Linux system administration is fundamental to DevOps. Process management with ps, top, htop monitors system activity. systemctl manages systemd services—start, stop, enable, disable. Disk management with df, du, lsblk, mount handles storage. journalct

Terraform state tracks the mapping between configuration and real infrastructure. Remote state backends like S3, GCS, or Terraform Cloud enable team collaboration. DynamoDB provides state locking to prevent concurrent modifications. The terraform_remo

StatefulSets manage stateful applications requiring stable identities and persistent storage. Unlike Deployments, StatefulSets provide ordered Pod creation (pod-0, pod-1, pod-2) and stable network identifiers. Each Pod gets a predictable hostname via

Environment variables configure applications without code changes. The twelve-factor app methodology stores config in the environment. .env files provide local defaults—never commit them to Git. dotenv libraries load .env files in development. Product

Kubernetes RBAC (Role-Based Access Control) restricts cluster access by user, group, or service account. Roles define permissions within a single namespace using rules with apiGroups, resources, and verbs. ClusterRoles apply cluster-wide. RoleBindings

Makefiles provide a simple, universal task runner for DevOps workflows. Targets define named tasks with optional dependencies. The .PHONY declaration prevents conflicts with files of the same name. Variables set at the top configure reusable values. $

Health checks verify container readiness and liveness. The HEALTHCHECK Dockerfile instruction defines container-level checks. Kubernetes readinessProbe gates traffic routing—failing probes remove Pods from Service endpoints. livenessProbe detects dead

AWS S3 stores static assets with high durability and availability. Bucket policies control access with JSON policy documents. CloudFront CDN distributes assets globally with edge caching. Origin Access Control (OAC) restricts S3 access to CloudFront o

Helm is the package manager for Kubernetes, bundling manifests into reusable charts. A Chart.yaml defines chart metadata and dependencies. values.yaml provides default configuration that users can override. Templates in the templates/ directory use Go

Optimized Docker images reduce build time, storage, and attack surface. Alpine-based images start at 5MB versus 100MB+ for Debian. Multi-stage builds separate build tools from runtime—final image contains only production artifacts. Layer ordering matt

Ansible automates server configuration and application deployment without agents. Playbooks are YAML files describing desired system state. hosts targets machines from the inventory. tasks execute modules like apt, copy, template, service, and user. h

Effective Git workflows enable smooth team collaboration. Git Flow uses main, develop, feature/*, release/*, and hotfix/* branches. GitHub Flow simplifies to main plus short-lived feature branches with pull requests. Trunk-based development commits di