series

30 Days of DevOps

A hands-on curriculum that builds a real platform from scratch: Git workflows, hardened Docker images, CI/CD, then a full Kubernetes stack — Helm, Ingress, observability, GitOps, security policies, autoscaling and scheduling. Every article ships a working project with verified commands and expected output.

30/30 days published ~13h total Beginner → Advanced

Your progress starts here

30 published · ~13h of hands-on builds · sign in to sync progress across devices

01Foundations

Branching strategies, lean container images, a full Compose stack, and a CI/CD pipeline that gates every image.

0/4
  1. D01Git from Zero — Your First Commit, Branches, and the Two Workflows Real Teams Use27 min read
  2. D02Dockerize Any Application the Right Way — Multi-Stage Builds & Best Practices50 min read
  3. D03Docker Compose for a Full Local Dev Stack — Node.js, PostgreSQL, Redis, and Nginx34 min read
  4. D04GitHub Actions CI/CD — Automated Build, Test, Scan, and Push on Every Commit35 min read

02Kubernetes Core

A local cluster, your app packaged as a Helm chart, and HTTPS traffic through a real Ingress.

0/3
  1. D05Kubernetes Fundamentals — Local Cluster with kind, Pods, Services, and Zero-Downtime Rollouts22 min read
  2. D06Helm — Package Manager for Kubernetes. Charts, Templates, and Multi-Environment Releases22 min read
  3. D07Ingress and TLS — NGINX Ingress Controller, cert-manager, and HTTPS the Way Production Does It22 min read

03Observability

Metrics with Prometheus and Grafana, centralised logs with Loki and LogQL.

0/2
  1. D08Observability — Prometheus, Grafana, and the kube-prometheus-stack in One Install32 min read
  2. D09Centralised Logging — Loki, Promtail, and LogQL for Pinpoint Cluster Debugging31 min read

04GitOps & Secrets

Argo CD drives the cluster from Git; Sealed Secrets make secrets safe to commit.

0/2
  1. D10GitOps with Argo CD — Let Git Drive Your Cluster31 min read
  2. D11Sealed Secrets — Encrypt Kubernetes Secrets for Safe Git Storage24 min read

05Scaling & Guardrails

Autoscaling on real metrics, least-privilege RBAC, Pod Security Standards, quotas and limits.

0/4
  1. D12Horizontal Pod Autoscaler — Scale on CPU, Memory, and Custom Metrics32 min read
  2. D13RBAC — ServiceAccounts, Roles, and the Principle of Least Privilege25 min read
  3. D14Pod Security Standards — Reject Privileged Workloads at Admission Time21 min read
  4. D15ResourceQuotas and LimitRanges — Cap Aggregate Use, Default Per-Pod Limits21 min read

06Reliability & State

Surviving node drains, running PostgreSQL with StatefulSets, init containers and native sidecars.

0/3
  1. D16PodDisruptionBudgets — Keep at Least N Pods Running Across Drains and Rollouts21 min read
  2. D17StatefulSets and Persistent Volumes — Stable Identity for Stateful Workloads21 min read
  3. D18Init Containers and Sidecars — Multi-Container Pod Patterns20 min read

07Workloads & Scheduling

Jobs and CronJobs, DaemonSets on every node, affinity and topology spread, priorities and preemption.

0/4
  1. D19Jobs and CronJobs — Batch Workloads, Parallelism, and Scheduled Backups22 min read
  2. D20DaemonSets — One Pod per Node, for Real Per-Node Concerns22 min read
  3. D21Affinity, Anti-Affinity, and Topology Spread — Telling the Scheduler What 'Spread Out' Means29 min read
  4. D22PriorityClasses and Preemption — Who Gets Evicted When the Cluster Is Full22 min read

08Debugging & Operations

Working on a hardened cluster: ephemeral containers, kubectl debug, node-level forensics.

0/1
  1. D23Ephemeral Containers and kubectl debug — Debugging Pods You Deliberately Locked Down26 min read

09Configuration & Resources

ConfigMaps and the env-vs-file update trap; requests, limits, and the QoS class that decides who survives node pressure; right-sizing requests automatically with the Vertical Pod Autoscaler.

0/3
  1. D24ConfigMaps and Configuration Patterns — env vs Files, Immutability, and the Reload Problem28 min read
  2. D25Requests, Limits, and Quality of Service — Who Survives When a Node Runs Out21 min read
  3. D26Vertical Pod Autoscaler — Right-Sizing Requests Automatically23 min read

10Platform Engineering

How the platform machinery works and how to extend it: Helm hooks and helm test for sequenced, verified releases, then CRDs and the operator pattern that powers every add-on you installed.

0/2
  1. D27Helm Hooks and Chart Testing — Ordering, Migrations, and helm test21 min read
  2. D28Custom Resource Definitions and the Operator Pattern — How Every Add-On Actually Works21 min read

11Resilience & Production

Backup and disaster recovery with Velero — capturing resources and volume data, then proving a restore — capped by the production-readiness checklist that maps every prior day onto a go/no-go review.

0/2
  1. D29Backup and Disaster Recovery — Velero, Volumes, and the pg_dump You Already Have20 min read
  2. D30Production Readiness — The Capstone Checklist15 min read

12Coming up

One new day at a time — follow @syssignals to catch each release.