DevOps Engineer Learning Path

Who Is This Path For?

This path is for developers or sysadmins making the move into DevOps, or junior DevOps engineers who want a structured skill progression. It assumes you’re comfortable with Linux basics and Git — if not, complete the Linux Engineer Path first.

Every milestone is hands-on. You build real pipelines, real clusters, and real infrastructure. By Milestone 9 you will have a portfolio of projects ready to show employers.

Milestone 1 — Linux & Shell Scripting Foundations

DevOps runs on Linux. This milestone makes it second nature.

Topics:

• File system hierarchy, permissions (chmod, chown)
• Process management (ps, top, htop, kill, systemctl)
• Package managers (apt, yum, dnf)
• Bash scripting — variables, loops, conditionals, functions
• Cron jobs and scheduling
• SSH key management, ~/.ssh/config, scp, rsync

Hands-On Task: Write a bash script that backs up a directory, compresses it, ships it to a remote server via rsync, and emails you on failure. Schedule it with cron.

Milestone 2 — Git & Version Control Workflows

Topics:

• Git internals — how commits, branches, and merges actually work
• GitFlow vs Trunk-Based Development
• Pull Request workflows, code review best practices
• Rebase vs Merge — when to use each
• Git hooks (pre-commit, pre-push)
• Monorepo vs polyrepo strategies
• .gitignore, .gitattributes

Hands-On Task: Set up a repository with branch protection rules, a PR template, and a pre-commit hook that runs a linter.

Milestone 3 — Docker & Containerisation

Topics:

• Container vs VM — the actual difference
• Dockerfile best practices — layer caching, multi-stage builds, non-root users
• Docker networking — bridge, host, overlay
• Docker volumes and bind mounts
• Docker Compose — multi-service apps with dependencies
• Docker Hub, ECR, and private registries
• Container security scanning (Trivy, Snyk)

Hands-On Task: Containerise a Python Flask app + Redis + Nginx reverse proxy with Docker Compose. Push to ECR. Run a Trivy vulnerability scan.

Milestone 4 — CI/CD with Jenkins

Topics:

• Jenkins architecture — master, agents, executors
• Declarative vs Scripted Pipelines
• Jenkinsfile — stages, steps, post conditions
• Shared Libraries for reusable pipeline code
• Jenkins credentials management
• Integrating automated tests — unit, integration, code coverage
• Triggering builds on Git push (webhooks)

Hands-On Task: Build a full pipeline: git push → lint → unit tests → Docker build → push to ECR → deploy to EC2 via SSH.

Milestone 5 — CI/CD with GitHub Actions

Topics:

• Workflow YAML syntax — triggers, jobs, steps
• Matrix builds (test across Node 18, 20, 22)
• Secrets and environment variables
• Reusable workflows and composite actions
• Deploying to AWS (using OIDC — no long-lived keys)
• GitHub Environments with approval gates
• Caching dependencies for faster builds

Hands-On Task: Create a workflow that runs tests on every PR, builds a Docker image on merge to main, and deploys to AWS ECS using OIDC.

Milestone 6 — Kubernetes in Production

Topics:

• Kubernetes architecture — control plane, kubelet, etcd
• Pods, ReplicaSets, Deployments, StatefulSets, DaemonSets
• Services (ClusterIP, NodePort, LoadBalancer)
• Ingress controllers (NGINX Ingress, AWS ALB Ingress)
• ConfigMaps and Secrets management
• Resource Requests & Limits, HPA, VPA
• RBAC — ServiceAccounts, Roles, RoleBindings
• Namespaces and multi-tenant patterns
• Helm — charts, values, templating

Hands-On Task: Deploy a microservices app (3 services) to a local Kind cluster using Helm, with Ingress routing, HPA, and separate namespaces per environment.

Milestone 7 — Infrastructure as Code with Terraform

Topics:

• Terraform core concepts — providers, resources, data sources
• terraform plan, apply, destroy, import
• Variables, outputs, locals, tfvars files
• Remote state — S3 backend + DynamoDB locking
• Modules — writing and consuming reusable modules
• Workspaces for environment separation
• Terraform Cloud / Atlantis for team workflows
• tfsec and checkov for security scanning

Hands-On Task: Write a Terraform module that provisions an EKS cluster with managed node groups, VPC, and IAM roles. Use an S3 remote backend with state locking.

Milestone 8 — Monitoring & Observability

The three pillars: metrics, logs, traces.

Topics:

• Prometheus architecture — scraping, exporters, push gateway
• PromQL — writing useful queries
• Grafana — dashboards, variables, alerts
• Node Exporter, kube-state-metrics, Blackbox Exporter
• Loki + Promtail for log aggregation
• Alertmanager — routing, grouping, silences
• OpenTelemetry overview (traces)
• SLIs, SLOs, and error budgets

Hands-On Task: Deploy the kube-prometheus-stack with Helm. Build a Grafana dashboard showing pod CPU, memory, request rates, and error rates. Create a PagerDuty alert on p99 latency > 1s.

Milestone 9 — GitOps & Advanced Patterns

Topics:

• GitOps principles — declarative, versioned, automated reconciliation
• ArgoCD — applications, projects, sync policies
• ArgoCD Image Updater
• Progressive delivery — Canary and Blue/Green with Argo Rollouts
• Secrets management in GitOps — Sealed Secrets, External Secrets Operator
• SRE principles — toil reduction, postmortems, runbooks
• Platform engineering concepts

Capstone Project: End-to-end GitOps pipeline:

• Code push → GitHub Actions → Docker build → push to ECR
• ArgoCD detects new image → deploys to EKS automatically
• Argo Rollouts does a canary release (10% → 50% → 100%)
• Prometheus + Grafana monitors the rollout
• Automatic rollback if error rate spikes