Five-Project Series

CKA Exam: Hands-on Practice you own this product

prerequisites
intermediate Linux • intermediate Docker • basic YAML
skills learned
create YAML for a pod in Kubernetes • use kubectl commands used in the CKA exam • use the kubeadm command line tool to perform Kubernetes upgrades
Chad Crowell and Michael Levan
5 weeks · 2-4 hours per week average · INTERMEDIATE

pro $24.99 per month

  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose one free eBook per month to keep
  • exclusive 50% discount on all purchases

lite $19.99 per month

  • access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more


Congratulations! You’re the new Kubernetes administrator at Interpop, a popular music-streaming company. Since its service gets roughly a million requests per second, its goal is to maintain end user comfort by providing a secure and reliable connection to its site, while behind the scenes protecting its Kubernetes clusters and maximizing application usage. In this series of 5 liveProjects, you’ll create user accounts to ensure Interpop is protected with authentication and authorization, and prevent bad actors from trying to access the application. You’ll implement different levels of access to Kubernetes, so that administrators can follow best practices of least privilege. Finally, you’ll patch Kubernetes to prepare for updates and avoid risky exposure.

In this series, you’ll leverage a feature in Kubernetes that optimizes where the application containers are run within, keeping the service running at the high level of efficiency Interpop’s customers expect. To boost developer productivity, you’ll streamline the process of creating storage on-the-fly. You’ll prevent loss of data (and user trust) by configuring and running a MySQL database and attaching persistent storage to it. You’ll ensure vital intra-pod communication using Weave, simplify traffic routing with the NGINX Ingress controller, and troubleshoot network problems in the cluster using kubectl. When you’re done, you’ll have gained skills that will help you ace the CKA exam and get you closer to a career in Kubernetes administration.

Disclaimer:

These practice exercises provide hands-on experience with the types of questions that you’ll see on the CKA exam, but shouldn’t be considered a complete preparation guide. Please see the book Acing the Certified Kubernetes Administrator Exam for complete preparation with more than 50 additional practice exercises.

These projects are designed for learning purposes and are not complete, production-ready applications or solutions.

A deeper understanding of what is required for the Certified Kubernetes Administrator exam was achieved.

Chris Freeman, Researcher

liveProject author Chad Crowell shares what he likes about the Manning liveProject platform.

here's what's included

Project 1 Secure Access

Welcome to Interpop, a popular audio streaming service that has over 30 million users and gets about a million requests per second to its service running on Kubernetes. As Interpop’s new Kubernetes administrator, your task is to secure its Kubernetes cluster, ensuring a more secure connection for end users. You’ll create user accounts with client certificates that allow limited access to the cluster, and you’ll grant different levels of user access with Roles, Bindings, ClusterRoles, and ClusterBindings. You’ll create service accounts that allow users to deploy pods so that developers can run them, and you’ll empower Interpop’s engineers to check what kind of access they have using auth can-I. When you’re done, you’ll have practical experience securing access to Kubernetes with users, certs, groups, and role-based access control (RBAC), as well as a solid understanding of Kubernetes security in a production environment.

Project 2 Eliminate Attack Vectors

At Interpop, a positive experience for users is priority number one. As a Kubernetes administrator for the music streaming service, you’re responsible for securing the Kubernetes platform where the streaming service runs and maximizing resource usage to provide a trustworthy, reliable, and performant system. You’ll change the cluster API configuration to allow access only to people and machines that require it. You’ll back up and restore the vital etcd datastore, minimizing potential downtime in the event of a disaster. To learn to identify errors caused by changes, you’ll make a change in the kube-system namespace and check the pod logs for any resulting problems. Then, with an eye to the future, you’ll patch Kubernetes by updating the control plane components via kubeadm, setting it up for bug fixes and new features. By the end, your Kubernetes cluster will be impenetrable, and that’s sure to be music to users’ ears.

Project 3 Maintain High Availability

You’re the new Kubernetes administrator at Interpop, a popular music streaming service that receives about a million requests per second. Your task is to help Interpop provide the high level of service that its customers expect by keeping its microservices running optimally. You’ll set resource requests and limits, ensuring enough CPU and RAM are available to ensure efficiency. You’ll “soup up” the app, preventing it from failing to run by using selectors and affinity for pod scheduling. Using Helm to install multiple Kubernetes resources at once, you’ll streamline the task of routing incoming requests to multiple Kubernetes services. When you’re done, you’ll be hitting a high note with your expertise in keeping Kubernetes services highly available and fault-tolerant.

Project 4 Prevent Data Loss

Interpop, a popular music-streaming service, wants its millions of customers across the globe to be able to view the same data—their user profiles and music playlists, for example—every time they open the service’s app. As Interpop’s new Kubernetes administrator, it’s up to you to prevent loss of data by setting up Interpop’s Kubernetes clusters to persist indefinitely. Using YAML, you’ll configure and create a persistent volume that allows for data to persist beyond the life of a pod (because pods are natively ephemeral). You’ll also create a persistent volume claim, ensuring that the app has enough storage to run efficiently. Using various storage allocation methods, you’ll streamline the process of creating storage on-the-fly, helping to boost Interpop’s developers’ productivity. To prepare for production, you’ll configure and run a MySQL database* and attach persistent storage to it. When you’re finished, you’ll have the skills and knowledge to prevent the loss of vital data, and Interpop will sing your praises!

*The approximate cost to run EKS in AWS Cloud is $4.33 USD.

Project 5 Pod Communication

As a Kubernetes administrator at Interpop, a music streaming service, you know that container applications can’t run without pod communication. Your task is to ensure connectivity between pods in the service’s cluster. You’ll connect nodes together using Weave, a container network interface (CNI). To keep communication traffic secure, you’ll implement network policies, and you’ll simplify traffic routing with the NGINX Ingress controller. You’ll learn how to troubleshoot network problems in the cluster using kubectl, and how to find solutions for pod failures. When you’re done, you’ll have experience implementing networking and troubleshooting techniques that will keep your container applications working together in harmony.

book resources

When you start each of the projects in this series, you'll get full access to the following book for 90 days.

choose your plan

team

monthly
annual
$49.99
$499.99
only $41.67 per month
  • five seats for your team
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • CKA Exam: Hands-on Practice project for free

My favorite part of this series was the links the author provided that went directly to the book topics on each task...The book is very valuable, the series is also very valuable, and the combination of the two is superior to other resources. The value in both over other learnings is that the book provides detail with examples, insight, and diagrams, and the project allows you to apply what you learned... This is a very valuable series.

Chad Yantorno, Principal Security Engineer, Salesforce

The authors did a good job covering CKA exam objectives.

Georges Michel, Cybersecurity Officer, Paaneah, LLC.

project authors

Chad Crowell

Chad Crowell is a certified Microsoft trainer (MCT) and the author of dozens of courses on Kubernetes and DevOps with Pluralsight and INE. A Windows administrator turned DevOps professional, he works as a consultant helping companies with cloud and DevOps transformations. He currently holds the Certified Kubernetes Administrator certification and has been teaching Kubernetes to professionals for four years.

Michael Levan

Michael Levan is a seasoned engineer and consultant in the Kubernetes space who works with startups and enterprises around the globe on Kubernetes and cloud native projects. He also coaches aspiring engineers as they embark on their engineering journeys, and creates real-world, project-focused content, which he enjoys sharing with the tech community through books, blogs, and international speaking engagements.

Prerequisites

These liveProjects are for systems administrators with an intermediate level of knowledge of the Linux command line, YAML, and containers using tools like Docker or CRI-O. To begin these liveProjects you’ll need to be familiar with the following:

TOOLS
  • Intermediate Linux command line knowledge, including directory navigation, system services (using systemctl), daemons, and creating files
  • Intermediate YAML knowledge, including document structure, spacing, and key/value pairs
  • Intermediate containers knowledge, including practice with writing Dockerfiles and the Docker CLI
TECHNIQUES
  • Use kubectl to list Kubernetes resources
  • Write YAML to define the configuration of a pod
  • Backup and restore clusters using etcdctl
  • Troubleshoot kubelets using systemctl

features

Self-paced
You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.