This detailed study guide will help you prepare for the KCNA (Kubernetes and Cloud Native Associate certification) certification.
The KCNA certificate primarily focuses on beginners who want to learn the fundamentals of Kubernetes and cloud-native technologies.
By the end of this guide, you will have a clear understanding of,
- What is KCNA Certification?
- Why pursue the KCNA certification?
- KCNA exam overview
- KCNA core topics to study
- Resources for the KCNA preparation
Let's start with a brief overview of the certification.
What is KCNA Certification?
The KCNA is one of the entry-level certifications from the Cloud Native Computing Foundation (CNCF).
The KCNA certification is an MCQ-based certification that tests your understanding of cloud native technologies and the fundamentals of Kubernetes.
For the exam, you will be tested in the following categories.
- Kubernetes - The basics of what it is, how it works, and important API resources.
- Cloud native concepts - Understanding of containers and microservices.
- CNCF projects - Tools from the categories for observability, networking, service mesh, etc.
- DevOps principles - CI/CD tools and workflow, GitOps method.
- Security and observability - Monitoring a system, authentication, analyzing, etc.
In the next section, we will look at the significance of KCNA certification.
Why Pursue KCNA Certification?
Cloud-native technologies are growing really fast, so if someone is new to the industry but wants to grow with the technology, they can choose this certification.
KCNA is a first step to start learning in Kubernetes, as well as cloud native ecosystem. Once KCNA is completed, you can further learn and achieve other certifications such as CKA, CKAD, CKS, and KCSA.
In the next section, we will look at the exam details.
KCNA Exam Details
The exam will be registered on the CNCF website and conducted online.
| Aspect | Detail |
|---|---|
| Exam Name | Kubernetes and Cloud Native Associate |
| Exam Code | KCNA |
| Exam Price | $250 USD (check official site for current pricing) |
| Duration | 90 minutes |
| Number of Questions | 60 |
| Question Type | Multiple-choice, multiple-select |
| Passing Score | 75% |
| Proctoring | Online, remote via streaming audio/video/screen sharing |
| Validity | 2 years (renewal required) |
| Retake Policy | One free retake |
In the next section, we will look at the KCNA curriculum.
KCNA Exam Syllabus
The KCNA exam curriculum is divided into five key domains, and question comes from each domain.
The weightage of each domain varies, so the number of questions that appear on the exam depends on the domain's weightage.
For example, Kubernetes fundamentals is one of the highest weighted topics, with 46%. So you can expect more questions to be based on Kubernetes.
The following table will show the rest of the domains and their weights.
| Domain | Weight | What to Focus On |
|---|---|---|
| Kubernetes Fundamentals | 46% |
• Pods, Services, Deployments, ReplicaSets, Scheduling • Master & Worker Node roles • API Server, etcd, Scheduler, Controller Manager, Kubelet • Basic kubectl commands• Container basics |
| Container Orchestration | 22% |
• Docker, containerd, CRI-O • RBAC, Network Policies, Secrets, ConfigMaps • Pod Security Standards • Networking & CoreDNS • Istio, Linkerd (Service Mesh) • Persistent Storage |
| Cloud Native Architecture | 16% |
• Microservices, Serverless, Autoscaling • CNCF Project Types: Sandbox, Incubating, Graduated • CNCF’s neutral role • Infrastructure as Code (IaC), DevOps, Elasticity |
| Cloud Native Observability | 8% |
• Observability, Telemetry basics • Tools: Prometheus, Grafana • Cloud cost optimization |
| Cloud Native Application Delivery | 8% |
• CI/CD basics • GitOps • Rolling updates, Canary deployments |
KCNA Preparation Timeframe
Most KCNA aspirant will have this question. How long does it take to prepare for KCAN certification.
If you're preparing for the KCNA certification while working full-time, here is a realistic timeline. It takes 6-12 weeks.
Also you experience level affects the timeline.
For example,
A Complete beginner to Kubernetes takes 10-12 weeks. With some some container/Docker experience it will be 8-10 weeks. If you are already working with Kubernetes, it is typically 6-8 weeks.
Guide to KCNA Exam: A Syllabus-Based Approach
Now, lets look at the KCNA syllabus-wise official and useful resources that can be used to prepare for each topic of the CKA exam.
The preparation resources are arranged based on the domains.
Kubernetes Fundamentals
This is the main domain that contains almost half of the exam's weightage.
Kubernetes Architecture
Kubernetes is a distributed system that has many components to run the application. The Kubernetes Architecture explains the workflow and the components.
Key concepts to look at are,
- Kubernetes Control Plane: It has the following components.
- Kube-apiserver
- etcd
- kube-scheduler
- kube-controller-manager
- Kubernetes Worker Nodes: It has the following components.
- kubelet
- kube-proxy
- Container Runtime
Kubernetes Objects (Resources)
Kubernetes objects are resoruces that we want Kubernetes to manage.
Here are some of the basic Kubernetes objects you should know.
- Pods - To run your application in an isolated space.
- Service - To make your application accessible.
- Deployment - To keep your application running even if one fails.
- Job & CronJob - To schedule a task to run at a particular time.
Containers and Scheduling Concept
Containers are isolated units that contain all your application code and dependencies, allowing your application to run.
Here are a few fundamental concepts of containers that you need to understand.
- Container Image - It is a template to create a container.
- Container - It is a running server with the application.
- Container Registry - To store the container images (e.g., Docker Hub, ECR, Quay.io)
Once the container image is ready and deployed on Kubernetes, the Scheduler component is responsible for scheduling it on worker nodes.
Kubectl Commands
To interact with the Kubernetes cluster, you need to be familiar with the basic kubectl commands. For example, to list the Pods, modify a deployment, etc.
Container Orchestration
This section covers the topics of the lifecycle and networking of the container.
- Container Runtime - This is a component that takes the container image and runs it. (e.g., runs, crun, continerd, and CRI-O).
- Container Networking - CNIs (Container Network Interfaces) help to set networking between Pods for communication. (e.g., Calico, Flannel, Weave Net, etc).
- Role-Based Access Control - To set up permissions for who can do what in the Kubernetes cluster, like delete pods, access secrets, etc.
- Network Policy - Define rules to which pods can communicate with each other.
- ConfigMap - To add settings to your application.
- Secret - To store the sensitive information like passwords, API keys, etc.
- Pod Security Standards - Set security rules to ensure the Pods are running in a secure way.
- CoreDNS - Kubernetes DNS server to each Pod to find other Pods using domain names instead of IP addresses.
- Service Mesh - Tools to manage the traffic between pods and ensure secure communication (e.g., Istio, Linkerd)
- Persistent Storage - To store the app data so it will not be lost even if the Pod is deleted or restarted.
Cloud Native Architecture
This section focuses on how the applications are designed to run in cloud environments like AWS, GCP, and Azure.
Monolithic Architecture
A monolithic application is a single large application that is packed with all the services like UI, database, code, etc.
Microservice Architecture
A microservice application consists of multiple services that work together to complete a task, allowing us to scale them individually according to the requirements.
Serverless Computing
Serverless computing is a term that refers, we don't have to manage the servers instead, providers like AWS manage the servers, so we can directly use them as per our requirements.
Function as a Service (FaaS)
We write small functions for our use cases, like sending an email when a user logs in. These actions occur only when an event triggers them.
Cloud Native Storage
- Ephemeral Storage - It is a temporary storage, so when the pod is deleted, restarted, or moved, the data will be lost.
- Persistent Storage - It is a permanent storage, so data will not be lost even if the pod gets destroyed.
Container Storage Interface
Container Storage Interface (CSI) is the plugin that lets Kubernetes use the cloud provider storage (e.g., AWS EBS, Azure Blob, etc.)
Autoscaling
When the application gets more traffic, we need more pods and nodes in Kubernetes to handle it. For that Kubernetes offers the following.
- Horizontal Pod Autoscaler (HPA) - Increasing the number of Pods with the exact resource specifications.
- Vertical Pod Autoscaler (VPA) - Increase the resources, such as CPU and memory, to handle the load.
- Cluster Autoscaler - Increase the number of worker nodes to scale the overall cluster resource.
Open Standards
Open standards are like univeral standards that every cloud native tools should follow. This way users can use tool of their choice without implentation difficulties.
Following are the key open standards in the Kubernetes ecosystem.
- Container Runtime Interface (CRI) - Engines that run the containers (e.g., Docker, containerd, CRI-O, etc.)
- Container Network Interface (CNI) - Network plugins for the Pod networking (e.g., Flannel, Calico, Cilium, etc.)
- Container Storage Interface (CSI) - Storage plugins to use the storage option for persistent storage (e.g., local, cloud, enterprise)
Cloud Native Roles and Personas
Cloud native ecosystem is not only for one role. It differes based on responsibilities and various roles will fit in this ecosystem.
Following are the key roles that falls under the cloud native ecosystem.
- Developers - Create microservices, Kubernetes manifests, CI/CD tools
- DevOps Engineers - Automate the application and infrastructure creation.
- Site Reliability Engineers - Create and manage infrastructure.
- Security Engineers - Set up RBAC, secret management, and use tools to scan vulnerabilities.
Cloud Native Observability
Observability is the ability to measure a system's current state based on the output data (such as logs, metrics, and traces) it generates.
The following are known as the three pillars of observability.
- Logs - Text records of what is happening in our system or application (Tools: Fluent Bit, Logstash, Loki, Elasticsearch, Kibana)
- Metrics - Numerical data measured in periodic intervals (Tools: Prometheus, Grafana, Datadog)
- Traces - Data of how a request passes through each gate to reach the destination (Tools: Jaeger, OpenTelemetry)
Cloud Native Application Delivery
This final section covers the basics of delivering an application for users.
Fundamentals of the application delivery
To deliver the application to users, we use various strategies.
- Blue-Green Deployment
- Two similar applications will run on two separate environments.
- Current users use the Blue environment app.
- Testing will occur on Blue, and once it is done, move the traffic to Blue.
- Canary Deployment
- Here, instead of switching immediately, we will route a small amount of traffic to the new application.
- Then, based on user experience, gradually increase the traffic to the new one and decrease the traffic of the old one.
Continuous Integration/Continuous Delivery (CI/CD)
CI/CD is the method of automating the software development or the infrastructure provisioning.
It has the following four key concepts.
- Continuous Integration: Every time a developer pushes code, the system will automatically test the code and build the application before it goes to the deployment (Tools: Jenkins, GitLab, CircleCI).
- Continuous Deployment: Once all the scans are completed, the code will automatically be deployed (Tools: ArgoCD, Flux CD).
- Continuous Delivery: A person will decide when the application should be released like a manual confirmation.
- GitOps: A method for managing your application and infrastructure using Git. Whatever configurations are available in Git, that is the state of your application, which means if something changes on Git, that will be reflected in your application.
Conclusion
This comprehensive KCNA certification guide covered everything you need to know and prepare for the certification.
With a good understanding of all the concepts explained in this guide will help you ace the KCNA certification.
Over to you.
What if the motivation behind KCNA certification preparation? Comment below.
