do you like about working here?
- Questions about industry research.

Tell me a time you handled a difficult situation

Highlight:

You are able to listen to, and accept, other people’s point of views even if you have already formed your own opinion and;
You are able to put the needs of the business above your own when a conflict does arise in the workplace

What perspectives do you value most of a company/offer?

Growth opportunities
Teammates and working environment

Difficult questions

Clarify the questions, rephrase and repeat to confirm my understanding correct (to buy time)
Break question down
Address each segment

What type of manager do you work best with?

encourage independent work (there are managers who prefer to give clear, specific instructions). I work very well independently, but also know when to ask questions.
encourage clear communication between management and employees

What kind of people you don’t like to work with?

On a professional level, I have respect for all individuals that work hard and maintain a professional work environment…

How do you stay on top of current trends and innovations?

Keep an eye on new technologies news
- Follow tech news (hacker news, medium, sign up AWS news for latest deployments and best practices,))
- Explore trending projects or top starred projects on github https://github.com/trending
Read companies blogs and the latest research reports (https://www.thoughtworks.com/radar)
Think and try to apply the new tech in regular work
Share knowledge with friends and colleagues, talk to people from different background

What distinguishes a great software engineer from a good one? Do you feel you have those qualities?

good: given a plan and execute the plan, follow standard and best practices.
better: given a problem, find solution and solve the problem
great: observe, identify and solve problems, think about what cause the problems and rational behind the solutions. Define and enforce standard

What’s your ownership level for prior project and product?

What are you looking for in your next job?

What change did you make in your previous role?

What do you enjoy most in your last role?

Tell me about a time when you made a mistake and how you rectified it?

Give an example of how you inspired others

How to handle conflicts with your teammates/managers?

How your manager/teammate will describe you?

How comfortable are you in a startup environment, or do you prefer working in a more established company?

Technical Interview Preparation Materials

CS Foundation

Data Structs & Algo

CS61B https://sp19.datastructur.es/
Crack the coding interview
https://labuladong.github.io/algo/
https://time.geekbang.org/column/intro/126

OOP & Design Pattern

https://time.geekbang.org/column/intro/250

System Design

Crack the system design interview
Designing Data Intensive Applications

Database

SQL
- The Internals of PostgreSQL http://www.interdb.jp/pg/index.html
- MVCC https://www.postgresql.org/docs/current/mvcc.html
- https://www.tutorialspoint.com/postgresql/index.htm
NoSQL
Data warehouse

Whathappens After We Input Url To Browser

2021-02-01T00:00:00+00:00

A quick summary for how the browser find and load websites. Also briefly cover some relevant topics.

What happens after we input url to browser

Input url

When we type an url link (e.g. www.image.google.com) into address bar of the browser, browser searches from history, bookmark, or cache for strings to match our input parts and provides suggestion (e.g. auto fill up the remaining part of the url). Some browsers may even load the webpage from our caches before we press enter.
Resolve domain name

Now we press the enter key, the first thing the browser need to do is to resolve the domain name.
1. Browser checks caches of DNS records to find a matching IP address: first browser cache, then OS cache (the local host file), third router cache, and finally ISP cache (our internet service provider). Return if find a match, otherwise continue to step 2.
2. Local DNS server (the ISP DNS server, we call it DNS recursor) initiates a DNS query to recursively search for matching IP of the requested domain. Recursive means the search continues from one DNS server to another until correct IP is found. If still no match, Local DNS server queries root DNS server. UDP is used for DNS queries.
3. Root DNS server tells local DNS server which domain DNS server (e.g. .com domain name server) it should ask. Then local DNS server asks .com DNS server and .com DNS server say “go ask google.com DNS server, here is its IP address”. This step conducts iteratively.
4. Finally local DNS server get the IP address. It returns the IP to our browser and also save the record in its cache.
Handshake between browser (client) and server

Once get the server IP, our browser sends a TCP connection request to server. Connection is established by 3-way handshake.

Browser sends HTTP request to server

We are ready to transfer data between browser and server after TCP connection is established. The browser sends a GET request to server for www.image.google.com webpage.

 GET https://www.google.com/ HTTP/1.1
 accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
 accept-encoding: gzip, deflate, br
 accept-language: en-US,en;q=0.9
 cache-control: max-age=0
 cookie: ********
 user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.96 Safari/537.36

Server handles the request and send respond to client

The respond contains status code (2xx, 3xx, 4xx, 5xx), respond header (content-type (text/html), content-encoding (compression type, e.g. gzip), cache-control, date time, etc), body (webpage contain, etc).

 HTTP/1.1 OK 
 cache-control: private, max-age=0
 content-encoding: br
 content-length: 63092
 content-type: text/html; charset=UTF-8
 date: Mon, 01 Feb 2021 04:03:04 GMT
 expires: -1
 server: gws
 set-cookie: OTZ=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/; domain=google.com
 set-cookie: OTZ=; expires=Mon, 01-Jan-1990 00:00:00 GMT; path=/; domain=.google.com
 set-cookie: SIDCC=AJi4QfHL3HjbiH*********msJGnD-pQk9MOOF7Km0; expires=Tue, 01-Feb-2022 04:03:04 GMT; path=/; domain=.google.com; priority=high
 strict-transport-security: max-age=31536000
 x-frame-options: SAMEORIGIN
 x-xss-protection: 0

Browser display webpage content

Browser resolve the html page from top to bottom and render while loading. It render bare bone HTML skeleton first then check HTML tags. When there are external resources, e.g. image, video, CSS style sheet, browser sends out GET request asynchronously.

Done! Enjoy your webpage.

Relevant topics

DNS hierarchy

----------------- Root domain ------------------

------------- Top-level domains -----------------
          com edu org gov ca cn us

------------- Second-level domains -----------------
       google.com, wikipedia.org, canada.ca 

--------- Third-level domains (sub-domains)---------
   image.google.com, en.wikipedia.org, www.abc.com

Internet protocols

TCP (reliable)

Connect with 3-way handshake

Disconnect with 4-way handshake

UDP (best-effort)

HTTP request

POST: (personally prefer to use for create)
PUT: idempotent, get same result no matter the action is executed how many time (personally prefer to use for edit)
GET
DELETE
HEAD: identical request of GET but without the response body
CONNECT: establishes a tunnel to the server of for target resource
OPTIONS: describe the communication options for target resource
TRACE: message loop-back test
PATCH: partial modifications to a resource

HTTP respond status code

1xx informational message
2xx success
- 200 OK
- 201 created
- 202 accepted
3xx redirects
- 300 multiple choice
- 301 moved permanently (browser replace old address with new address )
- 302 found (moved temporarily)
- 308 Permanent Redirect, same semantics as 301, except that the user agent must not change the HTTP method used: If a POST was used in the first request, a POST must be used in the second request
4xx error on client
- 400 Bad Request (server doesn’t understand the request)
- 401 Unauthorized (actually means unauthenticated)
- 403 Forbidden (no access right)
- 404 Not Found
- 408 Request Timeout
- 414 URI Too Long
- 429 Too Many Requests
- 418 I’m a teapot (fun way to say ‘server wish not to handle this request’)
5xx error on server
- 500 Internal Server Error
- 502 Bad Gateway
- 503 Service Unavailable
- 504 Gateway Timeout

How Https Works And Why It Is Secure

2021-01-31T00:00:00+00:00

If clients and servers communicate with HTTP, all messages are sent in plain texts. Anyone intercepts the conversation can eavesdrop and retrieve all information (eavesdropping, tampering, pretending).

We can encrypt our messages to make the conversation more secure. There are two types of encryption:

Symmetric encryption: use a single key for encryption and decryption
Asymmetric encryption: use a pair of keys (public key and private key) to encrypt and decrypt

HTTPS actually means HTTP + SSL. The protocol uses asymmetric encryption to exchange keys between server and client (for security), and uses symmetric encryption to encrypt messages (for performance).

The HTTPS establish flow

Step 1 Handshake: client and server exchange keys and verify certificate, then generate session key for coming conversation

Step 2 Conversation: client and server communicate with each other with session key.

HTTPS is secure because

Conversations are encrypted by session key so eavesdroppers cannot decrypt.
Prevent man-in-the-middle attack since only client and server have session key.
Trusted CA signed certs are trustworthy

Why private key can decrypt messaged encrypted by public key

The public key can be known by everyone. However messages encrypted with the public key can only be decrypted in a reasonable amount of time by using the paired private key.

The basic idea is to find 3 numbers (e, d, n) to fulfil M^(e*d) (mod n) = M

How to generate public-private key pair (RSA):

pick large prime number p and q, calculate n = p * q
pick an exponential number e, e < (p - 1)(q - 1) and e is relatively prime to (p - 1)(q - 1)
Compose public key with e and n
Compute d with (e, p, q), compose private key with d and n

Replace Elb+acm With+nginx+certbot

2020-05-01T00:00:00+00:00

My blog is hosting on AWS in the structure of ELB (with ACM) + EC2 as app server + RDS as database (detail implementation in previous blog). Now I want to replace ELC and ACM with Nginx and Certbot.

Nginx is a web server which can be used as a reverse proxy, load balancer, mail proxy and HTTP cache. Here I use it as a reverse proxy. Since I only have one app server so load balancing is unnecessary.

Let’s Encrypt is a free certificate authority (CA) runs by Internet Security Research Group (ISRG). The process to manually create, apply and maintain certs can be miserable. Luckily Certbot offers free tool to handle these automatically.

By the way, use AWS public CA is free, just we cannot export the cert and can only use the cert within AWS services via AWS Certificate Manager (ACM).

Part 1 - Nginx

Installation

I launch a new ubuntu server to host Nginx in AWS in the same PVC and same security group as my ELB (permission for accessing app server had been configured in previous blog).

The first step is to install Nginx. Just few commands following the official guide http://nginx.org/en/linux_packages.html.

After installation, set and run nginx:

sudo systemctl enable nginx
sudo systemctl start nginx

And confirm everything is alright:

sudo systemctl status nginx

Configuration

Some default paths for reference:

Main config file: /etc/nginx/nginx.conf
Other config files: /etc/nginx/conf.d/
Access log: /var/log/nginx/access.log
Static files: /usr/share/nginx/html

I create a customised blog.conf and include it into main config file. A full config file sample is available here https://www.nginx.com/resources/wiki/start/topics/examples/full/. Server block is the key part to modify, multiple server blocks and multiple locations in server block can be added.

server {
    listen      <port, by default 80>;
    server_name <domain>;

    location / {
        proxy_pass http://<app server IP>:8080;
    }
}

Part 2 - Certbot

The Certbot guide is pretty clear https://certbot.eff.org/lets-encrypt/ubuntufocal-nginx. Just follow the guide step by step and Certbot automatically helps to issue certs and config Nginx.

How Certbot verify our domain? A random generated strings is attached to certain location in Nginx config, Cerbot server tries access the location for verification. Once complete, these sections are auto deleted.

All Nginx configurations modified by Certbot have append # managed by Certbot.

Also forward requests from http 80 port to https 443 port.

Finally the blog is equipped with new cert. The cert is valid for 3 months and will be renew automatically by Certbot.

Part 3 - AWS Route 53

Change the record set of my blog domain to map to Nginx server.

Conclusion

[End]

Deploy Java Web App To Aws

2020-04-01T00:00:00+00:00

I have just completed the development of my personal blog and want to bring it online so that my parents can visit (as an evidence to convince them that I’m really studying XDD).

I pick up AWS and decide to deploy it step by step instead of using auto-deployment tools like beanstalk or heroku as I want a chance to review the AWS topic and understand more about the deployment process.

Step 1 - Launch EC2

I launched a EC2 instance Amazon Linux 2 AMI (centos) - t2.micro, with 1 vCPU and 1G memoryIt is free tier and enough to handle my tiny blog since I’m not expecting large amount of visitors. Edit the ec2 security group to allow 0.0.0.0/0 all inbound traffic (we will further modify this later after create ELB).

Then SSH to the EC2

[root@ip-xx]$ ssh -i /path/<key-pair>.pem ec2-user@<ec2 public dns>

Retrieve and install Tomcat

[root@ip-xx]$ wget https://apache.website-solution.net/tomcat/tomcat-9/v9.0.34/bin/apache-tomcat-9.0.34.tar.gz
[root@ip-xx]$ tar -zvxf apache-tomcat-9.0.34.tar.gz

Navigate to the folder bin under tomcat folder, run the start up script. If everything goes right we should be able to see the default tomcat page when access http://:8080 in browser. Port 8080 is the default port of tomcat and it also can be customised.

Step 2 - Launch RDS

I choose MySQL free tier and put it into the same VPC as the ec2 instance which hosts our web app.

Edit the inbound rule to allow access from ec2. Here we use default port 3306 and attach ec2’s security group.

Type	Protocol	Port	Source
MYSQL/Aurora	TCP	3306	web-app-ec2-sg

[rds security group]

Don’t forget to create necessary tables for your web app after create the RDS instance.

Step 3 - Upload java web app

Now wrap up the java war. My blog is a maven project. When I tried to wrap up I encountered with some keystore problems when trying to download maven-surefire-plugin during test process in packaging. Unfortunately I cannot solve it so I just skip the test for packaging.

mvn clean package -Dmaven.test.skip=true

Upload the war to EC2.

scp -i /path/<key-pair>.pem /path/<webapp>.war ec2-user@<ec2 public dns>:~/

Put the war under part tomcat/webapps. I rename the war to ROOT.war and remove the original ROOT folder under webapps to make my blog the default web.

Then restart tomcat - BOOM~~~ we now can visit the blog via http://:8080.

Step 4 - Domain and SSL cert

I don’t want visitors to access our blog via raw IP, besides I want to enable https to secure the access.

First I buy a domain (AWS provides the service, but I myself brought my domain from namecheap. there are also other providers to buy domain).

Then back to AWS Rout53, create a hosted zone, bring the domain we just brought to rout53 (also need to input the aws NS to namecheap). Setup CNAME record for our domain in rout53. Note things may mess up if we use CNAME record for root domain, so instead we use A record (alias) for root domain in AWS.

The last step is to get our domain certified in AWS Certificate Manager. It’s pretty straightforward and do make our life easier comparing with all the steps we need to walk through if we are creating our cert with 3rd party e.g ssls.com.

Once our cert is ready in ACM, we can directly import it to ELB.

Step 5 - Link ELB to EC2

To make the access to the blog more secure and more stable, I want all visiting requests flow to ELB and let ELB direct the traffics to my web app EC2.

So, go create the ELB. After creation, add the SSL cert we created in ACM in previous step to ELB https port 443, and set http port 80 to redirect to our https path.

Listener ID	Security policy	SSL Certificate	Rules
HTTP : 80	N/A	N/A	Default: redirecting to HTTPS://#{host}:443/
HTTPS : 443	elb-sp		Default: forwarding to

[elb listener ]

Now we can further modify the ec2 security group, to allow inbound from ELB and SSH only.

Type	Protocol	Port	Source
Custom TCP	TCP	8080	load-balancer-sg
SSH	TCP	22	0.0.0.0/0

[ec2 security group]

And we use S3 to store images if any in our blog.

The final chart is:

Done!

Shell845

Interview 101

Table of contents

Behavioral Interview

1. How to organize answers

2. How to talk about projects

3. FABQ

Tell me about your self? **

What are your career goals? **

Why you are a good fit for this role?

Why are you interested in this role / Why do you want to work here? **

Example of successes **

Example of failure **

Example of challenges and how you handled them **

What is your weakness? **

What is your strength? **

Describe your ideal work environment **

Any questions you want to ask the interviewer **

Tell me a time you handled a difficult situation

What perspectives do you value most of a company/offer?

Difficult questions

What type of manager do you work best with?

What kind of people you don’t like to work with?

How do you stay on top of current trends and innovations?

What distinguishes a great software engineer from a good one? Do you feel you have those qualities?

What’s your ownership level for prior project and product?

What are you looking for in your next job?

What change did you make in your previous role?

What do you enjoy most in your last role?

Tell me about a time when you made a mistake and how you rectified it?

Give an example of how you inspired others

How to handle conflicts with your teammates/managers?

How your manager/teammate will describe you?

How comfortable are you in a startup environment, or do you prefer working in a more established company?

Technical Interview Preparation Materials

CS Foundation

Data Structs & Algo

OOP & Design Pattern

System Design

Database

Whathappens After We Input Url To Browser

What happens after we input url to browser

Relevant topics

DNS hierarchy

Internet protocols

HTTP request

HTTP respond status code

How Https Works And Why It Is Secure

Replace Elb+acm With+nginx+certbot

Part 1 - Nginx

Installation

Configuration

Part 2 - Certbot

Part 3 - AWS Route 53

Conclusion

Deploy Java Web App To Aws

Step 1 - Launch EC2

Step 2 - Launch RDS

Step 3 - Upload java web app

Step 4 - Domain and SSL cert

Step 5 - Link ELB to EC2