Kubernetes certifications: QA's new cloud native courses

Towards the tail end of last year, we started thinking about the next evolution of our cloud skills training portfolio.

The cloud has been normalised in the years since we started our training partnerships with Microsoft, Amazon and Google and we feel, quite strongly, that we need to help our customers take those next steps in their cloud journeys.

Over the next few months, we will be launching a raft of instructor-led training covering those next steps. Very soon you'll be able to attend courses covering Ansible and Terraform, but the first courses off the block are Cloud Native Computing Foundation Kubernetes courses. Cue this article.

You what?! What is "cloud native"?

So – cloud is the new normal. Very few organisations are operating today without consuming one or more cloud service. But cloud native isn't about running everything in the cloud, it's about applying the principles of cloud computing – auto-scaling, self-healing, rolling updates, microservices, containers, declarative versus imperative, observability, and more – wherever you're actually running your workloads, be it in a cloud, in many clouds, or even in traditional data centres.

If we're building and running workloads across multiple computer platforms, we'd very much like to have a single, unified set of tools to manage this stuff. Managing container-based workloads at scale is challenging without some kind of orchestration tool. With all due respect to Amazon Elastic Container Service (ECS) and Docker Swarm, the tool that seems to be winning this particular race is Kubernetes.

Why Kubernetes is winning

The popularity of containers that grew within the community from the birth of Linux Containers (LXC) has allowed organisations to harness the power and flexibility of using Docker as a technology. Alongside Docker, the Kubernetes project, which was also designed to automate the movement of workloads from on-premise platforms to virtualised environments in cloud, has also gained traction. As Kubernetes has added functionality and security-enforcing capabilities, it has allowed organisations to gain a lot more capability. Docker workloads are Open Container Initiative (OCI) capable and Kubernetes now allows a seamless path with more operational management ability around the fabric of containerisation, and to allow organisations to fit traditional governance models that are critical for companies who are ISO and PCI compliant.

The power of harnessing CRI-O (Container Runtime Interface - OCI) and Containerd has empowered many developers who are choosing Kubernetes as their platform of choice. Docker is still very popular but Kubernetes demonstrates to so many organisations the ability to have architecture and orchestration grunt, providing an engine room with the ability to take care of pulling and running the container files. Docker is just one of several options for a container runtime.

Traditionally (well, over the last four years), containers were tied inextricably to Docker as a platform, Docker making containers transparent across cloud-native DevOps. As Kubernetes has grown in popularity, we have started to see technologies such as Dockershim heading for retirement. At the same time, new features are being added to Kubernetes around the security of provisioned applications and a powerful CRI interface allowing better and more governable communication with the container runtime that ContainerD provides.

Docker produces OCI images that aren’t actually Docker-specific. Kubernetes provides an orchestrated home for them as any OCI image, regardless of which tool was used to build it, looks the same to Kubernetes. Containerd and CRI-O provide the capability and automation to pull those images and run them. This is why the OCI standard exists.

If you're running containers on GCP, you're using Kubernetes (Kubernetes has evolved out of Google's in-house toolset, the very coolly-named Borg). If you're running containers on Azure, you're probably using Kubernetes. In AWS you might well be using ECS for its deep integration with the rest of Amazon's platform, but it's equally likely that you're running EKS (Elastic Kubernetes Service).

VMWare? Kubernetes. Alibaba? Kubernetes. OpenShift? Kubernetes. In fact, Azure also has an OpenShift service! IBM? Kubernetes. Oracle? Guess what? You might even be managing your own Kubernetes clusters in any of those clouds or in your data centres. Apologies to any vendors I've missed in that list, but you get the picture. 91% of respondents to the Cloud Native Computing Foundation's 2020 Survey reported that they were using Kubernetes to manage their containers.

So what is the Cloud Native Computing Foundation?

The Cloud Native Computing Foundation, a part of the Linux Foundation, is the vendor-neutral home of Kubernetes and many other open-source projects that fit into the Kubernetes ecosystem. It's worth pointing out that all of the vendors mentioned above are members. Its role is to:

• provide stewardship of the projects, ensuring that the technologies are available and free of partisan influence;
• foster the growth and evolution of the ecosystem;
• promote the underlying technologies, including conferences, training and certification; and
• to make the technology accessible and reliable.

That third thing – training and certification – is where we come in.

Kubernetes training and certification

Clearly, before we can start helping our customers to obtain certification, we need to do it ourselves. To that end, in the week before the 2020 seasonal break, I and a half dozen or so of my colleagues attended some trainer training events on Kubernetes ("K8s") Administration and Application Development. We had varying degrees of exposure to containers and K8s; I think it's fair to say that those with less previous exposure struggled with some of the content initially. The content requires you to be somewhat familiar with the technology in the first place.

There's (naturally) a lot of overlap between the two courses – whether you're developing cloud-native applications or administering them, you need to understand the architecture and terminology and how the whole thing fits together, but you're less likely to be installing, upgrading or backing up your clusters if you're "only" developing applications for it.

To give you an idea of what will be included, we have published our course outlines here:

• Kubernetes Administration course outline
• Kubernetes Application Development course outline

What are the certified Kubernetes exams like?

Having had the whole year-end break to forget 90% of what we'd learned, those of us who weren't straight back into delivering AWS, Azure, GCP and DevOps-y courses to our customers started working on content and, of course, prepping for the exams. Ben Hesketh passed his Certified Kubernetes Application Developer (CKAD) exam in mid-January and I passed my Certified Kubernetes Administrator (CKA) exam a week later (which is why I'm now writing this article – it just didn't feel right without having the cert first).

I have to say that it was probably my favourite exam ever. The vast majority of the exams I've taken in my professional career have been multiple-choice format, either "choose the correct response" or "select all that apply". Sometimes simulations have been included but more often, not. I realise others' experiences will differ from mine, but this was the first exam I've sat that was entirely running in a live environment, or rather several different live K8s clusters. You break it, it's broken!

I’m also awaiting the results of my CKAD exam – The Linux Foundation take up to 36 hours to dig into what actions you’ve performed on your cluster(s) in order to work out your final score. Results coming early tomorrow. I’m fairly confident that I’ve passed as it feels like a slightly more straightforward exam but I could be deluding myself or it could just be that I’ve spent an additional few weeks playing with and breaking (and delivering some beta training events on) Kubernetes. We’ll see…

A completely different pace and challenge to what I'm used to but rather than just knowing things, I had to be able to apply the things I knew – at speed. Which brings me to my first in an irregular series of K8s exam tips: learn to use Vim properly.

I’m really excited about this new range of QA cloud native courses. They will provide practitioners and employers alike with a solid foundation in cloud native skills. 

I look forward to meeting you on a course soon.

There's plenty of info about our Cloud Native courses here