Platform Engineer Learning Path
A structured 12-week journey through the Knowledge Vault for platform engineers. This path goes deeper than the DevOps path into Kubernetes advanced topics (CRDs, operators, admission webhooks), GitOps, FinOps, observability tools, API gateway patterns, storage systems, and developer experience. Platform engineering is the evolution of DevOps -- building self-service platforms that abstract infrastructure complexity.
Who This Is For
- DevOps engineers evolving into platform engineering
- Infrastructure engineers building internal developer platforms
- SREs who want to shift from reactive to proactive platform building
- Anyone designing self-service infrastructure for engineering teams
Prerequisites
- Basic Linux command line and networking (TCP/IP, DNS, HTTP)
- Experience with Docker and basic Kubernetes concepts
- Some experience with at least one cloud provider (AWS, GCP, Azure)
- Comfortable with at least one programming language
Total estimated time: ~55 hours across 12 weeks
Learning Progression
Week 1-2: Linux Internals
Estimated reading time: 4 hours
- [ ] Required -- Linux Internals Overview (15 min)
- [ ] Required -- Linux Process Model (30 min)
- [ ] Required -- Linux Memory Management (30 min)
- [ ] Required -- Containers from Scratch (35 min)
- [ ] Required -- eBPF (25 min)
- [ ] Required -- TCP/IP Deep Dive (30 min)
- [ ] Required -- DNS Deep Dive (25 min)
- [ ] Reference -- Linux Cheat Sheet (10 min)
- [ ] Reference -- Bash Cheat Sheet (10 min)
Week 2-3: Containers Deep Dive
Estimated reading time: 4.5 hours
- [ ] Required -- Docker Overview (15 min)
- [ ] Required -- Docker Internals (30 min)
- [ ] Required -- Production Dockerfiles (25 min)
- [ ] Required -- Multi-Stage Builds (25 min)
- [ ] Required -- Image Optimization (25 min)
- [ ] Required -- Docker Security Hardening (25 min)
- [ ] Required -- Compose Patterns (25 min)
- [ ] Reference -- Docker Cheat Sheet (10 min)
Week 3-4: Kubernetes Core
Estimated reading time: 5 hours
- [ ] Required -- Kubernetes Overview (15 min)
- [ ] Required -- Architecture & Internals (35 min)
- [ ] Required -- Pod Lifecycle (25 min)
- [ ] Required -- Deployments & StatefulSets (30 min)
- [ ] Required -- Services & Ingress (25 min)
- [ ] Required -- Secrets Management (25 min)
- [ ] Required -- Network Policies (25 min)
- [ ] Required -- Helm Charts (25 min)
- [ ] Reference -- Kubernetes Cheat Sheet (10 min)
Week 4-5: Kubernetes Advanced (CRDs, Operators, Webhooks)
Estimated reading time: 6 hours
This is where platform engineering diverges from basic DevOps. Master the extension points that let you build platform abstractions on top of Kubernetes.
- [ ] Required -- HPA, VPA & KEDA (25 min)
- [ ] Required -- RBAC (25 min)
- [ ] Required -- CRDs & Operators (30 min)
- [ ] Required -- Operators (25 min)
- [ ] Required -- Admission Webhooks (30 min)
- [ ] Required -- CNI Networking (25 min)
- [ ] Required -- GitOps (25 min)
- [ ] Required -- Production Checklist (30 min)
- [ ] Required -- Troubleshooting (30 min)
- [ ] Optional -- ECS vs EKS (25 min)
- [ ] Optional -- GKE Deep Dive (25 min)
- [ ] Reference -- kubectl Advanced Cheat Sheet (10 min)
Checkpoint
After this section you should be able to: build custom CRDs and operators for platform abstractions, implement admission webhooks for policy enforcement, configure GitOps with ArgoCD/Flux, and understand CNI networking internals.
Week 5-6: Infrastructure as Code
Estimated reading time: 6 hours
- [ ] Required -- Terraform Overview (15 min)
- [ ] Required -- Terraform Fundamentals (30 min)
- [ ] Required -- State Management (30 min)
- [ ] Required -- Terraform Modules (30 min)
- [ ] Required -- Workspaces (25 min)
- [ ] Required -- Security Hardening (25 min)
- [ ] Required -- Multi-Region (25 min)
- [ ] Optional -- Cost Optimization (Terraform) (25 min)
- [ ] Optional -- AWS Startup Stack (30 min)
- [ ] Optional -- GCP Startup Stack (30 min)
- [ ] Reference -- Terraform Cheat Sheet (10 min)
Week 6-7: CI/CD & GitOps
Estimated reading time: 5 hours
- [ ] Required -- CI/CD Overview (15 min)
- [ ] Required -- GitHub Actions Deep Dive (30 min)
- [ ] Required -- Pipeline Patterns (25 min)
- [ ] Required -- Environment Promotion (20 min)
- [ ] Required -- Artifact Management (20 min)
- [ ] Required -- Security Scanning (25 min)
- [ ] Required -- Deployment Strategies Overview (15 min)
- [ ] Required -- Blue-Green Deployment (20 min)
- [ ] Required -- Canary Deployment (20 min)
- [ ] Required -- Release Engineering (25 min)
- [ ] Required -- Feature Flags (25 min)
- [ ] Optional -- GitLab CI (25 min)
Week 7-8: Networking, Service Mesh & API Gateway
Estimated reading time: 5 hours
- [ ] Required -- Load Balancing Overview (15 min)
- [ ] Required -- L4 vs L7 Load Balancing (25 min)
- [ ] Required -- Health Checks (20 min)
- [ ] Required -- NGINX Config (25 min)
- [ ] Required -- Service Discovery (25 min)
- [ ] Required -- TLS Handshake (20 min)
- [ ] Required -- Service Mesh Overview (25 min)
- [ ] Required -- API Gateway Overview (25 min)
- [ ] Optional -- Envoy Config (25 min)
- [ ] Optional -- gRPC Internals (25 min)
- [ ] Optional -- Global Load Balancing (25 min)
- [ ] Reference -- Nginx Cheat Sheet (10 min)
Week 8-9: Observability Stack
Estimated reading time: 6 hours
- [ ] Required -- Observability Overview (15 min)
- [ ] Required -- Observability Tools (25 min)
- [ ] Required -- Monitoring Overview (15 min)
- [ ] Required -- Metrics Design (25 min)
- [ ] Required -- Prometheus Deep Dive (30 min)
- [ ] Required -- Custom Metrics (25 min)
- [ ] Required -- Grafana Dashboards (25 min)
- [ ] Required -- Structured Logging (25 min)
- [ ] Required -- Correlation IDs (20 min)
- [ ] Required -- Log Aggregation (20 min)
- [ ] Required -- Alert Design (25 min)
- [ ] Required -- Severity Levels (20 min)
- [ ] Optional -- Monitoring Antipatterns (20 min)
- [ ] Optional -- Sensitive Data Redaction (20 min)
- [ ] Reference -- PromQL Cheat Sheet (10 min)
Comparisons:
- [ ] Optional -- Datadog vs Grafana (20 min)
Week 9-10: Security & Compliance
Estimated reading time: 5 hours
- [ ] Required -- Secrets Management Overview (15 min)
- [ ] Required -- HashiCorp Vault (30 min)
- [ ] Required -- Secrets in CI/CD (25 min)
- [ ] Required -- Rotation Automation (25 min)
- [ ] Required -- Zero Trust Principles (25 min)
- [ ] Required -- Network Segmentation (25 min)
- [ ] Required -- Least Privilege (25 min)
- [ ] Optional -- AWS IAM Deep Dive (30 min)
- [ ] Optional -- GCP IAM (25 min)
- [ ] Optional -- Encryption at Rest (20 min)
- [ ] Optional -- VPC Networking (30 min)
Week 10: SRE Practices & FinOps
Estimated reading time: 5 hours
SRE
- [ ] Required -- SRE Overview (15 min)
- [ ] Required -- SLI, SLO, SLA (25 min)
- [ ] Required -- Error Budgets (25 min)
- [ ] Required -- Toil Reduction (25 min)
- [ ] Required -- Capacity Planning (25 min)
- [ ] Required -- Chaos Engineering (30 min)
- [ ] Required -- Postmortem Framework (25 min)
FinOps
- [ ] Required -- FinOps Overview (15 min)
- [ ] Required -- Cost Optimization (25 min)
- [ ] Required -- Cost Allocation (25 min)
- [ ] Optional -- AWS Cost Optimization (25 min)
- [ ] Optional -- GCP Cost Optimization (25 min)
Checkpoint
After this section you should be able to: define SLOs and error budgets, implement FinOps practices with cost allocation and optimization, run chaos experiments, and reduce toil systematically.
Week 11: Storage Systems & Advanced Topics
Estimated reading time: 4 hours
- [ ] Required -- Storage Systems Overview (15 min)
- [ ] Required -- Distributed Filesystems (25 min)
- [ ] Required -- Multi-Region Overview (15 min)
- [ ] Required -- Architecture Patterns (Multi-Region) (25 min)
- [ ] Required -- Failover Strategies (25 min)
- [ ] Required -- Data Replication (25 min)
- [ ] Required -- Traffic Routing (25 min)
- [ ] Optional -- Cloud Comparison (20 min)
- [ ] Optional -- AWS Well-Architected (25 min)
- [ ] Optional -- CAP Theorem (25 min)
Week 12: Developer Experience & Capstone
Estimated reading time: 4 hours
Platform Engineering & DX
- [ ] Required -- Platform Engineering Overview (15 min)
- [ ] Required -- Developer Experience (25 min)
- [ ] Required -- Backstage (25 min)
Engineering Practices
- [ ] Optional -- Architecture Decision Records (25 min)
- [ ] Optional -- Design Doc Template (20 min)
- [ ] Optional -- Technical Leadership (25 min)
- [ ] Optional -- Tech Debt (25 min)
Comparisons
- [ ] Optional -- Terraform vs Pulumi (20 min)
- [ ] Optional -- Docker vs Podman (15 min)
- [ ] Optional -- GitHub Actions vs GitLab CI (15 min)
- [ ] Optional -- Nginx vs Caddy vs Traefik (15 min)
What You Will Be Able to Do After This Path
- Build custom Kubernetes operators, CRDs, and admission webhooks
- Implement GitOps with ArgoCD/Flux for declarative infrastructure
- Design FinOps practices with cost allocation and optimization
- Build comprehensive observability stacks with metrics, logs, and traces
- Manage API gateways and service meshes at scale
- Design storage systems and multi-region architectures
- Build internal developer platforms with golden paths and self-service
- Apply SRE practices: SLOs, error budgets, chaos engineering
Cross-References to Related Paths
- DevOps Engineer Path -- Operational foundation this path builds on
- Backend Engineer Path -- Understand the applications your platform serves
- Security Engineer Path -- Deep security expertise
- System Design Interview Path -- Infrastructure design interview prep
- AI/ML Engineer Path -- GPU infrastructure and model serving
Total Progress
This path contains approximately 100 pages. The Kubernetes advanced section (CRDs, operators, admission webhooks, GitOps) is the differentiator from the DevOps path. Budget 12 weeks at 5 hours per week.