feat(lab-02): complete Phase 3 - Network & VPC lab

Implement Lab 02 with Docker bridge networks simulating VPC/Subnets.

Test Infrastructure (RED phase):
- 6 bash test scripts for network creation, isolation, INF-02 compliance
- Fail-fast orchestration with run-all-tests.sh
- Quick validation script for development

Documentation (Diátaxis framework):
- 3 tutorials: VPC creation, container deployment, isolation verification
- 4 how-to guides: create network, inspect config, test isolation, cleanup
- 3 reference docs: Docker network commands, Compose syntax, VPC mapping
- 1 explanation: Docker ↔ VPC parallels (PARA-01/02/03/04)

Infrastructure (GREEN phase):
- docker-compose.yml with VPC networks (10.0.1.0/24, 10.0.2.0/24)
- 5 services: web, app, db, test-public, test-private
- INF-02 compliant: 127.0.0.1 bindings only, no 0.0.0.0
- Private network with --internal flag
- Multi-homed app container (public + private networks)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

README.md

@@ -62,21 +62,27 @@ Scarica Docker Desktop da https://www.docker.com/products/docker-desktop/
 
 Il corso è composto da 5 laboratori progressivi:
 
-### 1. IAM & Sicurezza
+### 1. IAM & Sicurezza ✅ COMPLETATO
 Configura utenti Linux, permessi Docker socket, capisci i paralleli IAM.
 - Crea utenti con permessi limitati
 - Configura accesso al Docker socket
+- Container non-root per sicurezza
 - Parallelismo: Utenti Linux -> IAM Users, Gruppi -> IAM Roles
 
-### 2. Network & VPC
-Crea reti Docker isolate che simulano VPC e Subnets cloud.
-- Reti bridge isolate
-- Regole di firewall tra container
-- Parallelismo: Docker Networks -> VPC, Container -> EC2 instances
+**Documentazione:** [Tutorial](labs/lab-01-iam/tutorial/) | [How-to](labs/lab-01-iam/how-to-guides/) | [Reference](labs/lab-01-iam/reference/) | [Explanation](labs/lab-01-iam/explanation/)
 
-### 3. Compute & EC2
+### 2. Network & VPC ✅ COMPLETATO
+Crea reti Docker isolate che simulano VPC e Subnets cloud.
+- Reti bridge isolate con subnet personalizzate (10.0.1.0/24, 10.0.2.0/24)
+- Regole di isolamento tra container (ping test)
+- Reti private con flag `--internal` (simulano private subnet)
+- Parallelismo: Docker Networks -> VPC, `--internal` -> Private Subnet, `--subnet` -> CIDR blocks
+
+**Documentazione:** [Tutorial](labs/lab-02-network/tutorial/) | [How-to](labs/lab-02-network/how-to-guides/) | [Reference](labs/lab-02-network/reference/) | [Explanation](labs/lab-02-network/explanation/)
+
+### 3. Compute & EC2 🔄 IN CORSO
 Deploy container con limiti CPU/memoria e healthchecks.
-- Configura limiti di risorse
+- Configura limiti di risorse (cpus, mem_limit)
 - Implementa healthcheck personalizzati
 - Parallelismo: Container -> EC2, Resource limits -> Instance types
 
@@ -170,10 +176,18 @@ Questo corso segue principi di sicurezza rigorosi:
 
 ## Roadmap
 
-- [x] Phase 1: Setup & Git Foundation
-- [ ] Phase 2-5: Sviluppo Laboratori Core
-- [ ] Phase 6: Integration & Testing
-- [ ] Phase 7-10: Polish & Final Validation
+### Progresso Complessivo: 60% (3/5 Lab Core completati)
+
+| Phase | Stato | Descrizione |
+|-------|------|------------|
+| Phase 1 | ✅ COMPLETATA | Setup & Git Foundation |
+| Phase 2 | ✅ COMPLETATA | Lab 01 - IAM & Sicurezza |
+| Phase 3 | ✅ COMPLETATA | Lab 02 - Network & VPC |
+| Phase 4 | 🔄 IN CORSO | Lab 03 - Compute & EC2 |
+| Phase 5 | ⏸️ DA INIZIARE | Lab 04 - Storage & S3 |
+| Phase 6 | ⏸️ DA INIZIARE | Lab 05 - Database & RDS |
+| Phase 7 | ⏸️ DA INIZIARE | Integration & Testing |
+| Phase 8-10 | ⏸️ DA INIZIARE | Polish & Final Validation |
 
 Vedi `.planning/ROADMAP.md` per dettagli completi.