Professional Documents
Culture Documents
Dismiss
Join GitHub today
GitHub is home to over 40 million developers
working together to host and review code,
manage projects, and build software together.
Sign up
Kubernetes-Certified-Administrator / README.md
11 contributors
Disclaimer: This is not likely a comprehensive list as the exam will be a moving
target with the fast pace of k8s development - please make a pull request if there
something wrong or that should be added, or updated in here.
Ensure you have the right version of Kubernetes documentation selected (e.g. v1.14
as of August 2019 exam) especially for API objects and annotations.
Exam Objectives
https://github.com/walidshaari/Kubernetes-Certified-Administrator/blob/master/README.md 1/7
10/12/2019 Kubernetes-Certified-Administrator/README.md at master · walidshaari/Kubernetes-Certified-Administrator · GitHub
These are the exam objectives you review and understand in order to pass the test.
https://github.com/walidshaari/Kubernetes-Certified-Administrator/blob/master/README.md 2/7
10/12/2019 Kubernetes-Certified-Administrator/README.md at master · walidshaari/Kubernetes-Certified-Administrator · GitHub
$ kubectl cluster-info
$ kubectl get nodes
$ kubectl get componentstatuses
$ kubectl get pods -o wide --show-labels --all-namespaces
$ kubectl get svc -o wide --show-labels --all-namespaces
For more advanced end to end testing, which may not be covered on the exam,
also see:
End-To-End Testing in Kubernetes
Using CNCF k8s conformance
Heptio Sonobuoy Scanner
Security 12%
Securing a kubernetes cluster
youtube: Building for Trust: How to Secure Your Kubernetes Cluster [I] -
Alexander Mohr & Jess Frazelle
Know how to configure authentication and authorization
Access the api
Authentication
Authorization with RBAC
Admission Control
[Understand Kubernetes security primitives]
Pod Security Policy
PSP and RBAC
Know to configure network policies
Blog: Kubernetes network policy
https://github.com/walidshaari/Kubernetes-Certified-Administrator/blob/master/README.md 3/7
10/12/2019 Kubernetes-Certified-Administrator/README.md at master · walidshaari/Kubernetes-Certified-Administrator · GitHub
Katacoda Calico
Create and manage TLS certificates for cluster components
Work with images securely
Define security contexts
Secure persistent key value store
Work with role-based access control
Networking 11%
Understand the networking configuration on the cluster nodes
Understand Pod networking concepts
youtube: The ins and outs of networking in Google Container Engine and
Kubernetes (Google Cloud Next '17)
youtube: Networking with Kubernetes
Illustrated Guide To Kubernetes Networking by Tim Hockin
Understand service networking
youtube: Life of a Packet [I] - Michael Rubin, Google
Deploy and configure network load balancer
Know how to use Ingress rules
Know how to configure and use the cluster DNS
Understand CNI
More information on CNI
Troubleshooting 10%
Troubleshoot application failure
Application Introspection and Debugging
Services
https://github.com/walidshaari/Kubernetes-Certified-Administrator/blob/master/README.md 4/7
10/12/2019 Kubernetes-Certified-Administrator/README.md at master · walidshaari/Kubernetes-Certified-Administrator · GitHub
Storage 7%
Understand persistent volumes and know how to create them
Understand access modes for volumes
Understand persistent volume claims primitive
Understand Kubernetes storage objects
Know how to configure applications with persistent storage
Scheduling 5%
Use label selectors to schedule Pods
Understand the role of DaemonSets
Understand how resource limits can affect Pod scheduling
Understand how to run multiple schedulers and how to configure Pods to use
them
Manually schedule a pod without a scheduler If you require a pod to start on a
specific node, you can specify this in POD spec.nodeName, that is what
DaemonSets do.
Display scheduler events /var/log/kube-scheduler.log on the control/master
node or use kubectl describe as in
$kubectl describe pods <POD NAME UNDER Investigation> | grep -A7 ^Events
https://github.com/walidshaari/Kubernetes-Certified-Administrator/blob/master/README.md 5/7
10/12/2019 Kubernetes-Certified-Administrator/README.md at master · walidshaari/Kubernetes-Certified-Administrator · GitHub
Logging/Monitoring 5%
Monitoring Kubernetes
Understand how to monitor all cluster components
Pod and Node metrics
Understand how to monitor applications
Manage cluster component logs
Master
/var/log/kube-apiserver.log - API Server, responsible for serving the
API
/var/log/kube-scheduler.log - Scheduler, responsible for making
scheduling decisions
/var/log/kube-controller-manager.log - Controller that manages
replication controllers
Worker Nodes
/var/log/kubelet.log - Kubelet, responsible for running containers on
the node
/var/log/kube-proxy.log - Kube Proxy, responsible for service load
balancing
Manage application logs
Practice Exam
CKA Practice Exam Environment
Tips:
get familiar with:
kubectl explain
kubectl cheatsheet
When using kubectl for investigations and troubleshooting utilize the wide
output it gives your more details
https://github.com/walidshaari/Kubernetes-Certified-Administrator/blob/master/README.md 6/7
10/12/2019 Kubernetes-Certified-Administrator/README.md at master · walidshaari/Kubernetes-Certified-Administrator · GitHub
the '-o yaml' in conjuction with --dry-run allows you to create a manifest
template from an imperative spec, combined with --edit it allows you to
modify the object before creation
https://github.com/walidshaari/Kubernetes-Certified-Administrator/blob/master/README.md 7/7