Concise, practical, and focused on patterns you can apply today — includes command snippets, a Terraform module scaffold, and a repo link to clone.
DevOps is a practical craft: knowing the right commands, pipeline patterns, and manifest idioms saves hours when incidents strike. This article consolidates the core cloud infrastructure skills — from container orchestration to Terraform module scaffolding — so you can build, ship, and operate reliably.
If you want a ready-made starting repo with commands and examples, clone the companion repository: DevOps commands and examples repo. It contains practical scripts and module scaffolds you can fork.
Expect concrete examples: shell commands, CI/CD patterns, Kubernetes manifests, and a recommended Terraform module layout. No fluff — just the things you’ll use repeatedly.
Core DevOps commands and essential cloud infrastructure skills
A proficient DevOps engineer blends shell fluency, container basics, IaC, and familiarity with orchestration. Start with a concise command fluency matrix: Git (branch, rebase, cherry-pick), Docker (build, run, push), kubectl (apply, describe, logs), helm (install, upgrade), and Terraform (plan, apply, destroy). These are your muscle memory.
Practice matters: script common workflows (rollback, snapshot, env bootstrap) and keep them in a bin/ directory in your repo. Prefer idempotent commands and make small, reversible changes. For repeatable infrastructure tasks, a simple script that wraps Terraform and state locking massively reduces friction.
Automation is the multiplier: convert manual runbooks into CI jobs or short scripts. Make commands self-documenting (help flags) and keep them CLI-friendly for quick voice-search queries like “how do I apply a Terraform module” or “kubectl get pods not ready.”
- Git: git status; git switch -c feature/x; git rebase -i origin/main
- Docker: docker build -t registry.example.com/app:tag .; docker push
- Kubernetes: kubectl apply -f k8s/deploy.yaml; kubectl rollout status deploy/app
- Terraform: terraform init; terraform plan -out=tfplan; terraform apply tfplan
- CI/CD: Use pipelines to run lint, test, build, image-push, and deploy stages
CI/CD pipelines: patterns, gates, and artifact management
CI/CD is the bridge between code and production. Structure pipelines around small, trusted artifacts: build once, test everywhere. A canonical pipeline has stages: lint → unit test → build artifact → integration test → security scan → push artifact → deploy. Keep pipeline steps atomic and idempotent.
Gate deployments: implement automated checks (SAST, dependency scanning) and manual approval for sensitive environments. Use feature flags or canary releases to reduce blast radius. For container images, tag immutably (SHA-based) and store metadata to trace builds back to commits.
Pipelines benefit from reusable templates and modular jobs. For GitHub Actions, GitLab CI or Jenkins, define reusable pipeline snippets that accept parameters (image, environment, version). This reduces duplication across projects and enforces consistent quality gates.
Infrastructure as Code (IaC) and a Terraform module scaffold
Good IaC is modular, testable, and documented. A Terraform module scaffold should expose variables, outputs, and follow naming conventions so it’s composable across environments. Use a repository layout that separates modules from environment orchestration.
A recommended module scaffold:
# terraform-module/
├── README.md # API, inputs, outputs, examples
├── main.tf # resources
├── variables.tf # inputs with descriptions and types
├── outputs.tf # outputs for composition
├── examples/
│ └── simple/
│ └── main.tf
└── tests/
└── terratest.go
Use remote state with locking (e.g., S3 + DynamoDB or Terraform Cloud) and adopt semantic versioning for modules. Write simple automated tests (Terratest, kitchen-terraform) to validate modules and include example usage that demonstrates common patterns.
Container orchestration and Kubernetes manifests
Kubernetes manifests are declarative contracts. Keep manifests minimal and composable: ConfigMaps for non-sensitive config, Secrets for credentials (integrate with a secret store), Deployments for stateless apps, StatefulSets for stateful workloads, and Services for networking. Use labels and annotations consistently.
Prefer small, focused manifests and layering: base resources, overlays for environment-specific tweaks. Tools like kustomize, Helm, or Jsonnet help manage configuration drift. For most teams, a Helm chart with well-defined values.yaml provides a balance between templating power and manageability.
A simple deployment manifest example:
apiVersion: apps/v1
kind: Deployment
metadata:
name: sample-app
labels: {app: sample}
spec:
replicas: 3
selector:
matchLabels: {app: sample}
template:
metadata:
labels: {app: sample}
spec:
containers:
- name: app
image: registry.example.com/sample-app:1.2.3
ports:
- containerPort: 8080
Monitoring, logging, and incident response
Monitoring detects errors; logging diagnoses them. Establish three pillars: metrics (Prometheus-compatible), logs (structured JSON shipped to ELK/tempo/Cloud Logging), and traces (distributed tracing like Jaeger/Zipkin/OpenTelemetry). Instrument code to emit meaningful metrics and structured logs.
Alerting should be actionable: avoid noisy alerts by tuning thresholds, using composite alerts, and routing correctly. Every alert should have a playbook link and a runbook describing steps to mitigate common failures. Use synthetic checks (health endpoints) and SLOs to measure user impact.
Incident response depends on preparation: on-call rotation, a clear escalation path, and a post-incident review culture. Capture timelines, decisions, and a list of follow-up actions. Automate recovery where feasible (auto-rollbacks, circuit breakers) to shorten mean time to recovery.
- Collect metrics (Prometheus), logs (ELK/Cloud logging), and traces (OpenTelemetry)
- Create runbooks with step-by-step commands and rollback procedures
- Define SLOs/SLA and use alerting policies aligned to user impact
Putting it together: recommended repo layout and workflow
A productive repo layout separates concerns: infra modules, CI templates, deployment manifests, and utility scripts. Keep human-facing documentation (README, runbooks) in the root and examples in a dedicated examples/ directory so new team members onboard quickly.
Example high-level repo layout:
project-root/
├── infra/ # Terraform environment orchestration
├── modules/ # Reusable Terraform modules
├── k8s/ # Kubernetes manifests / Helm charts
├── ci/ # Pipeline templates and scripts
├── scripts/ # Helper CLI commands
└── docs/ # Runbooks, SLOs, onboarding
For a practical scaffold and a set of helpful commands, review the example repository here: DevOps commands and Terraform module scaffold. Fork it and adapt the scaffolds into your CI and environment orchestration.
Semantic core (keywords and clusters)
Below is an SEO-focused semantic core grouped by intent and priority. Use these clusters to guide on-page language, headings, and FAQ phrasing. These keywords are suitable for natural integration into content, docs, and commit messages.
Primary clusters target high-value search intent (how-to, tool + task). Secondary clusters expand coverage with LSI phrases and voice-search formulations. Clarifying queries capture narrow, problem-solving long-tails.
Primary (high intent / transactional/commercial)
- DevOps commands
- CI/CD pipelines
- Infrastructure as Code (IaC)
- Terraform module scaffold
- Kubernetes manifests
- Container orchestration
- Monitoring and incident response
Secondary (informational / how-to / LSI)
- terraform init plan apply
- terraform module best practices
- kubectl apply rollout status
- docker build push registry
- build once deploy everywhere
- canary deployment pattern
- CI pipeline templates GitHub Actions / GitLab CI
- Helm chart best practices
- prometheus grafana alerting
Clarifying (long-tail / voice search / troubleshooting)
- how to scaffold a terraform module for reusable network resources
- kubectl logs show crashloopbackoff how to debug
- how to implement blue-green deployments in Kubernetes
- how to automate terraform state locking in S3
- steps to set up CI to build and push docker images
- best practices for kubernetes manifests and secrets management
Meta / LSI phrases
- infrastructure automation, IaC testing, terratest examples
- immutable artifacts, image tagging by SHA, artifact registry
- runbook, postmortem, SLO, error budget
- observability, traces, OpenTelemetry, structured logging
FAQ
What are the essential DevOps commands I should memorize?
Start with Git (status, switch, rebase), Docker (build, run, push), kubectl (get, apply, logs, rollout), Helm (install, upgrade), and Terraform (init, plan, apply). Script recurring patterns and add descriptive help text so teammates can quickly run them.
How should I structure a Terraform module scaffold?
Use a simple, documented layout: main.tf for resources, variables.tf for inputs, outputs.tf for outputs, a README with examples, and tests. Keep modules focused, version them semantically, and use remote state with locking for environment orchestration.
What are quick wins for reducing incident recovery time?
Automate runbooks for common failures, instrument for precise alerts (SLO-driven), implement canary/auto-rollback, and ensure structured logs + traces are available. Predefined playbooks and rehearsed run-throughs shorten mean time to recovery dramatically.
Suggested micro-markup (copy/paste)
Add this JSON-LD to your publishing page to surface the FAQ in search results and improve featured snippet chances.
{
"@context":"https://schema.org",
"@type":"FAQPage",
"mainEntity":[
{
"@type":"Question",
"name":"What are the essential DevOps commands I should memorize?",
"acceptedAnswer":{"@type":"Answer","text":"Start with Git (status, switch, rebase), Docker (build, run, push), kubectl (get, apply, logs, rollout), Helm (install, upgrade), and Terraform (init, plan, apply)."}
},
{
"@type":"Question",
"name":"How should I structure a Terraform module scaffold?",
"acceptedAnswer":{"@type":"Answer","text":"Use main.tf, variables.tf, outputs.tf, README with examples, and tests. Keep modules focused and use remote state with locking for environments."}
},
{
"@type":"Question",
"name":"What are quick wins for reducing incident recovery time?",
"acceptedAnswer":{"@type":"Answer","text":"Automate runbooks, use SLO-driven alerts, implement canary/auto-rollback, and ensure structured logs and traces for fast diagnosis."}
}
]
}
Need this article adjusted for a specific cloud provider (AWS, GCP, Azure) or CI platform template (GitHub Actions/GitLab/Jenkins)? Tell me which one and I’ll tailor the examples and scaffolds.
