kenpat/kitestacks-homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
kitestacks-homelab/homelab-mastery/learning-path/README.md
kenpat 39a1541270 docs: remove personal A+ cert info from homelab docs 
Strip all CompTIA A+ references, exam dates, and deadlines from the
project-facing documentation. Certifications roadmap now starts at CCNA,
learning path phases renumbered, interview prep updated accordingly.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19 01:12:16 -05:00

5.4 KiB
Raw Permalink Blame History

Learning Path — From Where You Are to Cloud Engineer

Your Advantage

You don't have a blank canvas. You have a live production system you built — eleven services running across two hosts with SSO, active-active failover, and shared databases. Most people study networking in a textbook. You configured Cloudflare DNS, set up Tailscale, debugged a Docker networking ufw issue, and traced a distributed systems bug in OAuth2. That's hands-on experience that study alone can't replicate.

The goal now: attach the vocabulary, depth, and theory to things you've already done.

Phase 1 — CCNA (36 Months)

The CCNA will make everything in your homelab make deeper sense. After CCNA, re-read the networking.md file in this repo and you'll see how much more you understand.

Study approach:

  1. Jeremy's IT Lab (free YouTube + Anki flashcards) — start here
  2. Packet Tracer labs (free from Cisco) — build networks, don't just watch
  3. Subnetting practice — do it daily until it's instant. Use subnettingpractice.com
  4. Week 1-4: OSI model, TCP/IP, subnetting, Ethernet, switching
  5. Week 5-8: VLANs, Spanning Tree, inter-VLAN routing
  6. Week 9-16: IPv4 routing (OSPF, EIGRP), IPv6, ACLs, NAT
  7. Week 17-20: WAN, wireless, security, automation basics, practice exams

Labs to build in Packet Tracer that map to your homelab:

  • Build the monk + kscloud1 network topology
  • Simulate the Cloudflare Tunnel concept with a router acting as the "edge"
  • Set up ACLs that mimic your ufw rules

Phase 2 — AWS SAA-C03 (After CCNA)

Study approach:

  1. Stephane Maarek's course (Udemy) — the industry standard
  2. AWS Free Tier — rebuild your homelab services as AWS equivalents:
    • Forgejo → CodeCommit
    • Custom portal → S3 static website + CloudFront
    • Prometheus/Grafana → CloudWatch
    • Authentik → Cognito
    • Docker Compose → ECS Fargate
    • Tailscale → VPC + PrivateLink
  3. Tutorial Dojo practice exams — Jon Bonso's exams are the most accurate

For each AWS service you study, map it back to your homelab:

AWS Your Homelab Equivalent
EC2 Hetzner VPS (kscloud1)
S3 Static file storage
VPC Docker bridge network (kitestacks)
ALB + CloudFront Cloudflare Tunnel + edge
RDS Shared Postgres on kscloud1 (Authentik + Forgejo)
ElastiCache Shared Redis on kscloud1
CloudWatch Prometheus + Grafana
Route 53 Cloudflare DNS
IAM Authentik RBAC / groups (homelab-admin)
Secrets Manager .env files (what you'd replace)
ECS / Fargate Docker Compose (what you use)
VPC Peering Tailscale overlay
Confluence/SharePoint BookStack
ServiceNow OSTicket

Phase 3 — Hands-On Learning Between Certs

Don't just study. Build.

Projects to add to your homelab that teach real cloud concepts:

  1. Add Terraform — define your kscloud1 server in Terraform so you can destroy and recreate it in minutes. This is Infrastructure as Code, a core cloud skill.

  2. Add a CI/CD pipeline — set up Forgejo Actions (Forgejo's built-in CI/CD) so that pushing to a repo automatically tests and deploys changes. This is what DevOps engineers do all day.

  3. Add Vault — replace .env files with HashiCorp Vault for secrets management. Real production environments never use .env files.

  4. Add Kubernetes — migrate one or two services from Docker Compose to a local k3s cluster. k3s is lightweight Kubernetes — you have enough RAM on monk.

  5. Add automated backups — write a script that backs up your Docker volumes to an S3 bucket (or kscloud1) nightly.

Each of these is a cert objective AND a portfolio item.

Daily Practice Habits

15 minutes per day beats 3 hours on weekends.

  • Subnetting: Do 10 subnet calculations per day during CCNA study
  • Flashcards: Anki for networking concepts, AWS services
  • Logs: Check docker logs on a different service each day — understand what it's saying
  • Break something: Pick one service per week, deliberately misconfigure it, diagnose and fix it. Document what you broke and how you fixed it.
  • Read error messages: When something breaks, read the full error before Googling. Form a hypothesis first.

Resources — Free First

Topic Resource Cost
CCNA Jeremy's IT Lab (YouTube) Free
CCNA labs Cisco Packet Tracer Free
AWS SAA AWS Skill Builder free tier Free
Python automate the boring stuff (automatetheboringstuff.com) Free
Docker docs.docker.com "Get Started" Free
Git git-scm.com/book Free
Linux linuxcommand.org Free
Networking deeper tcpdump / Wireshark tutorials Free

Worth paying for:

  • Stephane Maarek's AWS SAA on Udemy ($15 on sale — never pay full price)
  • Tutorial Dojo AWS practice exams ($15)
  • Jason Dion CCNA practice exams on Udemy ($15)

How to Know You're Ready to Interview

You're ready when you can:

  1. Explain the OAuth2 authorization code flow from memory without notes
  2. Subnet any /24 or /25 network in under 30 seconds
  3. Describe what happens at each layer of the OSI model when you ping google.com
  4. Walk someone through what happens when a request hits www.kitestacks.com
  5. Explain the difference between authentication and authorization
  6. Describe what a VPC is and why it exists
  7. Answer "what would you do differently?" with a real answer (not "nothing")