book

Certified Kubernetes Application Developer (CKAD) Study Guide, 2nd Edition

by Benjamin Muschko

May 2024

Intermediate to advanced

366 pages

7h 43m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Includes

Has Sandbox

Who This Book Is ForWhat You Will LearnWhat’s New in the Second EditionConventions Used in This BookUsing Code ExamplesO’Reilly Online LearningHow to Contact UsAcknowledgments
Kubernetes Certification Learning PathKubernetes and Cloud Native Associate (KCNA)Kubernetes and Cloud Native Security Associate (KCSA)Certified Kubernetes Application Developer (CKAD)Certified Kubernetes Administrator (CKA)Certified Kubernetes Security Specialist (CKS)Exam ObjectivesCurriculumApplication Design and BuildApplication DeploymentApplication Observability and MaintenanceApplication Environment, Configuration, and SecurityServices and NetworkingInvolved Kubernetes PrimitivesDocumentationExam Environment and TipsCandidate SkillsTime ManagementCommand-Line Tips and TricksSetting a Context and NamespaceUsing the Alias for kubectlUsing kubectl Command Auto-CompletionInternalize Resource Short NamesPracticing and Practice ExamsSummary
What Is Kubernetes?FeaturesHigh-Level ArchitectureControl Plane Node ComponentsCommon Node ComponentsAdvantagesSummary
API Primitives and ObjectsUsing kubectlManaging ObjectsImperative Object ManagementDeclarative Object ManagementHybrid ApproachWhich Approach to Use?Summary
Container TerminologyContainerizing a Java-Based ApplicationWriting a DockerfileBuilding the Container ImageListing Container ImagesRunning the ContainerListing ContainersInteracting with the ContainerPublishing the Container ImageSaving and Loading a Container ImageGoing FurtherSummaryExam EssentialsSample Exercises
Working with PodsCreating PodsListing PodsPod Life Cycle PhasesRendering Pod DetailsAccessing Logs of a PodExecuting a Command in ContainerCreating a Temporary PodUsing a Pod’s IP Address for Network CommunicationConfiguring PodsDeleting a PodWorking with NamespacesListing NamespacesCreating and Using a NamespaceSetting a Namespace PreferenceDeleting a NamespaceSummaryExam EssentialsSample Exercises
Working with JobsCreating and Inspecting JobsJob Operation TypesRestart BehaviorWorking with CronJobsCreating and Inspecting CronJobsConfiguring Retained Job HistorySummaryExam EssentialsSample Exercises

Working with StorageVolume TypesEphemeral VolumesPersistent VolumesStorage ClassesSummaryExam EssentialsSample Exercises
Working with Multiple Containers in a PodInit ContainersThe Sidecar PatternThe Adapter PatternThe Ambassador PatternSummaryExam EssentialsSample Exercises
Working with LabelsDeclaring LabelsInspecting LabelsModifying Labels for a Live ObjectUsing Label SelectorsRecommended LabelsWorking with AnnotationsDeclaring AnnotationsInspecting AnnotationsModifying Annotations for a Live ObjectReserved AnnotationsSummaryExam EssentialsSample Exercises
Working with DeploymentsCreating DeploymentsListing Deployments and Their PodsRendering Deployment DetailsDeleting a DeploymentPerforming Rolling Updates and RollbacksUpdating a Deployment’s Pod TemplateRolling Out a New RevisionAdding a Change Cause for a RevisionRolling Back to a Previous RevisionScaling WorkloadsManually Scaling a DeploymentAutoscaling a DeploymentCreating Horizontal Pod AutoscalersListing Horizontal Pod AutoscalersRendering Horizontal Pod Autoscaler DetailsDefining Multiple Scaling MetricsSummaryExam EssentialsSample Exercises
Rolling Deployment StrategyImplementationUse Cases and Trade-OffsFixed Deployment StrategyImplementationUse Cases and Trade-OffsBlue-Green Deployment StrategyImplementationUse Cases and Trade-OffsCanary Deployment StrategyImplementationUse Cases and Trade-OffsSummaryExam EssentialsSample Exercises
Managing an Existing ChartIdentifying a ChartAdding a Chart RepositorySearching for a Chart in a RepositoryInstalling a ChartListing Installed ChartsUpgrading an Installed ChartUninstalling a ChartSummaryExam EssentialsSample Exercises
Understanding the Deprecation PolicyListing Available API VersionsHandling Deprecation WarningsHandling a Removed or Replaced APISummaryExam EssentialsSample Exercises
Working with ProbesProbe TypesHealth Verification MethodsHealth Check AttributesThe Readiness ProbeThe Liveness ProbeThe Startup ProbeSummaryExam EssentialsSample Exercises
Troubleshooting PodsRetrieving High-Level InformationInspecting EventsUsing Port ForwardingTroubleshooting ContainersInspecting LogsOpening an Interactive ShellInteracting with a Distroless ContainerInspecting Resource MetricsSummaryExam EssentialsSample Exercises
Working with CRDsExample CRDImplementing a CRD SchemaInstantiating an Object for the CRDDiscovering CRDsImplementing a ControllerSummaryExam EssentialsSample Exercises
Processing a RequestAuthentication with kubectlThe KubeconfigManaging Kubeconfig Using kubectlAuthorization with Role-Based Access ControlRBAC OverviewUnderstanding RBAC API PrimitivesDefault User-Facing RolesCreating RolesListing RolesRendering Role DetailsCreating RoleBindingsListing RoleBindingsRendering RoleBinding DetailsSeeing the RBAC Rules in EffectNamespace-Wide and Cluster-Wide RBACWorking with Service AccountsThe Default Service AccountCreating a Service AccountSetting Permissions for a Service AccountAdmission ControlSummaryExam EssentialsSample Exercises
Working with Resource RequirementsDefining Container Resource RequestsDefining Container Resource LimitsDefining Container Resource Requests and LimitsWorking with Resource QuotasCreating ResourceQuotasRendering ResourceQuota DetailsExploring a ResourceQuota’s Runtime BehaviorWorking with Limit RangesCreating LimitRangesRendering LimitRange DetailsExploring a LimitRange’s Runtime BehaviorSummaryExam EssentialsSample Exercises
Working with ConfigMapsCreating a ConfigMapConsuming a ConfigMap as Environment VariablesMounting a ConfigMap as a VolumeWorking with SecretsCreating a SecretConsuming a Secret as Environment VariablesMounting a Secret as a VolumeSummaryExam EssentialsSample Exercises
Working with Security ContextsDefining a Security Context on the Pod LevelDefining a Security Context on the Container LevelDefining a Security Context on the Pod and Container LevelSummaryExam EssentialsSample Exercises
Working with ServicesService TypesPort MappingCreating ServicesListing ServicesRendering Service DetailsThe ClusterIP Service TypeCreating and Inspecting the ServiceAccessing the ServiceThe NodePort Service TypeCreating and Inspecting the ServiceAccessing the ServiceThe LoadBalancer Service TypeCreating and Inspecting the ServiceAccessing the ServiceSummaryExam EssentialsSample Exercises
Working with IngressesInstalling an Ingress ControllerDeploying Multiple Ingress ControllersConfiguring Ingress RulesCreating IngressesDefining Path TypesListing IngressesRendering Ingress DetailsAccessing an IngressSummaryExam EssentialsSample Exercises
Working with Network PoliciesInstalling an Network Policy ControllerCreating a Network PolicyListing Network PoliciesRendering Network Policy DetailsApplying Default Network PoliciesRestricting Access to Specific PortsSummaryExam EssentialsSample Exercises
Chapter 4, ContainersChapter 5, Pods and NamespacesChapter 6, Jobs and CronJobsChapter 7, VolumesChapter 8, Multi-Container PodsChapter 9, Labels and AnnotationsChapter 10, DeploymentsChapter 11, Deployment StrategiesChapter 12, HelmChapter 13, API DeprecationsChapter 14, Container ProbesChapter 15, Troubleshooting Pods and ContainersChapter 16, Custom Resource Definitions (CRDs)Chapter 17, Authentication, Authorization, and Admission ControlChapter 18, Resource Requirements, Limits, and QuotasChapter 19, ConfigMaps and SecretsChapter 20, Security ContextsChapter 21, ServicesChapter 22, IngressesChapter 23, Network Policies
Application Design and BuildApplication DeploymentApplication Observability and MaintenanceApplication Environment, Configuration, and SecurityServices and Networking

Content preview from Certified Kubernetes Application Developer (CKAD) Study Guide, 2nd Edition

Chapter 1. Exam Details and Resources

This chapter addresses the most frequently asked questions by candidates preparing to successfully pass the Certified Kubernetes Application Developer (CKAD) exam. Later chapters will give you a summary of Kubernetes’ benefits and architecture and how to interact with a Kubernetes cluster using kubectl.

Kubernetes Certification Learning Path

The CNCF offers four different Kubernetes certifications. Figure 1-1 categorizes each of them by target audience.

The target audience for associate-level certifications is beginners to the cloud and Kubernetes. Associate-level certification exams use a multiple-choice format. You will not have to interact with a Kubernetes cluster in an interactive environment.

Practitioner-level certifications are meant for developers and administrators with preexisting Kubernetes experience. Exams in this category require you to solve problems in multiple Kubernetes environments hands-on. You will find that the CKAD is geared to application developers and does not require any other certification as a prerequisite.

Let’s have a brief look at each certification to see if the CKAD is the right fit for you.

Kubernetes and Cloud Native Associate (KCNA)

KCNA is an entry-level certification program for anyone interested in cloud-native application development, runtime environments, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Certified Kubernetes Application Developer (CKAD) Study Guide

Publisher Resources

ISBN: 9781098152857Errata Page Supplemental Content