VMware Cloud Native Master Specialist

Yesterday I passed my VMware Cloud Native Master Specialist exam.

vmware_SP_CloudNative20

It was a tough one and I really enjoyed the thought out questions based on real world scenarios, so kudos to the team that put the exam together.

Here is the easier to read format of the sections with the accompanied links from the guide. Please review the exam guide for accuracy since my list might get outdated.

Exam Sections

Section 1 – Application Deployment to a Cluster

Objective 1.1 Identify the situation that would require a secret.

https://kubernetes.io/docs/concepts/configuration/secret/

Objective 1.2 Identify the situation that would require a config map.

https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap

Objective 1.3 Given a scenario, identify proper logging for the application.

https://kubernetes.io/docs/concepts/cluster-administration/logging/

Objective 1.4 Given a scenario, identify proper metrics for the application.

https://prometheus.io/docs/

Objective 1.5 Given a scenario, identify proper probes for the application.

https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/

Objective 1.6 Given a scenario, identify the proper way to expose an application to outside users.

https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/ – Ingress / Ingress

Controllers / Service of Type LoadBalancer – all available in this section of the kubernetes.io doc

Objective 1.7 Given a scenario, identify the proper way to expose a container.

https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/

Objective 1.8 Given a scenario, identify helm best practice.

https://helm.sh/docs/chart_best_practices/

Objective 1.9 Given a common complex error, identify appropriate next steps or identify what the error implies.

Objective 1.10 Given a scenario, identify how to influence scheduling in a cluster.

https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container

https://kubernetes.io/docs/concepts/configuration/assign-pod-node/

Objective 1.11 Given an application architecture scenario, identify the changes that should be made to the application to make it suitable for Cloud Native platforms.

https://12factor.net

Objective 1.12 Given a Dockerfile, identify changes that best suit container best practices.

https://cloud.google.com/blog/products/gcp/7-best-practices-for-building-containers

Section 2 – Cluster Security

Objective 2.1 Given a scenario, identify proper RBAC to implement.

https://kubernetes.io/docs/reference/access-authn-authz/rbac/

Objective 2.2 Given a scenario, identify proper audit capabilities to implement.

https://kubernetes.io/docs/tasks/debug-application-cluster/audit/

Objective 2.3 Given a scenario, identify the Proper Pod Security Policy to implement.

https://octetz.com/posts/setting-up-psps

Objective 2.4 Given a scenario, identify appropriate admission control options to implement on a cluster.

https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/

Objective 2.5 Given a scenario, identify appropriate open policy agent configuration to implement.

https://www.openpolicyagent.org/docs/latest/

Objective 2.6 Given a scenario, identify appropriate network policy to implement.

https://kubernetes.io/docs/concepts/services-networking/network-policies/

Section 3 – Cluster Operations

Objective 3.1 Given a scenario, identify an appropriate option for configuring backup on a cluster.

https://github.com/heptio/velero

Objective 3.2 Given a scenario, identify appropriate options for cluster.

https://kubernetes.io/docs/tasks/debug-application-cluster/resource-usage-monitoring/

Objective 3.3 Given a scenario, identify the appropriate options for logging configuration.

https://kubernetes.io/docs/concepts/cluster-administration/logging/

Objective 3.4 Given a scenario, identify an appropriate option for configuring cluster conformance tests.

https://sonobuoy.io/

Objective 3.5 Given a scenario, identify an appropriate option for configuring an ingress controller to satisfy ingress options on cluster.

https://www.youtube.com/watch?v=BSKU6QHOvVE

Objective 3.6 Given a scenario, identify the appropriate option for separation of application teams.

https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

Objective 3.7 Given a scenario, identify why to use one networking plugin over another.

https://kubernetes.io/docs/concepts/cluster-administration/networking/

Objective 3.8 Given a scenario, configure authentication

https://kubernetes.io/docs/reference/access-authn-authz/authentication/

https://github.com/dexidp/dex

 

Exam details can be found here.

Remember that CKA certification is a prerequisite for this exam and in order to schedule this exam you first need to upload your CKA certification for verification which can take up to 24 hours so plan accordingly.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s