Hands-on labs and notes for the Certified Kubernetes Administrator exam, organized by exam domain.
Built on a bare-metal cluster (3x Raspberry Pi 4, kubeadm, Calico CNI).
| Domain | Weight | Labs |
|---|---|---|
| Cluster Architecture & Installation | 25% | kubeadm init/join, etcd backup/restore, upgrade |
| Workloads & Scheduling | 15% | Deployments, DaemonSets, ConfigMaps/Secrets, multi-container pods, scheduling |
| Services & Networking | 20% | Services, Ingress, NetworkPolicy, DNS |
| Storage | 10% | PV, PVC, StorageClasses |
| Troubleshooting | 30% | Broken nodes, CrashLoopBackOff, DNS failures |
| RBAC | (part of 25%) | Roles, ClusterRoles, ServiceAccounts |
+-------------------+ +-------------------+ +-------------------+
| control-plane | | worker-01 | | worker-02 |
| Pi 4 (8GB) | | Pi 4 (4GB) | | Pi 4 (4GB) |
| 192.168.1.100 | | 192.168.1.101 | | 192.168.1.102 |
+-------------------+ +-------------------+ +-------------------+
| | |
+------------------------+------------------------+
Calico CNI (10.244.0.0/16)
See labs/cluster-setup/ for the full kubeadm bootstrap process.
# Exam aliases (add to ~/.bashrc)
alias k='kubectl'
alias kgp='kubectl get pods -A'
alias kgn='kubectl get nodes'
alias kdp='kubectl describe pod'
export do='--dry-run=client -o yaml'
export now='--grace-period=0 --force'
# Generate manifests quickly
k run nginx --image=nginx $do > pod.yml
k create deploy web --image=nginx --replicas=3 $do > deploy.yml
k expose deploy web --port=80 --type=NodePort $do > svc.yml| Script | Purpose |
|---|---|
scripts/etcd-backup.sh |
Snapshot etcd and verify restore |
scripts/cluster-upgrade.sh |
Step-by-step kubeadm upgrade |
labs/troubleshooting/diagnose.sh |
Quick cluster health check |
notes/exam-tips.md— Shortcuts, jsonpath examples, common mistakes
- Kubernetes Documentation (allowed during exam)
- kubectl Cheat Sheet
- Killer.sh CKA Simulator