Getting CNCF CKA Certified - 2022 Guide
I recently sat the Cloud Native Computing Foundation’s Certified Kubernetes Administrator (CKA) exam. I’ll be sharing how I prepared for the exam, learning resources I used, and important tips for getting yourself certified.
The CKA is a two hour, 100% hands-on exam that demonstrates your capacity to configure, extend, and troubleshoot Kubernetes clusters. If you work with Kubernetes I would highly recommend becoming certified. The CKA is highly regarded in the industry and the practical problem-solving design of the exam is engaging and rewarding. Even the most seasoned pod wrangler could stand to learn something from studying for the CKA. The resources in this blog are more than enough to get you through the exam with time to spare.
The CNCF CKA 2022 Exam
Working with multiple clusters (six)
Allowed documentation https://helm.sh/docs/, https://kubernetes.io/docs/, https://kubernetes.io/blog/
Proctored remotely via PSI Secure Browser
Full details CKA candidate handbook
Preparing - CNCF CKA 2022 Guide
I have experience administering a self-managed cluster in a production environment. In this CNCF CKA 2022 Guide I will share some of the resources I used. These resources got me exam ready and taught me new tricks:
Mumshad Mannambeth’s Certified Kubernetes Administrator (CKA) with Practice Tests on Udemy. This course is enough to get you your ticket. The course comes with KodeKloud labs which are tailored learning playgrounds. It also has optional sections on linux networking and docker. There is a very active KodeKloud slack workspace where people post and ask questions. The labs are extended to keep up-to-date.
KillerCoda killer shell CKA scenarios are short labs to drill scenarios you may encounter. They also offer a Kubernetes playground.
killer.sh is a CKA simulator that is harder than the actual CKA exam. The environment for the Killer simulator is almost exactly that of the exam, having that familiarity helps you hit the ground running. You get two free sessions when you register as a CKA candidate. I used these in the days leading up to my exam.
KodeKloud have a short and free jsonpath course and quiz to get you up to speed.
Kube Academy have a concise video on configuring your .vimrc for yaml editing.
The Kubectl Cheatsheet is good value.
I did Mumshad Mannambeth’s course a year ago in three weeks but did not book my exam. I recently spent two weeks brushing up on labs to get myself fast and confident. I sat the exam on the 6th of November with 88% score.
How fast you can work with the command line, manipulate manifests and access docs/help is just as important as your Kubernetes expertise. Get friendly with the environment you’ll be working in and the tools at your disposal.
A simple question asking you to run a pod or create a deployment should only take seconds.
If you are speedy there is plenty of time in the exam to clear all the questions and have a comfortable amount of time for any problem questions. I had 30 minutes to spare which I used to review my answers.
Configuring an Environment that You Go Fast In
Time is precious, but setting aside one minute to configure your environment will make you faster. In 2022 the exam environment already has:
so you don’t need to add anything, but I like vim myself and I go faster on the command line with vi keybindings:
echo "set -o vi" >> ~/.bashrc source ~/.bashrc
Make sure you’re speedy with nano or vim. If you are not a regular user of one of the available editors, start using them when you begin your studies. I like vim myself, so that’s all I’ll touch on.
We just need a few configurations to make editing yaml easy.
Tip: While preparing for the exam I kept a sticky note of my .vimrc on my monitor and practiced entering it first thing when I do my labs. I prefer to delete whatever is in the .vimrc and put mine in, because I want things to be comfortable and familiar.
Here is the copypasta:
set ts=2 sts=2 sw=2 set expandtab set autoindent smartindent syntax enable filetype plugin indent on set number ruler
Tip: If you’re having pasting problems with a manifest you copy-pasted from docs that you can’t create with an imperative command, don’t wrestle with it, try echo "my copypasta" >> my.yaml and move on to editing it. I generally do this with Kubernetes documentation manifest copypastas for resources you can’t create imperatively.
Oftentimes you don’t need to leave the command line to get what you need. Dig around and explore what you can access with a quick kubectl command, so you know where to look when you’re unsure.
In particular, many resource’s kubectl create <resource> --help commands spit you out a copypasta to work with, and you can check a spec really quickly with kubectl explain <resource>.
Work Smarter Not Harder
A lot of Kubernetes resources can be created imperatively. You can use the dry-run flag to get free yaml.
kubectl create deployment dep --image=nginx --dry-run=client -o yaml >> dep.yaml
DaemonSets can’t be created imperatively, but you can generate a deployment manifest and make some changes. Change the kind to DaemonSet, remove the spec.replicas and the spec.strategy, and remove the status object. Nice.
Need to quickly check a spec? How do I mount a volume with a persistentVolumeClaim again?
controlplane $ kubectl explain pod.spec.volumes.persistentVolumeClaim | grep -i 'fields' -A6 FIELDS: claimName <string> -required- claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims readOnly <boolean>
ah, it’s claimName not name.
kubectl Create Help
Get a easy imperative command copypasta with kubectl create <resource> -h.
controlplane $ k create role -h | grep -i 'example' -A11 Examples: # Create a role named "pod-reader" that allows user to perform "get", "watch" and "list" on pods kubectl create role pod-reader --verb=get --verb=list --verb=watch --resource=pods # Create a role named "pod-reader" with ResourceName specified kubectl create role pod-reader --verb=get --resource=pods --resource-name=readablepod --resource-name=anotherpod # Create a role named "foo" with API Group specified kubectl create role foo --verb=get,list,watch --resource=rs.apps # Create a role named "foo" with SubResource specified kubectl create role foo --verb=get,list,watch --resource=pods,pods/status
Your exam environment must be quiet, clutter free, and private, seriously, remove almost everything from your desk, the rules are very stringent. This will make it easier for the proctor to check you in, meaning you can get started and focus on your exam without added stress during check-in.
The exam is proctored remotely via video, audio, and screenshare streaming. Make sure you have an external webcam with auto-focus. When showing your ID you don’t want focus problems and it makes giving a 360 room pan easier.
Use an external monitor—and note you can only use one display. Be aware that a laptop screen isn’t going to be big enough.
Have a wired connection, you don’t want to be dealing with connection issues when each second matters.
Redundancy is always good. I put my mouse in a bowl of water the evening before the exam (by accident) I have lots of spares so it was all good. I did the exam with an m1 MacBook in clamshell mode, using a dell dock connected to my wireless mouse, with an external webcam, a wired keyboard over Ethernet. This worked perfectly, but nonetheless I had dongles ready to go if the dock was not allowed.
You can begin the check-in process 30 minutes before scheduled exam time, do this.
Go through the candidate handbook and run all system checks.
During the exam do not linger on a question, use the ‘flag it for later’ feature, you will have time to come back to it.
When you ssh to nodes, be sure to exit when you are done—it would be very sad to output an answer to the wrong machine.
This is just general life advice, but still: Eat first. Your check-in could become complicated and you may end up spending three hours doing exam-related things, so just keep that in mind if you don’t enjoy having to think quick while you’re hungry.
You get a second attempt to clear the exam if you are unsuccessful, so relax and do you best.
Read our blog passing the CKA exam. While there have been significant changes to the CKA since 2019, this piece offers valuable learning resources that are unexplored in my blog.
eduk8s: a Laser-Focused CKA Bootcamp
eduk8s delivers the CNCF CKA curriculum through in-person immersive bootcamps taught by engineers with leading industry experience. You’ll come away with the knowledge you need to get your CKA certification and also get insights on day-to-day challenges in managing production grade clusters. innablr folks have been teaching kubernetes for years, equipping teams with the skills to maintain and extend their clusters. So get yourself to a workshop with our friendly team for an engaging course delivered by a Kubernetes Certified Solution Provider.