sensei-wu/k8s-skills-matrix.md

## k8s-skills-matrix.md

      
    Raw
  

              k8s-skills-matrix.md
            
          
Level 1 (CKAD)
Level 2 (Baseline for production)
Level 3 (Expert)


Create and configure basic Pods
 Define Pod and node affinities 
 Understand Taints and Tolerations 
 Understand Pod scheduling 
 Follow best practices for container design 


Understand SecurityContexts
 Understand Pop security policies 
 Understand full range of security context options including Linux capabilities 


Define an applications resource requirements
 Define resource quotas 
 Configure LimitRanges 
Define pod disruption budgets


Create and consume secrets
--
Use an external vault with key management


Understand ServiceAccounts
Manage role based access control (RBAC)
Know how to integrate with external authentication and authorization systems


Understand multi-container Pod design patterns
--
Understand network level details of sidecar injection


Understand LivenessProbes and ReadinessProbes
Know how to configure metrics server incl. external systems
--


Understand container logging
Configure log harvesting to external systems
Install and configure complete logging stack (e.g. ELK)


Understand how to monitor applications
Understand object lifecycle inside the cluster
Know the value of integrating with external SIEM systems


Understand Deployments and how to perform rolling updates
Know how to design applications for business continuity and recoverability
--


Understand Deployments and how to perform rollbacks
Know how to design applications for business continuity and recoverability
--


Understand Jobs and CronJobs
Design self managing microservice architecture by leveraging scheduled batch operations
--


Understand how to use Labels, Selectors, and Annotations
Use Labels and Selectors to isolate and categorize objects
Use Labels and Selectors to provide visibility to resource utilization, use annotations to create custom toolings


Understand Services
Understand Ingresses and Loadbalancers
Understand how to setup a secure, multi-layered front-end architecture with SSL configuration, host setup and integrate with external IDAM solutions


Demonstrate basic understanding of NetworkPolicies
Can configure network policies inclusing IP and host filtering
Understand and design Pod security policies at teh cluster level, use and integrate with container firewalls, understand CNI specification


Understand PersistentVolumeClaims for storage
Use StatefulSets for databases and stateful loads
Define and manage cluster level storage options, understand CSI specification


--

Admission Controllers


--
--
CIS Benchmarks


--
--
Implement Continuous Security Vulnerability Scanning
Level 1 (CKAD)	Level 2 (Baseline for production)	Level 3 (Expert)
Create and configure basic Pods	Define Pod and node affinities Understand Taints and Tolerations	Understand Pod scheduling Follow best practices for container design
Understand SecurityContexts	Understand Pop security policies	Understand full range of security context options including Linux capabilities
Define an applications resource requirements	Define resource quotas Configure LimitRanges	Define pod disruption budgets
Create and consume secrets	--	Use an external vault with key management
Understand ServiceAccounts	Manage role based access control (RBAC)	Know how to integrate with external authentication and authorization systems
Understand multi-container Pod design patterns	--	Understand network level details of sidecar injection
Understand LivenessProbes and ReadinessProbes	Know how to configure metrics server incl. external systems	--
Understand container logging	Configure log harvesting to external systems	Install and configure complete logging stack (e.g. ELK)
Understand how to monitor applications	Understand object lifecycle inside the cluster	Know the value of integrating with external SIEM systems
Understand Deployments and how to perform rolling updates	Know how to design applications for business continuity and recoverability	--
Understand Deployments and how to perform rollbacks	Know how to design applications for business continuity and recoverability	--
Understand Jobs and CronJobs	Design self managing microservice architecture by leveraging scheduled batch operations	--
Understand how to use Labels, Selectors, and Annotations	Use Labels and Selectors to isolate and categorize objects	Use Labels and Selectors to provide visibility to resource utilization, use annotations to create custom toolings
Understand Services	Understand Ingresses and Loadbalancers	Understand how to setup a secure, multi-layered front-end architecture with SSL configuration, host setup and integrate with external IDAM solutions
Demonstrate basic understanding of NetworkPolicies	Can configure network policies inclusing IP and host filtering	Understand and design Pod security policies at teh cluster level, use and integrate with container firewalls, understand CNI specification
Understand PersistentVolumeClaims for storage	Use StatefulSets for databases and stateful loads	Define and manage cluster level storage options, understand CSI specification
--		Admission Controllers
--	--	CIS Benchmarks
--	--	Implement Continuous Security Vulnerability Scanning