Certified Kubernetes Administrator (CKA) and Certified Kubernetes Application Developer (CKAD) are 100% hands-on exams, they are not easy and I would recommend invest time in learning. I spent 3 months on preparation, I started from reading blogs similar to this one, later I jumped into official K8s documentation and also to famous Kubernetes the Hard Way (needed just for CKA, for CKAD knowledge from cluster bootstrapping is not required). I did lot of hands-on exercises. I’ve built and destroy few times my own Kubernetes cluster on Google cloud, I was breaking and repairing particular K8s services like kubelet (this is good way if you want to learn how K8s works in details), I passed CKA and 2 weeks later CKAD. In my opinion both exams complement each other and give a great understanding of Kubernetes technology. On both exams you can use official K8s documentation.
You will have 180 minutes for 24 questions. In my opinion CKA exam is easier than CKAD (at least I had less problems), however you need to know well Kubernetes cluster architecture including TLS certificates generation and etcd administration, also you need to have knowledge from Linux systemd services.
Key elements for CKA:
- Master kubectl imperative object management — there will be no time for copy-paste objects yaml file definition from documentation. You need to know how to generate such file with kubectl imperative commands. For example, if you want to have Pod yaml definition use below command
kubectl run pod_name — image=nginx — restart=Never — dry-run -o yaml
if you want to have Deployment yaml omit “— restart=Never” :
kubectl run pod_name — image=nginx — replicas=3 — dry-run -o yaml
and you will get your 3 replica set Deployment definition. You can modify it now for your own needs. This is very fast and easy!
2. Learn how to use “kubectl — help”
Example, If I want to create secret I do not need to memorize command syntax. I always do:
“kubectl create secret — help” and I’m able to get ready to use command:
kubectl create secret generic my-secret — from-literal=key1=supersecret — from-literal=key2=topsecret
if I want to have quota I do “kubectl create quota — help” and I get:
kubectl create quota my-quota — hard=cpu=1,memory=1G,pods=2
3. Make sure you know well Tasks section from K8s official documentation.
“Tasks” section helps you a lot on exam. You need to know how to quickly find the right topics on this page. You will use it a lot!
4. Get familiar with kubectl Cheat Sheet — you will find there lot of hints, e.g how to sort:
kubectl get pods --sort-by='.status.containerStatuses.restartCount'
5. Learn yourself Linux systemd. I like this blog. It will help you debug problems with systemd services on exam.
systemctl enable <service_name>
systemctl start <service_name>
systemctl status <service_name> — show location of the systemd service file. Useful for debugging.
7. Make sure you understand etcd architecture.
Time management is a key in this exam. You have just 120 minutes for 19 advanced questions. Questions are rewarded with percentages. Some questions are worth 2% and some 7%. Due to lack of time I skipped questions with low percentage. Questions are more advanced than in CKA, usually you will have to do several tasks in one question. Kubernetes objects understanding helps a lot.
- Make sure you know well this repo. I recommend do all examples from this repository at least three times. This knowledge will help you a lot during exam.
- Remember (even more than on CKA) about kubectl imperative object management and “- -help”. If you want to create cron job dust do:
“kubectl run — help|grep -i schedule” and you will get
kubectl run pi — schedule=”0/5 * * * ?” — image=perl — restart=OnFailure — perl -Mbignum=bpi -wle ‘print bpi(2000)’
- now you need to just adjust command from above to your needs.
- Make sure you understand well Kubernetes services.
- Read about Logging Architecture.
- “kubectl explain” is your friend. Sometimes you will have to add new values to already running Pods, the faster way to find right place in yaml file is “kubectl explain”.
kubectl explain job.spec will show you fast all possibilities for Job,
kubectl explain job.spec . — recursive will show you all details.
- Make sure you understand Network Policies.
- Namespaces. You will have to understand how to work with objects in different namespaces.
# Job template
$ kubectl run nginx --image=nginx --restart=OnFailure --dry-run -o yaml
# Pod template
$ kubectl run nginx --image=nginx --restart=Never --dry-run -o yaml
# Deployment template
$ kubectl run nginx --image=nginx --dry-run -o yaml
# Servcie template
$ kubectl expose deployment nginx --type=NodePort --port 8080 --dry-run -o yaml# You can change resource to release by changing --restart option:
# kind | option
# deployment | none
# pod | --restart=Never
# job | --restart=OnFailure
# cronjob | --schedule='cron format(0/5 * * * *)'
# In case that kubectl run will be deprecated in the future,
$ kubectl create deployment nginx --image=nginx --dry-run -o yaml