DevOps & DecSecOps Roadmap [From beginner to an expert]

“See the ray of possibilities in every journey of yours.”

Being the first blog of mine, I have a keen desire that this blog must create a gleam in the minds of the readers.

In this blog, I will be explaining the path that I’m following in my DevOps journey.

So, What is DevOps?

This is a common question that you can also find as a recommended question when you are searching for DevOps in Google. But before getting into the actual definition, I’ll explain what is DevOps in simple words.

“Development+Operations=DevOps”

DevOps is not a specific technology, tool, or tech stack, rather it can be defined as a methodology or a process in software development, that helps in delivering software products rapidly and effectively by ensuring a smooth flow in the entire process. Implementing DevOps in the workflow of the company it’ll help both the development team and operations team much relaxed.

“DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes.” — AWS

The “Dev” phase consists of Planning->Creation->Verifying->Building->Packaging of an application. And in the “Ops” phase we have Release->Deploy->Operate->Monitoring of an application. The post-development activities are associated with the operations team.

Why DevOps?

The main advantage of DevOps is the power of automation which can be adopted in every phase of development.

“The most powerful tool we have as developers is automation.” — Scott Hanselman

In a normal development environment, where both the development and operations team work together for the completion of a project. In some cases, when the developer writes the code and passes the code and its configuration for the operations team for testing and deployment, the developer will start working on the next project. At that time during the deployment of the previous project if there an error occurred due to any issue in the code, the operations team will point this to the development team, and this will tamper with the flow of development of the developer on his current project. So to resolve all these conflicts and enhance time management DevOps is being used. In DevOps methodology, both the development and the operations team will work together hand-in-hand, which help them to reduce the complexity of the project and can deliver the product at the right time.

Advantages of DevOps

Following are some of the advantages of implementing DevOps in a project:

• Speed
• Rapid Delivery
• Reliability
• Scalability
• Improved collaboration
• Security

These points may sound similar in every advantage of every technology 😁, but these all advantages contribute DevOps to stand out among other methodologies.

DevSecOps

DevSecOps is an addition of “Sec” in the above-mentioned definition of DevOps.

“Development<+>Security<+>Operations=DevSecOps”

In DevSecOps, security is ensured in every phase of DevOps, i.e., from the planning phase to the final delivery phase, appropriate security integrations are incorporated in each phase.

The main benefit of DevSecOps is to deliver more-secure code/product faster.

Benefits of DevSecOps:

Some of the benefits that can be availed when DevSecOps is implemented in a project are:

• Rapid delivery of secure code
• Security in every phase
• Management of vulnerability assessment and patching

Implementation of DevSecOps:

DevSecOps acts like a cover or a shield for the existing DevOps practices. It can be implemented in many ways.

‘Shift left’ is a DevSecOps mantra: It encourages software engineers to move security from the right (end) to the left (beginning) of the DevOps (delivery) process. In a DevSecOps environment, security is an integral part of the development process from the beginning. An organization that uses DevSecOps brings in its cybersecurity architects and engineers as part of the development team. Their job is to ensure every component, and every configuration item in the stack is patched, configured securely, and documented. — IBM

The main implementation procedure is to make aware both the development and the operations team about the common vulnerabilities so that they can produce secure code and a secure environment for the deployment.

For DevSecOps, the learning path is similar to that of DevOps, the only change is the learning of implementing security in each phase.

Some of the Resources are:

• https://github.com/hahwul/DevSecOps
• Plutora
• OWASP
• Apple

My DevOps Roadmap

The journey to DevOps is a long path with many milestones in it. As I mentioned, since DevOps is not a specific technology, it is better to have an insight into all the updated tools and frameworks. A never-ending desire to learn 🤓 and interest in updating your knowledge will help to achieve this. I strongly believe that breaking up larger tasks into smaller segments will help to accomplish the entire task much more effectively. This is the path that I’m following in my DevOps journey:

1. Learn Operating systems.

Operating systems and their basic concepts are much important when coming to DevOps. Because while dealing with servers it is crucial to know about the topics like Virtualization, Kernels, File and Storage management, etc. Learning Linux is much important in this phase. Understanding Linux commands and learning them will be great.

Resources:

• Introduction to Linux & Terminal Commands — Kunal Kushwaha https://youtu.be/iwolPf6kN-k
• Linux Tutorial for Beginners: Introduction to Linux Operating System — Guru99 https://youtu.be/V1y-mbWM3B8
• Edureka Full Linux Course https://youtu.be/Wgi-OfbP2Gw

2. Learn a programming language

It is necessary to know at least one programming language😐. It is not that big deal to pick up one, of course, there will be some difficulties but hey it’ll be great if you learn a programming language like Python, Golang, etc.

Resources:

• Go: https://youtu.be/YS4e4q9oBaU

https://youtu.be/yyUHQIec83I

• Python: https://youtu.be/_uQrJ0TkZlc

https://youtu.be/rfscVS0vtbw

3. Computer Networks

While dealing with servers it is necessary to ensure inbound and outbound network rules, ports, firewalls. It will better if you could learn various networking protocols, networking models, routing, bridging, etc. By learning this you can administer and control the networks of the server and can lay specific network configurations for your application.

Resources:

• Nerds lesson — https://youtu.be/k9ZigsW9il0

4. Docker and Kubernetes

Docker and Kubernetes are two important CI/CD tools. It is better to have an idea of containers, container images, container orchestration, packaging, etc.

Resources:

• Docker — https://youtu.be/3c-iBn73dDE

https://youtu.be/fqMOX6JJhGo

• Kubernetes — https://youtu.be/X48VuDVv0do

https://youtu.be/PH-2FfFD2PU

5. Other CI/CD tools

Continuous Integration and Continuous Delivery/Continuous Deployment (CI/CD) tools are those tools that facilitate the smooth working of both developers and the operation team. Continuous integration deals with code integration by the developer into the main branch of the project repository, while continuous delivery automates the release of the validated code to the public. Many tools help to support this. Some of them are Jenkins, Circle-CI, Nagios, Github Actions, etc.

Resources:

• Github Actions — https://youtu.be/R8_veQiYBjI
• Jenkins — https://youtu.be/FX322RVNGj4
• Travis CI — https://youtube.com/playlist?list=PLT7ak8zxhXKjVTn3Lwc2MM4eEDfp811ys

Only some of the tools are listed here, once you are familiar with this you can try out the relevant and new tools.

6. Cloud Computing

Cloud computing is one of the hottest technology available right now. Most of the mentioned tools and the projects that are adopted by DevOps methodology are cloud-based. Hence it is important to know the basic cloud terminologies and techniques, once you master that you can switch and practice the services provided by the cloud service provider which you are using.

Resources:

• https://youtu.be/RWgW-CgdIk0
• AWS (Amazon Web Services)
• GCP (Google Cloud Platform)
• Azure(Microsoft Azure)

Bonus topics

Following are some topics that can be learned as add-ons, which will be nice if you have an idea about them.

• Learn scripting languages like YAML, JSON, etc.
• Basics of shell scripting
• Basics of server administration (Linux and Windows)
• Web Servers

Bonus resources

These are some platforms that will help you to stay updated about DevOps and Cloud computing, it will also help you for your reference purposes.

• IBM Technology— https://www.youtube.com/c/IBMTechnology
• DevOps AWS
• DevOps.com
• Atlassian
• Azure
• DevDaily
• Linux Foundation

P.S. These resources will help to get an overview of DevOps. As I said since DevOps is not a specific technology, completion of these paths will give you an insight into this. To become an expert, you need to be updated with the latest tools and technologies. “No small knowledge will never be wasted” with this mindset you can achieve more. Be a never-ending learner and practice what you learned. Applying the things which you’ve learned to real-life will make great changes and will help you to be an expert in that.

Since this is my first blog, I have got that curiosity while researching for writing this blog. Apologies If I had made any sort of mistakes in this blog. Suggestions are always welcomed. Feel free to contact me if you have any suggestions.

Image and Icon credits:

• unDraw
• Icons8