So, “How do you check the MAC address of the NIC in your favorite Linux distro?” was the question, which my mentee had failed to answer, and the interviewer had ended the conversation much earlier. Not a good sign. In fact, his problem wasn’t just the fact that he didn’t know the command, but he had barely heard of the MAC address. Let alone the fun fact that he had no favorite Linux distro. “What does it have to do with cloud engineering?” he asked.
You can replace the MAC address with the ARP cache, routing table, port scanning, list of processes, free memory, etc. The point is, with a few changes here and there, the paragraph above shows a classic conversation that I have had numerous times since people from non-IT fields discovered the world of cloud engineering certificates. Unsurprisingly, the same case applies to some of the brightest people, such as data scientists and engineers who are transitioning to the world of cloud architecture and/or engineering (although the two terms are not interchangeable and I will cover the details in a separate piece).
The cold hard fact is, you cannot blame the interviewers when they ask questions that are not 100% part of the “cloud certifications” as they mostly have systems, network, or security backgrounds. This might change in five to seven years when purely cloud people with no on-premises background start dominating the market, but today most job interviews are done by the veterans of those fields, who have added cloud to their resumes.
The million-dollar question that is always raised here is a simple one; can I be a cloud engineer or architect without getting my hands dirty with any “traditional” stuff such as networking, systems engineering, or security? It’s the latest technology right? Let’s just focus on that.
The answer is negative, and I expect it to remain negative for the foreseeable future because almost everything you see in today’s cloud world is built based on existing core technologies that the IT folks designed, built, and troubleshot for decades in their data centers.
Hence, I stand corrected. If I advised people with just about any background to start their cloud engineering journey through some certification tracks three years ago, it’s changed now. We have seen hundreds, if not thousands, of cases where a strong foundation has to be laid before building anything cloud-related on top of that and that’s key when the candidate is looking to attend interviews and eventually perform in their new positions at an acceptable level. I understand this statement might disappoint a large group of job seekers hoping to land their dream job by just passing an associate-level cloud certification. I also equally appreciate that developing that foundation will take months of hard work, costs, and sometimes frustration. But the good news that I hope this article can convey is that it is still possible to structure a truly winning plan by taking all the past experiments, failures, and success stories into account.
Alright, readers. This is the point where, in my live presentations and classes, some folks raise their hands to inform me that they have a cousin or a colleague who has got her favorite job as a senior cloud engineer without knowing any of the foundational stuff; basically, just by earning a few cloud certifications. My response to that challenge has some irony; every smoker has a grandpa, another heavy smoker, who’s been puffing since WW2, is in great shape, has impeccable blood work, and hits the Muscle Beach every day. Fair enough. But, between what science says and what Grandpa Roger does, I am more leaning toward science. One person might get lucky, ten people might get lucky too, but let’s not turn this into a rule.
This article covers a 3-Tier plan. Plain and simple. Although it never claims that they’re the only paths forward, it does claim that what you see here demonstrates some of the VERIFIED paths forward.
Tier1
Suggested window: 4 solid months; around 6 hours a day (varies widely from one person to another)
Core skillsets: Basics of networking – Basics of systems – Basics of cloud engineering
Relevant certifications/resources: CompTIA Network+ – Red Hat RHCSA (Reduced scope) – One of the associate level degrees such as Oracle OCI, Microsoft Azure, or AWS.
Primary goal: You can win junior-level interviews for entry-level cloud engineering positions. You should also be able to perform successfully in real-world environments without constant supervision, with clear high-level guidance and architecture from a senior person.
Secondary goals (i.e., Bonus goals): You can cautiously broaden the scope of your job search to entry-level network and systems engineering positions. Here, the cloud skillset will take a back seat but act as the best compliment to what you are bringing to the table. Keep in mind that, currently, a small percentage of network or systems engineers are trained to perform cloud-related tasks. The secondary goals are crucial, especially when there are not too many cloud engineering positions in your area of search.
Playbook: My goal here is to focus on the two main fundamental pillars of network and systems engineering in a structured fashion before diving into the world of cloud engineering. In this tier, I suggest you follow the Network+ curriculum to learn why we need networks and how they look. If you’re behind schedule, you can safely skip the wireless topics. But, you need to master the sections on TCP/UDP ports, protocols, routing and switching, and IP addressing. Furthermore, ensure you study the basics of services such as DHCP and DNS. Keep in mind, in this tier, I am not expecting you to configure BIND for DNS, but I do expect you to explain exactly what happens when someone types an address in the address bar of their browser.
Then you move on to one of the systems engineering tracks and build the foundation to understand and do basic tasks on a widely used operating system. You could choose Windows Server, and the plan won’t stop you. Microsoft, in fact, has some solid Server (Hybrid these days) certifications that can help. But I won’t consider this done until you pick up the basics of Linux by creating your limited scope RHCSA track. You can safely drop the sections on SELinux, Firewalls, KVM, partitioning, and Remote Mounting to reduce the scope. Make sure you are very comfortable with the basics of the CLI, editors, permissions, processes, resource health check, boot process, logging, and package management. By this time, you should be able to answer any question on the top 50 Linux commands, speak to the basics of routing, understand how we subnet or supernet, and grab the marker and draw a very basic network with its DHCP, DNS, and Web servers designed for a small enterprise with fewer than 200 employees.
Now you are prepared to start your cloud journey by following the curriculum provided by one of the cloud market leaders such as Oracle OCI (comes with free training), Microsoft Azure, or Amazon AWS. They all have detailed exam objectives, books, and videos that will prepare you to truly earn your first associate degree in cloud engineering. Do you know how traceroute works? How about SSH? How about Ping? Passive vs. active FTP? What is MACsec? IPv4 vs. IPv6?
Can you pass the exam with more than one vendor? Absolutely. In fact, multi-cloud is exactly what the future holds. But read on; you have more tiers to work through. But I have more on this approach.
Tier 2
Suggested window: 5 solid months; around 6 hours a day (after completing Tier 1)
Core skillsets: Specialized networking – Focused systems engineering – Architecture level cloud scenarios – Basics of automation with Terraform, CloudFormation, and/or Python.
Relevant certifications: Cisco CCNA (In urgent cases can be limited scope)- Red Hat RHCSA (Full scope)– One of the professional level certifications such as Oracle OCI or AWS.
Primary goal: You can win mid-level interviews for could engineering positions. This includes operations (SRE/NRE), implementation, and basic designs. You should also be able to perform successfully in the real world and complex environments with minimum supervision, with clear guidance on critical tasks and designs. This is also a good time to start your own GitHub, YouTube Channel, or Blog. Build confidence around the concepts of design and architecture.
Secondary goals (i.e., Bonus goals): At this point, with a bit of luck and a lot of practice, you should be able to attend phone screens and interviews related to junior network and systems engineering positions as well. In fact, it depends on how much time you have spent on your hands-on skills, such as those you can learn in simulators and/or real gear. If you are taking this path, I suggest, the week before the interview, you review the Border Gateway Protocol (BGP) from your CCNP resources and some of the key services such as Apache, BIND, and Firewalls from your RHCSA/RHCE books. By this time, you can also consider yourself a junior network or systems engineer with the precious knowledge of cloud engineering, again another small community. That is a resume that I would not pass on easily.
Playbook: The CCNA course is one of the most mature IT certifications that thousands of people over decades have gone through. First off, let me express some empathy right here. I take and understand your point in wondering why you would need to know anything about routers and switches? Why would anyone need any layer 2? Who would memorize so much stuff in the 21st century?
Believe it or not, the technical topics in this area are so mingled up that sooner or later, you will meet that interviewer who asks about them, or you will get that ticket/case where you have no idea why certain cloud-based resources are not reachable. Hence, bear with me and go after your CCNA. Then comes the easy part. Here you need to go back to where you left things off in Tier 1 and complete the RHCSA track or even take its exam if you have liked it so far (and have an appetite for automation with Ansible, since things changed a bit around 2018-2019). To put bulletproof armor on your resume, at this point, I would also start learning about virtualization and containerization. Both topics are very well documented, and you can easily find tens of reliable resources to learn the basics of the two.
Now you are ready to take your cloud associate-level knowledge to the next level by working on the professional exams. Keep in mind, better to fail four times and master the topic than pass on the first attempt and not know the details. So, take your time.
Tier 3
Suggested window: Open-ended. I suggest at least 9-12 months (after completing Tier 2)
Core skillsets: Advanced networking – Advanced systems engineering – Professional level cloud architecture plus at least one specialty – Intermediate to advanced security. I would also expect to see quality artifacts on your GitHub location or your YouTube channel or blog.
Relevant certifications: Cisco CCNP Enterprise/Routing and Switching- Red Hat RHCE (Full scope)– One of the professional level degrees such as Oracle OCI or AWS and one of the specialty exams such as Advanced networking or security – CompTIA Security+ (optional for security enthusiasts– and later on, with more experience, you might want to add CISSP here).
Primary goal: This tier is where the gloves come off. So, be prepared for long hours of studying and hands-on scenarios. You should win just any interviews for the could engineering positions not matter if the interviewer has had his morning coffee or not. You can design and implement. You are able to troubleshoot and provide clear guidance to other engineers and customers. I would also expect you to articulate your ideas in front of a challenging audience, create quality artifacts and develop technical assets such as blogs and articles.
Secondary goals (i.e., Bonus goals): Most likely, you won’t need a secondary goal after completing most requirements of this tier, as currently, in the 2021-2022 timeframe, the job market for cloud experts is booming. However, you can still increase your chances of finding a job by applying for network and systems engineering positions. If you are applying for network engineering positions, make sure you master the two routing protocols of OSPF and BGP as well as the other common topics such as STP/L2 (yes, some places still run them and some sessions including the heartbeats need them) and services such as NTP, Syslog, WCCP, etc. However, if, as a secondary goal, you are now more attracted to systems engineering fields, most large organizations have separate Windows and Linux teams. Pick your operating system and master all its services, including AD/LDAP, mail, Web, DNS, NFS, database, cache, firewall, etc. If you follow the typical RHCE track, almost all of them are covered, along with a significant dose of Ansible automation. You might need to top it off with some storage knowledge, such as the basics of SANs, etc.
I strongly recommend you watch my YouTube presentation at NANOG77 on network engineering interview questions and strategies.
Playbook:
Although there are many valuable resources for Cisco CCNP and Security-related courses such as Security+, most students find it confusing to develop a solid strategy to improve their cloud skills to live up to the Tier 3 expectations.
My approach here is a personal one that’s been extensively tested with my students and mentees, and it’s simple:
Do fall in love with the official documentation of your public provider, inside-out, line-by-line.
You should be able to scroll down a random page and say, “Hah! They must’ve updated this paragraph over the weekend!”. It’s been my long-standing recommendation, but over time, I also learned most people either do not spend enough time on the documents initially or, even if they do, they don’t keep the knowledge fresh by constantly reviewing them. Earlier in 2020, I published my class notes in the form of a scenario-based kickstart book or the Advanced Networking Exam Guide (ANS-C01) which was published by my successors later in 2022 or many other great books published by other authors. In the case of the first two books, any engineer worth their salt should be able to cram the brief lessons in those books in a few days and refresh knowledge on the network part of cloud engineering. One way or another, you are expected to be the go-to person for details and not just the “cover page” of the topics.
Beyond Tier 3
If you have made it to this tier, I assume you landed a cloud engineering job. At work, you are very comfortable with both network and systems topics, and you can carry a meaningful conversation with the security experts of your organization or your customers.
But, what’s the next level from here?
It depends on several factors, including your passion, location, professional and financial goals, and, last but not least, family/personal commitments. We work to live and not the other way around.
To expand your knowledge in the cloud space, you can either go vertically or horizontally. In a vertical approach, you stay with the same public cloud vendor but learn more of their technologies such as databases/Big data, AI/ML, DevOps, IoT, SaaS, etc. In contrast, a horizontal approach will engage you in scenarios with other public cloud providers. For example, if you have completed your first three tiers in Oracle OCI, now you turn your attention to Google GCP or Amazon AWS. Both approaches have pros and cons that I will examine in a separate write-up.
If your days are more like network engineers, you might want to start looking into some CCIE Enterprise or Service Provider courses, two paths which I recommend a solid 18-month preparation process for each. You can also go horizontal and start exploring the other network engineering vendors such as Juniper and their certification paths like JNCIE. Finally, you might want to be a professional in the world of automation in computer networks and pursue Python and other coding challenges.
If your career path is now more around systems, you have similar choices. Vertical to master the details of operating systems, including kernel, system calls, complex clusters, etc. Or horizontal to learn about the other vendors. Similarly, you can focus on coding with tools such as puppet, chef, and Ansible, and go as deep as you wish.
Finally, I would never take my chances and solely rely on an associate-level degree to look for jobs in cloud engineering unless I feel as lucky as grandpa Roger. It takes a solid preparation plan and here we reviewed one of the possible paths.
