The objective of this repository is help you for taking the Certified Kubernetes Administrator (CKA) exam using online resources, especially using resources from Kubernetes Official Documentation.
The references were selected for the Exam Curriculum 1.14.1, which uses Kubernetes 1.14 version, and there are exclusive information for API objects and annotations. For more information, please see CKA Curriculum.
Please, feel free to place a pull request whether something is not up-to-date, should be added or contains wrong information/reference.
The exam is kind of "put your hands on", where you have 24 problems to fix within 180 minutes. Based on that, you have ~7.5 minutes per problem, where usually you will spend more time in some problems than others.
My tip: Spend your time wisely. Use the Notebook feature (provided in exam's UI) to keep track of your progress, where you might take notes of each question, put some anottations in order to help you. Additionally, don't get stuck, move to the next problem, and take it back when you finish all the other problems.
Exam Cost: $300 and includes one free retake.
It's important to mention that you have access to Kubernetes Oficial Documentation during the exam. So get yourself familiar with Kubernetes online documentation, and know where to find all specific topics listed below. It might be helpful for you during the exam.
For information about the exam, please refer Certified Kubernetes Administrator (CKA) Program.
Exam objectives that outline of the knowledge, skills and abilities that a Certified Kubernetes Administrator (CKA) can be expected to demonstrate.
-
Understand Deployments and how to perform rolling updates and rollbacks.
-
Example Deployment File (dep-nginx.yaml) using NGINX
apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.15.4 ports: - containerPort: 80
# Create Deployment kubectl create -f dep-nginx.yaml # Get Deployments kubectl get deployments # Update Deployment kubectl edit deployment.v1.apps/nginx-deployment # See rollout status kubectl rollout status deployment.v1.apps/nginx-deployment # Describe Deployment kubectl describe deployment # Rolling back to a previous revision kubectl rollout undo deployment.v1.apps/nginx-deployment
-
Know various ways to configure applications.
-
Know how to scale applications.
-
Concepts: Cluster Administration: Managing Resources: #Scaling Your Application.
# Increase replicas number for nginx-deployment kubectl scale deployment/nginx-deployment --replicas=5 # Using autoscaling kubectl autoscale deployment/nginx-deployment --min=2 --max=5
-
-
Understand the primitives necessary to create a self-healing application.
-
Design a Kubernetes cluster.
-
Install Kubernetes masters and nodes.
-
Configure secure cluster communications.
-
Configure a Highly-Available Kubernetes cluster.
-
Know where to get the Kubernetes release binaries.
-
Provision underlying infrastructure to deploy a Kubernetes cluster.
-
Choose a network solution.
-
Choose your Kubernetes infrastructure configuration.
-
Run end-to-end tests on your cluster.
-
Analyse end-to-end tests results.
-
Run Node end-to-end tests.
# Kucebtl Cheatsheet commands to end-to-end tests
# Display addresses of the master and services
kubectl cluster-info
# Dump current cluster state to stdout
kubectl cluster-info dump
# Check health of cluster components
kubectl get componentstatuses
# List the nodes
kubectl get nodes
# Show metrics for a given node
kubectl top node my-node
# List all pods in all namespaces, with more details
kubectl get pods -o wide --all-namespaces
# List all services in all namespaces, with more details
kubectl get svc -o wide --all-namespaces-
Understand the Kubernetes API primitives
-
Understand the Kubernetes cluster architecture.
-
Understand Services and other network primitives.
-
Understand the networking configuration on the cluster nodes.
-
Understand Pod networking concepts.
-
Understand service networking.
-
Deploy and configure network load balancer.
-
Know how to use Ingress rules.
-
Know how to configure and use the cluster DNS.
-
Understand CNI.
-
Use label selectors to schedule Pods.
-
Understand the role of DaemonSets.
-
Understand how resource limits can affect Podscheduling.
-
Understand how to run multiple schedulers and how to configure Pods to use them.
-
Manually schedule a pod without a scheduler.
-
Dispaly scheduler events.
-
$ kubectl get events # or $ kubectl describe pods | grep -A7 ^Events # Master/Control node $ tail /var/log/kube-scheduler.log
-
-
Know how to configure the Kubernetes scheduler.
-
Know how to configure authentication and authorization.
-
Understand Kubernetes security primitives.
- Reference: Accessing the API: Authorization Overview
- Check all sub resources (Node Authorization, ABAC, RBAC, and Webhook)
- Reference: Accessing the API: Authorization Overview
-
Know to configure network policies.
-
Create and manage TLS certificates for cluster components.
-
Work with images securely.
-
Define security contexts.
-
Secure persistent key value store.
-
Understand Kubernetes cluster upgrade process.
-
Facilitate operating system upgrades.
-
Implement backup and restore methodologies.
-
Understand how to monitor all cluster components.
-
Understand how to monitor applications.
-
Manage cluster component logs.
-
Tasks: Monitor, Log, and Debug: Troubleshoot Clusters
- Master Log Files
/var/log/kube-apiserver.log - API Server, responsible for serving the API /var/log/kube-scheduler.log - Scheduler, responsible for making scheduling decisions /var/log/kube-controller-manager.log - Controller that manages replication controllers- Worker Nodes Log Files
/var/log/kubelet.log - Kubelet, responsible for running containers on the node /var/log/kube-proxy.log - Kube Proxy, responsible for service load balancing
-
-
Manage application logs.
-
Understand persistent volumes and know how to create them.
-
Understand access modes for volumes.
-
Understand persistent volume claims primitive.
-
Understand Kubernetes storage objects.
-
Know how to configure applications with persistent storage.
-
Troubleshoot application failure.
-
Troubleshoot control plane failure.
-
Troubleshoot worker node failure.
-
Troubleshoot networking.
Tip: Use kubectl Cheatsheet during the exam. You don't need to decorate everything.
# Use "kubectl describe" for related events and troubleshooting
kubectl describe pods <podid>
# Use "kubectl explain" to check the structure of a resource object.
kubectl explain deployment --recursive
## Add "-o wide" in order to use wide output, which gives you more details.
kubectl get pods -o wide
## Check always all namespaces by including "--all-namespaces"
kubectl get pods --all-namespacesGenerate a manifest template from imperative spec using the output option "-o yaml" and the parameter "--dry-run":
# create a service
kubectl create service clusterip my-service --tcp=8080 --dry-run -o yaml
# create a deployment
kubectl run nginx --image=nginx --dry-run -o yaml
# create a pod
kubectl run nginx --image=nginx --restart=Never --dry-run -o yamlCreate resources using kubectl + stdin instead of creating them from manifest files. It helps a lot and saves time. You can use the output of the command above and modify as required:
cat <<EOF | kubectl create -f -
...
EOF It saves lots of time, believe me.
Kubectl Autocomplete
source <(kubectl completion bash)Practice a lot with Kubernetes:
- Kubernetes the Hard Way by Kelsey Hightower
- Katacoda: Learn Kubernetes using Interactive Browser-Based Scenarios
Some links that contain tips that might help you from different pespectives of the CKA exam.