The Ultimate Guide to Certified Kubernetes Administrator (CKA) Exam

According to recent statistics, there has been a 127% increase in the number of Kubernetes clusters hosted in the cloud in 2022. This indicates the growing popularity and adoption of Kubernetes as a container orchestration platform.

This guide walks you through one of Kubernetes' most popular certifications, Certified Kubernetes Administrator (CKA). We’ll look at the skills validated by the certification and share important details about the certification exam.

Certified Kubernetes Administrator (CKA)

The certification validates knowledge of how to install, configure, and manage production-grade Kubernetes clusters. It is suitable for Cloud Administrators, Kubernetes Administrators, and any IT administrators responsible for managing Kubernetes-based clusters. Besides establishing your credibility, earning a CKA certification helps improve your value in the job market.

The Linux Foundation and the Cloud Native Foundation collaborated to create the CKA program with the objective of growing the Kubernetes ecosystem by establishing credibility for Kubernetes administrators. The CKA exam is proctored online and is performance-based. 

Some of the concepts you will cover during the certification program include:

  • Networking
  • Storage
  • Security
  • Maintenance
  • Logging and Monitoring
  • Application Lifecycle Management
  • API Object Primitives
  • Troubleshooting
  • Establishing Use Cases for End-Users

Exam Preparation Course

Our CKA Exam Preparation course explains all the Kubernetes concepts included in the certification’s curriculum. After each topic, you get interactive quizzes to help you internalize the concepts learned. At the end of the course, we have mock exams that will help familiarize you with the exam format, time management, and question types.

Enroll now!

Curriculum Covered in KodeKloud’s CKA Preparation Course

Course Introduction

This guide will cover the 5 subject areas of Kubernetes knowledge through a set of classes. The 5 domains and their respective percentage weights in the exam are:

  • Storage (10%)
  • Troubleshooting (30%)
  • Workloads and Scheduling (15%)
  • Cluster Architecture
  • Installation & Configuration (25%)
  • Services & Networking (20%).

The lectures in our course make use of animations, illustrations, and analogies to simplify complex Kubernetes concepts. At the end of each lesson, you will get quizzes to test your grasp of the concepts. There is also a dedicated Slack channel connecting you to experts and other students for discussions and problem-solving. 

Since the Kubernetes exam is hands-on, you should take advantage of the course's interactive practice tests to sharpen your skills. To get the most out of this course, you may need some prior basic knowledge of Docker, Kubernetes, YAML, and scripting in a virtual box. In the initial lectures, you will use pre-built clusters to familiarize yourself with the core concepts of running Kubernetes. Following that, you will learn to create, run, and manage your own clusters after developing a firm grasp of Kubernetes administration. 

Core Concepts

In this section, you will explore some high-level Kubernetes constructs such as Cluster Architecture, basic API Primitives, network primitives, and Kubernetes Services. Some of the concepts covered in this section are:

  • Cluster Architecture
  • ETCD
  • Kube API Server
  • Kube Controller Manager
  • Kube Scheduler
  • Kubelet 
  • Kube Proxy
  • PODs
  • ReplicaSets
  • Deployments
  • Namespaces
  • Services 
    • ClusterIP
    • LoadBalancer

You will perform practice tests for each of these topics, strengthening your grasp of the concepts. 

Scheduling

In Kubernetes, we use Scheduling to assign Pods to Nods that can run kubelet. Schedulers watch for newly created Pods and assign the most suitable node to run, using a decision-making, process-based scheduling principle. Along with creating a schedule, this class explores the various options you can use to customize and configure your scheduler. The concepts explained in this class include: 

  • Manual Scheduling
  • Labels and Selectors
  • Taints and Tolerations
  • Node Selectors
  • Resource Limits
  • DaemonSets
  • Static PODs
  • Multiple Schedulers
  • Configuring a Kubernetes Scheduler

Logging and Monitoring

It is important to understand the core concepts of your framework so that you can easily monitor cluster components and debug Pods. Kubernetes offers different monitoring mechanisms at node-level, cluster-level, and application-level

In this section of the course, you will be introduced to the various options available for log inspection and monitoring of Kubernetes applications through the following two broad topics:

  • Monitoring Cluster Components.
  • Managing Application logs.

Application Lifecycle Management

Containerized workloads run in distributed clusters, with each container performing a specific role. This introduces some complexities when it comes to managing the lifecycle of an application. Additionally, building containers involves layering several base images, which, as a result, introduces dependencies that require management. 

This section of the class will guide you through the various Kubernetes solutions for lifecycle management, including:

  • Rolling Updates and Rollbacks
  • Docker Commands and Arguments
  • Kubernetes Commands and Arguments
  • Configuring Environment Variables
  • Configuring ConfigMaps
  • Secrets
  • Multi-Container PODs
  • Self-healing applications

By the end of this class, you will develop an understanding of why managing the application lifecycle is an important aspect of Kubernetes container orchestration.

Cluster Maintenance

As Kubernetes applications are hosted in a highly distributed environment, it is important to understand how you can effectively manage clusters on a Hybrid Cloud. In this section, you will learn how to effectively upgrade a cluster, an operating system, and the methods used for data backup and restoration. You will also attend practical laboratories where you will upgrade a cluster with an application running on it. 

Some of the topics you will cover in this section include:

  • OS Upgrades
  • Kubernetes Software Versions
  • Cluster Upgrades
  • Backup and Restore Methods

By the end of this part, you will also simulate a Disaster Recovery scenario using a backed-up Kubernetes cluster, restoring the application back to its previous state.  

Security

Kubernetes security practices help you control access to cluster resources, by enforcing rules governing communication with the Kubernetes API. In this lesson, you will uncover some of the best practices that help protect Kubernetes components from getting compromised. Additionally, you will also cover TLS certificates and authentication in detail, as this forms the basis of security enforcement in a Kubernetes cluster. 

Some of the topics within this lesson include:

  • Kubernetes Security Primitives
  • Authentication
  • TLS
    • Introduction
    • Basics
    • TLS in Kubernetes
    • Certificate Creation in Kubernetes
  • KubeConfig
  • API Groups
  • Authorization
  • Role-Based Access Controls
  • Cluster Roles

Security is one of the most critical aspects of managing cloud-native applications in Kubernetes. The concepts in this section should be studied extensively, taking advantage of practice tests and labs to develop a firm grasp of securing a Kubernetes cluster. 

Storage

The ephemeral nature of containers introduces a few complexities to storage management in Kubernetes. Kubernetes offers several built-in solutions to manage storage. These include Persistent Volume Claims, Persistent Volumes, StatefulSets and Storage Classes. In this lecture series, you will learn how Kubernetes control plane elements communicate with physical storage. 

Storage concepts explored in this section include:

  • Docker Storage
  • Volume Driver Plugins in Docker
  • Container Storage Interface
  • Volumes
  • Persistent Volumes
  • Persistent Volume Claims (PVCs)
  • Using PVCs in PODs
  • Storage Class

With a firm understanding of the above storage concepts, you will be able to handle cluster storage tasks in Kubernetes’ highly dynamic environment.

Networking

As you gain familiarity with Kubernetes clusters, it is important to understand how they communicate within a Kubernetes network. This section explores the various constructs and components of Kubernetes’ flat network structure. This series takes you through a number of networking fundamentals. By the end, you should develop an understanding of how to deal with practical issues on Kubernetes networking. 

Some concepts to be explored in this section include:

  • Networking Prerequisites
    • Switching, Routing, and Gateways
    • DNS 
    • CoreDNS
    • Network Namespaces
    • Docker Networking
    • CNI
  • Cluster Networking
  • Pod Networking
  • CNI in Kubernetes
  • CNI Weave
  • ipam Weave
  • Service Networking
  • DNS in Kubernetes
  • CoreDNS in Kubernetes
  • Ingress

It should be noted that Kubernetes networking features are different and not found in traditional networking. It is strongly recommended to follow the concepts of this lesson thoroughly to avoid vulnerabilities arising from misconfigurations.

Designing & Installing Kubernetes Clusters

As you begin creating Kubernetes clusters, there are a few considerations to be made. In this part of the lecture series, you will learn about the questions you need to ask yourself as you create your cluster. Some of the considerations will include the purpose of the application, whether it will be hosted on-premises or in the cloud, and the workloads to be handled. Each of these considerations influences the choice of computing resources and cluster size to handle the application. Some topics to be covered in this section are:

  • Designing a Kubernetes Cluster
  • Choosing Kubernetes Infrastructure
  • Configuring High Availability
  • ETCD in High Availability

By the end of this chapter, you should develop a clear understanding of why we use different installation options for various use cases.

Kubernetes Installation Using kubeadm

Setting up Kubernetes clusters the hard way involves plenty of operations with dependencies that require ultimate effort and attention. kubeadm lets you create a minimum viable cluster with all the required components in a single command. This command bootstraps your application, making it an excellent building block for large application ecosystems. kubeadm integrates easily with provisioning systems, allowing you to easily deploy your application in the cloud or on-premises. 

Some of the topics covered in this section include:

  • Introduction to Deployment with kubeadm
  • Provisioning VMs with Vagrant
  • Deploying a Kubernetes Cluster with kubeadm
  • Installing a Kubernetes Cluster with kubeadm

Troubleshooting

Since applications may not always behave as expected, Kubernetes offers various options for checking the health and status of your clusters. In this section, you will carry out hands-on practicals to try and identify issues with broken Kubernetes clusters. The topics undertaken in this section include:

  • Application Failure
  • Control Plane Failure
  • Worker Node Failure
  • Network Troubleshooting

While troubleshooting Kubernetes issues can be a little overwhelming, with the knowledge gained in this section, you can practically debug your Kubernetes clusters to ensure efficiency.

Other Topics

JSON Path

Kubernetes objects are created using a JSON file format. With JSON expressions, the Kubernetes control plane elements can filter and access specific fields in the objects and format the output. As a result, it is strongly recommended that you get a firm understanding of JSON notations to help you understand various resource types in Kubernetes and how to connect to various API resources within your Kubernetes cluster. The prerequisite class covers everything you need to know about JSON object notation, API references, and object schema. By the end of this part, you should be able to get, post, create, and delete Kubernetes objects in your cluster.

Advanced Kubectl Commands

This lecture discusses how you can use the JSON path to perform advanced tasks using kubectl commands. You can then easily use the kubectl utility with the JSON path to inspect cluster elements. You will develop an understanding of various kubectl functionalities such as Custom Columns, loops-range, and the Sort functionality. You will go through various examples and tests that will get you acquainted with advanced kubectl commands and using JSON path expressions to create and manage Kubernetes cluster objects.

Exam Preparation

Certification Format

The CKA exam tests the skills of a successful Kubernetes administrator in today’s high-velocity IT environments. This is a practical lab that focuses on cluster operations and troubleshooting. The exam costs $375 and includes one free retake. It consists of 15-20 tasks to be solved in a CLI interface. The passing score for the CKA exam is currently 66%. The exam is taken online through a proctor. 

While taking the test, every candidate should have access to a computer with:

  • Chrome or a Chromium Browser with third-party cookies turned on.
  • You don’t have to install any virtual machines on your system
  • Reliable internet access with minimal interruptions
  • A working microphone
  • A moveable webcam

As you prepare for your exam, you should also pick an ideal location. Your work area should be clutter-free, rid of paper, electronic devices, writing implements, and other objects, both on top and below your working surface. You also need clear walls, although decor and wall paintings are acceptable. The work area should also have adequate lighting so the exam proctor can clearly see your face, hands, and the work area. You will also need to be in a private space free of interruptions. 

Once your proctor releases the exam, you have three hours to complete it. You can request breaks, but the timer does not pause. After registering for your exam on the official site, you will check in on exam day with a confirmation email link you got during registration. You are allowed to check in at most 15 minutes past your exam starting time. 

The exam consists of a questions panel on the left and an Ubuntu shell terminal where you will complete the tasks. If you get stuck on a particular task, you can skip it and return later. This will help you make the most of your exam time. Once you have completed the exam, you will have to wait up to 36 hours for your results.  

The test instance consists of 6 clusters with varying numbers of containers. Every task you undertake must be completed within a specified cluster. As you begin each task, the exam environment will provide you with a command to ensure you are in the correct cluster. These clusters are grouped so all questions on one cluster appear consecutively. This reduces the need to minimize and switch tabs on a browser. The exam environment is also configured to run the latest Kubernetes version, typically used within 4 to 8 weeks of the version release.

Study Plan

Since this is a hands-on exam that tests your practical skills, you will need plenty of practice before signing up for the certification. To work on Kubernetes tasks, you can have the k8s environment installed locally, hosted on a cloud platform, or use an online playground for practice. Some excellent resources for deploying test Kubernetes clusters include:

With these environments, you can easily simulate cluster management scenarios, gaining crucial knowledge on how to troubleshoot and manage applications in the cluster. You should also plan to create a consistent and flexible schedule to help you study effectively without exhausting yourself. 

While you do so, it is strongly recommended to use a scheduled study guide, like KodeKloud’s CKA preparation exam, to plan and guide your study program. This course includes theory classes, guided labs, mock scenarios, and practice tests that touch the right aspects while ensuring you gain significant practical expertise.

Study Schedule

The CKA exam breaks down the Kubernetes syllabus into 10 functional domains, each with varying score weights and study time requirements. The table below breaks down the percentage weights and estimated study time for each section: 

Domain

% Weightage

Total Study Time

Days @ 2 Hrs/day

Days @ 4 Hrs/day

Days @ 6 Hrs/day

Application Lifecycle Management

8

18

9

5

3

Installation, Configuration and Validation

12

30

15

8

5

Core Concepts

19

18

9

5

3

Networking

11

30

15

8

5

Scheduling

5

18

9

5

3

Security

12

18

9

5

3

Cluster Maintenance

11

18

9

5

3

Logging/Monitoring

7

10

5

3

2

Storage

7

10

5

3

2

Troubleshooting

10

18

9

5

3

Total

100

188

3 – 4

Months

2 – 3

Months

1 – 2

Months

Sample Tasks 

1. Create a new Deploymendeployment with the attributes below with the below attributes using your own deployment definition file.

Name: httpd-frontend;Replicas: 3;Image: httpd:2.4-alpine

The manifest file deployment-definition-httpd.yaml.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: httpd-frontend
spec:
  replicas: 3

  selector:
    matchLabels:
      name: httpd-frontend
  template:
    metadata:
      labels:
        name: httpd-frontend
    spec:
      containers:
        - name: httpd-frontend

          image: httpd:2.4-alpine

Then run kubectl create -f deployment-definition-httpd.yaml

2. Create a new service to access the web application using the service-definition-1.yaml file

Name: webapp-serviceType: NodePorttargetPort: 8080port: 8080nodePort: 30080selector: simple-webapp

The manifest file service-definition.yaml:

apiVersion: v1
kind: Service
metadata:
  name: webapp-service
spec:
  type: NodePort
  ports:
    - targetPort: 8080
      port: 8080
      nodePort: 30080
  selector:
    name: simple-webapp

Then run kubectl apply -f service-definition.yaml

3. Manually schedule the pod Nginx on node01.

PODName: nginxImage: nginx

The manifest file pod-definition.yaml:

apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  nodeName: node01
  containers:
  -  image: nginx
     name: nginx

Then run kubectl apply -f pod-definition.yaml

4. Create a pod with the ubuntu image to run a container to sleep for 5000 seconds.

Pod Name: ubuntu-sleeperCommand: sleep 5000

The manifest file ubuntu-sleeper.yaml:

apiVersion: v1
kind: Pod
metadata:
  name: ubuntu-sleeper
spec:
  containers:
  - name: ubuntu
    image: ubuntu
    command:
      - "sleep"
      - "5000"

Then run kubectl apply -f ubuntu-sleeper.yaml

5. Create a multi-container pod with 2 containers. Use the spec given below.

If the pod goes into the crashloopbackoff then add sleep 1000 in the lemon container.

PODName: yellowContainer 1 Name: lemonContainer 1 Image: busyboxContainer 2 Name: goldContainer 2 Image: redis

The manifest file multi-container.yaml:

apiVersion: v1
kind: Pod
metadata:
  name: yellow
spec:
  containers:
  - name: lemon
    image: busybox
    command:
      - sleep
      - "1000"
  - name: gold
    image: redis

Then run kubectl apply -f multi-container.yaml

Lightning Labs

Considered one of the most popular features of KodeKloud’s courses, Lightning Labs takes you through a practical exam session. It helps you practice the skills you have learned hands-on by having you solve complex Kubernetes tasks in a limited period of time. You get 60 minutes to complete the labs and require 80% correct answers to pass, thus helping you measure your readiness for the CKA exam. It is highly recommended to use KodeKloud’s Lightning Labs to check your understanding of most Kubernetes commands while practicing time management as you prepare for the CKA certification test.

Mock Exams 

The CKA preparation class includes three sets of mock exams that give you the feel of a real exam. You can use these exams to check your ability to handle administrative Kubernetes tasks in various scenarios. You can also easily validate your solutions, manage your examination times, and examine any errors you may have made while working on cluster tasks. The exams also come with solutions that serve as reminders for those sections you have not fully grasped.

Closing Thoughts

The KodeKloud CKA preparation course offers a guided, structured way to prepare for the Certified Kubernetes Administrator exam. With KodeKloud’s unique classes, practical labs, and mock exams, you will find it easy to grasp complex concepts in the management of Kubernetes clusters. The value you gain from taking this course is immeasurable as you gain essential insights into the fundamentals that run containers and cloud-hosted applications. Take a quick preview of KodeKloud’s unique learning videos here – no login required.

Welcome to KodeKloud!

We are the #1 DevOps courses provider. Register today to gain access to the richest collection of DevOps courses and labs and try sample lessons of all our courses.

No credit card required!

START FREE!