Most DevOps roadmaps are either a wall of buzzwords or a GitHub diagram with 80 boxes and no explanation of what actually matters first. This one is neither. It's built around what gets engineers hired — not what makes a roadmap look comprehensive.
The devops roadmap below is sequenced by dependency: you can't debug a failing pipeline if you don't understand Linux process management. You can't write useful Terraform if you've never provisioned infrastructure manually. Order matters, and most guides get it wrong.
What a DevOps Engineer Actually Does (Before You Start the Roadmap)
The job title is overloaded. At some companies "DevOps engineer" means platform engineer — you build the internal tooling other engineers use. At others it means SRE-lite: you're on-call, you own reliability, you fight fires at 2am. At startups it often means "the developer who also knows AWS."
What they have in common: you are the person responsible for code going from a developer's laptop to production reliably, repeatedly, and safely. That framing should inform how you prioritize your learning. Everything on this devops roadmap connects back to that pipeline — build, test, package, deploy, monitor, recover.
The DevOps Roadmap: Layer by Layer
Layer 1: Linux and the Command Line (Non-Negotiable)
Every production server you will ever touch runs Linux. Not knowing it is the single biggest gap that washes out junior DevOps candidates in technical screens. You need to be comfortable with:
- File system layout, permissions, and ownership (chown, chmod, ACLs)
- Process management: systemd, journalctl, kill signals, process trees
- Networking basics: netstat/ss, iptables concepts, DNS resolution, curl/wget debugging
- Shell scripting: bash loops, conditionals, pipes, here-documents, exit codes
- Package management: apt/yum/dnf, building from source when needed
- SSH: key management, config files, tunnels, agent forwarding
Don't just read about these. Spin up a cheap VPS (DigitalOcean, Hetzner) and break things. The muscle memory from actually debugging a misconfigured sudoers file is what stays with you.
Layer 2: Version Control and Git Workflows
Git is table stakes. But DevOps specifically requires understanding branching strategies (trunk-based vs. Gitflow), merge vs. rebase tradeoffs, and how Git hooks integrate with CI pipelines. You should be able to explain why a monorepo complicates CI caching and how to mitigate it — that kind of depth is what separates candidates.
Layer 3: Containers (Docker First, Then Kubernetes)
Learn Docker before Kubernetes. Kubernetes orchestrates containers — if you don't understand what's inside the container, you'll never understand why a pod keeps OOMKilling.
For Docker, go beyond `docker run`. Understand layer caching and why it affects build times, multi-stage builds for reducing image size, network modes (bridge/host/overlay), and bind mounts vs. volumes. Write your own Dockerfiles for real apps, not just hello-world images.
For Kubernetes, start with the fundamentals: pods, deployments, services, configmaps, secrets, namespaces. Then move to practical concerns: resource requests/limits, liveness/readiness probes, horizontal pod autoscaling, and rolling update strategies. Most teams use a managed cluster (EKS, GKE, AKS) — learn one in depth rather than all three shallowly.
Layer 4: CI/CD Pipelines
CI/CD is the core artifact of DevOps work. You should be able to build a pipeline from scratch that: runs tests, builds a container, pushes to a registry, and deploys to a staging environment — all triggered by a git push.
GitHub Actions is the most common on-ramp now — learn it well. Jenkins is still prevalent in enterprise environments. GitLab CI is worth knowing if you're applying to companies with large GitLab deployments. The concepts transfer; the syntax is the only thing that's tool-specific.
Key concepts: artifact caching, pipeline-as-code, environment promotion (dev → staging → prod), secret injection, approval gates, and rollback strategies.
Layer 5: Cloud Platform (Pick One, Go Deep)
AWS is the safe default for job market breadth. GCP is dominant in data engineering contexts. Azure dominates in enterprise Microsoft shops. Pick one and get to intermediate depth before sampling the others.
For AWS, the core DevOps-relevant services are: EC2, VPC, IAM (critically important), S3, ECS/EKS, RDS, CloudWatch, CodePipeline/CodeBuild/CodeDeploy, and Route53. The AWS Certified DevOps Engineer Professional certification is genuinely respected and tests real operational knowledge — not just "which service should you use for X."
For GCP, the Professional Cloud DevOps Engineer certification covers SRE principles alongside the platform-specific tooling, which makes it more conceptually complete than some other certs.
Layer 6: Infrastructure as Code
Terraform is the industry standard for multi-cloud IaC. Learn it properly: state management, remote backends, module patterns, workspace vs. directory-per-environment, and the import workflow for existing infrastructure. The common mistake is treating Terraform like a configuration tool — it's a dependency graph executor, and understanding that model prevents a lot of painful surprises.
Ansible complements Terraform well for configuration management (what the server runs vs. what infrastructure exists). For Kubernetes specifically, learn Helm for templating and either ArgoCD or Flux for GitOps-style deployments.
Layer 7: Observability
Being on-call without good observability is suffering. The three pillars: metrics (Prometheus + Grafana is the standard open-source stack), logs (ELK or Loki), and traces (Jaeger, Zipkin, or a commercial APM like Datadog). Understand the difference between logging an event and instrumenting for observability — they're not the same thing. Learn to write useful dashboards and alerts, not vanity metric dashboards that generate noise.
Layer 8: Security (DevSecOps Integration)
Security shifted left because the cost of finding vulnerabilities in production is catastrophic. The DevOps engineer's role: integrate SAST/DAST scanning into CI pipelines, manage secrets properly (Vault, AWS Secrets Manager, never plaintext in repos), understand container image scanning (Trivy, Snyk), and implement least-privilege IAM policies. You don't need to be a security specialist, but you need to not be the person who stores database credentials in a .env file committed to GitHub.
Top Courses on the DevOps Roadmap
These are the highest-rated options currently available, selected for covering the specific layers above rather than just being popular:
Continuous Delivery & DevOps (Coursera)
Rated 9.7/10 and built around the delivery pipeline — the conceptual core of what DevOps actually is. This covers the CI/CD principles that underpin everything else on the roadmap, making it a strong early choice before you go deep on specific tools.
Docker, Kubernetes & AWS with GitHub Actions for DevOps (Udemy)
Rated 9.2/10 and unusually practical: it covers all three layers simultaneously — containers, orchestration, and CI/CD on a real cloud platform — which is how they're used in actual jobs, not in isolation.
DevSecOps & DevOps with Jenkins, Kubernetes, Terraform & AWS (Udemy)
Rated 9.2/10 and one of the few courses that explicitly integrates security into the DevOps pipeline rather than treating it as a separate afterthought. Covers the Layer 8 security integration that most roadmap courses skip.
Linux Commands for DevOps & Cloud Engineers (Udemy)
Rated 9.2/10 and laser-focused on the Layer 1 foundation most courses assume you already have. If you're coming from a non-sysadmin background, this is the right starting point before touching containers or cloud.
Google Professional Cloud DevOps Engineer [New Exams 2026] (Udemy)
Rated 9.4/10 and updated for the current exam format. The GCP DevOps cert is worth pursuing if your target employers are in data engineering or have GCP-heavy infrastructure — it covers SRE principles more explicitly than the AWS equivalent.
Full Stack Web App DevOps - From Idea to Cloud (Udemy)
Rated 9.4/10 and takes a different angle: follows a real application from development through production deployment. Good for developers who need to understand DevOps in the context of the apps they already build, rather than in the abstract.
How Long Does It Actually Take?
The honest answer depends heavily on your starting point:
- From software development background: You likely have Git, some cloud exposure, and can code. The gaps are Linux depth, infrastructure thinking, and operational concerns. 6-9 months of consistent evening/weekend study to job-ready.
- From sysadmin/network background: You have Linux and infrastructure, but probably lack CI/CD, containers, and IaC. Similar timeline, different gaps.
- From scratch (non-technical): 12-18 months is realistic. Anyone telling you otherwise is selling you a bootcamp.
"Job-ready" means: you can talk credibly about all eight layers above, you have a portfolio with at least one end-to-end CI/CD project deployed to a real cloud environment, and you have a certification (AWS Solutions Architect Associate or DevOps Engineer Professional is the most common bar).
FAQ
What's the difference between a DevOps engineer and an SRE?
SRE (Site Reliability Engineering) is a Google-originated discipline that applies software engineering to operations problems with a specific methodology: error budgets, SLOs/SLIs, toil reduction. DevOps is a broader philosophy about developer-operations collaboration. In practice, job descriptions use both titles for similar roles. SRE at large companies (Google, Meta, Stripe) is a distinct engineering discipline; "SRE" at a 50-person startup is usually just DevOps.
Do I need to learn all cloud platforms?
No. Go deep on one. AWS is the right default choice for job market breadth — roughly 60% of cloud infrastructure runs on AWS. Once you understand AWS properly, picking up GCP or Azure is mostly learning new service names for the same concepts. Shallow knowledge of three platforms is worse than deep knowledge of one.
Is Kubernetes actually necessary for a DevOps role?
For most mid-size and larger companies, yes. Kubernetes is the de facto container orchestration standard, and most DevOps job postings either list it explicitly or imply it through "EKS" or "GKE." The exception is smaller companies running simpler deployments on ECS, Heroku, or Railway — but those roles typically pay less and grow into Kubernetes eventually anyway. Learn it.
Which certification should I get first?
AWS Certified Solutions Architect Associate (SAA-C03) is the most common first certification — it's broad enough to demonstrate cloud competence without being so specialized it signals narrow focus. After that, AWS Certified DevOps Engineer Professional or the Google Professional Cloud DevOps Engineer are the most valued in job postings. CKA (Certified Kubernetes Administrator) is respected but best pursued after you have real Kubernetes experience, not as a learning vehicle.
Can I do DevOps without coding experience?
You can get into infrastructure/cloud roles with limited coding background, but the ceiling is lower. Modern DevOps increasingly requires writing real code: Terraform modules, Python/Go tooling, Kubernetes operators, pipeline logic. The sysadmin-who-doesn't-code path is narrowing. At minimum, you need solid bash, comfortable Python for scripting, and enough familiarity with whatever language your team's primary apps are written in to read and debug them.
What does a junior DevOps portfolio actually need?
One project that shows the full pipeline: a real application (even something trivial) with a CI/CD pipeline in GitHub Actions or Jenkins, containerized with Docker, deployed to a cloud provider (EKS, ECS, or EC2 with Ansible), with infrastructure defined in Terraform and monitoring in CloudWatch or Prometheus. Put it in a public GitHub repo with a clear README explaining your architecture decisions. That's more impressive than ten toy projects that each cover one layer in isolation.
Bottom Line
The devops roadmap is long but not complicated. The layers are: Linux → Git → Docker → Kubernetes → CI/CD → Cloud → IaC → Observability → Security. The only wrong order is skipping foundational layers because they're unglamorous. Every senior DevOps engineer you'll meet has debugged something at 2am that came down to a file permission or a DNS resolution issue — that's the foundation the rest of the stack sits on.
Start with Linux if you're not already solid there. Pick up Docker and GitHub Actions in parallel once you're comfortable at the command line. Get a CI/CD project deployed to a real cloud environment before you study for any certification — the cert will make more sense and stick better if you've already done the work.
The courses in the section above cover specific layers well. Don't buy all of them — pick the one that maps to your current gap and finish it before buying the next one.