Diego Herrera

LINUX ROADMAP 2026: COMPLETE LEARNING PATH │ ├── 1. Introduction to Linux │ ├── What is Linux │ ├── Linux distributions (Ubuntu, Fedora, Debian) │ └── Linux architecture and kernel basics │ ├── 2. Linux Installation & Setup │ ├── Installing Linux on a PC or VM │ ├── Dual boot and virtualization │ └── Understanding the Linux file system │ ├── 3. Linux Command Line Basics │ ├── Navigating directories (cd, ls, pwd) │ ├── Creating and managing files │ └── Understanding terminal workflows │ ├── 4. Working with Files & Permissions │ ├── chmod, chown, and permissions │ ├── File compression and archiving │ └── Searching files with find and grep │ ├── 5. Users & Process Management │ ├── Managing users and groups │ ├── Monitoring processes (ps, top, htop) │ └── Process control and scheduling │ ├── 6. Shell Scripting │ ├── Bash scripting fundamentals │ ├── Variables, loops, and functions │ └── Automating repetitive tasks │ ├── 7. Package Management │ ├── APT, DNF, and YUM │ ├── Installing and updating software │ └── Managing repositories │ ├── 8. Networking in Linux │ ├── IP addressing and DNS │ ├── SSH and remote access │ └── Network troubleshooting tools │ ├── 9. Linux System Administration │ ├── System services and systemd │ ├── Log management and monitoring │ └── Disk management and backups │ ├── 10. Linux Security │ ├── Firewall configuration │ ├── User authentication and SSH security │ └── Security best practices │ ├── 11. Linux for DevOps & Cloud │ ├── Docker fundamentals │ ├── Kubernetes basics │ └── Cloud server management │ ├── 12. Linux Server Administration │ ├── Web server setup (Nginx, Apache) │ ├── Database server management │ └── Performance tuning and optimization │ └── 13. Practice & Career Growth ├── Real-world Linux projects ├── Linux certifications (LFCS, RHCSA) └── Continuous learning and troubleshooting Recommended Ebook → Grab the Complete Linux Handbook → https://t.co/DeHjJ1Wubf

Docker Networking Types Explained 🧵 Understanding Docker networking is important for DevOps interviews because it determines how containers communicate with each other and the outside world. 1️⃣ Bridge Network (Default) What it is: When you start a container without specifying a network, Docker attaches it to the bridge network. How it works: • Docker creates a virtual bridge called docker0 • Each container gets a private IP • Containers on the same bridge can communicate with each other • External traffic reaches containers through port mapping Example: docker run -d -p 80:80 nginx Use when: • Running standalone applications • Local development • Single-host deployments ---------------------------------------------- 2️⃣ Host Network What it is: The container shares the host machine's network stack. How it works: • No separate container IP • No NAT • No port mapping required • Container uses host ports directly Example: docker run --network host nginx Use when: • Maximum network performance is required • Monitoring agents • Logging agents Interview Tip: Host networking is faster because packets don't go through Docker's virtual networking layer. -------------------------------------- 3️⃣ None Network What it is: Container gets no network connectivity. How it works: • No IP address assigned • No internet access • No communication with other containers Example: docker run --network none nginx Use when: • High-security workloads • Batch processing jobs • Isolated testing ----------------------------------------- 4️⃣ Overlay Network What it is: Allows containers running on different Docker hosts to communicate. How it works: • Creates a virtual network across multiple hosts • Uses VXLAN tunneling • Commonly used with Docker Swarm Example: docker network create -d overlay my-network Use when: • Multi-host container communication • Docker Swarm clusters • Distributed applications ------------------------------------------- 5️⃣ Macvlan Network What it is: Assigns a real IP address from the physical network to the container. How it works: • Container appears as a separate device on the network • Bypasses Docker bridge networking • Direct communication with physical devices Use when: • Legacy applications • Network appliances • Applications requiring direct Layer 2 access Summary: ✅ Bridge → Default, most common ✅ Host → Best performance ✅ None → Complete isolation ✅ Overlay → Multi-host communication ✅ Macvlan → Real IP for containers

Infrastructure Concept — explained: What are Sticky Sessions? You have a load balancer in front of 3 application servers. A user logs in. The load balancer sends them to Server 1. Server 1 stores its session in memory. The user clicks the next page. The load balancer might send them to Server 2. But Server 2 doesn't know they're logged in. They get logged out. That's the problem sticky sessions solve. Sticky sessions (also called session affinity) tell the load balancer: "If a user landed on Server 1 once, keep sending them to Server 1." How it works: → The load balancer adds a cookie that identifies which backend handled the user → Or it uses the source IP to consistently route to the same server → Future requests from the same user hit the same server every time When to use sticky sessions: → Applications that store session data in local server memory → Legacy apps that can't share session state → When you can't easily move sessions to Redis or a database When NOT to use them: → When servers can fail, the user loses their session if their server dies → When you want even traffic distribution, sticky sessions cause uneven load → When you have proper external session storage (Redis, Memcached) Better solution: store sessions in a shared cache like Redis. Any server can read them. The load balancer can route however it wants. The user stays logged in no matter where they land. Sticky sessions are a workaround. Stateless apps with shared session storage are the right way.

The 9 Layers of DevOps 1⃣ Culture & Collaboration: Build shared ownership, communication, and continuous improvement. 2⃣ Plan: Define requirements, priorities, and the roadmap. 3⃣ Code: Write, review, and secure application code. 4⃣ Build: Compile code, create artifacts, and package applications. 5⃣ Test: Validate functionality, performance, and security. 6⃣ Release: Prepare and approve changes for production. 7⃣ Deploy: Deliver applications reliably using automation and IaC. 8⃣ Operate: Monitor systems, manage incidents, and maintain reliability. 9⃣ Optimize: Improve performance, reduce costs, and learn from feedback.

One Kubernetes interview question I keep getting asked: "Walk me through what happens when a request travels from the Internet to a Pod." Most candidates answer: User → ALB → Ingress → Service → Pod But that's just the beginning. The follow-up questions are where things get interesting: • Who actually decides which Pod gets the request? • What does kube-proxy do? • How do iptables/IPVS work? • What role does the CNI plugin play? • If kube-proxy crashes, does traffic stop? My biggest learning: - A Kubernetes Service is not a load balancer by itself. - kube-proxy programs iptables/IPVS rules on the nodes, and those rules are what actually route traffic to healthy Pods. Even more interesting: - If kube-proxy crashes, existing traffic usually keeps working because the networking rules already exist in the kernel. - What breaks is the ability to update those rules when Pods or Services change. Sometimes the simplest interview questions expose the deepest gaps in our Kubernetes knowledge.