Certified Kubernetes Administrator (CKA) Exam Guide: Validate your knowledge of Kubernetes and implement it in a real-life production environment
()
About this ebook
Kubernetes is the most popular container orchestration tool in the industry. The Kubernetes Administrator certification will help you establish your credibility and enable you to efficiently support the business growth of individual organizations with the help of this open source platform.
The book begins by introducing you to Kubernetes architecture and the core concepts of Kubernetes. You'll then get to grips with the main Kubernetes API primitives, before diving into cluster installation, configuration, and management. Moving ahead, you’ll explore different approaches while maintaining the Kubernetes cluster, perform upgrades for the Kubernetes cluster, as well as backup and restore etcd. As you advance, you'll deploy and manage workloads on Kubernetes and work with storage for Kubernetes stateful workloads with the help of practical scenarios. You'll also delve into managing the security of Kubernetes applications and understand how different components in Kubernetes communicate with each other and with other applications. The concluding chapters will show you how to troubleshoot cluster- and application-level logging and monitoring, cluster components, and applications in Kubernetes.
By the end of this Kubernetes book, you'll be fully prepared to pass the CKA exam and gain practical knowledge that can be applied in your day-to-day work.
Related to Certified Kubernetes Administrator (CKA) Exam Guide
Related ebooks
Certified Kubernetes Application Developer (CKAD) Exam Success Guide: Ace your career in Kubernetes development with CKAD certification (English Edition) Rating: 0 out of 5 stars0 ratingsHands-On Kubernetes, Service Mesh and Zero-Trust: Build and manage secure applications using Kubernetes and Istio (English Edition) Rating: 0 out of 5 stars0 ratingsThe Kubernetes Bible: The definitive guide to deploying and managing Kubernetes across major cloud platforms Rating: 4 out of 5 stars4/5Becoming KCNA Certified: Build a strong foundation in cloud native and Kubernetes and pass the KCNA exam with ease Rating: 0 out of 5 stars0 ratingsKubernetes in Production Best Practices: Build and manage highly available production-ready Kubernetes clusters Rating: 0 out of 5 stars0 ratingsKubernetes Secrets Handbook: Design, implement, and maintain production-grade Kubernetes Secrets management solutions Rating: 0 out of 5 stars0 ratingsDocker Cookbook: Over 100 practical and insightful recipes to build distributed applications with Docker Rating: 0 out of 5 stars0 ratingsDocker: Up and Running: Build and deploy containerized web apps with Docker and Kubernetes (English Edition) Rating: 0 out of 5 stars0 ratingsCI/CD Pipeline with Docker and Jenkins: Learn How to Build and Manage Your CI/CD Pipelines Effectively (English Edition) Rating: 0 out of 5 stars0 ratingsMastering DevOps in Kubernetes: Maximize your container workload efficiency with DevOps practices in Kubernetes (English Edition) Rating: 0 out of 5 stars0 ratingsCloud Native with Kubernetes: Deploy, configure, and run modern cloud native applications on Kubernetes Rating: 0 out of 5 stars0 ratingsCloud Native Automation with Google Cloud Build: Easily automate tasks in a fully managed, scalable, and secure platform Rating: 0 out of 5 stars0 ratingsManaging Kubernetes Resources Using Helm: Simplifying how to build, package, and distribute applications for Kubernetes Rating: 0 out of 5 stars0 ratingsCloud Native Microservices Cookbook: Master the art of microservices in the cloud with over 100 practical recipes (English Edition) Rating: 0 out of 5 stars0 ratingsMastering Amazon EC2: Unravel the complexities of EC2 to build robust and resilient applications Rating: 0 out of 5 stars0 ratingsBootstrapping Microservices, Second Edition: With Docker, Kubernetes, GitHub Actions, and Terraform Rating: 0 out of 5 stars0 ratingsGetting Started with Kubernetes, Second Edition: Orchestrate and manage large-scale Docker deployments Rating: 0 out of 5 stars0 ratingsIntroducing Azure Kubernetes Service: A Practical Guide to Container Orchestration Rating: 0 out of 5 stars0 ratingsBuild Serverless Apps on Kubernetes with Knative: Build, deploy, and manage serverless applications on Kubernetes (English Edition) Rating: 0 out of 5 stars0 ratings
System Administration For You
CompTIA A+ Complete Review Guide: Core 1 Exam 220-1101 and Core 2 Exam 220-1102 Rating: 5 out of 5 stars5/5Bash Command Line Pro Tips Rating: 5 out of 5 stars5/5Mastering Windows PowerShell Scripting Rating: 4 out of 5 stars4/5Linux Command-Line Tips & Tricks Rating: 0 out of 5 stars0 ratingsCybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5The Complete Powershell Training for Beginners Rating: 0 out of 5 stars0 ratingsLinux: Learn in 24 Hours Rating: 5 out of 5 stars5/5PowerShell: A Comprehensive Guide to Windows PowerShell Rating: 4 out of 5 stars4/5Learn PowerShell in a Month of Lunches, Fourth Edition: Covers Windows, Linux, and macOS Rating: 0 out of 5 stars0 ratingsNetworking for System Administrators: IT Mastery, #5 Rating: 5 out of 5 stars5/5Learn SQL Server Administration in a Month of Lunches Rating: 3 out of 5 stars3/5Practical Data Analysis Rating: 4 out of 5 stars4/5CompTIA A+ Complete Practice Tests: Core 1 Exam 220-1101 and Core 2 Exam 220-1102 Rating: 0 out of 5 stars0 ratingsLinux Bible Rating: 0 out of 5 stars0 ratingsGit Essentials Rating: 4 out of 5 stars4/5CompTIA Linux+ Practice Tests: Exam XK0-005 Rating: 0 out of 5 stars0 ratingsInstant PostgreSQL Backup and Restore How-to Rating: 0 out of 5 stars0 ratingsHow To Speed Up Computer: Your Step-By-Step Guide To Speeding Up Computer Rating: 0 out of 5 stars0 ratingsOracle Solaris 11 Advanced Administration Cookbook Rating: 0 out of 5 stars0 ratingsWordpress 2023 A Beginners Guide : Design Your Own Website With WordPress 2023 Rating: 0 out of 5 stars0 ratingsOperating Systems DeMYSTiFieD Rating: 0 out of 5 stars0 ratingsLearn Windows PowerShell in a Month of Lunches Rating: 0 out of 5 stars0 ratingsLinux for Beginners: Linux Command Line, Linux Programming and Linux Operating System Rating: 4 out of 5 stars4/5
Reviews for Certified Kubernetes Administrator (CKA) Exam Guide
0 ratings0 reviews
Book preview
Certified Kubernetes Administrator (CKA) Exam Guide - Mélony Qin
BIRMINGHAM—MUMBAI
Certified Kubernetes Administrator (CKA) Exam Guide
Copyright © 2022 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Group Product Manager: Rahul Nair
Publishing Product Manager: Niranjan Naikwadi
Senior Editor: Arun Nadar
Content Development Editor: Sujata Tripathi
Technical Editor: Arjun Varma
Copy Editor: Safis Editing
Project Coordinator: Ashwin Dinesh Kharwa
Proofreader: Safis Editing
Indexer: Sejal Dsilva
Production Designer: Vijay Kamble
Marketing Coordinator: Nimisha Dua
First published: November 2022
Production reference: 1071022
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-80323-826-5
www.packt.com
Foreword
Over the last decade, Kubernetes has gone mainstream. Builders of cloud applications are expected to be familiar with cloud-native design tools and techniques. Becoming certified in Kubernetes demonstrates that you have the knowledge and skills necessary to meet the expectations of businesses, enterprises, and consumers.
Whether you are a cloud-native expert or a beginner, this book will familiarize you with the tools, technologies, and terminology in the cloud-native ecosystem. Mélony’s own experience getting involved in the cloud-native ecosystem and its rapidly changing array of open source projects and cloud-based products, enable her to write an approachable book that can serve as your guide to the modern way that today’s applications are built.
The expectations of business, customers, and users of today’s applications have never been greater. Kubernetes and cloud-native are the skills that will enable you to build applications that meet the standards necessary to compete in the world of modern application development.
Brendan Burns, co-founder of Kubernetes open source project.
I first met Mélony back in 2018. I’d been speaking at an event in London and when I finished, she approached the stage to ask a question. That was just a few days before she started working at Microsoft and I’ve had the pleasure of working with her since then. It’s rare to get to work with such a talented individual, someone who has a real passion for technology, learning, and helping others to learn.
I’ve been working in technology for over 30 years in roles across operations, engineering, and architecture. A lot of that time was spent working in large corporations. Containers and Kubernetes have had a massive effect on the way applications are developed, deployed, and managed. It would have solved so many problems if I’d had these tools available earlier on in my career. Back in 2014, a colleague of mine told me to keep a close eye on this Docker
thing they’d heard about as they were convinced it was going to be a big deal. I have kept an eye on it and they were right. It has been a big deal!
As your maturity with containers grows, you’ll find yourself involved with Kubernetes. If you’re going to use Kubernetes, then you really need to understand how it works. It’s complicated and you can easily get things wrong, so you really, really need to know what you’re doing. Certification exams are always a great way to build your knowledge, test yourself, and prove that you know your stuff! I’ve sat all of the current Kubernetes certification exams and I can tell you from personal experience, these exams are hard. You can’t get away with guessing which multiple-choice answer is the right one. You can’t wing it. Oh no, you need to actually put the work in to learn Kubernetes before you sit this exam! And that’s a good thing, because it makes the Kubernetes certification more valuable knowing that you can’t pass it without putting in the effort.
If you’ve got this book in your hands or on your digital reading device of choice, then you’ve made a great start! Kubernetes certifications are hard, make no mistake, but you will pass if you put the work in. Mélony will guide you through the topics you need to learn and help set you up for success.
Good luck. You’ve got this!
Mark Whitby, Cloud-native architecture and engineering lead, principal global black belt (GBB) at Microsoft
Certifications are the best way to show the world your passion, your interests, and your skills, in the ever competitive and fierce landscape for talent sprung by the adoption of the cloud native paradigm. Mélony has done an amazing job to demystify the many mysteries of Kubernetes into simple, easy to understand concepts that will guide you in your studies, and hopefully lead you to a successful certification. She truly understands the learning journey and the many hurdles of cloud native, and she’s motivated to make your journey easier.
I met Mélony several years ago at one of the Microsoft OpenHacks events, and her passion for learning and sharing struck me. So, I’m both glad and proud to write the foreword to her new book, which undoubtedly will help many cloud native engineers in their own personal learning path.
Alessandro Vozza, Principal Software Engineer at Microsoft, CNCF Ambassador, Founder of Cloud Pirates
Note from the author
Containerization is an approach to managing applications; a container image contains all its deployment dependencies and configurations. Managing one, or even a couple of containers for dev/testing purposes, is relatively easy. The real challenge comes when you have to manage hundreds, or even thousands of containers, especially for enterprise-grade product environments, where you’ll be managing networking, deployments, configuration, etc. This is where the container orchestrator comes in.
Looking back, many open source container orchestrators have been popular in the market at one point in time. Although we’re still hearing about Docker Swarm, Mesosphere’s DC/OS, Kubernetes is by far the most popular container orchestration tool.
We have seen tremendous growth in Kubernetes and its ecosystem over the last 7 years. Yet, the complexity of managing the tool remains the major blocker for enterprises that prevents them from taking complete advantage of this fantastic technology. Learning Kubernetes and its ecosystem will help organizations overcome their challenges in deploying, managing, and operating Kubernetes clusters.
Acquiring a Certified Kubernetes Administrator (CKA) certification is the best way to help you train the essential skills on working with Kubernetes. In particular, you’ll learn how to manage and operate Kubernetes.
The Certified Kubernetes Administrator (CKA) certification is founded by Cloud Native Computing Foundation (CNCF), and it is designed to ensure that certification candidates have the skills and knowledge to help them establish their credibility and value in the job market, and to support business growth. It is widely recognized by various sizes of businesses across different industries.
This book is an exam guide and a knowledge book, and it covers all the important aspects required by the CKA certification. We’ll start with an introduction to Kubernetes architecture, turning to the core concept of Kubernetes. Then, we will dive deeply into the main Kubernetes primitives, installation and configuration, cluster management, workload scheduling, networking, and security. We’ll also cover various ways to troubleshoot Kubernetes.
Each chapter will cover core concepts as well as code samples. It is not a book to read conventionally – it is a practice guide that requires you to get out of your comfort zone and go break some eggs!
While I was writing this book, I was at the lowest point of my life, having relocated to a new continent, as well as undergoing surgery for the first time in my life during the first 2 months of relocation. This all took place alongside many other challenges. I can’t thank my family enough for the huge support I received from them, especially my beloved mother, Nancy Deng. I also want to thank my lovely local and remote friends, the Packt team, and other people who supported me during that period.
As a human being, those unprecedented life challenges also made me rethink the definition of living a meaningful life. Hence, I decided to turn those challenges into something positive and meaningful by pushing myself to the max to work on this book. This experience also encouraged me to create the CloudMelon Vis YouTube channel, alongside my website cloud-melon.com that I have been blogging on for years. Sharing is caring!
Rethinking my community evangelization in the past, I hope to make my life more meaningful by making a more positive impact on the community. This book aims to help people find their new career path with Kubernetes, in particular those who lost their jobs during the pandemic. Kubernetes is one of the most life-changing technologies that empowered my own career path, and I hope it will make a positive impact on your career, too.
Last but not least, I wish you the best of luck with your CKA exam and hope you will enjoy your journey in building your future with this book. Thanks!
Contributors
About the author
Mélony Qin, aka CloudMelon, is the founder of CloudMelonVision and a product manager at a top tech company, as well as being the author of Microsoft Azure Infrastructure, the Kubernetes Workshop, and Certified Kubernetes Administrator (CKA) Exam Guide by Packt Publishing, and the technical reviewer for Azure for Architects, Third Edition. Her community contribution mainly concerns OSS, DevOps, Kubernetes, serverless, big data analytics, and IoT on Microsoft Azure. She is also a member of the Association for Computing Machinery (ACM) and Project Management Institute (PMI). She can be reached via Twitter using @MelonyQ or @CloudMelonVis, through the Contact me page of her blog (www.cloud-melon.com), and via her YouTube channel: CloudMelon Vis https://www.youtube.com/c/CloudMelonVis.
About the reviewers
Erol Kavas has worked in the IT industry for more than 20 years, with 10 years dedicated to infrastructure, the cloud, and DevOps. He has helped many Canadian and US enterprises and governments to build their cloud foundations and embark upon their containerization and Kubernetes journeys. He is fully certified on AWS, Azure, Google Cloud Platform, and Kubernetes in all disciplines. He is a partner and chief consultant in a DevOps and cloud consulting firm that helps Canadian and US start-ups in their cloud and DevOps journeys. He is also a Microsoft Certified Trainer (MCT) regional lead for Canada and trains many new cloud professionals at CloudCamp.ca.
Dustin Specker has been in the tech industry for almost 10 years. He started as a frontend web developer focused on usability. In the last few years, Dustin has pivoted to developing cloud solutions. He has used Kubernetes for on-premises environments and public cloud for the last four years. He has earned the CKAD, CKA, and CKS certifications. He received a Bachelor of Science degree in nuclear engineering from the Missouri University of Science and Technology, where he discovered that he enjoyed programming much more than nuclear engineering.
Bruno S. Brasil is a cloud engineer who has used Linux since he was a kid. He started out working in on-premises environments before living out the migration to cloud solutions and joining the DevOps culture, choosing Google Cloud Platform as his specialization focus. Since then, he has worked on projects of this type as a consultant and engineer for several types of businesses, ranging from digital banks and marketplaces to start-ups. He has always focused on implementing best practices in the development of infrastructure as code, disseminating the DevOps culture, and implementing SRE strategies. He is enthusiastic about the open source community and believes that this is the most important path in terms of the growth of new professionals and new technologies.
Juri Sinar is a senior DevOps engineer working for a London fintech start-up. Kubernetes is the main platform that he has used to run and integrate infrastructure for the past five years. It helps Juri to connect and automate a large global network of open banking for his clients in a way that would not have been possible just 10 years ago.
Table of Contents
Preface
Part 1: Cluster Architecture, Installation, and Configuration
1
Kubernetes Overview
CKA exam overview
What to expect in your CKA exam
CKA exam tips and tricks
Cluster architecture and components
Kubernetes core concepts
Containerized workloads
Container images
Container registry
Container runtimes
Kubernetes basic workflow
Kubernetes plugin model
Kubernetes API primitives
Sharing a cluster with namespaces
Kubernetes in-market distribution and ecosystems
Upstream vanilla Kubernetes
Managed Kubernetes
Kubernetes ecosystems
Summary
2
Installing and Configuring Kubernetes Clusters
Technical requirements
Hands-on Kubernetes tooling
Core tools
Deployment tools
Other tools
Installing and configuring a Kubernetes cluster
Prerequisites for installing a Kubernetes cluster
Using minikube to set up a single node Kubernetes cluster
Using kubeadm to install a basic Kubernetes cluster
Setting up a highly available cluster with kubeadm
Summary
Mock CKA scenario-based practice test
Scenario 1:
Scenario 2:
Scenario 3 (optional):
FAQs
3
Maintaining Kubernetes Clusters
Demystifying Kubernetes cluster maintenance
Upgrading a Kubernetes cluster using kubeadm
Upgrading the master node
Upgrading the worker node
Working with etcd
Exploring the ETCD cluster pod
Listing etcd cluster members
Checking the etcd cluster status
Installing etcd
Backing up etcd
Restoring etcd
Summary
Mock CKA scenario-based practice test
Scenario 1
Scenario 2
Scenario 3
Scenario 4
FAQs
Part 2: Managing Kubernetes
4
Application Scheduling and Lifecycle Management
Technical requirements
The basics of Kubernetes workloads
Imperative management versus declarative management
Understanding pods
Deploying and managing applications
Deploying applications
Performing rolling updates and rollbacks
Rolling updates with kubectl
Rollback
Scaling applications
ReplicaSets
Workload scheduling
Understanding namespaces
Labels, node selectors, and annotations
Node affinity and anti-affinity
Taints and tolerations
Resource management
Configuring applications
Manifest management with kustomize
Common package management and templating with Helm
Summary
Mock CKA scenario-based practice test
Scenario 1
Scenario 2
Scenario 3
Scenario 4
Scenario 5
FAQs
5
Demystifying Kubernetes Storage
Technical requirements
Stateful versus stateless workloads
Kubernetes volumes
Ephemeral storage
Persistent storage
Cracking stateful applications in Kubernetes
Configuring an application with mounted storage
Configuring an application with persistent storage
Summary
Mock CKA scenario-based practice test
Scenario 1
Scenario 2
FAQs
6
Securing Kubernetes
Technical requirements
Securing Kubernetes in layers
Kubernetes authentication and authorization
Service accounts versus user accounts
Kubernetes service accounts
Organizing the cluster access using kubeconfig
Configuring access to multiple clusters
Kubernetes authorization
Kubernetes RBAC
Managing the security of Kubernetes applications
Summary
Mock CKA scenario-based practice test
Scenario 1
Scenario 2
Scenario 3
FAQs
7
Demystifying Kubernetes Networking
Technical requirements
Understanding the Kubernetes networking model
Container-to-container communication
Pod-to-pod communication
Pod-to-service and external-to-service communications
Node-to-node communication
Choosing an appropriate Container Network Interface plugin
CNI networking in Kubernetes
Decision metrics
Configuring Ingress controllers and Ingress resources
How Ingress and an Ingress controller works
Using multiple Ingress controllers
Work with Ingress resources
Ingress annotations and rewrite-target
Configuring and leveraging CoreDNS
Check whether the CoreDNS server is up and running
Pod IPs and DNS hostnames
Service IPs and DNS hostnames
Summary
Mock CKA scenario-based practice test
Scenario 1
Scenario 2
Scenario 3
Scenario 4
Scenario 5
Scenario 6
FAQs
Part 3: Troubleshooting
8
Monitoring and Logging Kubernetes Clusters and Applications
Technical requirements
Monitoring on a cluster node
Checking whether Metrics Server is installed
Installing Metrics Server in your current Kubernetes cluster
Checking out CPU/memory metrics
Monitoring applications on a Kubernetes cluster
Monitoring the resource usage of an application
Checking application details
Monitoring cluster events
Managing logs at the cluster node and Pod levels
Cluster-level logging
Checking out the node details
Checking the node status
Managing container stdout and stderr logs
Summary
Mock CKA scenario-based practice test
Scenario 1
FAQs
9
Troubleshooting Cluster Components and Applications
Technical requirements
General practices in Kubernetes troubleshooting
Troubleshooting cluster components
Inspecting the cluster
Inspecting the node
Troubleshooting applications
Getting a high-level view
Inspecting namespace events
Troubleshooting failing pods
Troubleshooting init containers
Summary
FAQs
10
Troubleshooting Security and Networking
Technical requirements
Troubleshooting RBAC failures
Initiating a minikube cluster
Managing a minikube cluster
Troubleshooting networking
Troubleshooting a Kubernetes DNS server
Troubleshooting a service in Kubernetes
Get a shell for troubleshooting
Summary
FAQs
Appendix - Mock CKA scenario-based practice test resolutions
Chapter 2 – Installing and Configuring Kubernetes Clusters
Scenario 1
Scenario 2
Scenario 3 (optional)
Chapter 3 – Maintaining Kubernetes Clusters
Scenario 1
Scenario 2
Scenario 3
Scenario 4
Chapter 4 – Application scheduling and lifecycle management
Scenario 1
Scenario 2
Scenario 3
Scenario 4
Scenario 5
Chapter 5 – Demystifying Kubernetes Storage
Scenario 1
Scenario 2
Chapter 6 – Securing Kubernetes
Scenario 1
Scenario 2
Scenario 3
Chapter 7 – Demystifying Kubernetes networking
Scenario 1
Scenario 2
Scenario 3
Scenario 4
Scenario 5
Scenario 6
Chapter 8 – Monitoring and logging Kubernetes Clusters and Applications
Scenario 1
Index
Other Books You May Enjoy
Preface
Kubernetes is by far the most popular container orchestration tool, yet the complexities of managing the tool have led to the rise of fully