Online resources that will help you prepare for taking the CNCF CKA 2020 "Kubernetes Certified Administrator" Certification exam. with time, This is not likely the comprehensive up to date list - please make a pull request if there something that should be added here.
Online resources that will help you prepare for taking the Kubernetes Certified Administrator Certification exam.
Disclaimer: This is not likely a comprehensive list as the exam will be a moving target with the fast pace of k8s development - please make a pull request if there something wrong, should be added, or updated.
I tried to restrict the cross references of resources to kubernetes.io. Youtube videos and other blog resources are optional; however, I still found them useful in my k8s learning journey.
Ensure you have the right version of Kubernetes documentation selected (e.g. v1.26 as of January 2023 exam) especially for API objects and annotations.
LDR: practice practice practice
These are the exam objectives you review and understand in order to pass the test.
Provision underlying infrastructure to deploy Kubernetes cluster
Peform a version upgrade on Kubernetes cluster using kubeadm
#etcd backup and restore brief
export ETCDCTL_API=3 # needed to specify etcd api versions, not sure if it is needed anylonger with k8s 1.19+
etcdctl snapshot save -h #find save options
etcdctl snapshot restore -h #find restore options
## possible example of save, options will change depending on cluster context, as TLS is used need to give ca,crt, and key paths
etcdctl snapshot save /backup/snapshot.db --cert=/etc/kubernetes/pki/etcd/server.crt --key=/etc/kubernetes/pki/etcd/server.key -- cacert=/etc/kubernetes/pki/etcd/ca.crt
# evicting pods/nodes and bringing back node back to cluster
kubectl drain <node># to drain a node
kubectl uncordon <node> # to return a node after updates back to the cluster from unscheduled state to Ready
kubectl cordon <node> # to not schedule new pods on a node
#backup/restore the cluster (e.g. the state of the cluster in etcd)
# upgrade kubernetes worker node
kubectl drain <node>
apt-get upgrade -y kubeadm=<k8s-version-to-upgrade>
apt-get upgrade -y kubelet=<k8s-version-to-upgrade>
kubeadm upgrade node config --kubelet-version <k8s-version-to-upgrade>
systemctl restart kubelet
kubectl uncordon <node>
#kubeadm upgrade steps
kubeadm upgrade plan
kubeadm upgrade apply
Understand host networking configuration on the cluster nodes
Understand connectivity between Pods
Understand ClusterIP, NodePort, LoadBalancer service types and endpoints
Know how to use Ingress controllers and Ingress resources
#### Storage Class example
#
#### Persistent Volume Claim example
#
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: local-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-storage-sc
resources:
requests:
storage: 100Mi
## Persistent Volume example
#
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-pv
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: 200Mi
local:
path: /data/pv/disk021
persistentVolumeReclaimPolicy: Retain
storageClassName: local-storage-sc
volumeMode: Filesystem
### Pod using the pvc
#
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
name: nginx
spec:
containers:
- name: nginx
image: nginx
volumeMounts:
- name: local-persistent-storage
mountPath: /var/www/html
volumes:
- name: local-persistent-storage
persistentVolumeClaim:
claimName: local-pvc
practice practice practice
Get familiar with:
Familiarize yourself with the documentation, initially concepts and mostly tasks, kubectl explain command, kubectl cheatsheet, and kubectl commands reference
kubectl api-versions
and kubectl api-resources
wih grep
for a specific resoruce e.g. pv, pvc, deployment, storageclass, ..etc can help figure out the apiVersion, and kind combined with explain below will help in constructing the yaml manifest
kubectl explain --recurisve to construct out any yaml manifest you need and find its specd and details
When using kubectl for investigations and troubleshooting utilize the wide output it gives your more details
$kubectl get pods -o wide --show-labels --all-namespaces
or
$kubectl get pods -o wide --show-labels -A # -A is quicker than --all-namespaces
In kubectl
utilizie --all-namespaces or better -A
to ensure deployments, pods, objects are on the right name space, and right desired state
for events and troubleshooting utilize kubectl describe if its pod/resource related and logs if it is application issue related
$kubectl describe pods <PODID> # for pod, deployment, other k8s resource issues/events
$kubectl logs <PODID> # for container/application issues like crash loops
--dry-run=client
allows you to create a manifest template from an imperative spec, combined with --edit
it allows you to modify the object before creationkubectl create service clusterip my-svc -o yaml --dry-run=client > /tmp/srv.yaml
kubectl create --edit -f /tmp/srv.yaml
alias k='kubectl'
alias kg='kubectl get'
alias kgpo='kubectl get pod'
alias kcpyd='kubectl create pod -o yaml --dry-run=client'
alias ksysgpo='kubectl --namespace=kube-system get pod'
alias kd='kubectl delete'
alias kdf='kubectl delete -f'
## for quick deletes you can add --force --grace-period=0 **Not sure if it is a good idea if you are in a production cluster**
alias krmgf='kubectl delete --grace-period 0 --force'
alias kgsvcoyaml='kubectl get service -o=yaml'
alias kgsvcwn='watch kubectl get service --namespace'
alias kgsvcslwn='watch kubectl get service --show-labels --namespace'
#example usage of aliases
krmgf nginx-8jk71 # kill pod nginx-8jk71 using grace period 0 and force
k -n [Press Tab]
will suggest available namespaces). Example command to enable autocomplete is available at official kubectl Cheat Sheet page, you don't have to remember anything.source <(kubectl completion bash) # setup autocomplete in bash into the current shell, bash-completion package should be installed first.
echo "source <(kubectl completion bash)" >> ~/.bashrc # add autocomplete permanently to your bash shell.
alias k=kubectl
complete -F __start_kubectl k
Double check if the course is uptodate with the latest exam information (e.g. api, or curicuilim)