CKA
Coming Soon
Expected availability announced soon
This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.
CKA Certified Kubernetes® Administrator
The Certified Kubernetes Administrator (CKA) course teaches cluster architecture, installation, workload scheduling, networking, storage, and troubleshooting, enabling administrators to manage the full lifecycle of Kubernetes environments efficiently.
120
Minutes
66/100
Passing Score
$395
Exam Cost
3
Languages
Who Should Take This
It is designed for system engineers, DevOps professionals, and cloud architects who already operate Kubernetes clusters in production. Candidates should have at least one year of hands‑on experience with container orchestration and aim to validate their expertise through a performance‑based exam.
What's Covered
1
Manage role-based access control, prepare underlying infrastructure, manage Kubernetes clusters using kubeadm, manage etcd, and understand cluster upgrade procedures.
2
Understand deployments, rolling updates, rollbacks, ConfigMaps, Secrets, resource limits, and scheduling with labels, selectors, taints, and tolerations.
3
Understand host networking, ClusterIP, NodePort, LoadBalancer services, Ingress controllers, CoreDNS, CNI plugins, and NetworkPolicy.
4
Understand storage classes, persistent volumes, persistent volume claims, volume modes, access modes, and reclaim policies.
5
Evaluate cluster and node logging, monitor applications, manage container stdout/stderr logs, troubleshoot application failures, cluster component failures, and networking issues.
Exam Structure
Question Types
- Performance-Based Tasks In A Live Kubernetes Environment
Scoring Method
Percentage-based, 66% to pass. Tasks are scored on correct end-state of the cluster.
Delivery Method
Online proctored via PSI, live Kubernetes environment with browser-based terminal
Recertification
Valid for 2 years. Recertify by passing the current exam version.
What's Included in AccelaStudy® AI
Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats
Course Outline
70 learning goals
1
Cluster Architecture, Installation & Configuration
4 topics
Cluster Components
- Describe the roles of the Kubernetes control plane components including kube-apiserver, etcd, kube-scheduler, and kube-controller-manager
- Describe the roles of node components including kubelet, kube-proxy, and container runtime and explain how they interact with the control plane
- Analyze the communication flow between control plane and worker node components to diagnose connectivity failures in a multi-node cluster
- Describe high availability topologies for Kubernetes control planes including stacked etcd and external etcd configurations and their trade-offs
Cluster Installation with kubeadm
- Implement a Kubernetes cluster installation using kubeadm init and kubeadm join to bootstrap control plane and worker nodes
- Configure kubeadm initialization parameters including pod network CIDR, API server advertise address, and control plane endpoint for high availability
- Implement cluster version upgrades using kubeadm upgrade plan and kubeadm upgrade apply while maintaining workload availability through node drain and cordon procedures
- Configure and manage Kubernetes certificates including CA rotation, kubelet client certificates, and API server serving certificates using kubeadm certs commands
RBAC and Security
- Describe the Kubernetes RBAC model including Roles, ClusterRoles, RoleBindings, and ClusterRoleBindings and explain how they control API access
- Implement RBAC policies to grant namespace-scoped and cluster-scoped permissions to users and service accounts
- Configure service accounts, manage their tokens, and implement pod security admission to restrict container privilege escalation
- Analyze RBAC configurations to identify overly permissive roles and recommend least-privilege adjustments for multi-tenant cluster environments
- Implement network policies and RBAC in combination to create defense-in-depth access control for sensitive namespaces containing secrets and configuration data
etcd Management
- Describe the role of etcd as the Kubernetes backing store and explain its consistency guarantees and cluster quorum requirements
- Implement etcd backup and restore operations using etcdctl snapshot save and etcdctl snapshot restore to protect cluster state
- Analyze etcd cluster health metrics and member status to diagnose data store performance issues and quorum loss scenarios
2
Workloads & Scheduling
3 topics
Deployments and Updates
- Describe how Deployments manage ReplicaSets and pods and explain the relationship between desired state, current state, and rolling update strategy
- Implement Deployment configurations with rolling update and recreate strategies specifying maxSurge and maxUnavailable parameters
- Implement Deployment rollbacks using kubectl rollout undo and inspect revision history to recover from failed updates
- Configure horizontal pod autoscaling based on CPU and memory utilization metrics to dynamically scale workloads under varying load
- Implement Jobs and CronJobs to manage batch workloads and scheduled tasks with appropriate completion, parallelism, and failure policies
ConfigMaps, Secrets, and Resource Management
- Implement ConfigMaps and Secrets to externalize application configuration and sensitive data from container images
- Configure resource requests and limits for CPU and memory on containers and explain how they affect scheduling and quality of service classes
- Implement LimitRanges and ResourceQuotas to enforce per-namespace resource consumption policies in multi-tenant clusters
- Analyze the impact of resource requests on scheduling decisions and evaluate how over-committed versus guaranteed QoS classes affect pod eviction behavior
Scheduling and Node Affinity
- Describe how the Kubernetes scheduler assigns pods to nodes using predicates and priorities and explain the role of node selectors
- Implement node affinity, anti-affinity, taints, and tolerations to control pod placement across nodes with specific characteristics
- Configure static pods and DaemonSets to ensure critical system components run on designated nodes regardless of scheduler decisions
- Analyze pod scheduling failures caused by insufficient resources, taints, or affinity mismatches and recommend corrective configurations
- Implement pod topology spread constraints to distribute workloads evenly across failure domains defined by zones, nodes, or custom labels
3
Services & Networking
3 topics
Service Types and Discovery
- Describe the four Kubernetes service types including ClusterIP, NodePort, LoadBalancer, and ExternalName and explain their use cases
- Implement services to expose pod workloads and configure service selectors, ports, and target ports for intra-cluster communication
- Configure CoreDNS for service discovery and explain how Kubernetes DNS resolves service names to cluster IP addresses within and across namespaces
- Analyze service endpoint configurations to diagnose connectivity issues caused by label selector mismatches or missing pod readiness
- Implement headless services for StatefulSets and explain how DNS records differ from standard ClusterIP service discovery
Ingress and Network Policies
- Describe the Ingress resource and explain how Ingress controllers route external HTTP/HTTPS traffic to backend services based on host and path rules
- Implement Ingress resources with host-based and path-based routing rules and configure TLS termination using Kubernetes Secrets
- Implement NetworkPolicy resources to control pod-to-pod traffic using ingress and egress rules based on labels, namespaces, and CIDR blocks
- Analyze the interaction between multiple NetworkPolicies to determine effective traffic flow and identify unintended access between namespaces
- Evaluate the security implications of default-allow versus default-deny NetworkPolicy configurations and recommend namespace isolation strategies
CNI and Cluster Networking
- Describe the Container Network Interface specification and explain how CNI plugins implement pod networking, IP address management, and inter-node communication
- Configure cluster networking parameters including pod CIDR, service CIDR, and node network settings during cluster bootstrapping
- Analyze kube-proxy modes including iptables and IPVS to evaluate their performance characteristics and troubleshoot service routing failures
4
Storage
2 topics
Persistent Volumes and Claims
- Describe the persistent volume subsystem including PersistentVolume, PersistentVolumeClaim, and the binding lifecycle between provisioned storage and consuming pods
- Implement PersistentVolumes and PersistentVolumeClaims with appropriate access modes (ReadWriteOnce, ReadOnlyMany, ReadWriteMany) and reclaim policies
- Configure StorageClasses for dynamic volume provisioning and explain how the default StorageClass affects PVC binding when no class is specified
- Analyze the differences between static and dynamic volume provisioning and evaluate when each approach is appropriate based on cluster size and operational complexity
- Implement volume snapshots and clone operations using VolumeSnapshot resources for data backup and rapid environment provisioning
Volume Types and Configuration
- Describe common volume types including emptyDir, hostPath, configMap, secret, and projected volumes and explain their lifecycle and use cases
- Implement volume mounts in pod specifications to attach persistent and ephemeral storage to containers at specified mount paths
- Configure volume expansion on StorageClasses that support resizing and implement online volume expansion for PersistentVolumeClaims
- Analyze storage-related pod startup failures caused by PVC binding errors, access mode conflicts, or volume mount permission issues
5
Troubleshooting
4 topics
Cluster Component Troubleshooting
- Implement kubectl commands to inspect cluster component health including apiserver, scheduler, controller-manager, and etcd status
- Analyze control plane component logs to diagnose cluster-level failures including certificate expiration, etcd connectivity loss, and scheduler errors
- Implement node troubleshooting using kubectl describe node, system service status checks, and kubelet logs to restore failed worker nodes
- Analyze node conditions including MemoryPressure, DiskPressure, PIDPressure, and NotReady to determine root causes and implement corrective actions
- Implement systematic cluster recovery procedures including etcd restore, control plane component restart, and node rejoin after complete cluster failure
Application Troubleshooting
- Implement kubectl commands including logs, describe, exec, and top to inspect pod runtime behavior and diagnose application failures
- Analyze pod status conditions including Pending, CrashLoopBackOff, ImagePullBackOff, and OOMKilled to identify and resolve deployment failures
- Implement liveness, readiness, and startup probes to detect and recover from application health failures and explain how each probe type affects pod lifecycle
- Analyze init container failures and multi-container pod startup ordering to diagnose dependent service initialization issues
- Implement ephemeral debug containers using kubectl debug to troubleshoot running pods without restarting or modifying existing container configurations
Networking Troubleshooting
- Implement systematic network troubleshooting using kubectl port-forward, service endpoint inspection, and DNS resolution testing from within pods
- Analyze inter-pod connectivity failures caused by CNI plugin misconfiguration, NetworkPolicy restrictions, or kube-proxy routing issues
- Analyze Ingress routing failures by inspecting controller logs, backend service health, and TLS certificate configurations
- Implement DNS troubleshooting procedures including CoreDNS pod health verification, resolution testing, and configmap customization for stub domains and upstream servers
Logging and Monitoring
- Describe the Kubernetes logging architecture including container stdout/stderr logging, node-level log rotation, and cluster-level logging patterns
- Implement centralized logging collection strategies using sidecar containers and explain when each logging pattern is appropriate
- Configure metrics-server and use kubectl top to monitor node and pod resource consumption for capacity planning and performance diagnosis
- Analyze resource utilization patterns across nodes and namespaces to identify bottlenecks and recommend cluster scaling or resource reallocation strategies
Hands-On Labs
15 labs
~295 min total
Console Simulator
Practice in a simulated cloud console or Python code sandbox — no account needed. Each lab runs entirely in your browser.
Certification Benefits
Salary Impact
$145,000
Average Salary
Related Job Roles
Kubernetes Administrator
Platform Engineer
DevOps Engineer
Site Reliability Engineer
Cloud Infrastructure Engineer
Industry Recognition
The CKA is the premier Kubernetes administration certification, recognized globally as proof of hands-on cluster management skills. It is frequently required for senior platform engineering and SRE positions.
Scope
Included Topics
- Certified Kubernetes Administrator (CKA) exam domains: cluster architecture components and installation (25%), workloads and scheduling including deployments, rolling updates, and resource limits (15%), services and networking including Ingress, DNS, CNI, and NetworkPolicy (20%), storage including persistent volumes, storage classes, and volume modes (10%), and troubleshooting clusters, nodes, applications, and networking (30%). Covers Kubernetes v1.29+ concepts and kubectl proficiency.
Not Covered
- Application design patterns and microservice architecture
- Helm chart authoring beyond basic installation
- Service mesh implementations (Istio, Linkerd)
- Cloud-provider-specific managed Kubernetes (EKS, AKS, GKE) internals
- Kubernetes operator development and custom controllers
- CI/CD pipeline design and GitOps workflows
- eBPF and kernel-level networking internals
Official Exam Page
Learn more at Cloud Native Computing Foundation (CNCF) / Linux Foundation
CKA is coming soon
Adaptive learning that maps your knowledge and closes your gaps.
Create Free Account to Be Notified