KCNA
Coming Soon
Expected availability announced soon
This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.
KCNA Kubernetes® Cloud Native Associate
The KCNA certification teaches foundational Kubernetes concepts, container orchestration, cloud‑native architecture, observability, and application delivery, enabling candidates to understand and articulate core cloud‑native principles essential for modern infrastructure.
90
Minutes
60
Questions
75/100
Passing Score
$250
Exam Cost
5
Languages
Who Should Take This
It is ideal for developers, system administrators, and DevOps engineers who have basic familiarity with containers and want to solidify their conceptual grasp of Kubernetes. They seek certification to validate their knowledge, enhance career prospects, and contribute to cloud‑native initiatives within enterprises.
What's Covered
1
Kubernetes architecture, core API objects, networking, services, configuration management, and persistent storage concepts.
2
Container fundamentals, OCI specifications, container runtimes, autoscaling, scheduling, and orchestration concepts.
3
Cloud native principles, microservices, Twelve-Factor App, CNCF ecosystem, service mesh, and serverless concepts.
4
Metrics, logs, traces, Prometheus, Grafana, Jaeger, OpenTelemetry, and log aggregation with Fluentd.
5
CI/CD concepts, GitOps principles, Helm, Kustomize, Argo CD, Flux, and deployment strategies.
Exam Structure
Question Types
- Multiple Choice
Scoring Method
Percentage-based scoring with a 75% minimum passing threshold
Delivery Method
PSI online proctored exam
Recertification
Recertify every 3 years by passing the current version of the exam.
What's Included in AccelaStudy® AI
Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats
Course Outline
54 learning goals
1
Kubernetes Fundamentals
5 topics
Kubernetes Architecture
- Describe the Kubernetes control plane components including the API server, etcd, scheduler, and controller manager and explain each component's role in cluster operations
- Describe the Kubernetes node components including kubelet, kube-proxy, and container runtime and explain how they interact with the control plane to manage workloads
- Describe the Kubernetes API and declarative model where desired state is expressed in manifests and controllers continuously reconcile actual state to match desired state
- Explain how etcd provides distributed consensus and persistent storage for cluster state and describe the implications of etcd availability for cluster operations
Core Kubernetes Objects
- Describe Pods as the smallest deployable unit in Kubernetes and explain how containers within a Pod share network namespace and storage volumes
- Describe Deployments and ReplicaSets and explain how they manage Pod lifecycle, rolling updates, and rollback capabilities for stateless workloads
- Describe StatefulSets, DaemonSets, and Jobs and explain when each workload controller is appropriate for stateful applications, node-level agents, and batch processing respectively
- Implement Pod configuration using labels, selectors, annotations, and namespaces to organize, filter, and isolate Kubernetes resources within a cluster
- Analyze the differences between Deployments, StatefulSets, and DaemonSets and evaluate which workload controller best fits scenarios including web servers, databases, and log collectors
Kubernetes Networking and Services
- Describe the Kubernetes networking model including Pod-to-Pod communication, the flat network requirement, and the role of CNI plugins in implementing cluster networking
- Describe Kubernetes Service types including ClusterIP, NodePort, LoadBalancer, and ExternalName and explain how each type exposes applications to different network scopes
- Describe Ingress resources and Ingress controllers and explain how they provide HTTP/HTTPS routing, TLS termination, and path-based traffic management for external access
- Analyze Service type selection for different application exposure scenarios and evaluate the trade-offs between LoadBalancer, NodePort, and Ingress-based approaches
Configuration and Storage
- Describe ConfigMaps and Secrets and explain how they decouple configuration from container images by injecting environment variables and mounted files into Pods
- Describe Persistent Volumes, Persistent Volume Claims, and Storage Classes and explain how they provide dynamic storage provisioning for stateful workloads
- Implement resource requests and limits for CPU and memory to enable the scheduler to make placement decisions and prevent resource contention between workloads
Kubernetes Security Basics
- Describe Kubernetes RBAC including Roles, ClusterRoles, RoleBindings, and ClusterRoleBindings and explain how they restrict access to API resources based on user identity
- Describe NetworkPolicy resources and explain how they enable fine-grained control over Pod-to-Pod communication at the network level
- Describe Kubernetes Secrets and explain the security considerations of base64 encoding versus encryption at rest for sensitive configuration data
2
Container Orchestration
3 topics
Container Fundamentals
- Describe containers as lightweight isolated processes and explain how Linux namespaces, cgroups, and union filesystems provide process isolation, resource limits, and layered image storage
- Describe the OCI image and runtime specifications and explain how container images are built from Dockerfiles with layered filesystem architecture
- Describe container registries and explain the image pull workflow including registry authentication, image tagging, and digest-based image references for immutable deployments
- Analyze the security implications of running containers as root versus non-root users and evaluate container image hardening practices including minimal base images and multi-stage builds
Container Runtimes and Orchestration Concepts
- Describe the Container Runtime Interface (CRI) and explain how Kubernetes supports multiple container runtimes including containerd and CRI-O through a standardized API
- Describe the purpose of container orchestration and explain how it solves challenges of scaling, networking, storage, and lifecycle management for distributed containerized applications
- Implement Horizontal Pod Autoscaler configuration to automatically scale workloads based on CPU utilization, memory usage, or custom metrics
- Analyze scheduling strategies including node affinity, taints, tolerations, and topology spread constraints and evaluate their impact on workload distribution and high availability
Container Lifecycle and Health
- Describe Pod lifecycle phases including Pending, Running, Succeeded, Failed, and Unknown and explain how the kubelet manages container state transitions
- Describe liveness, readiness, and startup probes and explain how each probe type affects Pod scheduling, traffic routing, and container restart behavior
- Implement health probe configurations using HTTP, TCP, and exec checks and explain how probe parameters including initialDelaySeconds and periodSeconds affect detection latency
3
Cloud Native Architecture
3 topics
Cloud Native Principles and Patterns
- Describe the cloud native definition from CNCF and identify the key properties of cloud native applications including containerization, microservices, dynamic orchestration, and DevOps practices
- Describe microservices architecture and explain how it differs from monolithic design in terms of independent deployment, technology diversity, and failure isolation
- Describe the Twelve-Factor App methodology and explain how its principles including config externalization, stateless processes, and disposability align with cloud native design
- Analyze the trade-offs between monolithic and microservices architectures and evaluate when each approach is appropriate based on team size, complexity, and operational maturity
CNCF Ecosystem and Service Mesh
- Describe the CNCF project maturity levels (sandbox, incubating, graduated) and identify key graduated projects including Kubernetes, Prometheus, Envoy, and containerd
- Describe service mesh concepts including sidecar proxies, mutual TLS, traffic management, and observability and identify CNCF service mesh projects including Istio and Linkerd
- Describe serverless computing concepts including Functions-as-a-Service and event-driven architectures and identify CNCF serverless projects including Knative
- Analyze when a service mesh adds value versus introducing unnecessary complexity and evaluate the operational overhead of sidecar injection for different application scales
Cloud Native Security Concepts
- Describe the 4C model of cloud native security (Cloud, Cluster, Container, Code) and explain how each layer contributes to defense-in-depth for containerized applications
- Describe supply chain security concepts including image signing, vulnerability scanning, and SBOM generation and identify CNCF projects addressing supply chain integrity
4
Cloud Native Observability
1 topic
Observability Fundamentals
- Describe the three pillars of observability including metrics, logs, and traces and explain how they provide complementary views into distributed system behavior
- Describe Prometheus architecture including the pull-based metrics collection model, PromQL query language, alerting rules, and integration with Grafana for visualization
- Describe distributed tracing concepts including trace context propagation, spans, and trace correlation and identify CNCF tracing projects including Jaeger and OpenTelemetry
- Describe log aggregation patterns and explain how Fluentd and Fluent Bit collect, process, and forward container logs to centralized logging backends
- Analyze observability tool selection for different troubleshooting scenarios and evaluate when to use metrics versus logs versus traces to diagnose latency, errors, and resource exhaustion
- Describe OpenTelemetry as a CNCF observability framework and explain how it provides vendor-neutral instrumentation APIs for metrics, logs, and traces collection
- Implement basic Kubernetes observability using kubectl top, kubectl logs, and kubectl describe to diagnose Pod scheduling failures, container crashes, and resource exhaustion
5
Cloud Native Application Delivery
1 topic
Application Delivery and GitOps
- Describe CI/CD pipeline concepts and explain how continuous integration, continuous delivery, and continuous deployment differ in terms of automation level and release cadence
- Describe GitOps principles including declarative infrastructure, Git as single source of truth, automated reconciliation, and software agents that continuously sync desired state
- Describe Helm as a Kubernetes package manager and explain how Helm charts, values files, and release management simplify application deployment and versioning
- Describe Kustomize for manifest customization and explain how overlays and patches enable environment-specific configuration without template duplication
- Identify GitOps tools including Argo CD and Flux and describe how they implement automated reconciliation between Git repositories and Kubernetes cluster state
- Implement deployment strategies including rolling updates, blue-green deployments, and canary releases and explain how each strategy manages risk during application updates
- Analyze application delivery tool selection and evaluate when to use Helm, Kustomize, or a GitOps controller based on team workflow, environment complexity, and drift detection requirements
Hands-On Labs
15 labs
~345 min total
Console Simulator
Practice in a simulated cloud console or Python code sandbox — no account needed. Each lab runs entirely in your browser.
Certification Benefits
Salary Impact
$120,000
Average Salary
Related Job Roles
Cloud Engineer
DevOps Engineer
Platform Engineer
Site Reliability Engineer
Software Developer
Industry Recognition
The KCNA is the CNCF's entry-level certification that demonstrates foundational knowledge of the Kubernetes and cloud native ecosystem. It serves as a stepping stone to the more advanced CKA, CKAD, and CKS certifications and is increasingly valued by employers adopting cloud native architectures.
Scope
Included Topics
- All domains in the KCNA (Kubernetes and Cloud Native Associate) exam: Kubernetes Fundamentals (46%), Container Orchestration (22%), Cloud Native Architecture (16%), Cloud Native Observability (8%), and Cloud Native Application Delivery (8%).
- Core Kubernetes objects including Pods, Deployments, Services, ConfigMaps, Secrets, Namespaces, ReplicaSets, DaemonSets, StatefulSets, and Jobs.
- Container fundamentals including OCI image specification, container runtimes (containerd, CRI-O), and container networking basics.
- Cloud Native Computing Foundation (CNCF) ecosystem including graduated, incubating, and sandbox projects and their roles in the cloud native landscape.
- Kubernetes architecture including control plane components (API server, etcd, scheduler, controller manager) and node components (kubelet, kube-proxy, container runtime).
- GitOps principles, CI/CD pipeline concepts, Helm charts, and application delivery patterns in cloud native environments.
- Observability pillars (metrics, logs, traces) and CNCF observability tools including Prometheus, Grafana, Jaeger, and Fluentd.
Not Covered
- Advanced Kubernetes administration tasks including cluster installation, upgrade procedures, and etcd backup/restore covered by the CKA exam.
- Kubernetes security hardening, network policies, RBAC deep-dive, and supply chain security covered by the CKS exam.
- Cloud provider-specific managed Kubernetes services (EKS, AKS, GKE) configuration and administration details.
- Application development frameworks, programming language specifics, and microservice implementation patterns.
- Advanced networking topics including CNI plugin internals, service mesh implementation details, and eBPF.
Official Exam Page
Learn more at Cloud Native Computing Foundation
KCNA is coming soon
Adaptive learning that maps your knowledge and closes your gaps.
Create Free Account to Be Notified