How To Become A Certified Kubernetes Administrator

May 11, 2020 | 5 Minute Read

Tags: certification , DevOps Culture , Docker & Container Platforms , DevOps

I have recently passed the Certified Kubernetes Administrator examination, and I would like to share what it took for me to get there.

About the Exam

Linux Foundation's Certified Kubernetes Administrator (CKA) is one of the most sought after certifications today. CKA exam tests one's practical knowledge rather than the theoretical expertise; hence all questions are task-based and not Multiple Choice Questions (MCQs). You can read more about CKA here.

Curriculum

The Curriculum for the CKA exam tests a candidate on the following aspects:

  • Application Lifecycle Management - 8%
  • Installation, Configuration & Validation - 12%
  • Core Concepts - 19%
  • Networking - 11%
  • Scheduling - 5%
  • Security - 12%
  • Cluster Maintenance - 11%
  • Logging / Monitoring - 5%
  • Storage - 7%
  • Troubleshooting - 10%

The curriculum might look a little overwhelming at the first look. From the questions that I encountered in the exam, the following are the concepts, one needs to be thorough with:

  • Pods, InitContainers, Static Pods
  • Deployments - create, list, update, rollback, and scale.
  • Services - create, list
  • Secrets - create, list, mounting as a file to a pod, and passing as an environment variable.
  • Namespaces
  • Storage - Persistent Volumes and Persistent Volume Claims, emptyDir
  • Troubleshooting - services on worker nodes, static pods running on Kube-system
  • Setting up the cluster - Kubeadm.
  • Networking - understand how pods and services communicate. Resolving DNS names of pods and services
  • Kubectl output formats - JSON, JSONpath, custom-columns
  • Etcd: Backup and restore
  • Metrics server (Kubectl top)

Additionally, experience with Linux Shell (bash), vim editor, and YAML along with tools such as grep, awk, etc. would be of great advantage.

Preparation

I have been working on Kubernetes for about a year, and most of it is on managed Kubernetes, i.e., on AWS, Azure, and Digital Ocean. I have a rich understanding of Kubernetes’ architecture and have deployed and managed applications in production. So, I had hands-on experience. Having said that, as I worked mostly on the Managed Kubernetes cluster, I didn't pay much attention to how various components in a Kubernetes cluster interact with each other.

Coming to the courses, I have followed Mumshad Munnambeth's course and hugely benefited from it. The course is available on Udemy and KodeKloud. The practice tests and the mock exams (which I took twice) immensely boosted my confidence and prepared me well for the exam. 

If you have no or minimal experience working with Kubernetes or containers, start with Docker and get in-depth knowledge and practice on Docker and then start learning the basics of Kubernetes. It's essential to understand the syntax of Yaml.

  • Start by creating a single container pods and then create deployments. 
  • Learn multi-container pods. 
  • Expose the pods and deployments with services. 
  • Then move on to Volumes and Persistent Volumes. 
  • Understand environment variables, config maps, and secrets and start using them with your applications (pods and deployments).

Make sure you learn JSONpath syntax and practice getting various fields of Kubectl output such as status of pods, nodes, labels, etc. using JSONpath and custom-columns. 

To Kubernetes the Hardway or Not to

When I started the preparation for the examination, I went through a series of blog posts and posts related to CKA on this thread - r/kubernetes. The opinion is divided on building a cluster from scratch following Kelsey Hightower's Kubernetes the hard way (KHW). 

Some suggested that it is very critical to pass the exam, while others felt it's not at all required. While there were no direct questions from the KHW, however, it helps one gain a good insight into the components of the control plane and worker nodes in the Kubernetes cluster. I failed in bringing up the cluster twice, and just on the day of the exam, I tried again and was able to set up the cluster the hard way. 

I would suggest, don't spend so much time on doing KHW, instead, try practicing the creation of various Kubernetes objects.

Lab

I have made the best of Digital Ocean Free tier account and set up a Kubernetes cluster on Droplets using Kubeadm. Whether or not you do KWH, make sure to create a cluster using kubeadm. There is a high possibility that there can be a question asking to create a cluster using Kubeadm.

Exam

As you might have already known, the exam is 3 hours long, and there are 24 questions/tasks. Each question has its weightage based on the complexity. The exam is conducted from a Chrome browser and all three OS Windows/Mac/Linux are supported. The exam portal has a shell, and the questions are displayed in the left panel. There's a notepad that can be used to make any notes. An additional browser tab can be opened along with the site under which kubernetes.io can be opened. This is quite useful, as we might not remember the syntax of Kubernetes API objects. With the documentation at our disposal, it is not very difficult to complete all the tasks. However, time is a crucial factor, so keep track of the time and flag any question that is taking a long time to revisit later.

It's not very time efficient to create Kubernetes manifests for every question, so you may want to use imperative commands along with '--dry-run' and '-o YAML' options to create manifest files and edit them as per the question. Example: If the task is to create a pod with multiple containers or mount volumes, instead of creating the pod manifest from scratch, you could do the following:

kubectl run --generator=run-pod/v1 post --image nginx --dry-run -o yaml > podmanifest.yaml

This creates a pod definition file named 'podmainfest.yaml' with the spec of one container. You can edit this and add additional containers or volume mounts and volumes as per the question.

Aliases

I wouldn’t suggest creating too many aliases. I have only set up two aliases:

  • 'k='kubectl''
  • 'kg='kubectl get''

Conclusion

While the CKA exam is a difficult one to clear, with the right approach towards the preparation and a lot of practice, it's not too tough to make the examination.