From official source,

Study materials

If you need extra materials, check out this awesome course taught by Mumshad. It is very popular and consists of many practice labs and mock exams.

Key points

1. Understand and practise enough with the following Kubernetes resources

  1. Pods (Kubernetes Documentation > Concepts > Workloads > Pods)
    • this includes concepts like mounting volumes, readiness/liveness probes, security context, resources limits & requests etc.
  2. ReplicaSets (Kubernetes Documentation > Concepts > Workloads > Workload Resources > ReplicaSet)
  3. Deployments (Kubernetes Documentation > Concepts > Workloads > Workload Resources > Deployments)
  4. Services (Kubernetes Documentation > Concepts > Services, Load Balancing, and Networking > Service)
  5. ConfigMaps (Kubernetes Documentation > Tasks > Configure Pods and Containers > Configure a Pod to Use a ConfigMap)
  6. Secrets (Kubernetes Documentation > Concepts > Configuration > Secrets)
  7. StorageClass, PersistentVolume and PersistentVolumeClaim (Kubernetes Documentation > Concepts > Storage > Persistent Volumes)
  8. Jobs (Kubernetes Documentation > Concepts > Workloads > Workload Resources > Jobs)
  9. CronJobs (Kubernetes Documentation > Concepts > Workloads > Workload Resources > CronJob)
  10. Ingress (Kubernetes Documentation > Concepts > Services, Load Balancing, and Networking > Ingress)
  11. NetworkPolicies (Kubernetes Documentation > Concepts > Services, Load Balancing, and Networking > Network Policies)
  12. ServiceAccounts
  13. Namespace

2. Know your PodTemplate

I find it extremely helpful to be familiar with the Pod’s manifests (fields like env, securityContext, readiness/liveness probe, volumes etc).

If you are very comfortable with PodTemplate you will have no problem with higher-level objects like ReplicaSets, Deployments, Jobs and others.

For example you should know how to write a Pod manifest with the following fields from scratch

  name: __
  labels: __
  volumes: __
  securityContext: __
    - name: __
      image: __
      securityContext: __
      readinessProbe: __
      livenessProbe: __
      volumeMounts: __
      env: __
      envFrom: __
      resources: __
  initContainers: __
  nodeSelector: __
  affinity: __

3. Learn ‘less’, ‘vim’ and optionally ‘tmux’

  • less allows you to inspect any content quicker. At the minimum try to learn the following
    • g to return to top
    • G to go to bottom
    • /{insert-text-here} + Enter to search for text
      • n to go to next match
      • N to go back previous match
    • j and k for previous and next line
    • q to quit less
  • vim to edit files
  • optionally tmux. For me I used it to open 2~3 panes in the exam, 1 for the main work and the rest for documentation and watching resources

4. Learn how to check the fields of resources when unsure

You can list the fields for Kubernetes resources like so

  • For Pods: k explain --recursive pod.spec | less
  • For ReadinessProbe: k explain --recursive pod.spec.container.readinessProbe | less

5. Learn that you can create the base yaml file for most resources imperatively

The above is true for all resources mentioned in #1 except

  • ReplicaSet
  • StorageClass
  • PersistentVolume
  • PersistentVolumeClaim
  • NetworkPolicy

This is handy because it saves us time from crafting from scratch or copy pasting from documentation. Instead we could create a base yaml by running command and then edit it afterwards

For example, if ko is an alias for kubectl --dry-run=client -o yaml,

  • Pod
    ko run my-pod --restart=Never --image=nginx:latest -- /bin/sh 'echo hi' > pod.yaml
  • Deployment
    ko create deploy my-deployment --replicas=10 --image=nginx:latest > deployment.yaml
  • Service
    ko expose <pod/deploy etc> name --name my-service --type=ClusterIP --port=80 --target-port=8080 > service.yaml
  • ConfigMap
    ko create cm my-configmap --from-literal=a=a --from-file=b=b --from-env-file=c > my-configmap.yaml
  • Secret
    ko create secret generic my-secret --from-literal=a=a --from-file=b=b --from-env-file=c > my-secret.yaml
  • Job
    ko create job my-job --image=busybox:latest -- /bin/sh 'echo hi' > job.yaml
  • CronJob
    ko create cj my-cronjob --image=busybox:latest --schedule="* * * * *" -- /bin/sh 'echo hi' > cronjob.yaml
  • Ingress
    ko create ingress my-ingress --rule="" > ingress.yaml
  • ServiceAccount (normally requires nothing to be edited afterwards)
    k create sa my-serviceaaccount
  • Namespace (normally requires nothing to be edited afterwards)
    k create ns my-namespace


Here’s the .bashrc, .vimrc and .tmux.conf I used in the exam.

# .bashrc (appended to end)
source <(kubectl completion bash)
alias k=kubectl
alias ko="kubectl --dry-run=client -o yaml"
complete -F __start_kubectl k ko
# .vimrc
set ts=2 sw=2 et ai nu
filetype off
filetype plugin indent on
syntax on
# .tmux.conf
set -g mouse on
set -g default-terminal screen-256color


Just take the exam and good luck. Everyone has two attempts anyway so why waste? :stuck_out_tongue_winking_eye:

Leave a comment