CKS

Passed the last exam from k8s trio yesterday, so now I have the full set. The exam proved more challenging than CKA and CKAD, although far less intimidating than I imagined after reading what others had to say. Unlike other 2 k8s exams, which are based on k8s only, in order to pass CKS you have to know other security and compliance-related tools as well, such as kube-bench, OPA/Gatekeeper, Falco, Trivy, gVisor, and AppArmor. I already had some experience with OPA/Gatekeeper on one of my past projects, so I had to learn everything but OPA/Gatekeeper from scratch, but they are very simple and I needed less than a week to prepare. I wanted to see how hard it is to pass it without the Udemy course everyone recommends, with just the official docs, and it turned out to be surprisingly smooth.

Of all the technologies from this exam, gVisor piqued my curiosity the most. I knew about different OCI-compatible container runtimes for Kubernetes, but I wasn't aware of a solution that implements a subset of Linux API with additional seccomp protection and replaces Linux kernel from application's view. Neat.

Now that this is out of the way, I'll be taking care of remaining Red Hat exams and HashiCorp Consul certification. I have big plans for the next year, as I have to pass all AWS exams, maybe with the exception of Alexa.