Eirini – 12 Week Technical Depth Programme

Refresh core networking concepts and rebuild confidence in designing and troubleshooting IP networks.

• Subnetting, VLANs, routing (OSPF/BGP)
• NAT, VPNs, DNS, DHCP
• Hybrid connectivity considerations (on-prem ↔ cloud)

EVE-NG lab: multi-subnet topology with routing and VPN between virtual networks, fully documented. Check out my LinkedIn post on Week 1.

Rebuild day-to-day Linux confidence for working with servers, containers and cloud instances.

• Filesystem layout, permissions, users & groups
• systemctl, processes, logs, networking tools
• Mounts and storage: NFS, fstab, NAS integration

Health & log rotation script plus a persistent NAS mount, combining monitoring, storage and automation.

Build a working AWS environment from scratch: networking, compute, storage and identity.

• Custom VPC, subnets, route tables, Internet Gateway
• EC2 instance with NGINX serving a custom webpage
• IAM roles and S3 bucket with static website hosting
• Versioning, lifecycle rules and encryption for S3

EC2 web server integrated with an S3 static website, including IAM role-based access and cost-optimised S3 configuration.

Transition from a single-instance web service to a resilient, production-style architecture using AWS load balancing and secure traffic handling.

• Application Load Balancer (ALB) architecture and request flow
• Target groups, listener rules and health checks
• Multi-AZ load balancing and failure handling
• Path-based routing for multiple backend services
• HTTPS termination using AWS Certificate Manager (ACM)
• Custom domain configuration and HTTP → HTTPS redirection

A custom domain (eirini.cloud) secured with HTTPS, fronted by an Application Load Balancer routing traffic to multiple EC2-backed applications (/, /app1, /app2), with validated health checks and high availability.

Convert the existing AWS environment into declarative, version-controlled infrastructure using Terraform.

• Terraform providers, resources, variables and outputs
• State management and execution planning
• Describing VPCs, EC2 instances, security groups and ALBs as code
• Rebuilding the Week 4 architecture from scratch using Terraform

A Terraform codebase capable of recreating the full AWS environment (networking, load balancing, HTTPS and backend services) in a repeatable and auditable way.

At the same time, I completed NVIDIA’s course “Introduction to Transformer-Based Natural Language Processing” to better understand the nature of modern workloads that infrastructure teams increasingly need to support, particularly around GPU utilisation, memory and inference behaviour versus training.

Automate operating system and application configuration so servers are configured consistently after provisioning.

• Ansible inventories, playbooks and roles
• Idempotent configuration management
• Service configuration, package management and hardening
• Terraform (provision) + Ansible (configure) workflow

Ansible playbooks that configure NGINX, deploy application content and apply baseline hardening on Terraform-provisioned hosts.

Establish infrastructure as a controlled, auditable delivery process using CI/CD principles rather than manual execution.

• GitHub as the single source of truth for infrastructure
• Terraform plan vs apply separation
• Remote Terraform state (S3 + DynamoDB locking)
• Secure AWS authentication using GitHub OIDC (no static keys)
• Manual approval gates for production changes

• GitHub (eirini-cloud) Actions pipeline enforcing plan → review → apply for infrastructure changes
• Terraform remote state stored in S3 with DynamoDB state locking
• Secure AWS authentication using GitHub OIDC (no static credentials)
• Manual approval gates for production infrastructure changes

Establish a strong observability baseline by understanding what to monitor, why alerts fire, and how metrics reflect real system behaviour — before introducing additional tooling.

• CloudWatch metrics and dashboards
• Metric aggregation, periods and resolution
• Alert thresholds, evaluation periods and datapoints
• Signal vs noise in alerting
• Correlating metrics with real incidents and behaviour

• CloudWatch dashboards for Application Load Balancer request count and latency
• Alarms for no-traffic detection and elevated target response time
• Alert thresholds tuned to reduce noise and false positives
• Baseline operational visibility for a live AWS-hosted service

Introduce containerised workloads and understand how applications are packaged, deployed and scaled using AWS-managed container services.

• Docker images and containers
• Amazon ECR and image workflows
• ECS fundamentals (tasks, services, networking)
• Integrating containers with existing load balancing

A containerised application deployed on AWS and integrated into the existing infrastructure.

Build a practical understanding of Kubernetes as a control plane for distributed systems and container orchestration.

• Clusters, nodes, pods and deployments
• Services, ingress and service discovery
• Scaling behaviour and failure handling
• Operational comparison: ECS vs Kubernetes

A small Kubernetes workload deployed and exposed via a service or ingress.

Deepen operational maturity by layering reliability concepts and advanced observability tooling on top of stable workloads.

• Prometheus metrics and scraping model
• Grafana dashboards and visualisation
• SLIs, SLOs and error budgets
• Log pipelines and basic correlation
• Operational runbooks and response patterns

An operationally meaningful observability setup aligned to reliability goals, not just raw metrics.

Consolidate all learning into a final end-to-end cloud solution demonstrating architecture, automation, reliability and operational maturity.

• End-to-end system design
• Infrastructure as Code and CI/CD
• Observability and operational readiness
• Documentation and architectural presentation