Certified Kubernetes Administrator Exam (CKA) Exam Preparation CheatSheet

The Certified Kubernetes Administrator (CKA) Exam is an indispensable certification for every Kubernetes Architect, Solution & Cloud Architect who needs to understand in-depth about Kubernetes cluster management in terms not only installation but in-depth & breadth level its installation policy, backup / restore of cluster & etcd db, network policy, security & service accounts, storage class & persistent volumes, SecurityContexts & core troubleshooting.

In this article, the current curriculum-wise CKA exam preparation links & notes are shared.

1. Cluster Architecture , Installation & Configuration

This module deals with managing role-based access control (RBAC) services for Kubernetes defining ServiceAccount, Role, ClusterRole, RoleBinding & ClusterRoleBinding options, the installation of single-node Kubernetes cluster with kubeadm tool, deployment of HA capable Kubernetes cluster, cluster version upgrade & etcd database backup & restore procedure.

• The step by step guidance of installation of single-node Kubernetes cluster with kubeadm tool is defined in this following guide:

Kubernetes_CKA_CKAD/Docker_Kuberntes_Single_node_setup.docx at main · imcuteani/Kubernetes_CKA_CKAD

• Manage role-based access control in Kubernetes (https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
• Applying for RBAC support in Kubernetes (https://kubernetes.io/blog/2017/04/rbac-support-in-kubernetes/)
• How to use RBAC as Kubernetes authorization(https://www.cncf.io/blog/2020/08/28/kubernetes-rbac-101-authorization/)
• Step by step guide from kubernetes.io for installation of basic cluster using kubeadm on Prod (https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/)
• Guidance on how to deploy a highly-available kubernetes cluster (https://kubernetes.io/docs/tasks/administer-cluster/highly-available-master/)
• Provisioning the underlying infra to deploy Kubernetes cluster (https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/)
• Implementing version upgrade on Kubernetes cluster using kubeadm (https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/)
• Step to provision backup, restore of etcd database (https://kubernetes.io/docs/tasks/administer-cluster/configure-upgrade-etcd/)

2. Workloads & scheduling (15%)

This module is focused on deployments, rolling updates strategy, managing environment variables injecting as key-value pairs using configMaps & storing sensitive data as Secrets, autoscaling of Kubernetes cluster, managing self-healing, resilient cluster, pod scaling, scheduling with resource limits with CPU / memory, etc.

• understanding of Kubernetes deployment & how to perform a rolling update, rollback (https://kubernetes.io/docs/tasks/manage-daemon/rollback-daemon-set/)
• Applying ConfigMap & Secrets to configure environment variables for apps ( https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/

https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/)

• how to configure a pod with ConfigMap (https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/)
• Managing autoscaling in kubernetes (https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/)
• The details of Horizontal Pod autoscalar (https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)
• How to apply Kubernetes Resource requests & Limits (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#how-pods-with-resource-limits-are-run)
• How to configure resource quotas in Kubernetes (https://kubernetes.io/docs/concepts/policy/resource-quotas/)
• Configuration of pod with resource limits to run (https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#how-pods-with-resource-limits-are-run)
• In-depth overview of Kubernetes scheduler (https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/)
• The command-line tools reference to kube-scheduler
• Step by step guideline of how to assign pods to nodes (https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/)
• Scheduling framework & Advanced scheduling framework guidelines
• How to deploy Kubernetes manifest with Spinnaker

( https://spinnaker.io/guides/user/kubernetes-v2/deploy-manifest/)

• How to manage Kubernetes state of application templating ( https://www.openshift.com/blog/kubernetes-state-app-templating)

3. Services & Networking (20%)

This module deals with the in-depth analysis of Kubernetes cluster networking features, advanced concepts on connectivity between pods, difference between NodePort, ClusterIP, LoadBalancer & ExternalName, when & how to use ingress & ingress controllers, configuring the CoreDNS for container-level network policy management & details of scenario to choose the appropriate CNI (container network interface) plugins.

• Managing in-depth cluster networking in Kubernetes (https://kubernetes.io/docs/concepts/cluster-administration/networking/)
• How to start a container with host networking options enabled (https://github.com/kubernetes/kubernetes/issues/19171)
• Intro to Kubernetes pod level networking with Weave (https://www.weave.works/blog/introduction-to-kubernetes-pod-networking--part-1)
• How to apply pod to pod communication through Kubernetes IP (https://superuser.openstack.org/articles/review-of-pod-to-pod-communications-in-kubernetes/)
• Kubernetes ClusterIP, NodePort , LoadBalancer & in general Service overview (https://kubernetes.io/docs/concepts/services-networking/service/)
• Configure NodePort to retrieve traffic into the cluster (https://docs.openshift.com/container-platform/3.6/dev_guide/expose_service/expose_internal_ip_nodeport.html)
• In-depth concepts on Ingress controllers in Kubernetes (https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/)
• Installation guidance of Nginx ingress controller to Kubernetes (https://kubernetes.github.io/ingress-nginx/deploy/)
• Step for creating Ingress resource for Kubernetes (https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/#create-an-ingress-resource)
• Setup ingress on Minikube with ingress controller ( https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/)
• How to use CoreDNS for Kubernetes service discovery (https://kubernetes.io/docs/tasks/administer-cluster/coredns/)
• How to deploy CoreDNS in Kubernetes

( https://github.com/coredns/deployment/tree/master/kubernetes)

• How to create custom DNS entries with CoreDNS

( https://coredns.io/2017/05/08/custom-dns-entries-for-kubernetes/)

• Configure network plugins in Kubernetes (https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/)

4. Storage (10%)

This module evaluates your concepts on storage classes, persistent volumes, configuring volume mounts, access mode, persistent volume claim (PVC) with reclaim policies, PVC primitive & how to configure apps with persistent storage.

• Understanding of storage classes in Kubernetes

(https://kubernetes.io/docs/concepts/storage/storage-classes/)

• Dynamic provisioning & storage classes in Kubernetes (https://kubernetes.io/blog/2017/03/dynamic-provisioning-and-storage-classes-kubernetes/)
• How to change Kubernetes storage class

( https://kubernetes.io/docs/tasks/administer-cluster/change-default-storage-class/)

• Persistent volumes in Kubernetes

( https://kubernetes.io/docs/concepts/storage/persistent-volumes/)

• How to configure a pod to use persistent volume for storage

( https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/)

• Concepts on different volume modes in Kubernetes (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#volume-mode)
• Kubernetes Access modes (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes)
• managing reclaim policy of volume (https://kubernetes.io/docs/concepts/storage/persistent-volumes/#reclaim-policy)
• Change the Reclaim Policy of a persistent volume (https://kubernetes.io/docs/tasks/administer-cluster/change-pv-reclaim-policy/)
• Definition of Persistent volume claim

(https://kubernetes.io/docs/concepts/storage/volumes/#persistentvolumeclaim)

• How to create a persistent volume claim for a pod?

( https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim)

• A complete guide for Kubernetes storage problems

( https://www.cncf.io/blog/2020/04/28/a-complete-storage-guide-for-your-kubernetes-storage-problems/)

5. Troubleshooting (30%)

This module is focused on your cluster & node logging monitoring, apps & logs monitoring capability with troubleshooting skills. Basically, this is the module where you can actually perform real-time application failure troubleshooting, cluster component failure, DNS troubleshooting, etc.

• The Kubernetes logging architecture (https://kubernetes.io/docs/concepts/cluster-administration/logging/)
• Practical guidance on Kubernetes logging concepts (https://kubernetes.io/blog/2015/06/cluster-level-logging-with-kubernetes/)
• How to monitor Kubernetes resources

( https://rancher.com/blog/2018/2018-10-18-monitoring-kubernetes/)

• How to debug Kubernetes apps & resource usage metrics & monitoring (https://kubernetes.io/docs/tasks/debug-application-cluster/resource-usage-monitoring/)
• How to collect stdout, stderr logs from mounted containers (https://stackoverflow.com/questions/54915956/kubernetes-mount-container-stdout-stderr-logs)
• How to troubleshoot/debug apps (https://kubernetes.io/docs/tasks/debug-application-cluster/debug-application/)
• How to execute app introspection, debugging & monitoring (https://kubernetes.io/docs/tasks/debug-application-cluster/debug-application-introspection/)
• How to debug running pods (https://kubernetes.io/docs/tasks/debug-application-cluster/debug-running-pod/)
• How to debug running service (https://kubernetes.io/docs/tasks/debug-application-cluster/debug-service/)
• How to troubleshoot clusters (https://kubernetes.io/docs/tasks/debug-application-cluster/debug-cluster/)
• How to introspect Kubernetes network issues

( https://www.digitalocean.com/community/tutorials/how-to-inspect-kubernetes-networking)

• Steps to troubleshoot kubernetes network problems (https://blog.appoptics.com/how-to-troubleshoot-kubernetes-network-issues/)

#Happy Kuberneting! ~