As part of my role at Kloudle, I need to work with Kubernetes clusters every day. Aspects like - how the different parts of a cluster connect, work together, how is authorization implemented, how are apps able to expose themselves to the world, what regulates all of this, how do people upgrade clusters, what logs go where, etc. are some of the questions that I have to answer. While my hands-on experience was building up, we figured that having a Certified Kubernetes Administrator certification would add to my credibility.
I took up the CKA exam, failed the first attempt, and immediately took the free re-take to get certified. This blogpost describes the journey, my mental struggle, my fear of failure, how I overcame both, and many tips very likely you may not have read before.
Exams can be stressful, especially if it has been some time that you have answered a proctored time-bound test. My last exam was my OSCP several years ago; the OSCP exam was a breeze as my primary career for the last decade has been as a pentester, breaking things across the web, mobile, networks, and the cloud.
Picking up Kubernetes, when we started Kloudle, was a mental challenge that I had to overcome since I was learning a completely new technology and knew that I was playing a catch-up game. People were/are doing some fantastic things with Kubernetes and other CNCF projects that made me feel like a complete outsider.
There would be meetings in the office where I would listen to Akash, Madhu and Abhishek while they spoke about Kubernetes and containers, with glossy eyes not knowing how I was going to contribute, even though my container-fu was catching up fast and I had already performed security assessments and penetration tests of apps running on Kubernetes clusters. I felt incomplete, shy, embarrassed about the stuff that I did not know even though I was already breaking workloads (I did not understand this word back then) for clients.
The first change occurred when my Co-Founder and dear friend Akash had a chat with me and asked me to write down what I was exactly afraid of. I wrote down the following things
We then brainstormed with these thoughts and realized that
Akash added that I will always be an attacker due to the way I think. My ability to disregard rules and boundaries makes me a good attacker but a lousy defender, which is why I will need to approach learning Kubernetes, containers, and other cloud-native tech by thinking about them using first principles. Clusters are computers with a networking stack, storage, RAM, CPU, and an OS that ties all of these things together conditioned by access control. These are things that I’m already well versed in.
Well, that flipped the switch in me and looking back to that day, I’m glad I had the conversation.
I registered for CKA in November 2020 during KubeCon NA but did not start preparing until the end of January. Like most folks who appear for the exam, I Googled and read “experience” blogs, setup a local cluster for practice, followed the instructions to doing kubernetes-the-hard-way that Kelsey Hightower’s created, signed up for Mumshad’s classes on KodeKloud and picked up exercises on Katacoda as well. Gobbled up every piece of advice that folks who have passed the exam gave me - on the Internet, in my office, folks within my tech communities, the random guy I met at a KFC near my house.
I even made a Twitter post about it - https://twitter.com/riyazwalikar/status/1356118741499604992
Failure was not an option.
Well, my prep did not account for what I would do if I failed. I started sensing that I was going down the rabbit hole of picking up an arbitrary date in the future, just to tell myself that I will be prepared by then. There was no data that supported this hypothesis, but I was sure for some reason. We all do this often in our lives.
Coincidentally or not, Akash had an internal discussion with us about trying out things using a technique that I had never heard before as the reference framework. The technique, called “Genchi Genbutsu” (https://conversion-rate-experts.com/genchi-genbutsu/), which simply put, asks you to “Go to the real place and see for yourself”.
When I applied “Genchi Genbutsu” to the way I was learning for CKA, I simply had to go see the exam. I knew enough Kubernetes by now to ace the exam, but the fear of failing was coming in the way. There were too many “what ifs..“. Well, I wouldn’t know unless I “go and see the exam” myself.
The essential distinctions that I made at this point (I had help with this too :)) were that
With these distinctions, I appeared for the exam on a Friday evening.
Well, I failed the first attempt. Not because I did not know enough Kubernetes, but because of other reasons which I would not have found out if I had not jumped in.
Here are some things to remember before we move forward
The exam itself is easy if you have done the following at least a couple of times (more the better)
So what went wrong during my first attempt? In my experience, I mostly panicked during the exam. Here I was sitting alone in my room, sharing my screen with an unknown human, conscious that I am being watched, my screen being shared, my typos and fumbling being broadcast to unknown forces. It had been quite a while since my last video stream to an unknown audience.
If I have to make a list, here’s where I think I goofed up
I made the assumption that I was going to fail and made a list of things to do for my re-take.
The results came out on Sunday morning letting me know that I had failed and that I was eligible for a re-take. I quickly booked my re-take for Wednesday and let my team know.
I made another Twitter post about my results and what I was planning to do different this time -https://twitter.com/riyazwalikar/status/1358317919638147075
Based on my experience and memory, I made the following list of things to do before the re-take. I have expanded some of them to add some more clarity on what I was thinking when I made this list.
I had about 2 days to implement the things that I had made a note of. Wednesday arrived in shameless haste and there I was in my room again with the moderator on chat.
Well, “Genchi Genbutsu” FTW, I passed the exam in my second attempt. I used every single thing that I experienced in my first attempt as learning. I still ran out of time and did not complete a task, but because I had already eliminated a host of other mental and physical blockers, it did not matter in the grand scheme of things.
Overall, the exam was a fun experience and thanks to the free re-take should not be seen as a hard or impossible thing to achieve. I would recommend going ahead and giving the exam with whatever preparation you have so far and experience it firsthand. Evaluate what went wrong (if it does!) and re-use that knowledge for the re-take. Eliminate the taboo associated with failure or having taken two attempts to pass, the exam will be a much simpler lion to tackle.
Thank you for reading, and feel free to reach out to me if you need any help or guidance with the exam!
So! I cleared the Certified Kubernetes Application Developer (CKAD) exam as well :)
Once I had cleared the CKA, my next goal was to clear the CKAD. I had about 2 weeks between both the exams, mostly because I was travelling and was working on other things at Kloudle.
As most of my day to day work now involves setting up workloads on Kubernetes, my hands on experience has been accelerating. I used this confidence of working with Kubernetes, the success of me clearing the CKA exam and well wanting to see how the CKAD looks like using the same principles I used earlier.
I booked the CKAD and answered the exam recently. Here are some things that stood out and tips and tricks for the CKAD exam if you are planning on answering it.
That’s all folks. As usual thank you for reading, and feel free to reach out to me if you need any help or guidance with the exam!
This article is brought to you by Kloudle Academy, a free e-resource compilation, created and curated by Kloudle. Kloudle is a cloud security management platform that uses the power of automation and simplifies human requirements in cloud security. If you wish to give your feedback on this article, you can write to us here.