#Kubernetes

136 posts

Certified Kubernetes Administrator (CKA) #27 Full-Length Practice Exam — 17 Tasks with Solutions
18 min read

Certified Kubernetes Administrator (CKA) #27 Full-Length Practice Exam — 17 Tasks with Solutions

The final post of the Certified Kubernetes Administrator (CKA) series. Work through 17 task scenarios that integrate every domain in the same flow as the real exam, then unfold each task's solution commands, YAML, and explanation to grade yourself. Sum the points against the 66% pass line and lay out a review path for your weak domains.

Certified Kubernetes Security Specialist (CKS) #20 Full-Length Practice Exam — 16 Tasks with Solutions
19 min read

Certified Kubernetes Security Specialist (CKS) #20 Full-Length Practice Exam — 16 Tasks with Solutions

The final post of the Certified Kubernetes Security Specialist (CKS) series. Work through 16 task scenarios that integrate all six domains in the same flow as the real exam, then unfold each task's solution commands, YAML, and traps to grade yourself. Sum the points against the 67% pass line and lay out a review path for your weak domains.

Certified Kubernetes Administrator (CKA) #26: Exam Tips, Time Management, and Patterns People Miss
13 min read

Certified Kubernetes Administrator (CKA) #26: Exam Tips, Time Management, and Patterns People Miss

A condensed cheat sheet to read one more time right before you sit the CKA hands-on exam. We pull together time management for running roughly 15–20 tasks in 2 hours, the priority order driven by points and troubleshooting, a refreshed kubectl speed setup, context switching across multiple clusters, using the official docs, the recurring patterns where operators bleed points and how to avoid them, easily confused concept pairs, and a pre-exam checklist for each of the five domains. Next up in #27 is a full-scale hands-on mock exam.

Certified Kubernetes Application Developer (CKAD) #21 Full-Length Practice Exam — 18 Tasks with Solutions
17 min read

Certified Kubernetes Application Developer (CKAD) #21 Full-Length Practice Exam — 18 Tasks with Solutions

The final post of the Certified Kubernetes Application Developer (CKAD) series. Work through 18 task scenarios that integrate every domain in the same flow as the real exam, then unfold each task's solution commands, YAML, and explanation to grade yourself. Check your weak domains against the 66% pass line and lay out a review path.

Certified Kubernetes Security Specialist (CKS) #19: Exam tips, time management, and patterns people get wrong
14 min read

Certified Kubernetes Security Specialist (CKS) #19: Exam tips, time management, and patterns people get wrong

A condensed read to go through one more time right before you sit the CKS hands-on exam. We cover the time management of running roughly 15–20 tasks in 2 hours, prioritizing tasks by tool, re-running the setup right after the exam starts, switching context across multiple clusters, making use of kubernetes.io/docs and the Falco, Trivy, AppArmor, and gVisor official docs, the recurring patterns that leak points on a security hands-on exam and how to avoid them, easily confused concept pairs, and a per-domain pre-exam checklist across all six domains. Next up, #20 is a full-scale hands-on mock exam.

Certified Kubernetes Administrator (CKA) #25 Troubleshooting 4: Networking, DNS, RBAC, Certificate Expiry
12 min read

Certified Kubernetes Administrator (CKA) #25 Troubleshooting 4: Networking, DNS, RBAC, Certificate Expiry

The 25th post in the Certified Kubernetes Administrator (CKA) series. We lay out the diagnostic order to walk when service communication fails — from Endpoints all the way to NetworkPolicy — how to narrow down name-resolution failures with CoreDNS and nslookup, how to read RBAC Forbidden errors with auth can-i, and how to find and fix expired certificates with kubeadm certs check-expiration.

Certified Kubernetes Application Developer (CKAD) #20: Exam Tips, Time Management, and the Patterns People Miss
10 min read

Certified Kubernetes Application Developer (CKAD) #20: Exam Tips, Time Management, and the Patterns People Miss

A compressed read-through to take with you right before the CKAD hands-on exam. We cover the time management for running roughly 15–20 tasks in 2 hours, a refresher on the kubectl speed setup, using imperative generators and the official docs, eight recurring patterns that leak points on the practical and how to avoid them, confusing concept pairs, and a per-domain pre-exam checklist. The next post, #21, is a full-scale hands-on mock exam.

Certified Kubernetes Security Specialist (CKS) #18: Container immutability, forensics
10 min read

Certified Kubernetes Security Specialist (CKS) #18: Container immutability, forensics

The eighteenth post in the Certified Kubernetes Security Specialist (CKS) series. We cover the final pieces of runtime security — container immutability and incident response. We work through YAML examples for the pattern of hardening the filesystem to read-only with readOnlyRootFilesystem and opening only the paths that need writes via emptyDir, the immutable operating model that forbids in-place changes and only swaps via redeploy, and the forensics procedure of isolating a compromised Pod with a NetworkPolicy and a node cordon, preserving evidence, and then investigating with kubectl debug.

Kubernetes and Cloud Native Associate (KCNA) #9: Full-Length Practice Exam — 50 Questions with Explanations
19 min read

Kubernetes and Cloud Native Associate (KCNA) #9: Full-Length Practice Exam — 50 Questions with Explanations

The final post of the KCNA series. Fifty questions sized to match the real exam domain weights (Kubernetes Fundamentals 46%, Container Orchestration 22%, Cloud Native Architecture 16%, Observability 8%, Application Delivery 8%), each followed by its answer and an explanation. Score 38 out of 50 (75%) or better and you are in passing territory — go book the exam.

Certified Kubernetes Administrator (CKA) #24 Troubleshooting 3: Control Plane (apiserver/etcd/scheduler Down), etcd Recovery
11 min read

Certified Kubernetes Administrator (CKA) #24 Troubleshooting 3: Control Plane (apiserver/etcd/scheduler Down), etcd Recovery

The twenty-fourth post in the Certified Kubernetes Administrator (CKA) series. Taking the fact that control plane components run as static Pods as the starting point of diagnosis, we organize how to narrow down causes by symptom — from an apiserver down that leaves kubectl unresponsive, to an etcd down, to a scheduler/controller-manager down. We get hands-on with inspecting containers directly via crictl and journalctl, and with fixing manifests so kubelet restarts them.

Certified Kubernetes Application Developer (CKAD) #19 Ingress and NetworkPolicy
10 min read

Certified Kubernetes Application Developer (CKAD) #19 Ingress and NetworkPolicy

The nineteenth post in the Certified Kubernetes Application Developer (CKAD) series. It covers Ingress, which routes external traffic at L7, and NetworkPolicy, which controls Pod-to-Pod communication with a whitelist, from a hands-on exam perspective. We will build everything from host/path routing and pathType, IngressClass, and TLS through to the podSelector-based default deny pattern, with YAML examples.

Certified Kubernetes Security Specialist (CKS) #17 Falco behavioral analysis, audit logs (Runtime)
12 min read

Certified Kubernetes Security Specialist (CKS) #17 Falco behavioral analysis, audit logs (Runtime)

The 17th post in the Certified Kubernetes Security Specialist (CKS) series. As the core of the final domain — Monitoring, Logging, and Runtime Security — we cover the rule structure of Falco, the syscall-based runtime threat-detection tool, along with writing custom rules and reading its output, then move on to the Kubernetes API audit log: policy levels and stages, apiserver flag configuration, and log analysis — all framed around the tasks that show up on the exam again and again.