Skill Tree¶
A visual representation of the training curriculum as an interconnected skill tree. Unlock prerequisites to access advanced topics.
Legend¶
- 🟢 Foundation — start here, no prerequisites
- 🔵 Intermediate — requires foundations
- 🟣 Advanced — requires intermediate, cross-domain
- 🔴 Expert — requires advanced + real operational experience
Topics marked with * are cross-domain and appear in multiple branches.
Linux & System Administration¶
🟢 linux-ops
├── 🟢 linux-users-and-permissions
│ ├── 🔵 linux-hardening
│ │ └── 🟣 selinux-apparmor
│ └── 🔵 security-basics *
├── 🟢 linux-text-processing
│ ├── 🔵 grep-and-regex
│ │ └── 🔵 regex-text-wrangling
│ ├── 🔵 awk
│ ├── 🔵 sed
│ └── 🔵 pipes-and-redirection
│ ├── 🔵 xargs
│ └── 🔵 find
│ └── 🔵 fd (via modern-cli)
├── 🟢 linux-boot-process
├── 🟢 package-management
│ └── 🔵 nix
├── 🟢 environment-variables
├── 🟢 cron-scheduling
├── 🟢 tar-and-compression
├── 🟢 process-management
│ └── 🔵 strace
├── 🟢 systemctl-journalctl
│ └── 🔵 linux-ops-systemd
│ └── 🔵 linux-signals-and-process-control
├── 🔵 linux-logging
│ └── 🔵 logging *
├── 🔵 proc-filesystem
├── 🔵 linux-memory-management
│ ├── 🔵 oomkilled *
│ └── 🟣 linux-performance
│ ├── 🟣 linux-kernel-tuning
│ ├── 🟣 perf-profiling
│ ├── 🟣 continuous-profiling
│ ├── 🟣 strace
│ └── 🔴 kernel-troubleshooting
│ └── 🔴 ebpf-observability
├── 🔵 linux-performance
│ └── 🟣 linux-ops-storage
│ ├── 🟣 disk-and-storage-ops
│ │ ├── 🟣 mounts-filesystems
│ │ │ └── 🟣 inodes
│ │ └── 🟣 storage-ops
│ │ ├── 🔴 ceph
│ │ └── 🔵 s3-object-storage *
│ └── 🟣 backup-restore
│ └── 🟣 disaster-recovery
├── 🔵 terminal-internals
│ └── 🔵 tmux-and-screen
├── 🔵 modern-cli
│ ├── 🔵 modern-cli-workflows
│ ├── 🔵 ripgrep
│ ├── 🔵 fzf
│ └── 🔵 fd
└── 🟢 ssh-deep-dive *
Shell and Text Tools¶
🟢 linux-ops
├── 🟢 pipes-and-redirection
│ ├── 🔵 awk
│ ├── 🔵 sed
│ └── 🔵 xargs
├── 🔵 advanced-bash
├── 🔵 make-and-build-systems
├── 🔵 grep-and-regex
│ └── 🔵 regex-text-wrangling
└── 🟢 yaml-json-config
└── 🔵 jq
Networking¶
🟢 networking
├── 🟢 subnetting-and-ip-addressing
│ ├── 🔵 routing
│ │ ├── 🔵 vlans
│ │ │ ├── 🔵 stp
│ │ │ ├── 🔵 lacp
│ │ │ └── 🟣 bgp-evpn-vxlan
│ │ └── 🔵 nat
│ ├── 🔵 arp
│ └── 🔵 cisco-fundamentals-for-devops
├── 🟢 dns-ops
│ ├── 🔵 dns-deep-dive
│ │ └── 🟣 dnssec
│ └── 🔵 aws-route53 *
├── 🔵 tcp-ip-deep-dive
│ ├── 🔵 tls
│ │ ├── 🟣 tls-pki
│ │ │ └── 🟣 tls-certificates-ops
│ │ └── 🔵 vpn-tunneling
│ │ └── 🔵 tailscale
│ ├── 🔵 http-protocol
│ │ ├── 🔵 grpc
│ │ └── 🔵 graphql
│ ├── 🔵 mtu
│ └── 🔵 wireshark
├── 🔵 dhcp-ipam
├── 🔵 load-balancing
│ ├── 🔵 nginx-web-servers
│ │ └── 🔵 api-gateways
│ └── 🟣 envoy *
├── 🔵 iptables-nftables
│ └── 🔵 firewalls
├── 🔵 linux-ops *
├── 🔵 networking-troubleshooting
│ └── 🔵 networking-troubleshooting-tools
│ └── 🔵 wireshark
└── 🔴 distributed-systems
Containers¶
🟢 docker
├── 🔵 container-images
│ ├── 🔵 container-images
│ └── 🔵 container-images
│ └── 🟣 supply-chain-security
├── 🔵 containers-deep-dive
│ ├── 🔵 cgroups-namespaces *
│ ├── 🔵 containers-deep-dive
│ └── 🔵 wasm-infrastructure
├── 🟣 falco *
└── → k8s-ops (see Kubernetes branch)
Kubernetes¶
🔵 k8s-ops [requires: docker, networking]
├── 🔵 k8s-pods-and-scheduling
│ ├── 🔵 k8s-ops (Probes)
│ ├── 🔵 k8s-ops (HPA)
│ ├── 🔵 oomkilled
│ └── 🔵 crashloopbackoff
├── 🔵 k8s-services-and-ingress
│ └── 🟣 k8s-networking
│ ├── 🔴 cilium
│ └── 🟣 service-mesh
│ └── 🔴 istio
│ └── 🔴 envoy
├── 🔵 k8s-storage
├── 🔵 k8s-rbac
│ ├── 🟣 open-policy-agent
│ │ └── 🟣 policy-engines
│ └── 🟣 multi-tenancy
│ └── 🔴 platform-engineering
│ └── 🔴 backstage
├── 🔵 k8s-node-lifecycle
│ └── 🔵 node-maintenance
├── 🔵 k8s-debugging-playbook
│ └── 🟣 infra-forensics
├── 🟣 k8s-ecosystem
│ └── 🔴 crossplane
├── 🟣 etcd
├── 🟣 k8s-ecosystem
├── 🔵 helm
│ ├── 🔵 kustomize
│ ├── 🔵 argocd-gitops
│ │ ├── 🟣 gitops
│ │ │ └── 🟣 argo-workflows
│ │ └── 🟣 progressive-delivery
│ └── 🔵 cert-manager
├── 🟣 chaos-engineering
├── 🟣 fleet-ops
└── 🔴 k8s-ops (HPA) + k8s-ops (Probes) → production-readiness capstone
Infrastructure as Code¶
🔵 terraform [requires: yaml-json-config, git]
├── 🟣 terraform-deep-dive
├── 🔵 opentofu
└── 🔴 pulumi
🔵 ansible [requires: linux-ops, yaml-json-config]
├── 🟣 ansible-deep-dive
├── 🔵 packer
└── 🔵 fleet-ops *
🔵 gitops [requires: git-advanced, argocd-gitops]
└── 🔴 crossplane *
CI/CD and Version Control¶
🟢 git
├── 🔵 git-advanced
│ └── 🔵 git-advanced
├── 🔵 cicd
│ ├── 🔵 ci-cd-patterns
│ │ └── 🔵 cicd-pipelines-realities
│ ├── 🔵 github-actions
│ │ └── 🔵 dora-metrics
│ ├── 🔵 feature-flags
│ └── 🔵 dagger
└── 🔵 make-and-build-systems
Observability¶
🟢 monitoring-fundamentals
├── 🔵 prometheus-deep-dive
│ ├── 🔵 alerting-rules
│ ├── 🔵 slo-tooling
│ │ └── 🟣 postmortem-slo
│ └── 🔵 monitoring-migration
├── 🔵 logging
│ ├── 🟣 log-pipelines
│ │ └── 🟣 elasticsearch
│ └── 🔵 audit-logging *
├── 🔵 opentelemetry
│ └── 🔵 tracing
│ └── 🟣 continuous-profiling
├── 🟣 observability-deep-dive
├── 🔵 synthetic-monitoring
└── 🔵 aws-cloudwatch *
SRE and Incident Management¶
🔵 sre-practices [requires: monitoring-fundamentals]
├── 🔵 incident-triage
│ ├── 🔵 incident-command
│ │ └── 🔵 incident-psychology
│ └── 🔵 runbook-craft
├── 🔵 debugging-methodology
│ └── 🟣 infra-testing
├── 🟣 chaos-engineering *
├── 🔵 load-testing
├── 🟣 capacity-planning
│ └── 🟣 finops
├── 🔵 disaster-recovery *
└── 🟣 ops-war-stories
└── 🟣 legacy-archaeology
└── 🟣 infra-forensics
Security¶
🔵 security-basics [requires: linux-ops, networking]
├── 🟣 secrets-management
│ └── 🔴 hashicorp-vault
│ └── 🔴 consul
├── 🔵 selinux-apparmor *
├── 🟣 offensive-security-basics
├── 🔵 opsec-mistakes
├── 🟣 compliance-automation
│ └── 🟣 audit-logging
├── 🟣 supply-chain-security *
├── 🟣 container-images *
│ └── 🟣 falco
└── 🔵 ldap-identity
Cloud Platforms¶
🔵 cloud-ops-basics [requires: linux-ops, networking]
├── 🔵 aws-ec2
│ ├── 🔵 aws-networking
│ ├── 🔵 aws-iam *
│ ├── 🔵 aws-ecs
│ ├── 🔵 aws-lambda
│ ├── 🔵 aws-route53 *
│ ├── 🟣 aws-s3-deep-dive
│ ├── 🔵 aws-cloudwatch *
│ └── 🟣 aws-troubleshooting
├── 🔵 gcp-troubleshooting
├── 🔵 azure-troubleshooting
└── 🟣 cloud-deep-dive
Data and Storage Systems¶
🟢 sql-fundamentals
├── 🔵 postgresql
│ ├── 🟣 database-internals
│ │ └── 🔴 distributed-systems *
│ └── 🟣 database-ops
│ └── 🟣 backup-restore *
├── 🔵 mysql-ops
└── 🔵 sqlite
🟢 redis [soft: networking]
🔵 message-queues [requires: networking]
├── 🟣 kafka
└── 🔵 rabbitmq
🔵 mongodb-ops [soft: database-internals]
Datacenter and Bare Metal¶
🟢 server-hardware
├── 🔵 dell-poweredge
│ ├── 🔵 ipmi-and-ipmitool
│ │ └── 🔵 redfish
│ └── 🔵 firmware
├── 🔵 datacenter
│ ├── 🟣 datacenter
│ ├── 🟣 disk-and-storage-ops
│ └── 🔵 power
└── 🔵 virtualization
└── 🔵 homelab
🔵 bare-metal-provisioning [requires: linux-ops, ansible]
Programming and Scripting¶
🔵 python-infra [requires: linux-ops]
├── 🔵 python-debugging
│ └── 🔵 strace *
├── 🟣 python-async-concurrency
└── 🔵 python-packaging
🟢 yaml-json-config
└── 🔵 jq
Advanced Specialist Topics¶
🔴 ebpf-observability [requires: linux-performance, k8s-ops]
🔴 wasm-infrastructure [requires: containers-deep-dive]
🟣 ai-devops-tools [requires: linux-ops, cicd]
└── 🔴 ai-ml-ops [requires: ai-devops-tools, k8s-ops]
🟣 network-automation [requires: networking, python-infra]
🟣 edge-iot [requires: linux-ops, networking]
🟣 infra-testing [requires: cicd, terraform]
🟣 dagger [requires: docker, cicd]
Certifications / Exam Tracks¶
These map well onto the tree above:
| Cert Target | Primary Topics |
|---|---|
| LPIC / LFCS | linux-ops, linux-users-and-permissions, linux-ops-systemd, linux-ops-storage, networking |
| RHCE | linux-ops, ansible, linux-hardening, linux-ops-systemd |
| CKA/CKAD | k8s-ops, k8s-pods-and-scheduling, k8s-services-and-ingress, k8s-storage, helm |
| CKS | k8s-rbac, open-policy-agent, supply-chain-security, container-images, falco, tls-pki |
| AWS SAA/SAP | cloud-ops-basics, aws-ec2, aws-networking, aws-iam, aws-s3-deep-dive |
| Terraform Associate | terraform, terraform-deep-dive, gitops |
| Prometheus/Grafana | monitoring-fundamentals, prometheus-deep-dive, alerting-rules, slo-tooling |
See training/library/topics/lpic-lfcs/ and training/library/topics/rhce/ for topic-specific cert guides.