Happy New Year!
Before the end 2020, I managed to pass the recently released Certified Kubernetes Security Specialist (CKS).
It took two tries to pass it since the domain is a whole new beast compared to CKA-CKAD. In addition, studying for it was also a challenge since it was just released officially last November 2020.
For people looking at how to prepare, here’s some general tips in preparing for the exam (without breaking the NDA):
- Be comfortable in editing the Kube API server
- Bookmark note-worthy links in kubernetes.io documentation for easy access.
- Familiarize yourself with different the different Admission Policy and Webhook
- Know how to do imperative commands for easy generation of manifests file. Basically, I tend to do –dry-run -oyaml to get the manifest and edit as per requirement. Few needed are:
- clusterrole/ clusterrolebinding/ role/ rolebinding
- svc/ pods/ deployment <- you should be good with this since you already passed CKA 🙂
- If in case, you forgot the arguments for the imperative command – use the –help for the imperative commands so you could see the correct format in the command
- Delete pods using –force. It will save you an extra 15secs per operation.
- There are many “bonus” questions that are easy to answer, never hesitate to go to the next questions. That will help you net extra points.
- The questions typically answers itself. read and understand carefully
For references, I suggest the following:
- killer.sh Udemy – To be honest, how the lecture was laid out is not ideal. The real value of the course if the Course Simulation which only allows you to take for two session. THe course simulation gives you access to not typical setups (app-armor/ trivy) to save you time in getting this ready in your home lab.
- Kubernetes.io documentation- i found myself reading this more instead of the Udemy course as it contains essential infromation needed to get you through specific items. For example, admission controllers and PodSecurity Policy.
Enjoy and Goodluck 🙂