Yan Han's blog

On Computer Technology

02 Jun 2020

CKAD exam guide for experienced k8s users

In this post, I will be covering content that experienced k8s users who did not prepare for CKAD may not know and can quickly pick up to narrow their knowledge gap. In many ways, this is a guide I wish I had when I started preparing for the exam.

Due to the extensive availability of other guides that cover the CKAD curriculum, I will not be doing so in this post. That said, once you have completed all the free practice (covered below), you should have a good grasp of the curriculum.

For generic exam tactics for the CKAD exam, I recommend you read my post on CKA / CKAD exam tactics.

Free Practice

The most useful free practice (personally attempted all three):

If you do not wish to spend money on paid courses to prepare for CKAD, I would say that having k8s experience outside of CKAD plus being able to do all the above exercises reasonably quickly should be sufficient for you to pass with a good score.

If you are willing to fork out a small amount of money, Mumshad’s Mannambeth’s CKAD course is great for CKAD preparation:

Useful commands you must know

If there is anything difficult about the CKAD exam, it is to complete everything within 2 hours. As such, speed of execution counts and there are several kubectl commands that can be used to create resources / perform other operations quickly.

In fact, this is one of my biggest takeaways from preparing for CKAD. The difference in speed can be quite astounding.

Please gain familiarity with all the commands here. You may also want to go through the official kubectl Cheat Sheet.

Quickly create Pods, Deployments and Services:

# Quickly create Pod. The `--restart=Never` is crucial.
kubectl run mypod --restart=Never --image busybox -- sleep 3600
# Quickly create Deployment
kubectl create deploy mydeploy --image nginx
# Quickly create a Service for a Deployment
kubectl expose deploy/mydeploy --type ClusterIP --port 80 --target-port 8080 --name myservice
# Quickly create a Service for a Pod
kubectl expose po mypod --type ClusterIP --port 80 --target-port 8080 --name myservice

Quickly create other resources:

# Quickly create ConfigMap from literal
kubectl create cm myconfigmap --from-literal=keyone=valone --from-literal=keytwo=valtwo
# Quickly create Secret from literal
kubectl create secret generic mysecret --from-literal=keyone=valone --from-literal=keytwo=valtwo
# Quickly create ServiceAccount
kubectl create sa mysa
# Quickly create Role
kubectl create role myrole --verb=list,get,update --resource=pods,secrets
# Quickly create RoleBinding
kubectl create rolebinding myrolebinding --role myrole --serviceaccount=mysa
# Quickly create Job manifest
kubectl create job myjob --image busybox --dry-run -o yaml >jobspec.yml
# Quickly create CronJob manifest
kubectl create cj mycj --image busybox --dry-run -o yaml >cjspec.yml

Quickly get information about resources (the flags apply not just for Pods, but also for Deployments, Services, etc):

# Quickly get Pod IP
kubectl get po -o wide
# Show all pod labels
kubectl get po --show-labels
# In addition to usual columns, also output values of specific labels (app in this case)
kubectl get po -L app
# Select Pods whose labels have certain values
kubectl get po -l 'env in (dev, prod)'

Quickly get summary of various resources (it also displays events associated with a resource):

kubectl describe deploy/mydeploy
kubectl describe cm/myconfigmap
kubectl describe netpol/mynetworkpolicy

Deploy new image for deployment, undo and see history:

# Use new image for Deployment
kubectl set image deploy/mydeploy '*=busybox:1.28'
# Same as above but add an annotation in the Deployment to record the change
kubectl set image deploy/mydeploy '*=busybox:1.28' --record
# See status of replacing Pods to use the new image
kubectl rollout status deploy/mydeploy
# Rollback to specific revision
kubectl rollout undo deploy/mydeploy --to-revision=3
# View details of a specific revision
kubectl rollout history deploy/mydeploy --revision=3

Getting documentation on various resources:

# Get docs on Pod Spec. Can be used for other resources too.
kubectl explain po.spec
# See high level overview of syntax for various resources; in this case for Pods.
kubectl explain po --recursive

Knowledge you must have

nginx ingress annotations:

Useful documentation you should bookmark

Having these as bookmarks enable you to copy and paste the Specs and save some typing, memorization, or running kubectl explain.

Other memorization work

Additional memorization I did and would recommend doing, though not strictly required especially if you have bookmarked the docs I listed above:

Other things I knew / did to prepare the certification

This section contains ramblings that are irrelevant to most people. As per the usual style of my posts such as this, I present content relevant to most people at the top, then present my personal thoughts at the end.

Before I took the exam, I have about 1 year experience with k8s and 9 months production experience with it. In those 9 months, I was the maintainer of a few clusters and got to debug many issues (mostly not relevant to CKAD), so that helped lay a solid foundation.

Initially, I had no intention of quickly getting CKAD, but wanted to get it eventually, so I purchased Mumshad Mannambeth’s excellent CKAD course on Udemy to see what knowledge I lack. This is part of the new philosophy I have taken up in 2019, which is to spend some money on quality courses to speed up my learning - I’m glad to say this has helped tremendously and was money well spent.

To prepare for the exam, I completed all the labs in the course several times, focusing on the labs with k8s features that I don’t use much (or at all) at work (PV, PVC, Ingress, Netpol being the main culprits).

My opinion is that real world experience with k8s alone may not be sufficient for CKAD because like many exams, what you get tested on may not be an accurate reflection of skills used on the job. Main reasons:

Hence, even with work experience, one should spend time to prepare to maximize the probability of acing the exam on the first try.

Disclaimer: Opinions expressed on this blog are solely my own and do not express the views or opinions of my employer(s), past or present.

comments powered by Disqus