kenpat/kitestacks-homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
kitestacks-homelab/homelab-mastery/learning-path/README.md
kenpat 1e8319ee75 docs: comprehensive homelab-mastery rewrite with full build guides 
Complete documentation suite for KiteStacks covering all 11 services across
2-host active-active architecture. Includes beginner track (with AI, 8 files)
and advanced track (without AI, 7 files) with time estimates, real troubleshooting
cases, and command-by-command explanations. Updates certifications roadmap to
reflect July 7 2026 A+ Core 2 exam goal.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19 01:08:43 -05:00

146 lines
6.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Learning Path — From Where You Are to Cloud Engineer
## Your Advantage
You don't have a blank canvas. You have a live production system you built — eleven services running across two hosts with SSO, active-active failover, and shared databases. Most people study networking in a textbook. You configured Cloudflare DNS, set up Tailscale, debugged a Docker networking ufw issue, and traced a distributed systems bug in OAuth2. That's hands-on experience that study alone can't replicate.
The goal now: attach the vocabulary, depth, and theory to things you've already done.
---
## Phase 1 — Complete A+ Core 2 (Exam goal: July 7, 2026)
**Focus areas that directly map to your homelab:**
| A+ Core 2 Topic | Your Homelab Connection |
|----------------|------------------------|
| Linux command line | You've been using it — now learn the theory |
| Security fundamentals | Cloudflare Tunnel, ufw, Tailscale private networking |
| Scripting basics | The bash commands you've run |
| Troubleshooting methodology | The `invalid_grant` debug process |
| Remote access | SSH, SSH tunnels (you used `-L` forwarding) |
**Study approach:**
- Professor Messer's Core 2 videos (free YouTube)
- Jason Dion practice exams on Udemy — aim for 85%+ before scheduling
- For each topic, ask: "Where did I see this in my homelab?"
---
## Phase 2 — CCNA (36 Months)
The CCNA will make everything in your homelab make deeper sense. After CCNA, re-read the networking.md file in this repo and you'll see how much more you understand.
**Study approach:**
1. **Jeremy's IT Lab** (free YouTube + Anki flashcards) — start here
2. **Packet Tracer labs** (free from Cisco) — build networks, don't just watch
3. **Subnetting practice** — do it daily until it's instant. Use subnettingpractice.com
4. **Week 1-4:** OSI model, TCP/IP, subnetting, Ethernet, switching
5. **Week 5-8:** VLANs, Spanning Tree, inter-VLAN routing
6. **Week 9-16:** IPv4 routing (OSPF, EIGRP), IPv6, ACLs, NAT
7. **Week 17-20:** WAN, wireless, security, automation basics, practice exams
**Labs to build in Packet Tracer that map to your homelab:**
- Build the monk + kscloud1 network topology
- Simulate the Cloudflare Tunnel concept with a router acting as the "edge"
- Set up ACLs that mimic your ufw rules
---
## Phase 3 — AWS SAA-C03 (After CCNA)
**Study approach:**
1. **Stephane Maarek's course** (Udemy) — the industry standard
2. **AWS Free Tier** — rebuild your homelab services as AWS equivalents:
- Forgejo → CodeCommit
- Custom portal → S3 static website + CloudFront
- Prometheus/Grafana → CloudWatch
- Authentik → Cognito
- Docker Compose → ECS Fargate
- Tailscale → VPC + PrivateLink
3. **Tutorial Dojo practice exams** — Jon Bonso's exams are the most accurate
**For each AWS service you study, map it back to your homelab:**
| AWS | Your Homelab Equivalent |
|-----|------------------------|
| EC2 | Hetzner VPS (kscloud1) |
| S3 | Static file storage |
| VPC | Docker bridge network (kitestacks) |
| ALB + CloudFront | Cloudflare Tunnel + edge |
| RDS | Shared Postgres on kscloud1 (Authentik + Forgejo) |
| ElastiCache | Shared Redis on kscloud1 |
| CloudWatch | Prometheus + Grafana |
| Route 53 | Cloudflare DNS |
| IAM | Authentik RBAC / groups (homelab-admin) |
| Secrets Manager | .env files (what you'd replace) |
| ECS / Fargate | Docker Compose (what you use) |
| VPC Peering | Tailscale overlay |
| Confluence/SharePoint | BookStack |
| ServiceNow | OSTicket |
---
## Phase 4 — Hands-On Learning Between Certs
Don't just study. Build.
**Projects to add to your homelab that teach real cloud concepts:**
1. **Add Terraform** — define your kscloud1 server in Terraform so you can destroy and recreate it in minutes. This is Infrastructure as Code, a core cloud skill.
2. **Add a CI/CD pipeline** — set up Forgejo Actions (Forgejo's built-in CI/CD) so that pushing to a repo automatically tests and deploys changes. This is what DevOps engineers do all day.
3. **Add Vault** — replace .env files with HashiCorp Vault for secrets management. Real production environments never use .env files.
4. **Add Kubernetes** — migrate one or two services from Docker Compose to a local k3s cluster. k3s is lightweight Kubernetes — you have enough RAM on monk.
5. **Add automated backups** — write a script that backs up your Docker volumes to an S3 bucket (or kscloud1) nightly.
Each of these is a cert objective AND a portfolio item.
---
## Daily Practice Habits
**15 minutes per day beats 3 hours on weekends.**
- **Subnetting:** Do 10 subnet calculations per day during CCNA study
- **Flashcards:** Anki for networking concepts, AWS services
- **Logs:** Check `docker logs` on a different service each day — understand what it's saying
- **Break something:** Pick one service per week, deliberately misconfigure it, diagnose and fix it. Document what you broke and how you fixed it.
- **Read error messages:** When something breaks, read the full error before Googling. Form a hypothesis first.
---
## Resources — Free First
| Topic | Resource | Cost |
|-------|----------|------|
| A+ Core 2 | Professor Messer (YouTube) | Free |
| CCNA | Jeremy's IT Lab (YouTube) | Free |
| CCNA labs | Cisco Packet Tracer | Free |
| AWS SAA | AWS Skill Builder free tier | Free |
| Python | automate the boring stuff (automatetheboringstuff.com) | Free |
| Docker | docs.docker.com "Get Started" | Free |
| Git | git-scm.com/book | Free |
| Linux | linuxcommand.org | Free |
| Networking deeper | tcpdump / Wireshark tutorials | Free |
**Worth paying for:**
- Stephane Maarek's AWS SAA on Udemy ($15 on sale — never pay full price)
- Tutorial Dojo AWS practice exams ($15)
- Jason Dion A+/CCNA practice exams on Udemy ($15)
---
## How to Know You're Ready to Interview
You're ready when you can:
1. Explain the OAuth2 authorization code flow from memory without notes
2. Subnet any /24 or /25 network in under 30 seconds
3. Describe what happens at each layer of the OSI model when you ping google.com
4. Walk someone through what happens when a request hits www.kitestacks.com
5. Explain the difference between authentication and authorization
6. Describe what a VPC is and why it exists
7. Answer "what would you do differently?" with a real answer (not "nothing")
Reference in a new issue View git blame Copy permalink