Why a developer needs a Kubernetes certificate and how to successfully pass the exam
Are you a developer but still don’t know what Kubernetes is? Don’t worry, we will tell you:
- What is Kubernetes.
- What kind of certificates it has and why are they needed.
- About choosing a certification option.
- About the exam.
- About preparing for the exam.
- Various subtleties.
So why should a developer need a Kubernetes certificate? The short answer to this question is that there is no need if you are clearly not overlapping and not interested in Kubernetes. However, within the framework of the article, I will try to interest you, and then, believeme, you will want to get a certificate.
At my company, I do most of the frontend development and want to share something other than the frontend. In the frontend, we love all sorts of hype things, and we love even more when they bring real benefit.
To begin with – briefly from developers to developers about what Kubernetes is. Are you using Docker or something similar? I hope so.
So, let’s say you use Docker, package applications into Docker images and deploy to production. Have you rolled it out and go drink coffee? This works if you have a simple application and you are completely satisfied with how it works. But this is not enough if the requirements for your applications are higher than usual. By increased requirements, I mean, for example, the following:
- Fault tolerance. If an application running in a single instance crashes, you will have problems. And it would be nice to have multiple instances and balance between them.
- Scalability. When the load on the applications gets high, balancing won’t help. In this case, you need to optimize the application or even the infrastructure. What if there is no time for this now? In this case, it would be nice to be able to quickly increase the number of application instances.
- Resource limits. Here, it seems, and so it is clear: I want to somehow limit applications, preventing them from eating away the processor and memory.
- Environment. I hope you are not rolling the application straight to production? We need different environments, in addition to prod, at least dev.
- Combining applications into groups. What if the applications were supposed to be less isolated from each other? For example, they need a shared drive, namespace, and so on.
- Security and access control. When the company has many teams and products, it will be necessary to organize access to the cluster, for example, according to roles and groups.
- Collecting metrics and logs. And also some general approaches to collecting this information.
- Networking. How to implement this if you have a large number of nodes? How to provide access of one application to another by DNS name?
- As well as relatively easy integration with well-known solutions and launching applications on a schedule.
Docker will definitely not cope with the above, you will have to look for another solution. You can write your own, but it can be very time consuming and expensive. Among the suitable solutions, Kubernetes stands out in that it provides a fairly simple opportunity to implement the above requirements, and this is far from all of its capabilities.
After reading such a description, it may seem that now the admins will have nothing to do at all. However, it is not like that. Kubernetes is a tricky thing on its own, but it doesn’t solve all problems, and besides it, there are many other products that you cannot do without. Think of Kubernetes as a solution that, from a certain point of view, is the core of the ecosystem where your applications run.
If we draw analogies with the world of development, then, it seems to me, it’s a good idea to compare Kubernetes with a framework: we have a runtime environment where applications are executed, there are strict boundaries in the form of interfaces with the possibility of customization and extension, and also full of abstractions that make it relatively easy and it is convenient to manage all this good. Interested and have a desire to read the documentation? But here’s the trouble: the Kubernetes documentation is not a set of guides designed for beginners, and you just won’t be able to figure it out. What to do? You will find the answer to this question later in the article.
Personal motivation in certification
I began to be interested in Kubernetes about a year ago, I did all kinds of things on my personal projects. If you line up all the solutions used in a chain, it will look somehow like this: VMWare for Windows → Hyper-V → Host machine for Linux → chroot jail → Xen → KVM → LXC → Proxmox → Docker → Kubernetes. Having tried various solutions, I can confidently say that Kubernetes is very different from what it was before.
The entry threshold here is quite high: even just launching a cluster in production is a problem, not to mention how everything works there and how to support it. And I began to understand, try various solutions and articles that allowed me to prepare some kind of production-ready cluster.
The desire to obtain the Certified Kubernetes Administrator (CKA) certificate arose just during the use of a personal cluster for my projects. That is, everything seems to be working out, the cluster is working, but what happens inside it remained a mystery to me. There was no one to ask, and the documentation does not help much, since it describes everything at once, which scares off beginners. For this reason, I decided to go the other way: I studied the necessary in the process of preparing for the CKA certification.
It should be noted that, although the company uses Kubernetes, I am not involved in the development and support of this platform. Therefore, I can only tell you about the infrastructure in the company that for me, as a developer, to deploy applications, it is enough to know YAML when editing helm charts, and it is not necessary to look further, since much has already been done by the administrators.
About certification in general
There are many people in IT with a biased attitude towards certificates, and, on the one hand, they can be understood: there are enough stories on the network about how a person with many certificates comes to an interview and it turns out that there is no knowledge in fact. Since I quite often conduct interviews, previewing my resume, I will note that in my practice there have not been such stories yet.
As strange as it may seem, my personal statistics say that the likelihood of meeting a good developer increases if the resume contains information about certificates. Of course, in this case, the developer’s level is determined not by certificates, but during the interview, but here’s an interesting pattern. It doesn’t have to be front-end technology certifications. By the way, if you know any interesting certifications, I will be glad to hear from you in the comments.
Let me try to answer, why go through all these certifications, based on my first and long-standing experience in obtaining a C # certification from Microsoft? I think the correct answer is this: it helps to structure knowledge and eliminate small, but sometimes significant gaps in it.
As mentioned above, it is good practice to get certified initially. Such training starts from scratch and at the end we get a certified specialist, and not a self-taught StackOverflow. This is not always the case, a lot depends on the individual, nevertheless, I believe that an honestly obtained certificate helps to get rid of obvious crutches in the code at the initial stages of developer development.
You can also get certified by being a fairly mature developer. You are probably asking: “Why?” Another point is that the exam is part of the learning process that is familiar to all of us, because it is equally important to check whether you really learned everything correctly. More than once I noticed that I seemed to have learned everything, but in fact, it turns out that I missed something somewhere. An exam can definitely help with this.
Someone will probably note that everything in IT is now developing very quickly and the knowledge gained in the course of preparing for obtaining a certificate will just as quickly become irrelevant. I have not come across this and I will assume that it may depend on the technology, but, in my opinion, the investment in Kubernetes is justified and it is unlikely that the main parts of Kubernetes will change dramatically in the near future.
Preparation for the exam helped me to better understand basic concepts like SSL certificates, approaches to organizing a fault-tolerant infrastructure, I began to understand networks, Linux, working with disks better (not to mention the fact that now I know how to exit vim in several ways).
Choosing a certification option
At the moment, it is possible to obtain certificates not only from The Linux Foundation, however, within the framework of the article, we will consider possible certification options from them as the default ones. More details about The Linux Foundation and CNCF have already been written here. There are three certification options to choose from:
Certified Kubernetes Application Developer (CKAD). Suitable for small companies that use On-Premise Kubernetes and where developers have more freedom to interact with the cluster. For this reason, it is especially important for application developers to understand how to design, build, configure, and run applications on Kubernetes. As you prepare for your CKAD, you will become familiar with the basic concepts and will be able to understand the above much better in the future.
Certified Kubernetes Administrator (CKA). CKA is more complex and is designed for administrators who want to understand how a Kubernetes cluster works, how to deploy, manage and maintain it. If you plan to get CKA, then there is no point in getting CKAD.
Certified Kubernetes Security Specialist (CKS). CKS is brand new and available from November this year. Designed for those who plan to make their infrastructure more secure. If the first two options partially overlap and differ in immersion depth, then CKS will significantly supplement your knowledge, and, in my opinion, it is extremely important for the cluster administrator to know. Therefore, after CKA, you can try to get CKS as well.
I will warn you that in this section, as in others, there is no information about questions on the exam, answers and other information that cannot be disclosed. I also ask you not to leave such information in the comments. Thank you in advance and let’s move on.
For all three certification options, the cost of the exam is the same – $ 300 (CKAD, CKA, CKS). Once purchased, you will have one year to schedule an exam date, plus a free trial if you fail the exam.
Plan the exam in advance so that you can choose the time that is most convenient for you or reschedule it in case of need (you can reschedule no later than 24 hours in advance). You can schedule an exam no earlier than a day before the start.
There are several rules for the exam: rules for the situation, general rules of conduct, rules directly in your direction. Be sure to read the Candidate Handbook, but here are just the highlights.
The exam takes place online, so you will definitely need the following things (be sure to check out the full list):
- Laptop or desktop (camera and microphone required).
- International passport and, if possible, driving license or bank card.
- A room without strangers.
- Clean table. I also had a glass of water, a mouse and a rug (if you are not a touchpad guru, I advise).
The exam lasts two hours. You can come to it 15 minutes before the start, check if everything is in order, and start early. It is advisable to take a laptop, since you will have to show the room where you are sitting, as well as your workplace. During the exam, follow what the proctor writes to you in the chat (you need to understand a little English) and do not break quite adequate rules.
You can also take a break for five minutes with the proctor’s permission, but keep in mind that the clock is working and don’t be too late. By the way, install their browser extension in advance and adjust the screen and camera access permissions.
In addition to the exam tab, you can open only one additional tab with one of the following addresses (and their subdomains):
On the documentation page, you can and should use the search, but it is you who must control that you open the allowed address from the list above. Personally, I see the point only in the documentation – I needed GitHub and a blog only during preparation for the exam.
In 2 hours, you will have 15–20 tasks (these are tasks, not tests), 4 (CKAD) / 6 (CKA) Kubernetes clusters, between which you will switch as you perform tasks. I also highly recommend reading all the tips from an official source. To pass the exam, you will need to score at least 66%.
Within 36 hours after the exam, you will receive an email with the result. It came to me just in 30–36 hours, so, most likely, I will have to be patient.
If you fail to pass on the first try, you will have a free second one, which you can use at any time within one year. If it doesn’t work out again, prepare $ 300 and try again.
First, I recommend deploying your Kubernetes cluster and running some of your projects in it. At least you can use minikube, and it is better to deploy through kubeadm. For a more serious immersion in the process of deploying and configuring a cluster, I recommend Kubernetes The Hard Way.
The Udemy course from Mumshad Mannambeth (CKAD / CKA) will help you prepare specifically for the exam. There are also official courses: basic ones are free, but you will have to pay for the rest. If you want to learn more than just exam skills, check out this course.
In addition to courses and recommendations to practice on your cluster, you have the opportunity to gain practical skills in the emulator. Of course, the situation and the questions on the real exam will be different. That is, these are by no means dumps of exam questions, but tasks compiled by the emulator developers that will help you better understand Kubernetes. So they can be useful to you in the exam, too. The cost is 30 euros, and, in my opinion, it is quite justified.