Which Kubernetes Certification Is Right for You?

This post was originally published on June 3, 2020.

Since it was open sourced by Google in 2014, Kubernetes has skyrocketed in popularity. Now a graduated project of the Cloud Native Computing Foundation (CNCF), Kubernetes dominates the market, with 78% of enterprises reporting that they use it to orchestrate containerized workloads and services in production.

With this level of adoption, organizations are eager to find skilled Kubernetes developers and administrators. A quick search on LinkedIn shows that there are 47,385 jobs with Kubernetes in the title or description.

Job sites such as Payscale, Glassdoor, and ZipRecruiter show that salaries for Kubernetes experts aren’t too shabby, with most starting at well over $100,000. Payscale estimates the average salary for someone with Kubernetes skills as $115,000, while ZipRecruiter shows that the national average salary for Kubernetes-related roles is more than $147,000 currently.

Given that the demand is growing for Kubernetes knowledge and skills, getting certified as a Kubernetes administrator or application developer makes a lot of sense, especially because hiring managers know that Kubernetes certification isn’t easy to come by.

Five certifications: Three for individuals, two for companies

The CNCF offers five different certifications. Three are designed to test the skills for managing and using Kubernetes and apply to IT professionals who want to certify as Kubernetes Administrators or Kubernetes Application Developers.

The other two certification programs are designed for companies that want to either demonstrate the skills of their staff who deliver Kubernetes services or show that their software products are certified for Kubernetes environments.

This post focuses mainly on the first three certifications.

Kubernetes certifications for IT professionals

Certified Kubernetes Administrator (CKA)

Format: Online exam

Length: 3 hours

Passing score: 66%

Fee: $300

Duration: Valid for 3 years

Of the three professional certifications for Kubernetes, the Certified Kubernetes Administrator (CKA) is considered by many candidates to be the most challenging. To gain this certification, you’ll need to demonstrate your skills, knowledge, and competence in Kubernetes administration in a hands-on, command-line environment.

The exam is an online, proctored test consisting of a set of performance-based problems you’ll need to solve on the command line. You’ll need to know core concepts and complete tasks related to scheduling, logging and monitoring, application lifecycle management, cluster maintenance, security, storage, troubleshooting, networking, installation and configuration, and validation.

Preparation and study tips

Practice is key to passing the exam.

There are a number of resources available to help you learn Kubernetes and practice what you’ve learned. Three hours will not be enough time to complete the exam successfully if you don’t already understand the concepts and how to perform the types of tasks you’ll need to accomplish for the exam.

While the CNCF links you to courses from the Linux Foundation, you’re not limited to those courses to help you prepare. If you’re very new to Kubernetes, you could start with the free course Introduction to Kubernetes from the Linux Foundation. From there, you could take a class from Udemy or the Linux Academy. Both classes offer learning platforms that deliver a seamless and thorough practice experience.

We’d be remiss not to mention Kelsey Hightower’s "Kubernetes the Hard Way" guide—almost every article on CKA exam prep recommends it. Once you’ve taken an administrator class, this guide is a good way to practice setting up Kubernetes the “hard way,” essentially building a cluster from scratch. Kelsey’s guide reinforces learning because you have to understand each task required to deploy a cluster. Additionally, tools like kubeadm are useful to know heading into the exam, as they automate a lot of the tasks you learn about in Kelsey’s guide.

Finally, don’t stop with the hard way exercises, but continue increasing your comfort level and speed by taking practice tests. Use them to get an idea of how long it’ll take you to complete the types of tasks you’ll need to do for the exam. Passing the exam is all about efficiency and time management.

Certified Kubernetes Application Developer (CKAD)

Format: Online exam

Length: 2 hours

Passing score: 66%

Fee: $300

Duration: Valid for 3 years

If you’ve already gained the CKA certification, the Certified Kubernetes Application Developer (CKAD) exam might be easy. While it’s not as all-encompassing as the CKA, the CKAD is still very much a challenge, so if you’re starting out or plan to take only the CKAD, you still have plenty of prep to do.

To pass the CKAD, you’ll need to demonstrate your skills, knowledge, and competence in designing, building, configuring, and exposing cloud native applications in Kubernetes. And while the exam doesn’t specifically cover container runtimes and microservices architecture, you’ll need a conceptual understanding of both. You’ll be tested on tasks related to core concepts, configuration, multi-container pods, observability, pod design, services and networking, and state persistence.

Like the CKA, this exam is an online, proctored test that consists of a set of performance-based problems you’ll need to solve from the command line. However, the CKAD has more questions but is an hour shorter than the CKA, so quick thinking will be essential.

Preparation and study tips

Once again, practice will be critical to passing the exam.

As with the CKA exam, there are a number of resources available to help you learn about using Kubernetes as an application developer. You have only two hours to complete the exam, and you’ll need to be able to work through the tasks at a good clip to finish them all on time.

There are several good classes available to prepare you for the exam. Udemy, Linux Academy, and the Linux Foundation provide training, but be sure to choose a learning platform that works best for your needs, as each platform is a little different. Tip: This project allows you to spin up a cluster locally on your computer, so you won’t have to pay for cloud servers as you practice.

If you don’t have experience in Linux, you’ll need to learn some basic Linux command line and file editing skills using a text editor like Vim. You should also familiarize yourself with a programming language such as Python, Node.js, Go, or Java. Knowledge of cloud native application concepts and architectures will also be helpful.

Take advantage of practice tests and exercises, like those found in this repo. Like the CKA, passing this exam is all about efficiency and time management, and exercises can help you reinforce what you’ve learned, giving you the speed and confidence you need. For a list of training resources as well as tips and tricks for the CKAD exam, check out this GitHub repo from our own Shannon Lucas—a software engineer in the Telemetry Data Platform organization at New Relic who passed the CKAD.

Certified Kubernetes Security Specialist (CKS)

Format: Online exam

Length: 2 hours

Passing score: 67%

Fee: $300

Duration: Valid for two years

This certification was introduced at KubeCon 2020 North America and is unique in that it has a prerequisite. The CKA certification is required to sit for the Certified Kubernetes Security Specialist exam. This certification is valid for only two years rather than the CKA and CKAD’s three-year duration, so you’ll need to recertify more often to prove you are keeping up with the latest security recommendations.

If you’ve already earned the CKA certification, the CKS exam is a logical next step. This exam will test your knowledge about Kubernetes and cloud security in a simulated, real-world environment. You’ll need to show that you are an accomplished Kubernetes practitioner who can demonstrate skills on a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment, and runtime. You’ll also need to be knowledgeable and competent with cluster setup and hardening, system hardening, minimizing microservice vulnerabilities, and supply chain security. Lastly, you should know about monitoring, logging, and runtime security.

Like the CKA and CKAD, this exam is an online, proctored test that consists of a set of performance-based problems you’ll need to solve from the command line.

Preparation and study tips

Yet again, practice is critical to passing the exam.

As with the CKA exam, there are a number of resources available to help you learn about using Kubernetes as a security specialist. You have only two hours to complete the exam, and you’ll need to be able to work through the tasks at a good clip to finish them all on time. You might want to create a few aliases (example: alias k=kubectl) since you’ll want every second to focus on the task at hand. Maintain focus and be sure to read every question carefully and make sure you are doing exactly what the question is asking, on the correct node.

Again, there are several good classes available to prepare you for the exam. Udemy, Linux Academy, and the Linux Foundation provide training, but be sure to choose a learning platform that works best for your needs, as each platform is a little different.

Take advantage of practice tests, exercises, and tips (here’s an example). Like the CKA, passing this exam is all about efficiency and time management, and exercises can help you reinforce what you’ve learned, giving you the speed and confidence you need.

Quick overview: Kubernetes certifications for companies

Certified Kubernetes Service Provider (KCSP)

According to the CNCF, the KCSP program is a pre-qualified tier of vetted service providers that offer Kubernetes support, consulting, professional services, and training for organizations moving to Kubernetes. To become a KCSP, a company must have:

• Three or more engineers who pass the Certified Kubernetes Administrator (CKA) exam
• A business model to support enterprise end users, including putting engineers at a customer site
• A CNCF membership

Certified Kubernetes Conformance Program

According to the CNCF, there are now more than 100 Certified Kubernetes products as part of the Certified Kubernetes Conformance Program. Most of the world’s leading enterprise software vendors and cloud computing providers have Certified Kubernetes offerings.

Final advice from our New Relic site reliability engineer

According to Shannon, whether you choose to become certified as a Kubernetes administrator, application developer, or both, he believes that it’s a great way to get comfortable working with Kubernetes. “The Kubernetes ecosystem is already really big and getting bigger every day,” he says. “It’s nice to have a base level of understanding before working with any tools that are part of the ecosystem, like Helm or Argo.”

Speaking of basic understanding, beyond doing the training and preparation recommended above, Shannon also emphasizes the importance of experience with using a terminal and a text editor. “You really need enough practice or experience working on a terminal to feel comfortable with it before you take the exam,” he says.

When asked about how much practice is enough, Shannon’s recommendation is to “get your hands dirty and work through the commands until you understand them,” he says. “It’s the only way to get fast enough to finish the exam in the allotted time.”

“Sure, it’s a lot of work, but it really pays off in both your day-to-day efforts as well as future job opportunities,” he says.

And with that, good luck with your Kubernetes certification.

Don’t forget to sign up for New Relic One’s free tier and start monitoring your Kubernetes clusters.