This CKA Exam study guide will help you prepare for the CKA certification exam with all the required resources. We will also be sharing tips that can help you pass the CKA exam with ease.
Certified Kubernetes Administrator (CKA) is one of the best kubernetes certifications from the Linux Foundation. Even you can say it is the top DevOps certification now. It is aimed at engineers interested in setting up and managing Kubernetes clusters.
I have covered everything you need to know about the CKA certification
What is the CKA Certification?
The official CNCF certification page says:
The purpose of the Certified Kubernetes Administrator (CKA) program is to provide assurance that CKAs have the skills, knowledge, and competency to perform the responsibilities of Kubernetes administrators.
As one of the highest velocity open source projects, Kubernetes is exploding. In this scenario – the demand for skilled DevOps Engineers with Kubernetes cluster administration knowledge is growing.
Therefore passing CKA certification can increase your chances for continued growth across the broad set of companies and organizations using Kubernetes.
Register for the CKA Certification Exam [Save 25% Today]
To begin your journey of becoming a Certified Kubernetes Administrator – start by registering for the exam on the Linux Foundation portal.
Note: Save 25% Today on CKA | CKAD | CKS | KCNA certification using the Voucher code given below. This code expires soon.
CKA Exam Voucher: Use coupon DCUBE20 at checkout
If you are planning to do CKS as well, buy it as a bundle to save $320.
Code: Use coupon DCUBE20 at checkout
Here are some things to keep in mind regarding the exam.
- The CKA exam is to be taken online and it is proctored remotely.
- A score of 66% or above must be earned to pass.
- CKA Certification is valid for 3 years.
- After registration, you get one year to schedule the exam.
- After registration, you get a maximum of 2 attempts to take the test. If you miss a scheduled exam for any reason – your second attempt gets nullified.
Note: You can always check the latest Kubernetes Certification Coupon Codes to save costs on the CKA, CKAD, CKS and KCNA certification registration
CKA Certification Preparation Guide
This section will go over resources and links that can help you prepare for the CKA exam better.
Table of Contents
CKA Certification Prerequisites
CKA does not require any candidate to have any other certification before they can appear for the CKA exam. The only thing required to clear the exam is a conceptual understanding of Kubernetes’s internal workings and a lot of practice.
CKA Certification Exam details
Exam Duration | 2 hours |
Pass Percentage | 66% |
CKA exam kubernetes version | Kubernetes v1.27 |
CKA Validity | 3 Years |
Exam Cost | $395 USD |
The CKA exam is an open-book exam i.e. you can use the following websites while you are taking the exam.
- https://kubernetes.io/docs/
- https://github.com/kubernetes/
- https://kubernetes.io/blog/ and their subdomains. This includes all available language translations of these pages (e.g. https://kubernetes.io/zh/docs/)
CKA Exam syllabus
The following table has the domains and competencies part of the syllabus along with their respective weightage.
Topic | Weightage |
Cluster Architecture, Installation & Configuration | 25 % |
Workloads & Scheduling | 15 % |
Services & Networking | 20 % |
Storage | 10 % |
Troubleshooting | 30 % |
CKA Practice Labs
The best way to prepare for the CKA Certification exam is to get a clear understanding of the concepts involved and do a lot of hands-on practice.
Even if you are working actively in Kubernetes production environments, you need to practice to pass the exam.
The below setups will give you a Kubernetes cluster where you can do all the required practice. The exam expects you to solve problems on a live cluster.
CKA does not have any MCQ-type format – so hands-on practice is a must.
- Killercoda
- Minikube
- Kubernetes Setup using Kubeadm [Detailed Guide]
- Kubernetes Vagrant Setup using Kubeadm [ Checkout the Github Repo]
- GKE Cluster using free Google Cloud Credits
- EKS Service on AWS using a Free tier program
- AKS service on Azure using free cloud credits
- Kubernetes Cluster on Digital Ocean[ Get $100 Digital Ocean Free Credits]
CKA Mock Exams
When you purchase the subscription, you will get free access to https://killer.sh/cka exam simulator. You get access to two free mock exams. You can make use of the simulator to give the CKA practice exam.
Also, you can use the following Mock exam to practice for the CKA exam before appearing for the exam.
CKA Syllabus Wise Study Resources
Here, we will be discussing the CKA syllabus-wise official and useful resources that can be used to prepare for each topic of the CKA exam.
Cluster Architecture, Installation & Configuration [ 25% ]
It is very important to understand the Kubernetes architecture before moving on to hands-on labs.
Manage role-based Access Control (RBAC)
Role-based access control is a method of managing access levels to applications or individual users. It’s a handy tool in the hands of an administrator to give fine-grained controls to others.
RBAC essentials | Check RBAC Documentation |
Use Kubeadm to Install a Basic Cluster
For the exam: Create a cluster using kubeadm – Practice and use the official documentation as a reference during the exam.
This section focuses on the setting up of a cluster using the kubeadm tool. The candidate must have a clear understanding of the underlying components of Kubernetes such as etcd, Kube API servers, SSL certificate management, etc.
Note: Ensure swap is disabled on all nodes before deploying the Kubeadm cluster.
Learn About Kubeadm | Kubeadm Documentation |
Tutorial | Kubeadm Cluster Setup Guide |
Here is what you need to focus on for the exam
- From the official documentation, practice the kubeadm cluster creates commands and their associated parameters.
Manage a Highly-available Kubernetes Cluster
Even though there will not be any questions related to HA for the CKA exam, it is good to know about the high availability architecture.
One of the duties of a Kubernetes administrator is to ensure the high availability of the cluster. This involves proper maintenance tasks on the cluster as well as managing the worker nodes.
HA Kubernetes Cluster | HA cluster setup using Kubeadm |
Most clusters today are created on AWS, Azure, or GCP where the respective cloud providers take responsibility for cluster availability. However, it is important to understand the logic behind the HA kubernetes cluster.
Provision Underlying Infrastructure to Deploy a Kubernetes cluster
For kubernetes to work, you need to have
- Certain system configurations
- Container runtime (CRI-O, Containerd, or Docker)
- kubeadm
- kubelet and
- kubectl
Underlying Infrastructure for Kubernetes | Check the Kubeadm installation guide where all the underlying component installation is covered |
Perform a Version upgrade on a Kubernetes Cluster Using Kubeadm
In the exam, you will be asked to upgrade a Kubernetes cluster using Kubeadm.
Kubernetes is a continuously improving tool. Every now and then, a new version comes up with improvements and features. It is the duty of the administrator to take care of version upgrades.
Kubeadm Upgrade Task | Kubernetes Version Upgrade Use Kubeadm |
Implement etcd Backup and Restore
You need to learn and practice etcd backup and restore using the etcdctl utility.
Etcd is a key-value store of the cluster. All the cluster configuration and information regarding pods, services, etc. are stored here in key-value format
Reference Task | etcd Backup & Restore Operations |
Workloads & Scheduling [ 15% ]
Understand Deployments and How to Perform Rolling Update and rollbacks
Kubernetes Deployment ensures a minimum no of replicas of an application running at all times. In case a replica goes down, the Kubernetes API ensures that a new one is created within minutes.
Imperative commands: These are commands which let you create Kubernetes objects via a CLI. Meaning they remove the need to write the whole YAML. Knowing imperative commands can help you save time in the exam. I highly recommend them!
Kubectl commands:
kubectl create deployment <name> --image=<name> //create deployment
kubectl create deployment <name> --image=<name> -- sleep 300 //with command arguments
kubectl scale deployment <name> --replicas=4 //scale up or down
Reference | Kubernetes Deployment Concepts |
Sometimes, you may want to rollback a Deployment; for example, when the Deployment is not stable, such as a crash loopback error, you can roll back the Deployment
Kubectl commands:
kubectl set image deployment <name of deployment> <name of container>=<new image name> // update image
kubectl rollout status deployment <name of deployment> //see status
kubectl rollout history deployment <name of deployment> //see history
Reference | Kubernetes Rolling Update |
Use Config Maps and Secrets to Configure applications
Kubernetes Configmaps are useful to store non-critical data in key-value pair format. They can also be used to inject env vars into pods.
Reference | Kubernetes Configmap Concepts |
Kubectl Commands for Configmaps:
kubectl create cm <name of configmap> --from-file=hello.txt
kubectl create cm <name of configmap> --from-literal=key1=value1
Secrets are useful to store sensitive data in key-value pair format. They can also be used to inject env vars into pods.
Reference | Kubernetes Secrets Concepts |
Kubectl commands for secrets:
kubectl create secrets <name of secret> --from-file=hello.txt
kubectl create secrets <name of secret> --from-literal=key1=value1
Know How to Scale Applications
Kubernetes provides different ways to scale applications. You can use deployment objects and increase the number of replicas of your application.
Horizontal Pod Autoscalers (HPAs) can also be used to increase the no. of replicas according to the application metrics
Understand the Primitives Used to Create Robust, Self-healing, Application Deployments
This section is mostly conceptual, for any self-healing application you should use deployments or stateful sets so that whenever pods go down, Kubernetes recreates them instantly.
Deployments also give you the option to keep a track of all the changes you make. You can also roll back to a previous state very easily.
kubectl set image deployment <name of deployment> <name of container>=<new image name> // update image
kubectl rollout status deployment <name of deployment> //see status
kubectl rollout history deployment <name of deployment> //see history
Understand How Resource Limits Can Affect Pod Scheduling
Cluster management also involves the management of workloads, as an admin – you should ensure that each pod is able to get resources based on its needs.
In kubernetes, each pod can be assigned a minimum and maximum CPU and memory usage.
Reference 01 | Manage Container Resources |
Reference 02 | Pods with resource requests |
Awareness of manifest management and common templating tools
This section expects you to be familiar with tools like kustomization, helm, etc.
Kubernetes Manifests | Managing Kubernetes Objects |
Kustomization | Manage objects with Kustomize |
Services & Networking [ 20% ]
Understand host networking configuration on the cluster nodes
Kube-proxy is the component required on each worker node for the pods to communicate with each other. Networking between nodes involves Kube proxy participation as well.
Kubelet is how a worker node is in-network with the master node. All these concepts are required for understanding networking inside kubernetes.
Reference | Kubernetes Networking |
Understand the Connectivity Between Pods
Kubernetes Pods communicate with each other using services. Kube proxy is the component that makes this possible.
Reference | Understand Kube Proxy |
Understand ClusterIP, NodePort, LoadBalancer service types and endpoints
Understanding each service type along with their use cases is very important. Special attention should be paid to understanding how pods can be added under a service.
Reference | Kubernetes Service Explained |
Know how to use Ingress controllers and Ingress resources
Ingress resources are how external entities are assigned access to internal cluster services. Ingress controllers are load balancers that make it possible.
Reference 01 | Kubernetes Ingress |
Reference 02 | Kubernetes Ingress Controller |
Blog | Ingress Tutorial for Beginners |
SSL BLOG | Ingress TLS/SSL Setup |
Know How to Configure and Use CoreDNS
CoreDNS is a flexible, extensible DNS server that can serve as the Kubernetes cluster DNS. Like Kubernetes, the CoreDNS project is hosted by the CNCF.
Choose an appropriate container network interface plugin
CNI stands for Container Networking Interface and its goal is to create a generic plugin-based networking solution for containers.
There are a lot of solutions such as Flannel, Calico, etc. This section explores some of them.
Reference | Kubernetes Network Plugins |
Storage [ 10% ]
Understand Storage Classes, Persistent Volumes, Persistent Volume Claims
StorageClasses: StorageClass provides a way to describe the “classes” of storage available.
PersistentVolume: It is a piece of storage in the cluster that has been provisioned by an administrator or dynamically provisioned using StorageClasses. They are created over StorageClasses.
PersistentVolumeClaim: It is a request for storage by a user. They are created over PersistentVolumes.
Reference | Kubernetes Persistent Volumes |
Understand Volume Mode, Access Modes, and Reclaim Policies for volumes
Volume modes: Kubernetes supports two types of volume modes: Filesystem & Block.
Access modes: Kubernetes supports three types of access modes: ReadWriteOnce, ReadOnlyMany & ReadWriteMany.
Reclaim Policy: Kubernetes supports three policies: Retain, Recycle & Delete
Know How to Configure Applications With Persistent Storage
Application pods can use persistent storage by mounting a PVC.
Troubleshooting [ 30% ]
Evaluate Cluster and Node Logging & Managing Logs
Application logs can help in understanding the activities and status of the application. The logs are particularly useful for debugging problems and monitoring cluster activity.
Going through logs of kubernetes control plane components like etcd, the scheduler can also be very helpful.
There are certain flags in kubectl commands which can help speed up your debugging cases, they are given below.
Kubectl Command To Check Logs:
kubectl logs deployment/<name of deployment>
kubectl logs deployment/<name of deployment> --tail=10
kubectl logs deployment/<name of deployment> --tail=10 -f
Reference | Kubernetes Logging |
Understand How to Monitor Applications
Monitoring applications can be done by storing logs and studying the application’s metrics.
Tools like Prometheus & Grafana are popular as they make the management of metrics very easy.
Very often, sidecar containers are used as metrics exporters of the main application container.
Troubleshoot Application Failure
Administrators are also required to help users debug applications that are deployed into Kubernetes and not behaving correctly.
Troubleshoot Cluster Component Failure
Cluster components need to be debugged and perform troubleshooting for failures when users are sure that their application has everything perfectly set up.
Troubleshoot Networking
There can be scenarios where things are going wrong on the network end such as some incorrect configuration in ingress resources etc.
Some Unofficial Useful CKA Resources
- Understand kubernetes SSL certificates
- Simulator for hands-on practice
- Vim shortcuts. This will help you save time on exams.
- Hands-on CKA practical question bank on Github
- Tips to Create Kubernetes YAML Quickly
CKA Exam DOs
Following are the things you should do for CKA Certification.
- Start the pre-exam process 30 minutes before the scheduled time. The process includes PSI browser setup, exam environment verification, etc. Overall the pre-exam process takes anywhere between 10-15 minutes.
- While giving CKA practice exams, try to wrap up 15 minutes before the deadline – it will give you additional time to revise the solutions.
- Give a couple of practice exams, identify your weak topics, and spend more time on those.
- If any particular question will take more than 6-7 mins to solve, flag/mark it to solve for later and come back once you solve the rest.
- Ensure you have very good and stable internet connectivity while appearing for the exam. For some reason, if you lose the connectivity you will have to go through the verification process again. That will give you less time to solve the CKA tasks.
- On exam day, try to keep an alternative internet source handy in case of Wi-Fi internet goes down. We don’t want all our handwork to be wasted, do we?
CKA Exam DON’Ts
Don’t do the following during your CKA certification exam.
- Most people don’t even use an alias. So no need to overwhelm yourself with an
alias
for everything. - Don’t take the exam on the last day. The idea is to give it in a pressure-free environment.
- At the time of the exam, you don’t have anything on the table other than your workstation or laptop. Linux Foundation has strict rules on the CKA exam environment.
CKA Preparation Courses
Investing in a course will help you understand all the concepts for the exam in an easier manner. If you are a beginner, we strongly suggest you invest some time and money in a course of your choice.
We have the following recommendation.
- CKA preparation course by Mumshad: His course has a lot of quizzes and hands-on labs.
CKA Exam FAQs
Can I use an Extended Monitor For the CKA Exam?
Yes. An extended monitor connected to a single computer is supported provided you have the camera attached to it.
Is there any coupon code for the CKA Exam?
Yes. You can use code DCUBE20 at kube.promo/devops to redeem a 20% discount on CKA exam registration
Conclusion
This CKA exam study guide will help you understand cluster components and their management in a much better way and help in your career progression.
if you are trying to become a devops engineer, CKA is a great certificate to have. Its importance will only grow in the future. So give your best and prepare well!
This guide has given you all the resources, tips, and methods to help you prepare. we will keep updating it with new tools and resources. All the best for your preparations.
Also, check out Kubernetes beginners tutorials to learn more about Kubernetes. If you want a structured roadmap, check out the Kubernetes learning path.
If you are interested in DevOps certifications, check out our comprehensive guide on the best devops certifications.
1 comment
kubectl create secret generic ….