My journey to ace the CKAD exam
As I concluded my year-end break in 2022, I engaged in a profound professional introspection. The realization that struck me most profoundly was the depth of my understanding of the intricate software systems I've been architecting, maintaining, and optimizing for numerous years. The stark truth was that I had merely scratched the surface of comprehending the infrastructure of the software products I've dedicatedly crafted. This realization prompted me to embark on the journey to earn my CKAD certification.
After dedicatedly preparing for 6-7 months, I successfully cleared the CKAD exam on 01Jan24, scoring 87%. This transformative journey not only enriched my knowledge of containers and Kubernetes but also exposed certain pitfalls that, if avoided, could have expedited my exam preparation.
In this article, I aim to share crucial insights, exam tips, and lessons learned from my CKAD journey, with the goal of aiding aspiring candidates in achieving success with greater ease.
I had no prior experience working on production-grade Kubernetes clusters
Understanding the CKAD exam
The CKAD exam is a practical, performance-based test spanning two hours, designed to immerse candidates in real-world Kubernetes tasks and challenges. Rather than squinting over multiple-choice questions, participants are tasked with creating, editing, deploying, and configuring various Kubernetes manifests in a remote cluster. It's an opportunity to experience hands-on learning and bid farewell to theoretical monotony. For more information about the exam, curriculum, and other essential details, visit the CNCF's page
Navigating the Journey
As a novice to Kubernetes, I recognized the need to grasp the fundamentals of Kubernetes architecture and components. I began my journey with Mumshad's Udemy Course, tailored for individuals entirely new to the Kubernetes ecosystem. Consistently progressing through the videos and completing lab exercises on kodecloud I gained a foundational understanding of the Kubernetes topics essential for CKAD success.
While tackling the 'Lightning Labs,' I identified gaps in my knowledge of various Kubernetes objects and components. This prompted me to explore additional resources utilized by fellow CKAD aspirants. The curated list below became instrumental in my preparation :
- Dimitris-Ilias Gkanatsios CKAD exercises - Providing an excellent set of problems and solutions for CKAD preparation.
- Benjamin Muschko's crash course - Offering an in-depth and hands-on approach to practice problems covering CKAD exam topics
- Subod Dharma's CKAD preparation material - Featuring a comprehensive list of imperative commands and problem statements
Repeatedly utilizing these resources not only bolstered my confidence but also streamlined my problem-solving efficiency. They served as valuable reinforcements to the fundamentals acquired from Mumshad's course.
With enhanced confidence, I progressed to Mumshad's Udemy course lightning labs and mock exams.
Strategies for CKAD Success
Time Management: A Critical Factor
The CKAD exam's most challenging aspect is undoubtedly time management. With only two hours to complete 17-20 questions, which involve understanding problem statements, configuring key values, generating YAML files, and modifying existing Kubernetes objects, effective time utilization is paramount.
In order to be prepared from knowledge and overall examination standpoint, below are the few areas I was extremely mindful about -
Mastering Imperative Commands
While YAML files are indispensable for managing Kubernetes infrastructure in real-world projects, relying solely on them in the exam can be time-consuming. Mastering imperative commands proves essential for efficiently addressing exam challenges. Hence,
PLEASE AVOID WRITING YAML FILES FROM SCRATCH
Instead, use kubectl run and generators to improve productivity. I had extensively following imperative commands to create required K8 objects and generate yaml files -
1kubectl run nginx
4 -l="key1=value1,key2=value2" # multiple labels
5 --env="ENV=prod" --env="region=US" # multiple environment variables
6 --port=5710 # container port
7 --expose # create a ClusterIP service
8 --rm -it # delete the pod after completed and open a terminal
9 -- /bin/sh -c "while true; do date; sleep 10; done" # command
Generating yaml file
1kubectl run my-pod --image=nginx --restart=Never -n default -l "key1=value1,key2=value2" --env="ENV=prod" --env="region=US" --port=80 $do -- /bin/sh -c ls > 4.yaml
Modify pod's image
1kubectl set image my-pod my-container=IMAGE_NAME:TAG
1kubectl create deploy my-deploy --image=nginx -n default --replicas=3 --port=8080 $do -- /bin/sh -c ls > 2.yaml
Override image of deployment
1kubectl set image deploy my-deployment my-container-name=nginx:1.9.1 --record # save the "CHANGE-CAUSE" in the deployment history
Managing deployment rollouts
1kubectl rollout history my-deploy # Check the history of deployments including exact revision with --revision=2
2kubectl rollout undo my-deploy # Rollback to the previous deployment
3kubectl rollout undo my-deploy --to-revision=2 # Rollback to a specific revision. If not specified, rollback to previous version
4kubectl rollout status -w my-deploy # Watch rolling update status of "frontend" deployment until completion
5kubectl rollout restart my-deploy
1kubectl create svc clusterip my-cluster-svc --tcp=6379:6379 # <port>:<targetPort>
Node Port Service
1kubectl create svc nodeport my-nodeport-svc --tcp=80:80 --node-port=30080 # <port>:<targetPort>
Exposing existing deployment / pod as a service
1kubectl expose deploy my-deployment --port=80 --target-port=8080 --type=ClusterIP --name=my-deploy-svc $do > 5.yaml
Note - Both the above commands i.e. direct service creation and creating service from existing deployment / pod have their own limitations - Direct service creation cannot accept selector and the other cannot accept a node port.
1kubectl create job my-job --image busybox -n default $do -- /bin/sh -c ls > 1.yaml
1kubectl create cj my-cronjob --image busybox --schedule "*/1 * * * *" -n default --restart Never $do -- /bin/sh -c ls > 1.yaml
Creating job from cron job
1kubectl create job my-job --from=cronjob/my-cronjob
Config Maps / Secrets
1kubectl create cm app-config
4kubectl create cm app-config-env-file
5 --from-env-file=config.env # single file with environment variables
7kubectl create cm app-config-file
8 --from-file=config.txt # single file or directory
Note - For creating secret replace cm with secret generic
1kubectl create sa my-sa
1kubectl create quota myrq --hard=cpu=1,memory=1G,pods=2
Labelling / Annotating objects
1kubectl label nodes my-node env=PROD # add a label to node
2kubectl label pod my-pod region=eu # add a label to pod
3kubectl label pod my-pod region=us --overwrite # edit a label
4kubectl label pod my-pod region- # remove a label
Note - For annotation, replace label with annotate
Fetching pods based on labels
1kubectl get po
2 -l env=prod,reqion!=US # label equality filter
3 -l 'env in (prod, stage)' # label set filter
4 -l 'region notin (US, EU)' # notin filter
5 -l 'env exists' # exists filter
6 --show-labels # show all labels
Horizontal Pod Autoscaler (HPA)
1kubectl autoscale deploy my-deploy
2 --cpu-percent=70 # sum of the cpu percentages used by all the pods that needs to be reached for the hpa to start spinning other pods
3 --min=2 # min number of pods
4 --max=8 # max number of pods the HPA can scale
Note - In order to enable HPA with memory related critera, we will have to create / update yaml file. Refer HPA docs
1# apply taint
2kubectl taint nodes my-node my-key=my-value:NoSchedule
4# remove taint
5kubectl taint nodes my-node my-key=my-value:NoSchedule-
Debugging in Kubernetes
Get pod logs
1kubectl logs my-pod
3kubectl logos my-pod -p #Fetch logs of previous instance
5kubectl logs my-pod -c my-container -f #Fetch logs of specific container
Open pod shell
1kubectl exec -it my-pod -- /bin/sh
View Service endpoints
1kubectl get ep
Verifying K8 objects with its corresponding apiVersion
1kubectl api-resources | grep deployment
Fetch all events
1kubectl get events --sort-by=.metadata.creationTimestamp
View kubernetes API documentation
1kubectl explain pods.spec
2kubectl explain pod.spec > po-spec
3kubectl explain pod –recursive=true > po-full
One distinctive aspect of the CKAD exam is, its assessment is not only of Kubernetes expertise but also of proficiency in Linux skills with a focus on -
- Vim editor
- Shortcuts with alias and export variables
I had used Vim editor extensively for creating and editing YAML files essential in the management of Kubernetes objects. A thorough command of Vim shortcuts for seamless navigation and editing of YAML files is imperative.
Vim editor configurations
To enhance the effectiveness and productivity of the Vim editor, it is recommended to tailor configurations in the vimrc file as shown below
1set nu # S number line
2set et # Use spaces for tab
3set ts=2 # Amount of spaces used for tab
4set sw=2 # Amount of spaces used during indentation
5set ai # Sets auto indent
6set hls # Highlights the term searched in editor
7set ic # Ignores case while searching
8set cuc # Enables cursor on column
9set cul # Enables cursor on line
Vim editor navigation shortcuts
As time is limited for CKAD exam, one needs to be as optimal as possible to save time. Hence it is recommended to remember these shortcuts for faster navigation -
1w / W -> Beginning of next word
2e / E - End of current or next word (next word in case it is already at the end of current word)
30 - Beginning of current line
4$ - End of current line
5d$ - Delete from current cursor position to end of line
6:/<search-string> - Search entered search string
7 a. n - Next occurrence
8 b. N - Previous occurrence
9u - Undo last action
10U - Undo all changes to current line
11Copy / Cut - Paste
12 a. Press ESC
13 b. Take the cursor from the lines you want to copy / delete from
14 c. 5yy / 5dd - Copy / Cut 5 lines from current line
15 d. Take the cursor to the location where you want to paste copied contents
16 i. p - Paste copied / cut lines below the line where cursor is placed
17 ii. P - Paste copied / cut lines above the line where cursor is placed
19 a. Switch to visual mode
20 b. Move to the top of code block that need to be indented. Select single line with 'Shift + V", and than use arrow to select multiple lines
21 c. Selected lines will show as highlighted
22 d. Use "Shift + >" (Greater than sign and not an arrow key) / "Shift + <>" to indent towards right / left. The number of spaces of indentation is determined by value of set ts=2 in .vimrc file
Extensive use of the grep command is required for cluster validation and searching Kubernetes documentation via the command line. This demands a strong command over this powerful text-searching tool. I had used below flags extensively for effective searching -
- -i - Ignore case while searching
- -A - Prints n lines after the match
- -B - Prints n lines before the match
Shortcuts with alias and export
Proficiency in utilizing shortcuts, creating aliases, and managing exported variables is crucial for efficient and swift command-line operations. Modify .bashrc file with below aliases and exported variables to expedite formulation of K8 commands.
1alias kns="kubectl config set-context --current --namespace"
2alias gns="kubectl config view | grep -i namespace"
3alias ka="kubectl apply -f"
4alias ksh="kubectl exec -it"
5alias ktn="kubectl run tmp1 --image nginx:alpine --restart Never -it --rm -- /bin/sh"
6alias ktb="kubectl run tmp2 --image busybox --restart Never -it --rm -- /bin/sh"
9export do="--dry-run=client -o yaml"
10export fg="--force --grace-period=0"
Navigating the exam environment
Another crucial factor that significantly contributes to efficiency during the CKAD exam is familiarity with the exam environment. Utilize killer.sh judiciously, as you are granted two opportunities to use it before the exam, each lasting for a fixed duration of 36 hours. killer.sh will mimic actual environment along with the exact set of tools that would be available during exam. Few things that I had consciously taken care of -
Copy / Paste in PSI browser
The default configuration for 'Copy/Paste' within the remote box in the PSI browser incessantly prompts an 'Unsafe paste dialog.' To disable this feature, follow these steps:
- Go to Applications -> Settings and click Xfce Terminal
- Uncheck Show unsafe paste dialog and check Automatically copy selection to clipboard
Using Mozilla browser
Given that the PSI browser's remote box is equipped with the Mozilla browser, it's essential to grasp its optimal utilization for navigation and searching. The browser primarily serves for accessing K8 Documentation. I found the following shortcuts particularly helpful in enhancing search speed within the Mozilla browser:
- Ctrl + F - Find text within rendered web page
- / - Quick search bar
- highlight all - Enable this option within search bar to highlight searched items within rendered web page
- Search next item - F3 or Ctrl + G
- Search previous item - Shift F3 or Ctrl + Shift + G
Consider Mousepad as your digital notepad, where you may wish to store essential texts or notes for quick reference.
In the pursuit of achieving success in the CKAD exam, a holistic approach encompassing both Kubernetes proficiency and non-Kubernetes skills is paramount. The journey involves not only mastering the intricacies of Kubernetes architecture but also honing essential Linux skills. Proficiency in tools such as the Vim editor, understanding the nuances of Grep, and adept usage of shortcuts, aliases, and export variables are indispensable.
Success in the CKAD exam is not solely measured by Kubernetes knowledge but also by one's ability to navigate the practical challenges presented in the exam environment. By adopting a comprehensive strategy that encompasses both technical skills and strategic exam management, candidates can confidently approach the CKAD certification journey and emerge victorious.comments powered by Disqus