The Road to Kubestronaut: Guide

Posted by Hao Liang's Blog on Sunday, May 19, 2024

1. What is Kubestronaut

I believe some people in the CNCF community already notice the Kubestronaut Program has been released recently.

Brief introduction:

The Kubestronaut program recognises community leaders who have consistently invested in their ongoing education and grown their skill level with Kubernetes. Individuals who have successfully passed every CNCF’s Kubernetes certifications – CKA, CKAD, CKS, KCNA, KCSA – will receive the title of “Kubestronaut”

kubestonaut

2. Why do I want to become a Kubestronaut

To be honest, I’ve joined the CNCF community for over 5 years. The community has been instrumental in my learning journey, and I have also had the opportunity to make valuable contributions to it. Unfortunately, even though I use, maintain and develop Kubernetes/Kubernetes related programs for multiple years as a software engineer, I’ve never taken any of the Kubernetes related exams from (LF) Linux foundation. One factor that significantly influences my decision recently is the fact that I have been approved to become a CNCF Ambassador(Many thanks to the CNCF!).

As an Ambassador, part of my role is to promote and enhance the CNCF brand and cloud native ecosystem. As the most popular cloud native certifications, CKA, CKAD, CKS, KCNA and KCSA are recognized across the industry as a good indicator of professional competence in using and managing Kubernetes.

Here are some reasons that I want to take all these exams and become a Kubestronaut:

  • Industry recognition: These certifications are widely recognized in the industry and serve as a testament to my expertise and proficiency in Kubernetes and related technologies. They can enhance my professional credibility and open up new career opportunities.
  • Skill validation: By preparing for and passing these exams, I validate my knowledge and skills in specific areas of Kubernetes administration, application development, security, networking, or service administration. This can boost my confidence and demonstrate my competence to potential employers or clients.
  • Career advancement: Obtaining these certifications can accelerate my career growth. They can help me secure promotions, salary increases, or even new job opportunities that require Kubernetes expertise. Employers often prioritize certified professionals when hiring for critical roles.

3. Types of the Kubestronaut Certification

  • CKA(Certified Kubernetes Administrator): The CKA certification is for Kubernetes administrators, cloud administrators and other IT professionals who manage Kubernetes instances.
  • CKAD(Certified Kubernetes Application Developer): The CKAD exam is for IT professionals building, deploying, and configuring cloud native applications with Kubernetes.
  • CKS(Certified Kubernetes Security Specialist ): The CKS exam is an accomplished Kubernetes practitioner (must be CKA certified) who has demonstrated competence on a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment and runtime.
  • KCNA(Kubernetes Certified Network Administrator): The KCNA exam demonstrates a user’s foundational knowledge and skills in Kubernetes and the wider cloud native ecosystem.
  • KCSA(Kubernetes Certified Service Administrator): The KCSA exam demonstrates an understanding of the baseline security configuration of Kubernetes clusters to meet compliance objectives.

4. Guide for the Certifications

Personally, for people who are new to kubernetes,I would recommend to follow the order from easy to hard, which is KCNA, KCSA, CKA, CKAD and CKS. If you are an expert who have multiple years of kubernetes usage and development experience, you can start with CKA, CKAD, CKS and then KCNA, KCSA.

From my opinion, CKA, CKS and CKAD pay more attention to the assessment of practical proficiency. On the contrary, KCNA and KCSA focus more on the theoretical mastery and understanding of the CNCF ecosystem.

How much does Kubernetes certification cost?

CKAD, CKA, and CKS each cost $395. KCNA, KCSA each costs $250.

You can purchase the whole Kubestronaut Certification Bundle in kubestronaut-bundle for only $1495.

For CKAD, CKA, and CKS, they’re assessed through a two-hour online exam where you complete several real-world Kubernetes tasks in an interactive command line. Two attempts are included in the price. Once you’ve passed, you receive a PDF certificate and digital badge that are valid for three years.

What each of the courses includes?

For now, I only passed CKA and booked for the CKAD and KCNA for the next few weeks. I will release more detail guides each time I pass the exam in the future, please stay tuned.

Here are the brief introduction of each course:

Certified Kubernetes Administrator (CKA)

CKA is intended for system administrators and cloud engineers who deploy and manage Kubernetes clusters. It provides the essential skills required to operate Kubernetes in production environments.

CKA’s content includes learning modules that span all these areas, including how to manage cluster storage, configure different networking types, protect resource utilization, and configure role-based access control (RBAC).

There are no specific prerequisites before you enroll, but you should have some existing experience using Kubernetes prior to taking your certification. This will let you appreciate the real-world context around Kubernetes usage and administration, in addition to the theoretical elements included in the course.

Certified Kubernetes Application Developer (CKAD)

CKAD is orientated towards engineers who build, deploy, and configure applications using Kubernetes. It gives you the skills required to successfully run apps in a Kubernetes cluster.

The CKAD curriculum includes topics such as how to use multi-container Pod patterns, manage storage with volumes, perform rolling updates of Deployments, access logs, and use ConfigMaps and secrets. It also covers how to use services to set up networking between applications and the outside world.

There are no prerequisites before you start the CKAD course, but basic familiarity with Kubernetes will be helpful so you have background knowledge to support your learning.

Certified Kubernetes Security Specialist (CKS)

CKS is a specialist certification for Kubernetes security experts. Because Kubernetes security is intertwined with administrative best practices, you must already hold the CKA certification before you can enroll onto CKS.

Security topics covered include how to benchmark your cluster against the CIS standards, how to restrict your cluster’s exposure with access controls and network policies, the correct use of OS-level security features, and best practices for building secure container images within a safe software supply chain.

CKS also equips you with skills that allow you to investigate security issues within your cluster. You’ll be taught how to detect threats as they emerge, identify different phases of an attack, and perform analytical investigation to determine the spread of intrusions.

Becoming CKS-certified demonstrates you have a comprehensive awareness of the threats that face Kubernetes clusters and how to mitigate them. This can reassure potential employers that you’re a competent Kubernetes administrator, able to offer all the skills needed to support production workloads.

Kubernetes and Cloud Native Associate (KCNA)

The KCNA exam is a slightly different form of Kubernetes certification. It’s a more foundational course, intended to help pre-professional candidates advance their familiarity with Kubernetes.

Whereas CKAD, CKA, and CKS specifically focus on Kubernetes, KCNA has a broader curriculum. Kubernetes still comprises almost half of the subject matter, but 20% relates to the fundamentals of what container orchestration is, why it matters, and how the different components relate to each other.

The remaining content covers the basics of selected cloud-native concepts, such as autoscaling and serverless, as well as how to instrument your applications for observability using Prometheus. The final portion considers ways to deploy cloud-native applications, including the use of CI/CD pipelines and GitOps solutions.

Kubernetes and Cloud Native Security Associate (KCSA)

The upcoming KCSA course is designed to provide high-level knowledge about the security requirements for safe use of cloud-native infrastructure and Kubernetes clusters. Its modules cover topics including the 4C security model, the threats that affect different Kubernetes components, and how to harden your environment using techniques such as audit logging, network policies, and Pod Security Admission rules.

5. Conclusion

By following the recommended path, which includes exams such as CKA, CKAD, CKS, KCNA, and KCSA, you can validate your skills in various aspects of Kubernetes administration, application development, security, networking, and service administration. These certifications not only provide industry recognition but also serve as a stepping stone for career advancement and new opportunities.

Stay curious, stay dedicated, and let your certifications be a testament to your commitment to excellence in the world of Kubernetes. Good luck on your certification journey, and may your skills continue to thrive in this exciting and dynamic field.