Introduction
I use Kubernetes on a daily basis: building, deploying, troubleshooting, breaking things, and fixing them.
Hands-on experience was never the issue. But I knew there were gaps in my understanding, concepts I had never properly learned because I had simply figured them out along the way.
So I decided to go for the CKA to strengthen those foundations. Three months later, I had passed all five Kubernetes certifications and earned the Kubestronaut title.
This post is a breakdown of how I did it, what worked for me, and what I would do differently.
The journey
I started preparing on September 7th and passed my last cert on November 25th.
Initially, I thought getting the CKA by November would be a good pace. I ended up completing all five in that timeframe. A perfect example of Parkinson’s Law and how work expands to fill the time you give it.
| Cert | Hours | Score |
|---|---|---|
| CKA | 70h | 91 |
| CKS | 38h | 87 |
| KCSA | 1h | 82 |
| CKAD | 7h | 96 |
| KCNA | 0h | 92 |
(Yes, I log my study hours.)
CKA - Certified Kubernetes Administrator
The CKA was the cert that pulled me into this whole thing.
I bought the KodeKloud course on Udemy.
It gave me exactly what I was looking for: a global, structured view of how Kubernetes works as a system. How the control plane orchestrates everything, how each component interacts with the others.
As I progressed through the course, things started to click. Pieces I had learned in isolation finally made sense together.
I genuinely enjoyed studying for it.
After passing the CKA, I bought the CNCF bundle for the remaining certifications and decided to go all in.
CKS - Certified Kubernetes Security Specialist
Right after the CKA, I started preparing for the CKS.
I had seen a lot of people online saying it was brutal, too long, too stressful, impossible to finish in time. So I went in expecting the worst.
The exam itself isn’t hard. It’s dense. There are a lot of tools to learn: Falco, Trivy, AppArmor, audit policies, and so on. But if you understand how Kubernetes works, learning how to secure it becomes much more straightforward.
Don’t always trust what people say online. You can make an exception for me though.
KCSA
Basically the multiple-choice version of CKS. If you passed CKS, you’ll pass this. I just did one mock and went in.
CKAD
A lot of overlap with CKA. I mostly focused on the topics that aren’t covered in the CKA, like liveness and readiness probes or StatefulSets. Concepts I was already familiar with from work. Then just did the mocks. The exam itself is easier than the CKA. Same topics, less depth.
By the time I got to the CKAD, I noticed that I wasn’t learning as much as before. At that point, I was mostly continuing the journey to complete the full path and reach the Kubestronaut title.
If I were to do it again, I’d probably start with the CKAD. It’s a good entry point into Kubernetes certifications.
KCNA
A general cloud native certification. It covers topics that aren’t addressed in the other exams, like Prometheus and GitOps.
If you’ve done the others, this one won’t give you any trouble.
Preparing for the environment
The PSI exam environment is… let’s say not ideal.
It’s very memory-hungry, especially towards the end of the exam where things can get noticeably laggy. I wouldn’t recommend taking the hands-on exams on a machine with less than 16GB of RAM.
Before your first exam, take the time to go through the environment tour. At least you won’t be discovering the interface under pressure.
You also can’t use a second monitor. That was a bit of a pain, as I’m used to working with one.
Anecdote
For the CKS, I actually started one hour later than expected. This didn’t affect the exam timer, but it added unnecessary stress.
I ran into connectivity issues during the system verification, which was frustrating since I was using the exact same Wi-Fi connection that had worked perfectly fine for the CKA.
I switched to Ethernet but the system still considered my connection “not sufficient”.
At that point, I tried sharing my phone’s mobile connection (objectively worse in every possible way) and somehow, that worked.
Of course, the connection dropped once during the checks.
Eventually, everything worked fine and I was able to take the exam without further issues.
Learning advice and recommended resources
Some of this is opinionated, some of it is very basic. But all of it worked for me.
Active learning
Don’t just passively watch courses.
You’ll likely spread your preparation over weeks, if not months. Writing things down helps a lot with retention, and you’ll have your own notes to review later.
I also highly recommend having a local environment where you can actually run commands and try things out as you go. I did that a lot while following the courses, and it made a big difference in how well things stuck.
Training resources
KodeKloud
This was my main resource. I’d recommend just buying the yearly subscription. It’s cheaper if you use a VPN to India :)
The courses are very well done, structured, and aligned with what you’ll see during the exams.
Killerkoda
I didn’t use KillerCoda as much as I probably should have. Apart from the CKS, where I did a lot of exercises the night before the exam, I mostly skipped it.
Looking back, I should have used it more. It’s a great way to build speed and get the repetitions in.
Killer.sh
Treat Killer.sh as the real exam.
I’d recommend doing it only after you’ve completed most of your preparation. It’s tough, and often feels harder than the actual exam, mainly because the questions go deeper and are more detailed.
That said, it’s by far the closest thing you’ll get to the real exam experience.
Practical exam tips
Stay organized
The first thing I do when the exam starts is open a separate Vim tab to keep track of skipped questions. I usually write a quick note for each one, just enough to remember where I left off.
As soon as a question opens, I immediately switch to the correct namespace:
kubectl config set-context --current --namespace=<namespace>
Speed matters
Be fast with kubectl. Seriously. This is probably the single most important skill for the hands-on exams. Practice imperative commands until they feel completely natural.
Get comfortable with Vim. At least the basics. You’ll be editing YAML constantly, so it makes a huge difference.
Know where to find information without wasting time:
- The Kubernetes documentation (you should already be familiar with it)
kubectl explain, especially with the--recursiveoption
Read carefully
The devil is in the details. Knowing the concept is often not enough. Typos, small mistakes, or lack of focus can easily cost you points.
I caught myself several times not reading the question until the very end. Sometimes there’s an extra requirement like “once done, delete the pod”, and missing that can also cost you points.
If a question has multiple parts and you don’t know everything, answer what you can. You can often score partial points by approaching it smartly instead of skipping the question entirely.
Topics that always come up
Some patterns appear in almost every exam and mock, practice these until you can do them without thinking:
- RBAC
- NetworkPolicies
- For CKS: audit policies and image admission controllers
Pick a date and commit
Don’t wait until you feel 100% ready to book the exam. You probably never will. Pick a date and commit to it.
Having a fixed deadline is a huge motivation boost.
Conclusion
It was a fun ride. I would recommend it to anyone working in the Cloud Native ecosystem and interested in Kubernetes.
The certifications themselves are not the goal. What really matters is the knowledge you build along the way, and the confidence that comes from truly understanding how things work.
The Kubestronaut title is also a great objective to aim for, and a good way to structure the journey.