CKAD: Certified Kubernetes Application Developer

Important links

From official source,

• Curriculum - https://github.com/cncf/curriculum
• Candidate handbook - https://docs.linuxfoundation.org/tc-docs/certification/lf-candidate-handbook
• Exam tips - https://docs.linuxfoundation.org/tc-docs/certification/tips-cka-and-ckad

Study materials

• https://github.com/dgkanatsios/CKAD-exercises

• https://github.com/zealvora/certified-kubernetes-application-developer

• https://medium.com/bb-tutorials-and-thoughts/practice-enough-with-these-questions-for-the-ckad-exam-2f42d1228552

If you need extra materials, check out this awesome course taught by Mumshad. It is very popular and consists of many practice labs and mock exams.

• Kubernetes Certified Application Developer (CKAD) with Tests

Key points

1. Understand and practise enough with the following Kubernetes resources

1. Pods (Kubernetes Documentation > Concepts > Workloads > Pods)
   • this includes concepts like mounting volumes, readiness/liveness probes, security context, resources limits & requests etc.
2. ReplicaSets (Kubernetes Documentation > Concepts > Workloads > Workload Resources > ReplicaSet)
3. Deployments (Kubernetes Documentation > Concepts > Workloads > Workload Resources > Deployments)
4. Services (Kubernetes Documentation > Concepts > Services, Load Balancing, and Networking > Service)
5. ConfigMaps (Kubernetes Documentation > Tasks > Configure Pods and Containers > Configure a Pod to Use a ConfigMap)
6. Secrets (Kubernetes Documentation > Concepts > Configuration > Secrets)
7. StorageClass, PersistentVolume and PersistentVolumeClaim (Kubernetes Documentation > Concepts > Storage > Persistent Volumes)
8. Jobs (Kubernetes Documentation > Concepts > Workloads > Workload Resources > Jobs)
9. CronJobs (Kubernetes Documentation > Concepts > Workloads > Workload Resources > CronJob)
10. Ingress (Kubernetes Documentation > Concepts > Services, Load Balancing, and Networking > Ingress)
11. NetworkPolicies (Kubernetes Documentation > Concepts > Services, Load Balancing, and Networking > Network Policies)
12. ServiceAccounts
13. Namespace

2. Know your PodTemplate

I find it extremely helpful to be familiar with the Pod’s manifests (fields like env, securityContext, readiness/liveness probe, volumes etc).

If you are very comfortable with PodTemplate you will have no problem with higher-level objects like ReplicaSets, Deployments, Jobs and others.

For example you should know how to write a Pod manifest with the following fields from scratch

metadata:
  name: __
  labels: __
spec:
  volumes: __
  securityContext: __
  containers:
    - name: __
      image: __
      securityContext: __
      readinessProbe: __
      livenessProbe: __
      volumeMounts: __
      env: __
      envFrom: __
      resources: __
  initContainers: __
  nodeSelector: __
  affinity: __

3. Learn ‘less’, ‘vim’ and optionally ‘tmux’

• less allows you to inspect any content quicker. At the minimum try to learn the following
  • g to return to top
  • G to go to bottom
  • /{insert-text-here} + Enter to search for text
    • n to go to next match
    • N to go back previous match
  • j and k for previous and next line
  • q to quit less
• vim to edit files
• optionally tmux. For me I used it to open 2~3 panes in the exam, 1 for the main work and the rest for documentation and watching resources

4. Learn how to check the fields of resources when unsure

You can list the fields for Kubernetes resources like so

• For Pods: k explain --recursive pod.spec | less
• For ReadinessProbe: k explain --recursive pod.spec.container.readinessProbe | less

5. Learn that you can create the base yaml file for most resources imperatively

The above is true for all resources mentioned in #1 except

• ReplicaSet
• StorageClass
• PersistentVolume
• PersistentVolumeClaim
• NetworkPolicy

This is handy because it saves us time from crafting from scratch or copy pasting from documentation. Instead we could create a base yaml by running command and then edit it afterwards

For example, if ko is an alias for kubectl --dry-run=client -o yaml,

• Pod

  ko run my-pod --restart=Never --image=nginx:latest -- /bin/sh 'echo hi' > pod.yaml
  

• Deployment

  ko create deploy my-deployment --replicas=10 --image=nginx:latest > deployment.yaml
  

• Service

  ko expose <pod/deploy etc> name --name my-service --type=ClusterIP --port=80 --target-port=8080 > service.yaml
  

• ConfigMap

  ko create cm my-configmap --from-literal=a=a --from-file=b=b --from-env-file=c > my-configmap.yaml
  

• Secret

  ko create secret generic my-secret --from-literal=a=a --from-file=b=b --from-env-file=c > my-secret.yaml
  

• Job

  ko create job my-job --image=busybox:latest -- /bin/sh 'echo hi' > job.yaml
  

• CronJob

  ko create cj my-cronjob --image=busybox:latest --schedule="* * * * *" -- /bin/sh 'echo hi' > cronjob.yaml
  

• Ingress

  ko create ingress my-ingress --rule="foo.com/bar=service-name:80" > ingress.yaml
  

• ServiceAccount (normally requires nothing to be edited afterwards)

  k create sa my-serviceaaccount
  

• Namespace (normally requires nothing to be edited afterwards)

  k create ns my-namespace
  

Bonus

Here’s the .bashrc, .vimrc and .tmux.conf I used in the exam.

# .bashrc (appended to end)
source <(kubectl completion bash)
alias k=kubectl
alias ko="kubectl --dry-run=client -o yaml"
complete -F __start_kubectl k ko

# .vimrc
set ts=2 sw=2 et ai nu
filetype off
filetype plugin indent on
syntax on

# .tmux.conf
set -g mouse on
set -g default-terminal screen-256color

TLDR?

Just take the exam and good luck. Everyone has two attempts anyway so why waste?