diff --git a/.github/workflows/docs-check.yml b/.github/workflows/docs-check.yml
new file mode 100644
index 0000000..b67267c
--- /dev/null
+++ b/.github/workflows/docs-check.yml
@@ -0,0 +1,57 @@
+name: Documentation Quality Check
+
+on:
+ push:
+ branches: [main, master]
+ pull_request:
+ branches: [main, master]
+
+jobs:
+ markdown-lint:
+ name: Markdown Linting
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Setup Node.js
+ uses: actions/setup-node@v4
+ with:
+ node-version: '18'
+
+ - name: Install markdownlint
+ run: npm install -g markdownlint-cli
+
+ - name: Run markdownlint
+ run: |
+ cat > .markdownlint.json << 'CONFIG'
+ {
+ "default": true,
+ "MD013": false,
+ "MD033": false,
+ "MD024": false
+ }
+ CONFIG
+ markdownlint '**/*.md' --ignore node_modules || true
+
+ validate-yaml:
+ name: Validate YAML Files
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Install yamllint
+ run: pip install yamllint
+
+ - name: Run yamllint
+ run: yamllint hands-on-labs/*.yml labs-executable/**/*.yml || true
+
+ shellcheck:
+ name: Shell Script Validation
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Run ShellCheck
+ uses: ludeeus/action-shellcheck@2.0.0
+ with:
+ check_together: 'yes'
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..99eb1ed
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,69 @@
+```
+# Dependencies
+node_modules/
+
+# Environment
+.env
+.env.local
+*.env.*
+
+# Logs
+*.log
+
+# Editor/IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*.tmp
+
+# System
+.DS_Store
+Thumbs.db
+
+# Build artifacts
+dist/
+build/
+target/
+__pycache__/
+*.pyc
+*.class
+*.o
+*.obj
+*.exe
+*.dll
+*.so
+*.a
+*.out
+
+# Testing/coverage
+.coverage
+coverage/
+htmlcov/
+.mypy_cache/
+.pytest_cache/
+
+# Compressed files
+*.zip
+*.gz
+*.tar
+*.tgz
+*.bz2
+*.xz
+*.7z
+*.rar
+*.zst
+*.lz4
+*.lzh
+*.cab
+*.arj
+*.rpm
+*.deb
+*.Z
+*.lz
+*.lzo
+*.tar.gz
+*.tar.bz2
+*.tar.xz
+*.tar.zst
+```
\ No newline at end of file
diff --git a/cheatsheets/devsecops-security.md b/cheatsheets/devsecops-security.md
new file mode 100644
index 0000000..da0e12f
--- /dev/null
+++ b/cheatsheets/devsecops-security.md
@@ -0,0 +1,178 @@
+# 🔒 DevSecOps Security Cheatsheet
+
+## Security Scanning Commands
+
+### Container Security (Trivy)
+```bash
+# Install Trivy
+curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh
+
+# Scan image
+trivy image nginx:latest
+
+# Scan with severity filter
+trivy image --severity HIGH,CRITICAL myapp:latest
+
+# Generate report
+trivy image -f table -o report.txt myapp:latest
+
+# Scan filesystem
+trivy fs /path/to/code
+```
+
+### Infrastructure as Code (Checkov)
+```bash
+# Install
+pip install checkov
+
+# Scan Terraform
+checkov -d terraform/
+
+# Scan with output
+checkov -d . -o junitxml -o report.xml
+
+# Skip specific checks
+checkov -d . --skip-check CKV_AWS_20
+```
+
+### SAST (Semgrep)
+```bash
+# Install
+pip install semgrep
+
+# Run scan
+semgrep --config auto .
+
+# Specific language
+semgrep --lang python .
+
+# Output formats
+semgrep --json --output results.json .
+```
+
+## Secrets Management
+
+### HashiCorp Vault CLI
+```bash
+# Login
+vault login
+
+# Read secret
+vault read secret/data/myapp
+
+# Write secret
+vault write secret/data/myapp password=secret123
+
+# List secrets
+vault list secret/data/
+
+# Enable KV engine
+vault secrets enable -path=secret kv-v2
+```
+
+### AWS Secrets Manager
+```bash
+# Get secret value
+aws secretsmanager get-secret-value \
+ --secret-id my-secret \
+ --query SecretString --output text
+
+# Create secret
+aws secretsmanager create-secret \
+ --name my-secret \
+ --secret-string '{"password":"secret123"}'
+```
+
+## Network Security
+
+### Firewall Rules (UFW)
+```bash
+# Enable firewall
+sudo ufw enable
+
+# Allow specific ports
+sudo ufw allow 22/tcp # SSH
+sudo ufw allow 443/tcp # HTTPS
+
+# Deny IP
+sudo ufw deny from 192.168.1.100
+
+# Status
+sudo ufw status verbose
+```
+
+### iptables Basics
+```bash
+# List rules
+sudo iptables -L -n -v
+
+# Allow port
+sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
+
+# Drop IP
+sudo iptables -A INPUT -s 192.168.1.100 -j DROP
+
+# Save rules
+sudo iptables-save > /etc/iptables/rules.v4
+```
+
+## SSL/TLS
+
+### OpenSSL Commands
+```bash
+# Generate private key
+openssl genrsa -out server.key 2048
+
+# Create CSR
+openssl req -new -key server.key -out server.csr
+
+# Self-signed certificate
+openssl req -x509 -nodes -days 365 \
+ -newkey rsa:2048 \
+ -keyout server.key -out server.crt
+
+# View certificate
+openssl x509 -in server.crt -text -noout
+
+# Check SSL connection
+openssl s_client -connect example.com:443
+```
+
+### Let's Encrypt (Certbot)
+```bash
+# Install
+sudo apt install certbot python3-certbot-nginx
+
+# Obtain certificate
+sudo certbot --nginx -d example.com
+
+# Auto-renew
+sudo certbot renew --dry-run
+```
+
+## Security Best Practices Checklist
+
+- [ ] Enable MFA on all accounts
+- [ ] Rotate credentials regularly
+- [ ] Use least privilege principle
+- [ ] Scan containers before deployment
+- [ ] Enable encryption at rest and in transit
+- [ ] Implement network segmentation
+- [ ] Monitor and log security events
+- [ ] Keep systems updated
+- [ ] Backup critical data
+- [ ] Test incident response plan
+
+## Common CVEs to Watch
+
+| CVE | Description | Mitigation |
+|-----|-------------|------------|
+| Log4Shell | Remote code execution in Log4j | Update to 2.17+ |
+| Shellshock | Bash vulnerability | Patch bash |
+| Heartbleed | OpenSSL memory leak | Update OpenSSL |
+
+## Resources
+
+- [OWASP Top 10](https://owasp.org/www-project-top-ten/)
+- [CIS Benchmarks](https://www.cisecurity.org/)
+- [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)
diff --git a/devsecops/README.md b/devsecops/README.md
new file mode 100644
index 0000000..86d73da
--- /dev/null
+++ b/devsecops/README.md
@@ -0,0 +1,68 @@
+# 🔒 DevSecOps - Security in DevOps
+
+Integrate security practices throughout the DevOps lifecycle.
+
+## Key Topics
+
+### Security Scanning
+- Static Application Security Testing (SAST)
+- Dynamic Application Security Testing (DAST)
+- Software Composition Analysis (SCA)
+- Container security scanning
+
+### Infrastructure Security
+- Network segmentation
+- Security groups and firewalls
+- Secrets management
+- Identity and Access Management (IAM)
+
+### Compliance & Governance
+- Policy as Code
+- Audit logging
+- Compliance automation
+- Security benchmarks (CIS)
+
+## Tools
+
+| Category | Tools |
+|----------|-------|
+| SAST | SonarQube, Semgrep, Bandit |
+| DAST | OWASP ZAP, Burp Suite |
+| SCA | Snyk, Dependabot, Trivy |
+| Container Security | Clair, Anchore, Docker Scan |
+| Secrets | HashiCorp Vault, AWS Secrets Manager |
+| Policy | OPA, Kyverno, Checkov |
+
+## Best Practices
+
+1. **Shift Left** - Test security early in development
+2. **Automate Everything** - Security checks in CI/CD
+3. **Least Privilege** - Minimal permissions
+4. **Defense in Depth** - Multiple security layers
+5. **Continuous Monitoring** - Real-time threat detection
+
+## Getting Started
+
+```bash
+# Install Trivy for container scanning
+curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh
+
+# Scan a container image
+trivy image nginx:latest
+
+# Install Checkov for IaC scanning
+pip install checkov
+
+# Scan Terraform code
+checkov -d .
+```
+
+## Resources
+
+- [OWASP Top 10](https://owasp.org/www-project-top-ten/)
+- [CIS Benchmarks](https://www.cisecurity.org/cis-benchmarks/)
+- [DevSecOps Roadmap](https://github.com/devsecops/roadmap)
+
+---
+
+**Status:** Initial content - expanding soon
diff --git a/hands-on-labs/app/package.json b/hands-on-labs/app/package.json
new file mode 100644
index 0000000..43899ec
--- /dev/null
+++ b/hands-on-labs/app/package.json
@@ -0,0 +1,13 @@
+{
+ "name": "devops-lab-app",
+ "version": "1.0.0",
+ "main": "server.js",
+ "scripts": {
+ "start": "node server.js"
+ },
+ "dependencies": {
+ "express": "^4.18.2",
+ "pg": "^8.11.3",
+ "ioredis": "^5.3.2"
+ }
+}
diff --git a/hands-on-labs/app/server.js b/hands-on-labs/app/server.js
new file mode 100644
index 0000000..71e702e
--- /dev/null
+++ b/hands-on-labs/app/server.js
@@ -0,0 +1,37 @@
+const express = require('express');
+const { Pool } = require('pg');
+const Redis = require('ioredis');
+
+const app = express();
+const PORT = process.env.PORT || 3000;
+
+const pool = new Pool({
+ host: process.env.DB_HOST || 'localhost',
+ port: process.env.DB_PORT || 5432,
+ database: process.env.DB_NAME || 'appdb',
+ user: process.env.DB_USER || 'postgres',
+ password: process.env.DB_PASSWORD || 'secret123',
+});
+
+const redis = new Redis({
+ host: process.env.REDIS_HOST || 'localhost',
+ port: process.env.REDIS_PORT || 6379,
+});
+
+app.get('/health', async (req, res) => {
+ try {
+ await pool.query('SELECT 1');
+ await redis.ping();
+ res.json({ status: 'healthy', timestamp: new Date().toISOString() });
+ } catch (error) {
+ res.status(500).json({ status: 'unhealthy', error: error.message });
+ }
+});
+
+app.get('/', (req, res) => {
+ res.json({ message: 'DevOps Lab App', version: '1.0.0' });
+});
+
+app.listen(PORT, '0.0.0.0', () => {
+ console.log(`Server running on port ${PORT}`);
+});
diff --git a/hands-on-labs/init.sql b/hands-on-labs/init.sql
new file mode 100644
index 0000000..4589a44
--- /dev/null
+++ b/hands-on-labs/init.sql
@@ -0,0 +1,19 @@
+-- Initialize database schema
+CREATE TABLE IF NOT EXISTS visits (
+ id SERIAL PRIMARY KEY,
+ visited_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+ ip_address INET,
+ user_agent TEXT
+);
+
+-- Insert sample data
+INSERT INTO visits (visited_at) VALUES
+ (NOW() - INTERVAL '1 day'),
+ (NOW() - INTERVAL '2 days'),
+ (NOW() - INTERVAL '3 days');
+
+-- Create index for performance
+CREATE INDEX IF NOT EXISTS idx_visits_visited_at ON visits(visited_at);
+
+GRANT ALL PRIVILEGES ON TABLE visits TO postgres;
+GRANT USAGE, SELECT ON SEQUENCE visits_id_seq TO postgres;
diff --git a/hands-on-labs/lab-04-docker-compose-app.yml b/hands-on-labs/lab-04-docker-compose-app.yml
new file mode 100644
index 0000000..b3792ea
--- /dev/null
+++ b/hands-on-labs/lab-04-docker-compose-app.yml
@@ -0,0 +1,70 @@
+# Lab 4: Multi-Container Application with Docker Compose
+# This lab demonstrates container orchestration with a web app and database
+
+version: '3.8'
+
+services:
+ # Web Application
+ web:
+ image: node:18-alpine
+ container_name: devops-web-app
+ working_dir: /app
+ volumes:
+ - ./app:/app
+ ports:
+ - "3000:3000"
+ environment:
+ - NODE_ENV=production
+ - DB_HOST=db
+ - DB_PORT=5432
+ - DB_NAME=appdb
+ - DB_USER=postgres
+ - DB_PASSWORD=secret123
+ depends_on:
+ db:
+ condition: service_healthy
+ networks:
+ - app-network
+ restart: unless-stopped
+
+ # PostgreSQL Database
+ db:
+ image: postgres:15-alpine
+ container_name: devops-db
+ environment:
+ - POSTGRES_DB=appdb
+ - POSTGRES_USER=postgres
+ - POSTGRES_PASSWORD=secret123
+ volumes:
+ - postgres-data:/var/lib/postgresql/data
+ - ./init.sql:/docker-entrypoint-initdb.d/init.sql
+ ports:
+ - "5432:5432"
+ networks:
+ - app-network
+ healthcheck:
+ test: ["CMD-SHELL", "pg_isready -U postgres"]
+ interval: 10s
+ timeout: 5s
+ retries: 5
+ restart: unless-stopped
+
+ # Redis Cache (optional)
+ redis:
+ image: redis:7-alpine
+ container_name: devops-redis
+ ports:
+ - "6379:6379"
+ networks:
+ - app-network
+ volumes:
+ - redis-data:/data
+ restart: unless-stopped
+
+networks:
+ app-network:
+ driver: bridge
+
+volumes:
+ postgres-data:
+ redis-data:
diff --git a/interview-prep/top-50-questions.md b/interview-prep/top-50-questions.md
index e30d77e..82c24fe 100644
--- a/interview-prep/top-50-questions.md
+++ b/interview-prep/top-50-questions.md
@@ -175,3 +175,129 @@
> - Rolling updates in Kubernetes
> - Feature flags
> - Database migrations that are backward-compatible
+
+## 🐳 Containers & Kubernetes
+
+**Q34. What is the difference between Docker and a VM?**
+> Docker containers share the host kernel and are lightweight (MBs). VMs include full OS with hypervisor overhead (GBs). Containers start in seconds; VMs take minutes.
+
+**Q35. Explain Kubernetes architecture.**
+> - **Master Node**: API server, scheduler, controller manager, etcd
+> - **Worker Nodes**: kubelet, kube-proxy, container runtime
+> - **Pods**: Smallest deployable units
+> - **Services**: Network abstraction for pods
+
+**Q36. What is a Kubernetes Pod?**
+> A Pod is the smallest deployable unit in K8s, containing one or more containers that share storage, network, and specifications.
+
+**Q37. Difference between Deployment and StatefulSet?**
+> - **Deployment**: Stateless apps, pods are interchangeable
+> - **StatefulSet**: Stateful apps, stable network IDs, ordered deployment
+
+---
+
+## 🔧 CI/CD & IaC
+
+**Q38. What is Infrastructure as Code?**
+> Managing infrastructure through code files rather than manual processes. Benefits: version control, repeatability, consistency, documentation.
+
+**Q39. Explain blue-green deployment.**
+> Two identical environments (blue=current, green=new). Deploy to green, test, then switch traffic. Zero downtime, easy rollback.
+
+**Q40. What is canary deployment?**
+> Gradually roll out changes to small subset of users before full deployment. Reduces risk by limiting blast radius.
+
+**Q41. How do you handle secrets in CI/CD?**
+> Use secret management tools (Vault, AWS Secrets Manager), encrypted environment variables, never commit to repo, use CI/CD platform secrets features.
+
+---
+
+## 📊 Observability
+
+**Q42. What are the three pillars of observability?**
+> 1. **Metrics**: Numerical data over time (CPU, memory)
+> 2. **Logs**: Timestamped event records
+> 3. **Traces**: Request flow across services
+
+**Q43. What is the difference between monitoring and observability?**
+> Monitoring tells you WHAT is broken. Observability helps you understand WHY it's broken through exploration and debugging.
+
+**Q44. What is Prometheus?**
+> Open-source monitoring system with pull-based metrics collection, PromQL query language, and alerting capabilities.
+
+---
+
+## ⚖️ Resilience & Reliability
+
+**Q45. What is a circuit breaker pattern?**
+> Prevents cascading failures by stopping requests to failing services. States: Closed (normal), Open (failing), Half-Open (testing recovery).
+
+**Q46. Explain SLO, SLI, and SLA.**
+> - **SLI**: Metric measuring service aspect (latency, availability)
+> - **SLO**: Target value for SLI (99.9% availability)
+> - **SLA**: Contract with consequences if SLOs not met
+
+**Q47. What is error budget?**
+> Allowed amount of failure based on SLO. If SLO is 99.9%, error budget is 0.1%. Used to balance reliability vs feature velocity.
+
+**Q48. What is chaos engineering?**
+> Proactively testing system resilience by injecting failures (network latency, instance termination) to discover weaknesses before they cause incidents.
+
+---
+
+## 🔒 Security
+
+**Q49. What is DevSecOps?**
+> Integrating security practices throughout the DevOps lifecycle. Shift left security, automate security testing, shared responsibility.
+
+**Q50. How do you secure a Docker container?**
+> - Use minimal base images (Alpine)
+> - Run as non-root user
+> - Scan for vulnerabilities
+> - Don't expose unnecessary ports
+> - Use secrets management
+> - Enable read-only filesystem where possible
+
+---
+
+## 🎯 Scenario-Based Questions
+
+**Scenario 1: Production website is down. What do you do?**
+> 1. Check monitoring dashboards
+> 2. Verify recent deployments
+> 3. Check logs for errors
+> 4. Test connectivity (DNS, network)
+> 5. Rollback if recent change caused issue
+> 6. Communicate status to stakeholders
+> 7. Document and conduct postmortem
+
+**Scenario 2: Database is slow. How do you troubleshoot?**
+> 1. Check query performance (slow query log)
+> 2. Analyze indexes
+> 3. Check connections and locks
+> 4. Review resource usage (CPU, memory, I/O)
+> 5. Examine execution plans
+> 6. Consider caching layer
+
+**Scenario 3: How would you design a highly available system?**
+> - Multiple availability zones
+> - Load balancers with health checks
+> - Auto-scaling groups
+> - Database replication
+> - CDN for static content
+> - Backup and disaster recovery plan
+
+---
+
+## 💡 Tips for Interviews
+
+1. **Understand fundamentals** - Don't just memorize tools
+2. **Share real experiences** - Use STAR method (Situation, Task, Action, Result)
+3. **Ask clarifying questions** - Show problem-solving approach
+4. **Admit what you don't know** - But explain how you'd learn
+5. **Practice hands-on** - Build projects, contribute to open source
+6. **Stay updated** - Follow industry blogs, attend meetups
+
+---
+
+**Good luck with your DevOps interviews! 🚀**
diff --git a/labs-executable/ansible/inventory.ini b/labs-executable/ansible/inventory.ini
new file mode 100644
index 0000000..34e6922
--- /dev/null
+++ b/labs-executable/ansible/inventory.ini
@@ -0,0 +1,13 @@
+# Ansible Inventory File
+# Update with your server IPs
+
+[webservers]
+web1.example.com ansible_user=ubuntu
+web2.example.com ansible_user=ubuntu
+
+[dbservers]
+db1.example.com ansible_user=ubuntu
+
+[all:vars]
+ansible_python_interpreter=/usr/bin/python3
+ansible_ssh_private_key_file=~/.ssh/id_rsa
diff --git a/labs-executable/ansible/playbook.yml b/labs-executable/ansible/playbook.yml
new file mode 100644
index 0000000..3fe4ac7
--- /dev/null
+++ b/labs-executable/ansible/playbook.yml
@@ -0,0 +1,81 @@
+---
+# Ansible Playbook: Web Server Setup
+# Installs and configures NGINX web server
+
+- name: Configure Web Servers
+ hosts: all
+ become: yes
+ vars:
+ nginx_port: 80
+ app_name: "DevOps Lab"
+
+ tasks:
+ - name: Update apt cache
+ apt:
+ update_cache: yes
+ cache_valid_time: 3600
+ when: ansible_os_family == "Debian"
+
+ - name: Install NGINX (Debian/Ubuntu)
+ apt:
+ name: nginx
+ state: present
+ when: ansible_os_family == "Debian"
+
+ - name: Install NGINX (RHEL/CentOS)
+ yum:
+ name: nginx
+ state: present
+ when: ansible_os_family == "RedHat"
+
+ - name: Create application directory
+ file:
+ path: /var/www/app
+ state: directory
+ owner: www-data
+ group: www-data
+ mode: '0755'
+
+ - name: Deploy index.html
+ copy:
+ content: |
+
+
+
+ {{ app_name }}
+
+
+
+ Welcome to {{ app_name }}!
+ Deployed with Ansible
+ Server: {{ inventory_hostname }}
+
+
+ dest: /var/www/app/index.html
+
+ - name: Start and enable NGINX
+ service:
+ name: nginx
+ state: started
+ enabled: yes
+
+ - name: Configure firewall (UFW)
+ ufw:
+ rule: allow
+ port: "{{ nginx_port }}"
+ proto: tcp
+ when: ansible_os_family == "Debian"
+
+ - name: Verify NGINX is running
+ command: systemctl status nginx
+ register: nginx_status
+ changed_when: false
+ failed_when: false
+
+ - name: Display NGINX status
+ debug:
+ var: nginx_status.stdout_lines
diff --git a/labs-executable/docker/Dockerfile b/labs-executable/docker/Dockerfile
new file mode 100644
index 0000000..f8c8406
--- /dev/null
+++ b/labs-executable/docker/Dockerfile
@@ -0,0 +1,43 @@
+# Multi-stage Dockerfile for Node.js Application
+# Best practices for production builds
+
+# Stage 1: Build
+FROM node:18-alpine AS builder
+
+WORKDIR /app
+
+# Copy package files
+COPY package*.json ./
+
+# Install dependencies
+RUN npm ci --only=production
+
+# Copy source code
+COPY . .
+
+# Stage 2: Production
+FROM node:18-alpine AS production
+
+# Create non-root user
+RUN addgroup -g 1001 -S nodejs && \
+ adduser -S nodejs -u 1001
+
+WORKDIR /app
+
+# Copy from builder
+COPY --from=builder --chown=nodejs:nodejs /app/node_modules ./node_modules
+COPY --from=builder --chown=nodejs:nodejs /app/package*.json ./
+COPY --from=builder --chown=nodejs:nodejs /app/server.js ./
+
+# Switch to non-root user
+USER nodejs
+
+# Expose port
+EXPOSE 3000
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+ CMD node -e "require('http').get('http://localhost:3000/health', (r) => process.exit(r.statusCode === 200 ? 0 : 1))"
+
+# Start application
+CMD ["node", "server.js"]
diff --git a/labs-executable/docker/docker-compose.prod.yml b/labs-executable/docker/docker-compose.prod.yml
new file mode 100644
index 0000000..97d8be6
--- /dev/null
+++ b/labs-executable/docker/docker-compose.prod.yml
@@ -0,0 +1,38 @@
+version: '3.8'
+
+services:
+ app:
+ build:
+ context: .
+ dockerfile: Dockerfile
+ container_name: production-app
+ ports:
+ - "3000:3000"
+ environment:
+ - NODE_ENV=production
+ - PORT=3000
+ restart: unless-stopped
+ networks:
+ - app-network
+ healthcheck:
+ test: ["CMD", "node", "-e", "require('http').get('http://localhost:3000/health')"]
+ interval: 30s
+ timeout: 10s
+ retries: 3
+
+ nginx:
+ image: nginx:alpine
+ container_name: production-nginx
+ ports:
+ - "80:80"
+ volumes:
+ - ./nginx.conf:/etc/nginx/nginx.conf:ro
+ depends_on:
+ - app
+ restart: unless-stopped
+ networks:
+ - app-network
+
+networks:
+ app-network:
+ driver: bridge
diff --git a/labs-executable/terraform/main.tf b/labs-executable/terraform/main.tf
new file mode 100644
index 0000000..03ccc51
--- /dev/null
+++ b/labs-executable/terraform/main.tf
@@ -0,0 +1,183 @@
+# Terraform AWS EC2 Instance
+# This configuration creates a basic EC2 instance with security group
+
+terraform {
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = "~> 5.0"
+ }
+ }
+}
+
+provider "aws" {
+ region = var.aws_region
+}
+
+variable "aws_region" {
+ description = "AWS region"
+ type = string
+ default = "us-east-1"
+}
+
+variable "instance_type" {
+ description = "EC2 instance type"
+ type = string
+ default = "t2.micro"
+}
+
+variable "environment" {
+ description = "Environment name"
+ type = string
+ default = "dev"
+}
+
+# VPC
+resource "aws_vpc" "main" {
+ cidr_block = "10.0.0.0/16"
+ enable_dns_hostnames = true
+ enable_dns_support = true
+
+ tags = {
+ Name = "${var.environment}-vpc"
+ Environment = var.environment
+ }
+}
+
+# Internet Gateway
+resource "aws_internet_gateway" "main" {
+ vpc_id = aws_vpc.main.id
+
+ tags = {
+ Name = "${var.environment}-igw"
+ Environment = var.environment
+ }
+}
+
+# Public Subnet
+resource "aws_subnet" "public" {
+ vpc_id = aws_vpc.main.id
+ cidr_block = "10.0.1.0/24"
+ availability_zone = "${var.aws_region}a"
+ map_public_ip_on_launch = true
+
+ tags = {
+ Name = "${var.environment}-public-subnet"
+ Environment = var.environment
+ }
+}
+
+# Route Table
+resource "aws_route_table" "public" {
+ vpc_id = aws_vpc.main.id
+
+ route {
+ cidr_block = "0.0.0.0/0"
+ gateway_id = aws_internet_gateway.main.id
+ }
+
+ tags = {
+ Name = "${var.environment}-public-rt"
+ Environment = var.environment
+ }
+}
+
+# Route Table Association
+resource "aws_route_table_association" "public" {
+ subnet_id = aws_subnet.public.id
+ route_table_id = aws_route_table.public.id
+}
+
+# Security Group
+resource "aws_security_group" "web" {
+ name = "${var.environment}-web-sg"
+ description = "Security group for web server"
+ vpc_id = aws_vpc.main.id
+
+ ingress {
+ from_port = 22
+ to_port = 22
+ protocol = "tcp"
+ cidr_blocks = ["0.0.0.0/0"]
+ description = "SSH access"
+ }
+
+ ingress {
+ from_port = 80
+ to_port = 80
+ protocol = "tcp"
+ cidr_blocks = ["0.0.0.0/0"]
+ description = "HTTP access"
+ }
+
+ ingress {
+ from_port = 443
+ to_port = 443
+ protocol = "tcp"
+ cidr_blocks = ["0.0.0.0/0"]
+ description = "HTTPS access"
+ }
+
+ egress {
+ from_port = 0
+ to_port = 0
+ protocol = "-1"
+ cidr_blocks = ["0.0.0.0/0"]
+ description = "Allow all outbound traffic"
+ }
+
+ tags = {
+ Name = "${var.environment}-web-sg"
+ Environment = var.environment
+ }
+}
+
+# EC2 Instance
+resource "aws_instance" "web" {
+ ami = "ami-0c55b159cbfafe1f0" # Amazon Linux 2 (update for your region)
+ instance_type = var.instance_type
+ subnet_id = aws_subnet.public.id
+ vpc_security_group_ids = [aws_security_group.web.id]
+ key_name = var.key_name != "" ? var.key_name : null
+
+ user_data = <<-EOF
+ #!/bin/bash
+ yum update -y
+ yum install -y httpd
+ systemctl start httpd
+ systemctl enable httpd
+ echo "Hello from DevOps Lab!
" > /var/www/html/index.html
+ EOF
+
+ root_block_device {
+ volume_size = 10
+ volume_type = "gp2"
+ }
+
+ tags = {
+ Name = "${var.environment}-web-server"
+ Environment = var.environment
+ }
+}
+
+variable "key_name" {
+ description = "EC2 Key Pair name"
+ type = string
+ default = ""
+}
+
+# Outputs
+output "instance_id" {
+ description = "EC2 Instance ID"
+ value = aws_instance.web.id
+}
+
+output "public_ip" {
+ description = "EC2 Public IP Address"
+ value = aws_instance.web.public_ip
+}
+
+output "vpc_id" {
+ description = "VPC ID"
+ value = aws_vpc.main.id
+}
diff --git a/phase-1-linux/README.md b/phase-1-linux/README.md
new file mode 100644
index 0000000..7915a67
--- /dev/null
+++ b/phase-1-linux/README.md
@@ -0,0 +1,105 @@
+# 🐧 Phase 1: Linux & System Fundamentals
+
+Master the foundation of DevOps with Linux and shell scripting skills.
+
+## Topics Covered
+
+### ✅ Topic 1: Linux Basics
+- File system hierarchy
+- Essential commands (navigation, file operations, permissions)
+- User and process management
+- Disk usage and monitoring
+- Text processing tools
+- Networking basics
+- Package management
+
+**Resources:**
+- [Topic Guide](./topic-01-linux-basics.md)
+- [Hands-on Lab](./lab-topic-01.sh)
+
+### ✅ Topic 2: Shell Scripting
+- Script structure and shebang
+- Variables and data types
+- Conditional statements
+- Loops (for, while)
+- Functions and arrays
+- Error handling
+- String manipulation
+- Debugging techniques
+
+**Resources:**
+- [Topic Guide](./topic-02-shell-scripting.md)
+
+### 📝 Topic 3: Systemd Deep Dive
+- Understanding systemd architecture
+- Service unit files
+- Managing services (start, stop, enable, disable)
+- Journalctl for log management
+- Boot process analysis
+- Creating custom services
+- Timers and targets
+
+**Coming Soon:** Detailed guide and labs
+
+### 📝 Topic 4: Filesystems & I/O
+- Linux filesystem types (ext4, xfs, btrfs)
+- Disk partitioning and LVM
+- Mount options and fstab
+- I/O scheduling
+- Inodes and file limits
+- Performance tuning
+- Network filesystems (NFS, CIFS)
+
+**Coming Soon:** Detailed guide and labs
+
+## Learning Path
+
+1. Start with **Linux Basics** - Master fundamental commands
+2. Move to **Shell Scripting** - Automate your workflows
+3. Dive into **Systemd** - Understand service management
+4. Explore **Filesystems** - Learn storage management
+
+## Hands-On Labs
+
+```bash
+# Run the Linux Basics lab
+chmod +x lab-topic-01.sh
+./lab-topic-01.sh
+
+# Practice shell scripting exercises
+# See topic-02-shell-scripting.md for examples
+```
+
+## Prerequisites
+
+- Basic computer literacy
+- Access to a Linux environment (VM, cloud instance, or WSL)
+- Terminal access
+
+## Learning Outcomes
+
+After completing Phase 1, you will be able to:
+- Navigate Linux filesystem confidently
+- Manage users, groups, and permissions
+- Write basic to intermediate shell scripts
+- Monitor and manage system processes
+- Analyze logs and troubleshoot issues
+- Understand systemd service management
+- Configure and manage storage
+
+## Time Estimate
+
+- Topic 1: 3-4 days
+- Topic 2: 4-5 days
+- Topic 3: 2-3 days
+- Topic 4: 2-3 days
+
+**Total: 11-15 days**
+
+## Next Phase
+
+After mastering Linux fundamentals, proceed to [Phase 2: Networking](../phase-2-networking/README.md)
+
+---
+
+**Phase Status:** In Progress (2/4 topics complete)
diff --git a/phase-1-linux/lab-topic-01.sh b/phase-1-linux/lab-topic-01.sh
new file mode 100755
index 0000000..faa7993
--- /dev/null
+++ b/phase-1-linux/lab-topic-01.sh
@@ -0,0 +1,182 @@
+#!/bin/bash
+
+# Topic 1 Lab: Linux Basics Practice Script
+# This script provides hands-on exercises for Linux fundamentals
+
+set -e # Exit on error
+
+echo "=========================================="
+echo "🐧 Linux Basics - Hands-On Lab"
+echo "=========================================="
+echo ""
+
+# Exercise 1: File System Navigation
+echo "📁 Exercise 1: File System Navigation"
+echo "--------------------------------------"
+
+LAB_DIR="$HOME/devops-lab-$(date +%s)"
+mkdir -p "$LAB_DIR"/{scripts,logs,config,data}
+echo "✅ Created directory structure at: $LAB_DIR"
+
+cd "$LAB_DIR"
+touch config/app.conf logs/app.log scripts/deploy.sh data/sample.txt
+echo "✅ Created initial files"
+
+echo ""
+echo "Directory structure:"
+find . -type f | sort
+echo ""
+
+# Exercise 2: Permissions
+echo "🔐 Exercise 2: File Permissions"
+echo "--------------------------------"
+
+cat > scripts/hello.sh << 'EOF'
+#!/bin/bash
+echo "Hello from DevOps Lab!"
+echo "Current user: $(whoami)"
+echo "Date: $(date)"
+EOF
+
+echo "Created scripts/hello.sh"
+echo "Permissions before chmod:"
+ls -l scripts/hello.sh
+
+chmod +x scripts/hello.sh
+echo ""
+echo "Permissions after chmod +x:"
+ls -l scripts/hello.sh
+
+echo ""
+echo "Executing the script:"
+./scripts/hello.sh
+echo ""
+
+# Exercise 3: Text Processing
+echo "📝 Exercise 3: Text Processing & Log Analysis"
+echo "----------------------------------------------"
+
+cat > logs/application.log << 'EOF'
+2024-01-15 10:00:01 INFO Application started successfully
+2024-01-15 10:00:02 DEBUG Loading configuration from /etc/app/config.yml
+2024-01-15 10:00:03 INFO Database connection established
+2024-01-15 10:00:04 WARN High memory usage detected: 85%
+2024-01-15 10:00:05 ERROR Failed to connect to external API
+2024-01-15 10:00:06 INFO Retrying API connection...
+2024-01-15 10:00:07 INFO API connection successful
+2024-01-15 10:00:08 DEBUG Processing batch job #1234
+2024-01-15 10:00:09 ERROR Timeout waiting for response
+2024-01-15 10:00:10 WARN Disk space below 20%
+2024-01-15 10:00:11 INFO Batch job completed
+2024-01-15 10:00:12 ERROR Authentication failed for user admin
+2024-01-15 10:00:13 INFO User guest logged in
+2024-01-15 10:00:14 DEBUG Cache cleared
+2024-01-15 10:00:15 INFO Application shutdown initiated
+EOF
+
+echo "Created sample log file with 15 entries"
+echo ""
+
+echo "Total log entries: $(wc -l < logs/application.log)"
+echo "ERROR count: $(grep -c 'ERROR' logs/application.log)"
+echo "WARN count: $(grep -c 'WARN' logs/application.log)"
+echo "INFO count: $(grep -c 'INFO' logs/application.log)"
+echo ""
+
+echo "All ERROR lines:"
+grep "ERROR" logs/application.log
+echo ""
+
+echo "Lines with context (1 before, 1 after) for ERROR:"
+grep -A 1 -B 1 "ERROR" logs/application.log | head -20
+echo ""
+
+# Exercise 4: Process Management
+echo "⚙️ Exercise 4: Process Management"
+echo "-----------------------------------"
+
+echo "Starting background processes..."
+sleep 30 &
+PID1=$!
+sleep 60 &
+PID2=$!
+
+echo "Started sleep processes with PIDs: $PID1 and $PID2"
+echo ""
+
+echo "Current sleep processes:"
+ps aux | grep "[s]leep" || echo "No sleep processes found"
+echo ""
+
+echo "Killing process $PID1..."
+kill $PID1
+sleep 1
+
+echo "Remaining sleep processes:"
+ps aux | grep "[s]leep" || echo "No sleep processes found"
+echo ""
+
+# Cleanup
+kill $PID2 2>/dev/null || true
+
+# Exercise 5: Disk Usage
+echo "💾 Exercise 5: Disk Usage Analysis"
+echo "-----------------------------------"
+
+echo "Disk usage summary:"
+df -h | head -5
+echo ""
+
+echo "Size of our lab directory:"
+du -sh "$LAB_DIR"
+echo ""
+
+echo "File sizes in lab directory:"
+du -ah "$LAB_DIR" | sort -rh | head -10
+echo ""
+
+# Exercise 6: User & Group Info
+echo "👤 Exercise 6: User & Group Information"
+echo "----------------------------------------"
+
+echo "Current user: $(whoami)"
+echo "User ID: $(id -u)"
+echo "Group ID: $(id -g)"
+echo "Groups: $(id -Gn)"
+echo ""
+
+# Exercise 7: Network Basics
+echo "🌐 Exercise 7: Network Information"
+echo "-----------------------------------"
+
+echo "Hostname: $(hostname)"
+echo ""
+
+echo "IP Addresses:"
+ip addr show | grep "inet " | awk '{print $2}' | head -5
+echo ""
+
+echo "Testing connectivity to google.com..."
+if ping -c 2 -W 2 google.com &>/dev/null; then
+ echo "✅ Connectivity OK"
+else
+ echo "⚠️ No internet connectivity (this is OK in some environments)"
+fi
+echo ""
+
+# Final Summary
+echo "=========================================="
+echo "✅ Lab Complete!"
+echo "=========================================="
+echo ""
+echo "Summary:"
+echo "- Created directory structure at: $LAB_DIR"
+echo "- Practiced file permissions"
+echo "- Analyzed log files with grep, awk, and other tools"
+echo "- Managed background processes"
+echo "- Checked disk usage"
+echo "- Reviewed user and network information"
+echo ""
+echo "To clean up, run: rm -rf $LAB_DIR"
+echo ""
+echo "Next: Move on to Topic 2 - Shell Scripting"
diff --git a/phase-1-linux/topic-01-linux-basics.md b/phase-1-linux/topic-01-linux-basics.md
new file mode 100644
index 0000000..37137db
--- /dev/null
+++ b/phase-1-linux/topic-01-linux-basics.md
@@ -0,0 +1,241 @@
+# 🐧 Topic 1: Linux Basics
+
+## Overview
+Linux is the foundation of DevOps. Most servers, containers, and cloud infrastructure run on Linux. Mastering Linux fundamentals is essential for any DevOps engineer.
+
+## Key Concepts
+
+### 1. File System Hierarchy
+```
+/ # Root directory
+├── bin # Essential binaries (commands)
+├── boot # Boot loader files
+├── dev # Device files
+├── etc # Configuration files
+├── home # User home directories
+├── lib # Shared libraries
+├── media # Removable media mount point
+├── mnt # Temporary mount point
+├── opt # Optional/additional software
+├── proc # Process information (virtual)
+├── root # Root user's home directory
+├── run # Runtime data
+├── sbin # System binaries (admin commands)
+├── srv # Service data
+├── sys # System information (virtual)
+├── tmp # Temporary files
+├── usr # User programs and data
+└── var # Variable data (logs, databases)
+```
+
+### 2. Essential Commands
+
+#### Navigation
+```bash
+pwd # Print working directory
+ls -la # List all files with details
+cd /path/to/dir # Change directory
+cd .. # Go up one level
+cd ~ # Go to home directory
+```
+
+#### File Operations
+```bash
+touch file.txt # Create empty file
+mkdir directory # Create directory
+cp source dest # Copy file/directory
+mv source dest # Move/rename file/directory
+rm file.txt # Remove file
+rm -rf directory # Remove directory recursively
+cat file.txt # Display file content
+less file.txt # View file page by page
+head -n 10 file.txt # Show first 10 lines
+tail -f file.log # Follow log file in real-time
+```
+
+#### Permissions
+```bash
+chmod 755 file # rwxr-xr-x (owner: all, group: rx, others: rx)
+chmod +x script.sh # Make executable
+chown user:group file # Change owner and group
+```
+
+Permission bits:
+- `r` = read (4)
+- `w` = write (2)
+- `x` = execute (1)
+
+### 3. User Management
+```bash
+whoami # Current user
+id # User and group IDs
+sudo command # Execute as root
+su - username # Switch user
+adduser newuser # Create new user (Debian/Ubuntu)
+useradd -m newuser # Create new user (RHEL/CentOS)
+passwd username # Change user password
+deluser username # Delete user
+```
+
+### 4. Process Management
+```bash
+ps aux # Show all running processes
+top # Interactive process viewer
+htop # Enhanced top (if installed)
+kill PID # Terminate process
+kill -9 PID # Force kill process
+pkill process_name # Kill by name
+bg # Resume job in background
+fg # Bring job to foreground
+jobs # List background jobs
+```
+
+### 5. Disk Usage
+```bash
+df -h # Disk space (human readable)
+du -sh directory # Directory size
+du -ah | sort -rh # Find largest files
+```
+
+### 6. Text Processing
+```bash
+grep "pattern" file # Search for pattern
+grep -r "pattern" dir # Recursive search
+awk '{print $1}' file # Print first column
+cut -d: -f1 /etc/passwd # Cut first field using : delimiter
+sed 's/old/new/g' file # Replace text
+wc -l file # Count lines
+sort file.txt # Sort lines
+uniq file.txt # Remove duplicates
+```
+
+### 7. Networking Basics
+```bash
+ip addr show # Show IP addresses
+ip route show # Show routing table
+ping google.com # Test connectivity
+curl https://example.com # HTTP request
+wget url # Download file
+netstat -tulpn # Show listening ports (deprecated)
+ss -tulpn # Show listening ports (modern)
+nslookup domain.com # DNS lookup
+dig domain.com # Detailed DNS info
+```
+
+### 8. Package Management
+
+#### Debian/Ubuntu (APT)
+```bash
+sudo apt update
+sudo apt upgrade
+sudo apt install package_name
+sudo apt remove package_name
+sudo apt search keyword
+```
+
+#### RHEL/CentOS (YUM/DNF)
+```bash
+sudo yum update
+sudo yum install package_name
+sudo yum remove package_name
+sudo yum search keyword
+```
+
+## Hands-On Exercises
+
+### Exercise 1: File System Navigation
+```bash
+# Create a directory structure
+mkdir -p ~/devops-lab/{scripts,logs,config}
+cd ~/devops-lab
+
+# Create some files
+touch config/app.conf
+touch logs/app.log
+touch scripts/deploy.sh
+
+# List the structure
+tree . # or use: find . -type f
+```
+
+### Exercise 2: Permission Practice
+```bash
+# Create a script
+echo '#!/bin/bash\necho "Hello DevOps!"' > hello.sh
+
+# Try to run it (will fail)
+./hello.sh
+
+# Make it executable
+chmod +x hello.sh
+
+# Run it successfully
+./hello.sh
+```
+
+### Exercise 3: Log Analysis
+```bash
+# Create sample log
+cat > /tmp/sample.log << EOF
+2024-01-15 10:00:01 INFO Application started
+2024-01-15 10:00:02 ERROR Database connection failed
+2024-01-15 10:00:03 WARN Retrying connection
+2024-01-15 10:00:04 INFO Connected successfully
+2024-01-15 10:00:05 ERROR Timeout occurred
+EOF
+
+# Find all errors
+grep "ERROR" /tmp/sample.log
+
+# Count errors
+grep -c "ERROR" /tmp/sample.log
+
+# Show context around errors
+grep -A 2 -B 2 "ERROR" /tmp/sample.log
+```
+
+### Exercise 4: Process Management
+```bash
+# Start a long-running process
+sleep 1000 &
+
+# Find its PID
+ps aux | grep sleep
+
+# Kill the process
+kill
+
+# Verify it's gone
+ps aux | grep sleep
+```
+
+## Common Issues & Solutions
+
+| Issue | Solution |
+|-------|----------|
+| Permission denied | Check permissions with `ls -l`, use `chmod` or `sudo` |
+| Command not found | Install package or check PATH |
+| No space left on device | Use `df -h` to check, clean with `du` |
+| Too many open files | Check with `ulimit -n`, increase if needed |
+
+## Best Practices
+
+1. **Never run `rm -rf /`** - This will destroy your system
+2. **Use `sudo` wisely** - Only when necessary
+3. **Backup before deleting** - Especially in production
+4. **Check disk space regularly** - Use monitoring tools
+5. **Log rotation** - Prevent logs from filling disk
+6. **Use meaningful filenames** - Avoid spaces, use underscores
+
+## Next Steps
+
+- Practice daily with Linux commands
+- Learn shell scripting (Topic 2)
+- Understand systemd services (Topic 3)
+- Explore filesystem management (Topic 4)
+
+## Additional Resources
+
+- [Linux Journey](https://linuxjourney.com/) - Interactive learning
+- [OverTheWire Bandit](https://overthewire.org/wargames/bandit/) - Security wargame
+- [Explainshell](https://explainshell.com/) - Command explanation tool
diff --git a/phase-1-linux/topic-02-shell-scripting.md b/phase-1-linux/topic-02-shell-scripting.md
new file mode 100644
index 0000000..d8577de
--- /dev/null
+++ b/phase-1-linux/topic-02-shell-scripting.md
@@ -0,0 +1,462 @@
+# 🐧 Topic 2: Shell Scripting
+
+## Overview
+Shell scripting automates repetitive tasks, streamlines workflows, and enables infrastructure automation. Bash (Bourne Again Shell) is the most common shell in Linux environments.
+
+## Key Concepts
+
+### 1. Script Structure
+
+#### Shebang Line
+```bash
+#!/bin/bash
+```
+Always start scripts with a shebang to specify the interpreter.
+
+#### Basic Script Template
+```bash
+#!/bin/bash
+set -euo pipefail # Exit on error, undefined vars, pipe failures
+
+# Variables
+SCRIPT_NAME=$(basename "$0")
+LOG_FILE="/var/log/${SCRIPT_NAME}.log"
+
+# Functions
+log() {
+ echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*" | tee -a "$LOG_FILE"
+}
+
+# Main execution
+main() {
+ log "Script started"
+ # Your code here
+ log "Script completed"
+}
+
+main "$@"
+```
+
+### 2. Variables
+
+```bash
+# Variable assignment (no spaces around =)
+NAME="DevOps"
+VERSION=1.0
+
+# Using variables
+echo "Hello $NAME"
+echo "Version: ${VERSION}"
+
+# Special variables
+$0 # Script name
+$1-$9 # Positional parameters
+$# # Number of arguments
+$@ # All arguments
+$? # Exit status of last command
+$$ # Current process ID
+$! # Last background process ID
+
+# Read-only variables
+readonly PI=3.14159
+
+# User input
+read -p "Enter your name: " USER_NAME
+echo "Hello, $USER_NAME"
+```
+
+### 3. Conditional Statements
+
+#### If Statements
+```bash
+# Simple if
+if [ condition ]; then
+ commands
+fi
+
+# If-else
+if [ condition ]; then
+ commands
+else
+ commands
+fi
+
+# If-elif-else
+if [ condition1 ]; then
+ commands
+elif [ condition2 ]; then
+ commands
+else
+ commands
+fi
+```
+
+#### Test Conditions
+```bash
+# File tests
+[ -f file ] # File exists
+[ -d dir ] # Directory exists
+[ -e path ] # Path exists
+[ -r file ] # Readable
+[ -w file ] # Writable
+[ -x file ] # Executable
+[ -s file ] # Size > 0
+
+# String tests
+[ -z "$str" ] # Empty string
+[ -n "$str" ] # Non-empty string
+[ "$a" = "$b" ] # Equal
+[ "$a" != "$b" ] # Not equal
+
+# Numeric tests
+[ $a -eq $b ] # Equal
+[ $a -ne $b ] # Not equal
+[ $a -gt $b ] # Greater than
+[ $a -lt $b ] # Less than
+[ $a -ge $b ] # Greater or equal
+[ $a -le $b ] # Less or equal
+
+# Modern syntax (preferred)
+[[ condition ]] # More powerful than []
+(( arithmetic )) # Arithmetic evaluation
+```
+
+### 4. Loops
+
+#### For Loop
+```bash
+# Iterate over items
+for item in app1 app2 app3; do
+ echo "Processing $item"
+done
+
+# Iterate over files
+for file in *.txt; do
+ echo "File: $file"
+done
+
+# C-style for loop
+for ((i=0; i<10; i++)); do
+ echo "Number: $i"
+done
+
+# Iterate over command output
+for user in $(cat /etc/passwd | cut -d: -f1); do
+ echo "User: $user"
+done
+```
+
+#### While Loop
+```bash
+# Basic while
+count=0
+while [ $count -lt 5 ]; do
+ echo "Count: $count"
+ ((count++))
+done
+
+# Read file line by line
+while IFS= read -r line; do
+ echo "Line: $line"
+done < file.txt
+
+# Infinite loop with break
+while true; do
+ echo "Press Ctrl+C to stop"
+ sleep 5
+ break # Remove for actual infinite loop
+done
+```
+
+### 5. Case Statement
+```bash
+case $1 in
+ start)
+ echo "Starting service..."
+ ;;
+ stop)
+ echo "Stopping service..."
+ ;;
+ restart)
+ echo "Restarting service..."
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart}"
+ exit 1
+ ;;
+esac
+```
+
+### 6. Functions
+```bash
+# Define function
+greet() {
+ local name=$1
+ echo "Hello, $name!"
+}
+
+# Call function
+greet "DevOps"
+
+# Function with return value
+check_file() {
+ local file=$1
+ if [ -f "$file" ]; then
+ return 0 # Success
+ else
+ return 1 # Failure
+ fi
+}
+
+# Check return value
+if check_file "/etc/passwd"; then
+ echo "File exists"
+fi
+```
+
+### 7. Arrays
+```bash
+# Declare array
+servers=("web1" "web2" "web3")
+
+# Access elements
+echo "${servers[0]}" # First element
+echo "${servers[@]}" # All elements
+echo "${#servers[@]}" # Array length
+
+# Add element
+servers+=("web4")
+
+# Iterate
+for server in "${servers[@]}"; do
+ echo "Server: $server"
+done
+```
+
+### 8. Command Substitution
+```bash
+# Capture command output
+DATE=$(date +%Y-%m-%d)
+HOSTNAME=$(hostname)
+FILES=$(ls -1 | wc -l)
+
+echo "Date: $DATE"
+echo "Hostname: $HOSTNAME"
+echo "Files: $FILES"
+```
+
+### 9. Error Handling
+```bash
+#!/bin/bash
+set -euo pipefail # Strict mode
+
+# Trap errors
+trap 'echo "Error on line $LINENO"' ERR
+
+# Check if command succeeded
+if ! command -v docker &>/dev/null; then
+ echo "Docker not installed"
+ exit 1
+fi
+
+# Or use || operator
+mkdir /protected/directory || echo "Failed to create directory"
+
+# Custom error function
+error_exit() {
+ echo "ERROR: $1" >&2
+ exit 1
+}
+
+# Usage
+[ -f config.txt ] || error_exit "Config file not found"
+```
+
+### 10. String Manipulation
+```bash
+STRING="Hello World DevOps"
+
+# Length
+echo ${#STRING} # 20
+
+# Substring
+echo ${STRING:0:5} # Hello
+echo ${STRING:6} # World DevOps
+
+# Replace
+echo ${STRING/World/Universe} # Hello Universe DevOps
+echo ${STRING//o/O} # HellO WOrld DevOps (all occurrences)
+
+# Remove pattern
+echo ${STRING#Hello } # World DevOps (from beginning)
+echo ${STRING%DevOps} # Hello World (from end)
+
+# Upper/Lower case
+echo ${STRING^^} # HELLO WORLD DEVOPS
+echo ${STRING,,} # hello world devops
+```
+
+## Hands-On Exercises
+
+### Exercise 1: Backup Script
+```bash
+#!/bin/bash
+# backup.sh - Create timestamped backups
+
+BACKUP_DIR="/tmp/backups"
+SOURCE_DIR="$HOME/documents"
+TIMESTAMP=$(date +%Y%m%d_%H%M%S)
+
+mkdir -p "$BACKUP_DIR"
+
+if [ -d "$SOURCE_DIR" ]; then
+ tar -czf "$BACKUP_DIR/backup_$TIMESTAMP.tar.gz" "$SOURCE_DIR"
+ echo "Backup created: backup_$TIMESTAMP.tar.gz"
+else
+ echo "Source directory not found"
+ exit 1
+fi
+```
+
+### Exercise 2: System Health Check
+```bash
+#!/bin/bash
+# health-check.sh - Monitor system resources
+
+echo "=== System Health Check ==="
+echo ""
+
+# Disk usage
+echo "📊 Disk Usage:"
+df -h / | tail -1 | awk '{print " Used: " $3 " / " $2 " (" $5 ")"}'
+echo ""
+
+# Memory usage
+echo "💾 Memory Usage:"
+free -h | grep Mem | awk '{print " Used: " $3 " / " $2}'
+echo ""
+
+# Load average
+echo "⚡ Load Average:"
+uptime | awk -F'load average:' '{print " " $2}'
+echo ""
+
+# Top processes by CPU
+echo "🔝 Top 3 CPU Processes:"
+ps aux --sort=-%cpu | head -4 | tail -3 | awk '{print " " $11 " (" $3 "%)"}'
+echo ""
+
+echo "✅ Health check complete"
+```
+
+### Exercise 3: User Management Script
+```bash
+#!/bin/bash
+# user-manager.sh - Create users with home directories
+
+if [ $# -ne 1 ]; then
+ echo "Usage: $0 "
+ exit 1
+fi
+
+USERNAME=$1
+
+if id "$USERNAME" &>/dev/null; then
+ echo "User $USERNAME already exists"
+ exit 1
+fi
+
+useradd -m -s /bin/bash "$USERNAME"
+if [ $? -eq 0 ]; then
+ echo "User $USERNAME created successfully"
+ echo "Home directory: /home/$USERNAME"
+else
+ echo "Failed to create user"
+ exit 1
+fi
+```
+
+### Exercise 4: Log Analyzer
+```bash
+#!/bin/bash
+# log-analyzer.sh - Analyze web server logs
+
+LOG_FILE="${1:-/var/log/nginx/access.log}"
+
+if [ ! -f "$LOG_FILE" ]; then
+ echo "Log file not found: $LOG_FILE"
+ exit 1
+fi
+
+echo "=== Log Analysis Report ==="
+echo "File: $LOG_FILE"
+echo ""
+
+echo "Total Requests: $(wc -l < "$LOG_FILE")"
+echo ""
+
+echo "Top 5 IP Addresses:"
+awk '{print $1}' "$LOG_FILE" | sort | uniq -c | sort -rn | head -5
+echo ""
+
+echo "HTTP Status Codes:"
+awk '{print $9}' "$LOG_FILE" | sort | uniq -c | sort -rn
+echo ""
+
+echo "Requests per Hour:"
+awk -F'[' '{print $2}' "$LOG_FILE" | cut -d: -f2 | sort | uniq -c
+```
+
+## Best Practices
+
+1. **Use `set -euo pipefail`** for strict error handling
+2. **Quote variables**: `"$VAR"` not `$VAR`
+3. **Use functions** for reusability
+4. **Add comments** for complex logic
+5. **Validate inputs** before processing
+6. **Use meaningful variable names**
+7. **Handle errors gracefully**
+8. **Test scripts thoroughly**
+9. **Use `shellcheck`** for linting
+10. **Document usage** with help messages
+
+## Common Pitfalls
+
+| Mistake | Correct Approach |
+|---------|-----------------|
+| `if [ $VAR = "test" ]` | `if [ "$VAR" = "test" ]` |
+| `for i in $(ls)` | `for file in *` or `while read` |
+| No error checking | Use `set -e` and check `$?` |
+| Hardcoded paths | Use variables or environment |
+| No input validation | Check arguments and types |
+
+## Debugging Tips
+
+```bash
+# Run with debug output
+bash -x script.sh
+
+# Syntax check only
+bash -n script.sh
+
+# Add debug in script
+set -x # Enable debug
+# ... code ...
+set +x # Disable debug
+
+# Use trap for debugging
+trap 'echo "Line $LINENO: $BASH_COMMAND"' DEBUG
+```
+
+## Next Steps
+
+- Practice writing daily automation scripts
+- Learn about cron jobs for scheduling
+- Explore advanced bash features
+- Study systemd services (Topic 3)
+
+## Additional Resources
+
+- [ShellCheck](https://www.shellcheck.net/) - Online linter
+- [Bash Guide](https://mywiki.wooledge.org/BashGuide) - Comprehensive guide
+- [Explainshell](https://explainshell.com/) - Command explanation
diff --git a/phase-2-networking/README.md b/phase-2-networking/README.md
new file mode 100644
index 0000000..4746b1b
--- /dev/null
+++ b/phase-2-networking/README.md
@@ -0,0 +1,91 @@
+# 🌐 Phase 2: Networking
+
+Master networking fundamentals essential for DevOps engineers.
+
+## Topics Covered
+
+### ✅ Topic 5: Networking Basics
+- OSI and TCP/IP models
+- IP addressing and subnetting
+- TCP vs UDP
+- Common ports and protocols
+- Routing and NAT
+- Firewalls
+
+**Resources:**
+- [Topic Guide](./topic-05-networking-basics.md)
+
+### 📝 Topic 6: HTTP Internals
+- HTTP request/response lifecycle
+- Headers and methods
+- HTTP/2 and HTTP/3
+- Status codes
+- Cookies and sessions
+
+**Coming Soon**
+
+### 📝 Topic 7: TLS & Certificates
+- SSL/TLS handshake
+- Certificate authorities
+- PKI infrastructure
+- Let's Encrypt
+- Certificate management
+
+**Coming Soon**
+
+### 📝 Topic 8: DNS in Practice
+- Name resolution process
+- DNS records (A, AAAA, CNAME, MX, TXT)
+- Debugging tools
+- DNS security
+- Internal DNS setup
+
+**Coming Soon**
+
+## Learning Path
+
+1. Start with **Networking Basics** - Foundation concepts
+2. Study **HTTP Internals** - Web communication
+3. Learn **TLS & Certificates** - Security layer
+4. Master **DNS** - Name resolution
+
+## Hands-On Labs
+
+```bash
+# Network diagnostics practice
+ping -c 4 google.com
+traceroute google.com
+dig google.com
+tcpdump -i eth0 port 80
+```
+
+## Prerequisites
+
+- Complete Phase 1 (Linux Fundamentals)
+- Basic understanding of computers and internet
+
+## Learning Outcomes
+
+After completing Phase 2, you will be able to:
+- Understand network communication layers
+- Configure and troubleshoot IP networks
+- Analyze HTTP traffic
+- Manage SSL/TLS certificates
+- Debug DNS issues
+
+## Time Estimate
+
+- Topic 5: 3-4 days
+- Topic 6: 2-3 days
+- Topic 7: 2-3 days
+- Topic 8: 2-3 days
+
+**Total: 9-13 days**
+
+## Next Phase
+
+After mastering networking, proceed to [Phase 3: Containers & Kubernetes](../phase-3-containers/README.md)
+
+---
+
+**Phase Status:** In Progress (1/4 topics complete)
diff --git a/phase-2-networking/topic-05-networking-basics.md b/phase-2-networking/topic-05-networking-basics.md
new file mode 100644
index 0000000..2e09c8f
--- /dev/null
+++ b/phase-2-networking/topic-05-networking-basics.md
@@ -0,0 +1,225 @@
+# 🌐 Topic 5: Networking Basics
+
+## Overview
+Networking is fundamental to DevOps. Understanding how systems communicate enables you to design, troubleshoot, and optimize distributed systems.
+
+## Key Concepts
+
+### 1. OSI Model
+
+The Open Systems Interconnection model has 7 layers:
+
+```
+Layer 7: Application - HTTP, FTP, SMTP, DNS (User interface)
+Layer 6: Presentation - Encryption, compression, formatting
+Layer 5: Session - Connection management, authentication
+Layer 4: Transport - TCP, UDP (End-to-end communication)
+Layer 3: Network - IP, ICMP, Routing (Path determination)
+Layer 2: Data Link - Ethernet, MAC addresses (Node-to-node)
+Layer 1: Physical - Cables, hubs, signals (Physical connection)
+```
+
+**Mnemonic:** "All People Seem To Need Data Processing"
+
+### 2. TCP/IP Model
+
+Simplified 4-layer model:
+- **Application Layer** (OSI 5-7): HTTP, FTP, SSH
+- **Transport Layer** (OSI 4): TCP, UDP
+- **Internet Layer** (OSI 3): IP, ICMP
+- **Network Access Layer** (OSI 1-2): Ethernet, WiFi
+
+### 3. IP Addressing
+
+#### IPv4
+- 32-bit address: `192.168.1.1`
+- Classes: A (1-126), B (128-191), C (192-223)
+- Private ranges:
+ - 10.0.0.0/8
+ - 172.16.0.0/12
+ - 192.168.0.0/16
+
+#### IPv6
+- 128-bit address: `2001:0db8:85a3::8a2e:0370:7334`
+- Solves IPv4 exhaustion
+- Built-in security (IPsec)
+
+### 4. Subnetting
+
+Subnet masks divide networks:
+- `/24` = `255.255.255.0` = 254 hosts
+- `/16` = `255.255.0.0` = 65,534 hosts
+- `/8` = `255.0.0.0` = 16,777,214 hosts
+
+**Example:** `192.168.1.0/24`
+- Network: 192.168.1.0
+- First host: 192.168.1.1
+- Last host: 192.168.1.254
+- Broadcast: 192.168.1.255
+
+### 5. TCP vs UDP
+
+| Feature | TCP | UDP |
+|---------|-----|-----|
+| Connection | Connection-oriented | Connectionless |
+| Reliability | Guaranteed delivery | Best effort |
+| Ordering | Ordered packets | No ordering |
+| Speed | Slower (overhead) | Faster |
+| Use Cases | Web, email, files | Video, VoIP, gaming |
+| Ports | Same port range | Same port range |
+
+### 6. Common Ports
+
+| Port | Protocol | Service |
+|------|----------|---------|
+| 21 | TCP | FTP |
+| 22 | TCP | SSH |
+| 25 | TCP | SMTP |
+| 53 | UDP/TCP | DNS |
+| 80 | TCP | HTTP |
+| 443 | TCP | HTTPS |
+| 3306 | TCP | MySQL |
+| 5432 | TCP | PostgreSQL |
+| 6379 | TCP | Redis |
+| 8080 | TCP | HTTP Alt |
+
+### 7. Routing
+
+- **Default Gateway:** Route for unknown destinations
+- **Static Routes:** Manually configured
+- **Dynamic Routes:** Learned via protocols (OSPF, BGP)
+
+```bash
+# View routing table
+ip route show
+route -n
+
+# Add static route
+sudo ip route add 10.0.0.0/8 via 192.168.1.1
+
+# Delete route
+sudo ip route del 10.0.0.0/8
+```
+
+### 8. NAT (Network Address Translation)
+
+Allows private IPs to access public internet:
+- **SNAT:** Source NAT (outbound)
+- **DNAT:** Destination NAT (inbound/port forwarding)
+- **PAT:** Port Address Translation (many-to-one)
+
+### 9. Firewalls
+
+Filter network traffic:
+- **iptables:** Legacy Linux firewall
+- **nftables:** Modern replacement
+- **ufw:** Ubuntu firewall (simplified)
+- **firewalld:** RHEL/CentOS firewall
+
+```bash
+# UFW examples
+sudo ufw enable
+sudo ufw allow 22/tcp
+sudo ufw deny 80/tcp
+sudo ufw status
+```
+
+## Hands-On Exercises
+
+### Exercise 1: Network Configuration
+```bash
+# View all interfaces
+ip addr show
+
+# View specific interface
+ip addr show eth0
+
+# Bring interface up/down
+sudo ip link set eth0 down
+sudo ip link set eth0 up
+```
+
+### Exercise 2: Connectivity Testing
+```bash
+# Ping test
+ping -c 4 google.com
+
+# Trace route
+traceroute google.com
+tracepath google.com
+
+# Test specific port
+nc -zv google.com 443
+```
+
+### Exercise 3: DNS Troubleshooting
+```bash
+# Query DNS
+nslookup google.com
+dig google.com
+dig @8.8.8.8 google.com
+```
+
+### Exercise 4: Packet Capture
+```bash
+# Capture with tcpdump
+sudo tcpdump -i eth0 -n port 80
+
+# Save to file
+sudo tcpdump -i eth0 -w capture.pcap
+
+# Read capture file
+tcpdump -r capture.pcap
+```
+
+## Common Issues & Solutions
+
+| Issue | Diagnosis | Solution |
+|-------|-----------|----------|
+| No connectivity | `ping gateway` | Check cable/WiFi, restart network |
+| DNS failure | `nslookup google.com` | Check /etc/resolv.conf |
+| Port blocked | `nc -zv host port` | Check firewall rules |
+| Slow network | `mtr host` | Check bandwidth, latency |
+
+## Best Practices
+
+1. **Document network topology** - Keep diagrams updated
+2. **Use private IPs internally** - Never expose internal services
+3. **Implement least privilege** - Only open necessary ports
+4. **Monitor network traffic** - Use monitoring tools
+5. **Test failover** - Ensure redundancy works
+6. **Segment networks** - Separate prod, dev, management
+
+## Essential Commands Reference
+
+```bash
+# Interface management
+ip addr show # Show IP addresses
+ip link show # Show interfaces
+ip neigh show # Show ARP table
+
+# Routing
+ip route show # Show routing table
+ip route get 8.8.8.8 # Show route to destination
+
+# Statistics
+ss -tulpn # Show listening ports
+
+# Diagnostics
+ping host # ICMP echo
+traceroute host # Path tracing
+tcpdump -i iface # Packet capture
+```
+
+## Next Steps
+
+- Study HTTP internals (Topic 6)
+- Learn TLS/SSL certificates (Topic 7)
+- Master DNS configuration (Topic 8)
+- Explore load balancing (Topic 20)
+
+## Additional Resources
+
+- [Wireshark](https://www.wireshark.org/) - Packet analyzer
+- [NetworkLessons](https://networklessons.com/) - Free networking courses
+- [RFC 791](https://tools.ietf.org/html/rfc791) - IP specification
diff --git a/phase-3-containers/README.md b/phase-3-containers/README.md
new file mode 100644
index 0000000..6831670
--- /dev/null
+++ b/phase-3-containers/README.md
@@ -0,0 +1,99 @@
+# 🐳 Phase 3: Containers & Kubernetes
+
+Master containerization and orchestration technologies.
+
+## Topics Covered
+
+### 📝 Topic 9: Containers 101
+- What are containers
+- Namespaces and cgroups
+- Container vs VMs
+- Container lifecycle
+- Security considerations
+
+**Coming Soon**
+
+### 📝 Topic 10: Docker Internals
+- Docker architecture
+- Images and layers
+- Volumes and storage
+- Docker networking
+- Dockerfile best practices
+
+**Coming Soon**
+
+### 📝 Topic 11: Kubernetes Basics
+- Pods and deployments
+- Services and ingress
+- kubectl commands
+- ConfigMaps and Secrets
+- Namespaces
+
+**Coming Soon**
+
+### 📝 Topic 12: K8s Networking
+- CNI plugins
+- ClusterIP, NodePort, LoadBalancer
+- CoreDNS
+- Network policies
+- Service mesh basics
+
+**Coming Soon**
+
+### 📝 Topic 13: Ingress & Service Mesh
+- Ingress controllers
+- Istio architecture
+- Traffic management
+- mTLS
+- Observability
+
+**Coming Soon**
+
+### 📝 Topic 14: Pod Scheduling
+- Taints and tolerations
+- Node affinity
+- Resource limits
+- Quality of Service
+- Priority classes
+
+**Coming Soon**
+
+## Learning Path
+
+1. Start with **Containers 101** - Core concepts
+2. Master **Docker** - Container runtime
+3. Learn **Kubernetes Basics** - Orchestration
+4. Deep dive into **K8s Networking**
+5. Explore **Service Mesh**
+6. Master **Pod Scheduling**
+
+## Prerequisites
+
+- Complete Phase 1 (Linux Fundamentals)
+- Complete Phase 2 (Networking)
+- Basic understanding of applications
+
+## Learning Outcomes
+
+After completing Phase 3, you will be able to:
+- Containerize applications with Docker
+- Deploy and manage Kubernetes clusters
+- Configure networking and security
+- Implement service mesh patterns
+- Optimize pod scheduling
+
+## Time Estimate
+
+- Topics 9-10: 5-7 days
+- Topics 11-12: 7-10 days
+- Topics 13-14: 5-7 days
+
+**Total: 17-24 days**
+
+## Next Phase
+
+After mastering containers, proceed to [Phase 4: Observability](../phase-4-observability/README.md)
+
+---
+
+**Phase Status:** Coming Soon
diff --git a/phase-4-observability/README.md b/phase-4-observability/README.md
new file mode 100644
index 0000000..d5d60ac
--- /dev/null
+++ b/phase-4-observability/README.md
@@ -0,0 +1,79 @@
+# 📊 Phase 4: Observability
+
+Master monitoring, logging, and tracing for distributed systems.
+
+## Topics Covered
+
+### 📝 Topic 15: Linux Perf Tools
+- top, htop, vmstat, iostat
+- perf and eBPF basics
+- strace and lsof
+- Performance analysis
+
+**Coming Soon**
+
+### 📝 Topic 16: Observability 101
+- Metrics, logs, traces
+- The three pillars
+- Monitoring vs observability
+- Golden signals
+
+**Coming Soon**
+
+### 📝 Topic 17: Prometheus Basics
+- Metrics collection
+- Exporters
+- PromQL queries
+- Alerting rules
+
+**Coming Soon**
+
+### 📝 Topic 18: Logging Practices
+- Structured logging
+- Log aggregation
+- 12-factor logging
+- ELK/Loki stacks
+
+**Coming Soon**
+
+### 📝 Topic 19: Tracing Intro
+- Distributed tracing concepts
+- OpenTelemetry
+- Jaeger and Zipkin
+- Trace context propagation
+
+**Coming Soon**
+
+## Learning Path
+
+1. Master **Linux Perf Tools** - System-level monitoring
+2. Learn **Observability 101** - Core concepts
+3. Implement **Prometheus** - Metrics collection
+4. Establish **Logging Practices** - Log management
+5. Add **Distributed Tracing** - Request tracking
+
+## Prerequisites
+
+- Complete Phases 1-3
+- Understanding of distributed systems
+
+## Learning Outcomes
+
+After completing Phase 4, you will be able to:
+- Monitor system performance
+- Implement comprehensive observability
+- Query and analyze metrics
+- Centralize log management
+- Trace requests across services
+
+## Time Estimate
+
+- 10-15 days total
+
+## Next Phase
+
+Proceed to [Phase 5: Traffic & Resilience](../phase-5-resilience/README.md)
+
+---
+
+**Phase Status:** Coming Soon
diff --git a/phase-5-resilience/README.md b/phase-5-resilience/README.md
new file mode 100644
index 0000000..5440ac8
--- /dev/null
+++ b/phase-5-resilience/README.md
@@ -0,0 +1,60 @@
+# ⚖️ Phase 5: Traffic & Resilience
+
+Build resilient systems that handle failures gracefully.
+
+## Topics Covered
+
+### 📝 Topic 20: Load Balancers
+- L4 vs L7 load balancing
+- HAProxy and NGINX
+- Load balancing algorithms
+- Health checks
+
+**Coming Soon**
+
+### 📝 Topic 21: Queues & Backpressure
+- Message queues (RabbitMQ, Kafka)
+- Producer/consumer patterns
+- Backpressure handling
+- Flow control
+
+**Coming Soon**
+
+### 📝 Topic 22: Circuit Breakers & Retries
+- Fault tolerance patterns
+- Circuit breaker implementation
+- Exponential backoff
+- Retry strategies
+
+**Coming Soon**
+
+## Learning Path
+
+1. Implement **Load Balancers** - Traffic distribution
+2. Master **Queues & Backpressure** - Async communication
+3. Apply **Circuit Breakers** - Fault tolerance
+
+## Prerequisites
+
+- Complete Phases 1-4
+- Understanding of distributed systems
+
+## Learning Outcomes
+
+After completing Phase 5, you will be able to:
+- Design load-balanced architectures
+- Implement message queues
+- Handle system failures gracefully
+- Build resilient services
+
+## Time Estimate
+
+- 6-9 days total
+
+## Next Phase
+
+Proceed to [Phase 6: CI/CD & IaC](../phase-6-cicd/README.md)
+
+---
+
+**Phase Status:** Coming Soon
diff --git a/phase-6-cicd/README.md b/phase-6-cicd/README.md
new file mode 100644
index 0000000..d9e7cf6
--- /dev/null
+++ b/phase-6-cicd/README.md
@@ -0,0 +1,69 @@
+# 🔧 Phase 6: CI/CD & Infrastructure as Code
+
+Automate deployments and manage infrastructure with code.
+
+## Topics Covered
+
+### 📝 Topic 23: Config Management
+- Ansible, Chef, Puppet
+- Declarative configuration
+- Idempotency
+- Playbooks and recipes
+
+**Coming Soon**
+
+### 📝 Topic 24: CI/CD Basics
+- Continuous Integration concepts
+- Continuous Deployment pipeline
+- Build, test, deploy stages
+- Git workflows
+
+**Coming Soon**
+
+### 📝 Topic 25: GitHub Actions
+- Workflow syntax
+- Actions and runners
+- Secrets management
+- CI automation patterns
+
+**Coming Soon**
+
+### 📝 Topic 26: Infrastructure as Code
+- Terraform fundamentals
+- State management
+- Modules and reusability
+- Cloud provisioning
+
+**Coming Soon**
+
+## Learning Path
+
+1. Learn **Config Management** - System configuration
+2. Understand **CI/CD Basics** - Pipeline concepts
+3. Master **GitHub Actions** - CI/CD implementation
+4. Practice **Infrastructure as Code** - Terraform
+
+## Prerequisites
+
+- Complete Phases 1-5
+- Basic cloud knowledge
+
+## Learning Outcomes
+
+After completing Phase 6, you will be able to:
+- Automate system configuration
+- Build CI/CD pipelines
+- Provision infrastructure with code
+- Manage state and modules
+
+## Time Estimate
+
+- 10-14 days total
+
+## Next Phase
+
+Proceed to [Phase 7: Reliability Engineering](../phase-7-reliability/README.md)
+
+---
+
+**Phase Status:** Coming Soon
diff --git a/phase-7-reliability/README.md b/phase-7-reliability/README.md
new file mode 100644
index 0000000..37a3e10
--- /dev/null
+++ b/phase-7-reliability/README.md
@@ -0,0 +1,69 @@
+# 📈 Phase 7: Reliability Engineering
+
+Master SRE practices for building reliable systems.
+
+## Topics Covered
+
+### 📝 Topic 27: SLOs & SLIs
+- Service Level Objectives
+- Service Level Indicators
+- Error budgets
+- SLA vs SLO
+
+**Coming Soon**
+
+### 📝 Topic 28: Incident Management
+- On-call rotations
+- Escalation policies
+- Runbooks and playbooks
+- Communication during incidents
+
+**Coming Soon**
+
+### 📝 Topic 29: Postmortems
+- Blameless culture
+- Root cause analysis (RCA)
+- Action items tracking
+- Learning from failures
+
+**Coming Soon**
+
+### 📝 Topic 30: Capacity Planning
+- Forecasting demand
+- Load testing strategies
+- Scaling approaches
+- Cost optimization
+
+**Coming Soon**
+
+## Learning Path
+
+1. Define **SLOs & SLIs** - Reliability targets
+2. Practice **Incident Management** - Response procedures
+3. Conduct **Postmortems** - Learning from incidents
+4. Plan **Capacity** - Growth preparation
+
+## Prerequisites
+
+- Complete Phases 1-6
+- Production experience recommended
+
+## Learning Outcomes
+
+After completing Phase 7, you will be able to:
+- Define and measure reliability
+- Manage incidents effectively
+- Conduct blameless postmortems
+- Plan for growth and scale
+
+## Time Estimate
+
+- 8-12 days total
+
+## Congratulations!
+
+You've completed the DevOps Fundamentals roadmap!
+
+---
+
+**Phase Status:** Coming Soon