book

Certified Kubernetes Administrator (CKA) Study Guide

by Benjamin Muschko

June 2022

Intermediate to advanced

201 pages

4h 42m

English

O'Reilly Media, Inc.

Book available

Read now

Unlock full access

Who This Book Is ForWhat You Will LearnConventions Used in This BookUsing Code ExamplesO’Reilly Interactive Katacoda LabsO’Reilly Online LearningHow to Contact UsAcknowledgments
Exam ObjectivesCurriculumCluster Architecture, Installation, and ConfigurationWorkloads and SchedulingServices and NetworkingStorageTroubleshootingInvolved Kubernetes PrimitivesExam Environment and TipsCandidate SkillsTime ManagementCommand-Line Tips and TricksSetting a Context and NamespaceUsing an Alias for kubectlUsing kubectl Command Auto-CompletionInternalize Resource Short NamesDeleting Kubernetes ObjectsFinding Object InformationDiscovering Command OptionsPracticing and Practice ExamsSummary
Role-Based Access ControlRBAC High-Level OverviewCreating a SubjectListing ServiceAccountsRendering ServiceAccount DetailsAssigning a ServiceAccount to a PodUnderstanding RBAC API PrimitivesDefault User-Facing RolesCreating RolesListing RolesRendering Role DetailsCreating RoleBindingsListing RoleBindingsRendering RoleBinding DetailsSeeing the RBAC Rules in EffectNamespace-wide and Cluster-wide RBACAggregating RBAC RulesCreating and Managing a Kubernetes ClusterInstalling a ClusterManaging a Highly Available ClusterUpgrading a Cluster VersionBacking Up and Restoring etcdBacking Up etcdRestoring etcdSummaryExam EssentialsSample Exercises
Managing Workloads with DeploymentsUnderstanding DeploymentsCreating DeploymentsListing Deployments and Their PodsRendering Deployment DetailsDeleting a DeploymentPerforming Rolling Updates and RollbacksRolling Out a New RevisionRolling Back to a Previous RevisionScaling WorkloadsManually Scaling a DeploymentManually Scaling a StatefulSetAutoscaling a DeploymentCreating Horizontal Pod AutoscalersListing Horizontal Pod AutoscalersRendering Horizontal Pod Autoscaler DetailsUsing the Beta API Version of an Horizontal Pod AutoscalerDefining and Consuming Configuration DataCreating a ConfigMapConsuming a ConfigMap as Environment VariablesMounting a ConfigMap as a VolumeCreating a SecretConsuming a Secret as Environment VariablesMounting a Secret as a VolumeSummaryExam EssentialsSample Exercises
Understanding How Resource Limits Affect Pod SchedulingDefining Container Resource RequestsDefining Container Resource LimitsDefining Container Resource Requests and LimitsManaging ObjectsDeclarative Object Management Using Configuration FilesDeclarative Object Management Using KustomizeCommon Templating ToolsUsing the YAML Processor yqUsing HelmSummaryExam EssentialsSample Exercises
Kubernetes Networking BasicsConnectivity Between ContainersConnectivity Between PodsUnderstanding ServicesService TypesCreating ServicesListing ServicesRendering Service DetailsPort MappingAccessing a Service with Type ClusterIPAccessing a Service with Type NodePortAccessing a Service with Type LoadBalancerUnderstanding IngressIngress RulesCreating IngressesDefining Path TypesListing IngressesRendering Ingress DetailsAccessing an IngressUsing and Configuring CoreDNSInspecting the CoreDNS PodInspecting the CoreDNS ConfigurationCustomizing the CoreDNS ConfigurationDNS for ServicesResolving a Service by Hostname from the Same NamespaceResolving a Service by Hostname from a Different NamespaceDNS for PodsResolving a Pod by HostnameChoosing an Appropriate Container Network Interface PluginSummaryExam EssentialsSample Exercises
Understanding VolumesVolume TypesCreating and Accessing VolumesUnderstanding Persistent VolumesStatic vs. Dynamic ProvisioningCreating PersistentVolumesConfiguration Options for a PersistentVolumeVolume ModeAccess ModeReclaim PolicyCreating PersistentVolumeClaimsMounting PersistentVolumeClaims in a PodUnderstanding Storage ClassesCreating Storage ClassesUsing Storage ClassesSummaryExam EssentialsSample Exercises
Evaluating Cluster and Node LoggingCluster LoggingNode LoggingMonitoring Cluster Components and ApplicationsTroubleshooting Application FailuresTroubleshooting PodsOpening an Interactive ShellTroubleshooting ServicesTroubleshooting Cluster FailuresTroubleshooting Control Plane NodesTroubleshooting Worker NodesSummaryExam EssentialsSample Exercises
Chapter 2, “Cluster Architecture, Installation, and Configuration”Chapter 3, “Workloads”Chapter 4, “Scheduling and Tooling”Chapter 5, “Services and Networking”Chapter 6, “Storage”Chapter 7, “Troubleshooting”

Content preview from Certified Kubernetes Administrator (CKA) Study Guide

Chapter 2. Cluster Architecture, Installation, and Configuration

According to the name of the chapter, the first section of the curriculum refers to typical tasks you’d expect of a Kubernetes administrator. Those tasks include understanding the architectural components of a Kubernetes cluster, setting up a cluster from scratch, and maintaining a cluster going forward.

Interestingly, this section also covers the security aspects of a cluster, more specifically role-based access control (RBAC). You are expected to understand how to map permissions for operations to API resources for a set of users or processes.

At the end of this chapter, you will understand the tools and procedures for installing and maintaining a Kubernetes cluster. Moreover, you’ll know how to configure RBAC for representative, real-world use cases.

At a high level, this chapter covers the following concepts:

Understanding RBAC
Installing of a cluster with kubeadm
Upgrading a version of a Kubernetes cluster with kubeadm
Backing up and restoring etcd with etcdctl
Understanding a highly available Kubernetes cluster

Role-Based Access Control

In Kubernetes you need to be authenticated before you are allowed to make a request to an API resource. A cluster administrator usually has access to all resources and operations. The easiest way to operate a cluster is to provide everyone with an admin account. While “admin access for everyone” sounds fantastic as you grow your business, it comes with a considerable ...