Pass the CKA Certification Exam: The Ultimate Study Guide

Prepare for the Certified Kubernetes Administrator (CKA) exam with our comprehensive study guide. Get expert tips, essential resources, and practice tests to earn your CKA certification and advance your career in Kubernetes administration.

Certified Kubernetes Administrator (CKA) is one of the best kubernetes certifications from the Linux Foundation. You could even say it's the top DevOps certification right now. It is aimed at engineers interested in setting up and managing Kubernetes clusters.

In this CKA Certification learning path, we cover everything you need to know about the CKA certification

The official CNCF certification page says:

As one of the highest velocity open source projects, Kubernetes is exploding. In this scenario - the demand for skilled DevOps Engineers with Kubernetes cluster administration knowledge is growing.

As per the cncf annual report, in 2023 Certified Certification exam hit 176,000 enrolments.

Therefore, passing the CKA certification can increase your chances of career growth in a wide range of companies and organizations that use Kubernetes

Register for the CKA Certification Exam [Save upto 35% Today]

To begin your journey of becoming a Certified Kubernetes Administrator - start by registering for the exam on the Linux Foundation portal.

Note: Save 30% Today on CKA | CKAD | CKS | KCNA certification using the Voucher code given below. This code expires soon. CKA exam price is set to increase soon.

CKA Exam Voucher: Use coupon DCUBE30 at checkout

If you're also planning to take the CKS exam, consider buying it as a bundle to save $382 (up to 40% discount)

Here are some things to keep in mind regarding the exam.

1. The CKA exam is to be taken online and it is proctored remotely.
2. A score of 66% or above must be earned to pass.
3. CKA Certification is valid for two years.
4. After registration, you get one year to schedule the exam.
5. After registration, you get a maximum of 2 attempts to take the test. If you miss a scheduled exam for any reason - your second attempt gets nullified.

CKA Certification Preparation Guide

This section will go over resources and links that can help you prepare for the CKA exam and pass the CKA certification with very good score.

CKA Exam Prerequisites

CKA does not require any candidate to have any other certification before they can appear for the CKA exam. The only thing required to clear the exam is a conceptual and practical understanding of Kubernetes's components and native objects. Also a lot of hands-on practice.

CKA Exam details

CKA Exam details

The CKA exam is an open-book exam i.e. you can use the following websites while you are taking the exam.

1. https://kubernetes.io/docs/
2. https://github.com/kubernetes/
3. https://kubernetes.io/blog/ and their subdomains. This includes all available language translations of these pages (e.g. https://kubernetes.io/zh/docs/)

CKA Exam syllabus

The following table has the domains and competencies part of the syllabus along with their respective weightage.

CKA Exam Syllabus

CKA Practice Labs

The best way to prepare for the CKA Certification exam is to get a clear understanding of the concepts involved and do a lot of hands-on practice.

Even if you're actively working in Kubernetes production environments, you'll still need to practice to pass the exam

The CKA exam doesn't include multiple-choice questions, so hands-on practice is essential

The following setups will give you a Kubernetes cluster where you can do all the required practice. The exam expects you to solve problems on a live cluster.

1. Killercoda (Browser Based CKA playground)
2. Kubernetes Setup using Kubeadm [Self hosted setup based on CKA requirements. This is the recommended setup for learning]
3. Minikube
4. Kubernetes Vagrant Setup using Kubeadm [ Checkout the Github Repo]
5. GKE Cluster using free Google Cloud Credits
6. EKS Service on AWS using a Free tier program
7. AKS service on Azure using free cloud credits
8. Kubernetes Cluster on Digital Ocean[ Get $100 Digital Ocean Free Credits]

Also if you want to get the feel of real exam terminal, you can try all the practicals in the Killercoda remote desktop environment. Each session will be available for one hour. It is more than enough for practice. It takes around 10 minutes for the terminal to be ready. Also, it is similar to the Remote Desktop interface given in the real Exam UI. This way, It will be easy for you when you attempt the exam.

Kubectl Aliases & Shortnames

Once you have the CKA practice lab setup ready, set the following aliases in your practice lab terminal. You can add them to your .bashrc or .zshrc file (depending on your shell), and then run source ~/.bashrc or source ~/.zshrc.

alias k='kubectl'
alias kgp='kubectl get pods'
alias kdr='kubectl --dry-run=client
alias kgs='kubectl get svc'
alias kdesc='kubectl describe'
alias kga='kubectl get all'

If you want to use aliases during exams and save time, you need to start practicing with aliases from day one. Whenever you choose a topic to learn, use the aliases during practice sessions.

Also, in the exam terminal you will have the kubectl alias set by default. You can choose to create others if you want to.

Important Note: Command examples give in this guide use kubectl alias and object short-names to make your practice easier.

For example,

k get po --all-namespaces

To know all the available object short names execute the following command.

kubectl api-resources

Now that you have all the setup ready for the learning, let's dive into exam syllabus topics and related official resources and tasks.

Guide to CKA Exam: A Syllabus-Based Approach

Here, we will be discussing the CKA syllabus-wise official and useful resources that can be used to prepare for each topic of the CKA exam.

Cluster Architecture, Installation & Configuration [ 25% ]

This section primarily deals with cluster setup, configuration and management.

It is very important to understand the Kubernetes architecture before moving on to hands-on labs.

Manage role-based Access Control (RBAC)

Role-based access control is a method of managing access levels to applications or individual users. It's a handy tool in the hands of an administrator to give fine-grained controls to others.

Use Kubeadm to Install a Basic Cluster

For the exam: Create a cluster using kubeadm - Practice and use the official documentation as a reference during the exam.

This section focuses on the setting up of a cluster using the kubeadm tool. The candidate must have a clear understanding of the underlying components of Kubernetes such as etcd, Kube API servers, SSL certificate management, etc.

Here is what you need to focus on for the exam

1. From the official documentation, practice the kubeadm cluster creates commands and their associated parameters.

Manage a Highly-available Kubernetes Cluster

Even though there will not be any questions related to HA for the CKA exam, it is good to know about the high availability architecture.

One of the duties of a Kubernetes administrator is to ensure the high availability of the cluster. This involves proper maintenance tasks on the cluster as well as managing the worker nodes.

Most clusters today are created on AWS, Azure, or GCP where the respective cloud providers take responsibility for cluster availability. However, it is important to understand the logic behind the HA kubernetes cluster.

Provision Underlying Infrastructure to Deploy a Kubernetes cluster

For Kubernetes to work, you need to have the following.

1. Certain system configurations
2. Container runtime (CRI-O, Containerd, or Docker)
3. kubeadm
4. kubelet and
5. kubectl

During kubeadm cluster installtion you will go through all these configurations.

Perform a Version upgrade on a Kubernetes Cluster Using Kubeadm

In the exam, you will be asked to upgrade a Kubernetes cluster and nodes using Kubeadm.

Kubernetes is a continuously improving tool. Every now and then, a new version comes up with improvements and features. It is the duty of the administrator to take care of version upgrades.

Implement etcd Backup and Restore

You need to learn and practice etcd backup and restore using the etcdctl utility.

Etcd is a key-value store of the cluster. All the cluster configuration and information regarding pods, services, etc. are stored here in key-value format

Workloads & Scheduling [ 15% ]

Learn About Static Pod

Static pod in Kubernetes is a concept of deploying pod on specific nodes using Kubelet. These pods are not directly managed by the API server. These are primarily used for cluster bootstrapping purposes to bring up the cluster components that run as a pod.

Understand Deployments and How to Perform Rolling Update and rollbacks

Kubernetes Deployment ensures a minimum number of application replicas are running at all times. In case a replica goes down, the Kubernetes API ensures that a new one is created within minutes.

Kubectl commands:

Here is the imperative command to create deployment YAML using dry-run flag.

k create deploy web-deployment \
     --image=nginx \
     --dry-run=client -o yaml > deployment.yaml

k create deploy <name> --image=<name> //create deployment

k create deploy <name> --image=<name> -- sleep 300 //with command arguments

k scale deploy <name> --replicas=4 //scale up or down

Sometimes, you may want to rollback a Deployment; for example, when the Deployment is not stable, such as a crash loopback error, you can roll back the Deployment

Kubectl commands:

kubectl set image deployment <name of deployment> <name of container>=<new image name> // update image

kubectl rollout status deployment <name of deployment> //see status

kubectl rollout history deployment <name of deployment> //see history 

Use Config Maps and Secrets to Configure applications

Kubernetes Configmaps are useful to store non-critical data in key-value pair format. They can also be used to inject env vars into pods.

Kubectl Commands for Configmaps:

kubectl create cm <name of configmap> --from-file=hello.txt 
kubectl create cm <name of configmap> --from-literal=key1=value1 

Secrets are useful to store sensitive data in key-value pair format. They can also be used to inject env vars into pods.

Kubectl commands for secrets:

kubectl create secrets <name of secret> --from-file=hello.txt 
kubectl create secrets <name of secret> --from-literal=key1=value1 

Know How to Scale Applications

Kubernetes provides different ways to scale applications. You can use deployment objects and increase the number of replicas of your application.

Horizontal Pod Autoscalers (HPAs) can also be used to increase the number of replicas based on application metrics.

Understand the Primitives Used to Create Robust, Self-healing, Application Deployments

This section is mostly conceptual, for any self-healing application you should use deployments or stateful sets so that whenever pods go down, Kubernetes recreates them instantly.

Deployments also give you the option to keep track of all the changes you make. You can also roll back to a previous state very easily.

kubectl set image deployment <name of deployment> <name of container>=<new image name> // update image

kubectl rollout status deployment <name of deployment> //see status

kubectl rollout history deployment <name of deployment> //see history 

Understand How Resource Limits Can Affect Pod Scheduling

Cluster management also involves the management of workloads, as an admin - you should ensure that each pod is able to get resources based on its needs.

In Kubernetes, you can assign each pod a minimum and maximum amount of CPU and memory usage.

Awareness of manifest management and common templating tools

This section expects you to be familiar with tools like kustomization, helm, etc.

Init Containers

Learn about init containers. You might be asked to create an init container to perform specific actions or files required for the main container inside the pod.

Official Task: Configure Pod Initialization

Services & Networking [ 20% ]

Understand host networking configuration on the cluster nodes

Kube-proxy is the component required on each worker node for the pods to communicate with each other. Networking between nodes involves Kube proxy participation as well.

Kubelet is how a worker node is in-network with the master node. All these concepts are required for understanding networking inside kubernetes.

Understand the Connectivity Between Pods

Kubernetes Pods communicate with each other using services. Kube proxy is the component that makes this possible.

Understand ClusterIP, NodePort, LoadBalancer service types and endpoints

Understanding each service type along with their use cases is very important. Special attention should be paid to understanding how pods can be added under a service.

Know how to use Ingress controllers and Ingress resources

Ingress resources are how external entities are assigned access to internal cluster services. Ingress controllers are load balancers that make it possible.

Know How to Configure and Use CoreDNS

CoreDNS is a flexible, extensible DNS server that can serve as the Kubernetes cluster DNS. Like Kubernetes, the CoreDNS project is hosted by the CNCF.

Choose an appropriate container network interface plugin

CNI stands for Container Networking Interface and its goal is to create a generic plugin-based networking solution for containers.

There are a lot of solutions such as Flannel, Calico, etc. This section explores some of them.

Storage [ 10% ]

Understand Storage Classes, Persistent Volumes, Persistent Volume Claims

StorageClasses: StorageClass provides a way to describe the "classes" of storage available.

PersistentVolume: It is a piece of storage in the cluster that has been provisioned by an administrator or dynamically provisioned using StorageClasses. They are created over StorageClasses.

PersistentVolumeClaim: It is a request for storage by a user. They are created over PersistentVolumes.

Understand Volume Mode, Access Modes, and Reclaim Policies for volumes

Volume modes: Kubernetes supports two types of volume modes: Filesystem & Block.

Access modes: Kubernetes supports three types of access modes: ReadWriteOnce, ReadOnlyMany & ReadWriteMany.

Reclaim Policy: Kubernetes supports three policies: Retain, Recycle & Delete

Know How to Configure Applications With Persistent Storage

Application pods can use persistent storage by mounting a PVC.

Troubleshooting [ 30% ]

Evaluate Cluster and Node Logging & Managing Logs

Application logs can help in understanding the activities and status of the application. The logs are particularly useful for debugging problems and monitoring cluster activity.

Going through logs of kubernetes control plane components like etcd, the scheduler can also be very helpful.

There are certain flags in kubectl commands which can help speed up your debugging cases, they are given below.

Kubectl Command To Check Logs:

kubectl logs deployment/<name of deployment> 
kubectl logs deployment/<name of deployment> --tail=10
kubectl logs deployment/<name of deployment> --tail=10 -f

Understand How to Monitor Applications

Monitoring applications can be done by storing logs and studying the application's metrics.

Tools like Prometheus & Grafana are popular as they make the management of metrics very easy.

Very often, sidecar containers are used as metrics exporters of the main application container.

Troubleshoot Application Failure

Administrators are also required to help users debug applications that are deployed into Kubernetes and not behaving correctly.

Troubleshoot Cluster Component Failure

Cluster components need to be debugged and perform troubleshooting for failures when users are sure that their application has everything perfectly set up.

Troubleshoot Networking

There can be scenarios where things are going wrong on the network end such as some incorrect configuration in ingress resources etc.

CKA Mock Exams

Once you learn all the CKA exam concepts, the final step is to give the mock exams.

When you purchase the subscription, you will get free access to https://killer.sh/cka exam simulator. You get access to two free mock exams. You can make use of the simulator to give the CKA practice exam.

Also, you can use the following Mock exam to practice for the CKA exam before appearing for the exam.

1. CKA Killer coda scenarios
2. Certified Kubernetes Administrator (CKA) Mock Exams

Some Unofficial Useful CKA Resources

1. Understand kubernetes SSL certificates
2. Simulator for hands-on practice
3. Vim shortcuts. This will help you save time on exams.
4. Hands-on CKA practical question bank on Github
5. Tips to Create Kubernetes YAML Quickly

CKA Exam DOs

Following are the things you should do for CKA Certification.

1. Get the CKA Candidate Handbook and read all the instructions carefully.
2. Start the pre-exam process 30 minutes before the scheduled time. The process includes PSI browser setup, exam environment verification, etc. Overall the pre-exam process takes anywhere between 10-15 minutes.
3. While giving CKA practice exams, try to wrap up 15 minutes before the deadline - it will give you additional time to revise the solutions.
4. Give a couple of practice exams, identify your weak topics, and spend more time on those.
5. If any particular question will take more than 6-7 mins to solve, flag/mark it to solve for later and come back once you solve the rest.
6. Ensure you have very good and stable internet connectivity while appearing for the exam. For some reason, if you lose the connectivity you will have to go through the verification process again. That will give you less time to solve the CKA tasks.
7. On exam day, try to keep an alternative internet source handy in case of Wi-Fi internet goes down. We don't want all our handwork to be wasted, do we?

Common Mistakes and How to Avoid Them

CKA is a challenging exam. So it is very important to avoid mistakes people often make so you can avoid them.

Here are some of the common mistakes and tips on how to avoid them.

1. Do not rush through questions. Read each question carefully and understand it before you start answering them.
2. Do not spend too much time on one question. Move on to the next question and come back later after solving other questions.
3. After finishing each question, take a moment and double-check the answers. For example, the file path where you have redirected the output.
4. Under exam pressure, there are high chances you might even forget the basic commands. So practice all the basic commands repeatedly and make them stick to your memory.
5. You need to stay calm during the exam. If you are not able to solve a question, don't panic. Move on to the next one. Nervousness will lead to careless errors.
6. Even if you are someone working on Kubernetes daily, it is very important to get plenty of hands-on practice for the exam. Test your skills repeatedly using labs and real-world scenarios.
7. Most people don't even use an alias. So no need to overwhelm yourself with an alias for everything.
8. Don’t schedule the exam on the last day of the expiration. The idea is to give it in a pressure-free environment.

CKA Exam Day Checklist

Let's look at what you need to prepare and what you should expect when taking the exam. The last thing you want is to feel stressed out because you forgot something important for the exam. This checklist helps you keep track of all the things you need for the exam and be prepared to focus only on the exam aspects.

First Ensure you have completed the exam preparation checklist in the Linux Foundation exam portal.

The following are the key items that should be part of your CKA exam checklist.

1. Ensure you have a stable internet connection. It is recommended to have an alternative connection ready.
2. Ensure you have the computer camera working.
3. Double-check that you have all the necessary system requirements. Run the System check as recommended by the Linux Foundation.
4. Have a clutter-free desk and room because the examiner checks for the surroundings through the camera. Linux Foundation has strict rules on the CKA exam environment.
5. Ensure you have a comfortable seating setup as the exam takes 2 hrs to complete.
6. Have your ID ready for verification.
7. Keep some water nearby to keep you hydrated and energized.

This video shows the PSI Online Proctoring Experience. It shows all the process involved in the certification including ID verification, web cam verification etc.

Can I use an Extended Monitor For the CKA Exam?

Yes. An extended monitor connected to a single computer is supported provided you have the camera attached to it. Also, you should be able to show around the room using the attached camera.

You can use only one screen at a time. If you want to use the extended screen of a laptop, you need to close the laptop and use only the extended screen with an active webcam.

Also, extended monitor is a great option becuase you will get a lot of real-estate to work on the tasks.

For example, the following image shows the exam UI. As you can see, with the good wide monitor you will can adjust the terminal and browser as per your preference.

CKA Preparation Courses

Investing in a course will help you understand all the concepts for the exam in an easier manner. If you are a beginner, we strongly suggest you invest some time and money in a course of your choice.

We have the following recommendation.

1. CKA preparation course by Mumshad: His course has a lot of quizzes and hands-on labs.

CKA Exam Updates

The new PSI environment for the CKA exam is being rolled out. Few users reported geting the the new PSI environment for the exam.

In the old environment you will have to execute the context for each task. In the new exam environment you will have to SSH in to different nodes to perform each tasks.

CKA Exam FAQs

Is there any coupon code for the CKA Exam?

Yes. You can use code DCUBE20 at kube.promo/devops to redeem a 20% discount on CKA exam registration

Conclusion

This CKA exam study guide will help you understand cluster components and their management in a much better way and help in your career progression.

If you're aiming to become a DevOps engineer, having a CKA certification is a great asset. Its importance is growing every year. So give your best and prepare well!

This guide has given you all the resources, tips, and methods to help you prepare. we will keep updating it with new tools and resources. Best of luck with your preparations..

Also, check out Kubernetes beginners tutorials to learn more about Kubernetes. If you want a structured roadmap, check out the Kubernetes learning path.

If you are interested in DevOps certifications, check out our comprehensive guide on the best devops certifications.