Can we get some kind of an update when the CKS course is updated per the new certificate requirements?

Kubernetes
#1

On the 12 of September, the CKS certification materials were updated and I was wondering when the course will be updated to include the new requirements.
Is there any way for me to get updated?

#2

Given how closed mouth the Linux Foundation is about what the new requirements actually mean, we’ve been waiting for one of our engineers to take the new exam, to know just what’s in the new exam. I believe this has now happened, but I haven’t heard anything yet. So “soon”, but I can’t tell you just “how soon”.

#3

Following on this. Is it safe to keep studying the old content? Please let us know when you have an update.

#4

Our impression is that most of the changes involve additions of material, so studying the existing material is probably the best practice you can get until we actually complete the update of the course. In any case, the exam has yet to be updated; the Linux Foundation just announced that it’s been pushed back a month, and now is “no earlier than October 10th”. The additional topics (Cillium; SBOM) we’ll add when we know more about what the new exam will add. See this LF post for details.

#5

Hi,
Is there any update regarding the update process of the CKS materials for the certification exam?
Thanks
Itai

#6

I’ve re-upped the question with the head of our content team; when I hear back from her, I’ll pass it on to you here.

#7

I just failed my exam, no worries will try again.
One of the things missing is generating BOM documentation using the BOM tool.
Using: GitHub - kubernetes-sigs/bom: A utility to generate SPDX-compliant Bill of Materials manifests I would recommend having a look at this.

CKS exam update - KodeKloud guide link
#8

Any news regarding this?
Thanks
Itai

#9

Quite a bit of news in fact. At this point, both the lectures for new materials have landed, and the new labs landed today. So the update for the new requirements have mostly arrived in the course. So our update, subject to dealing with issue with the new labs, should be about complete.

#10

New lectures:

  • Securing Node Metadata in Kubernetes

  • Reasons to Secure Node Metadata​

  • Protection Strategies

  • Auditing

  • Overview of Multi-Tenancy in Kubernetes

  • Different types of Multi-Tenancy in Kubernetes​

  • Levels of Isolation in Kubernetes (Namespace, Pod, Node)

  • Control Plane Isolation​

  • Understanding Resource Quotas

  • Data Plane Isolation​

  • Data Plane Isolation​ - Network

  • Data Plane Isolation​ - Storage

  • Using Node Pools and Taints/Tolerations for Isolation

  • Additional Considerations​ - API Priority & Fairness

  • Quality of Service

  • DNS in Multi-Tenant Environments

  • Pod-to-Pod Encryption

  • Introduction to Cilium

  • Understanding Cilium’s Architecture

  • Writing Effective Encryption Policies

  • Overview of Supply Chain Security

  • Risks of Inadequate Supply Chain Management​

  • What is SBOM and Why It’s Important

  • SBOM Format

  • SBOM Workflow​

  • Introduction to KubeLinter

New Labs:

  • Cluster Setup and Hardening

    • Lab-Accessing API Server

    • Lab-Use Bootstrap token for authentication

    • Lab-Retrieve Service Account token and use it to access API server

    • Lab-Implement ABAC policy

    • Lab - Implementing Node Metadata Protection

    • Lab - Setting Access Controls for Node Metadata

    • Lab - Configuring Endpoint Protection

  • Minimize Microservice Vulnerabilities

    • Lab - Implementing Resource Quotas in Kubernetes

    • Lab - Securing Network Traffic with Network Policies

    • Lab - Implementing Tenant Isolation in a Kubernetes Cluster

    • Lab - Configuring Pod-to-Pod Encryption with Cilium

  • Supply Chain Security

    • Lab-Creating and Analyzing SBOMs

    • Lab-Automating SBOM Generation in CI/CD

    • Lab-Performing Static Analysis with KubeLinter