Limited time: Get 2 months free with annual plan — Claim offer →
Certifications Tools Flashcards Career Paths Exam Guides Blog Pricing
Start for free
Exam GuidesCNCFCKAD
CNCFAssociate Level2026 Updated

Certified Kubernetes Application Developer Exam Guide 2026: Everything You Need to Pass

Updated May 1, 202612 min readWritten by Certsqill experts
Quick facts — CKAD
Exam cost
$395 USD
Questions
15–20 performance tasks
Time limit
2 hours
Passing score
66%
Valid for
3 years
Testing
PSI (browser-based)

Who this exam is for

The Certified Kubernetes Application Developer certification is designed for professionals who work with or want to work with CNCF technologies in a professional capacity. It is taken by cloud engineers, DevOps practitioners, IT administrators, and technical professionals looking to validate their expertise.

You do not need extensive prior experience to attempt it, but you will benefit from hands-on familiarity with the subject matter. The exam tests applied knowledge and architectural judgment, not just memorization. If you can reason about trade-offs and real-world scenarios, structured practice will handle the rest.

Domain breakdown

The CKAD exam is built around official domains, each with a fixed percentage of the question pool. This distribution should directly inform how you allocate your study time.

Domain
Weight
Focus areas
Application Design & Build
20%
Multi-container pod patterns (sidecar, init, ambassador), persistent storage, job and cronjob creation, container images.
Application Deployment
20%
Rolling updates, rollbacks, Helm chart deployment, Kustomize overlays, blue/green deployment patterns.
Application Observability & Maintenance
15%
Liveness and readiness probes, container logging, metric server, debugging with kubectl exec and logs.
Application Environment, Config & Security
25%
ConfigMaps, Secrets, resource quotas, SecurityContext, ServiceAccounts, admission controllers.
Services & Networking
20%
Service types, Ingress rules and annotations, NetworkPolicy, DNS resolution within the cluster.

Note the domain with the highest weight — many candidates under-invest here because it feels conceptual. In practice, this is where the exam is most precise, with scenario-based questions that test specifics.

What the exam actually tests

This is not a memorization exam. Questions require applied judgment under constraints. Almost every question includes a scenario with explicit requirements and asks you to select the most appropriate solution.

Here are examples of the question types you will encounter:

ConfigMap and Secret injection
"Create a ConfigMap named app-config with key DB_HOST=postgres. Mount it as an environment variable in a pod named api-pod."
Tests the full ConfigMap lifecycle: creation, then injection via envFrom or env[].valueFrom. Both approaches appear on the exam.
Rolling update and rollback
"Update the Deployment api-server to use image nginx:1.26. If the update causes pod failures, roll back to the previous version."
Requires kubectl set image and kubectl rollout undo. Know kubectl rollout status and kubectl rollout history as verification steps.
Network policy creation
"Create a NetworkPolicy that allows pods labeled role=frontend to communicate with pods labeled role=backend on port 5432 only."
CKAD network policies test pod selector syntax and port specifications. Ingress vs egress direction is a common error source.

How to prepare — 4-week study plan

This plan assumes one hour per weekday and roughly 30 minutes of lighter review on weekends. It is calibrated for someone with some relevant experience. If you are starting from zero, add an extra week before Week 1 to familiarise yourself with the basics.

W1
Week 1: Core pod patterns + Configuration
  • Multi-container pods: sidecar, init container, ambassador patterns
  • ConfigMaps: create from literals, files, and inject as env vars or volumes
  • Secrets: opaque secrets, TLS secrets, imagePullSecrets
  • 20 kubectl create --dry-run exercises daily to build YAML speed
W2
Week 2: Deployments + Observability
  • Deployment strategies: rolling update parameters (maxSurge, maxUnavailable)
  • Liveness probes: HTTP, TCP, exec — configure and debug
  • Readiness probes: difference from liveness, startup probe use case
  • kubectl logs, exec, describe — practice diagnosing broken pods
W3
Week 3: Security + Helm + Advanced networking
  • SecurityContext: runAsUser, runAsNonRoot, readOnlyRootFilesystem, capabilities
  • ResourceQuotas and LimitRanges at namespace level
  • Helm: install, upgrade, rollback, list, template commands
  • NetworkPolicy: default-deny, allow by label, namespace selectors
W4
Week 4: Timed practice + Killer.sh
  • Killer.sh session 1: full 2-hour timed attempt
  • Review every missed task — focus on what slowed you down
  • Killer.sh session 2: aim for 80%+
  • Speed drills: practice the 5 task types you perform slowest

Common mistakes candidates make

These patterns appear repeatedly among candidates who resit this exam. Knowing them in advance is worth several percentage points.

Confusing CKAD scope with CKA scope
CKAD focuses on application lifecycle, not cluster administration. Candidates who over-prepare cluster topics (etcd, kubeadm) waste time on out-of-scope content. Focus on the developer perspective.
Not knowing Helm and Kustomize basics
Helm and Kustomize were added to the CKAD curriculum. Candidates from pre-2021 study materials often skip these. Helm install, upgrade, and rollback commands are tested directly.
Forgetting probe configuration syntax
Liveness and readiness probe YAML is distinctive and easy to get wrong. Practice writing httpGet, tcpSocket, and exec probe blocks from memory before exam day.
Spending too long on hard tasks
Each task has a point weight shown in the interface. Skip difficult tasks and return to them — an easier 7% task takes 2 minutes. A hard 4% task could take 10 minutes. Prioritize by weight × speed.

Is Certsqill right for you?

Honestly: Certsqill is built for candidates who have already done some studying and want to convert knowledge into exam performance. If you have never touched the subject, start with a foundational course first — then come to Certsqill when you are ready to practice.

Where Certsqill is strong: question depth, AI-powered explanations, and domain analytics. Every question is mapped to the exam blueprint. When you get something wrong, the AI tutor explains why the right answer is right and why each wrong answer fails under the specific constraints in the question.

Where Certsqill is not a replacement: video courses and hands-on labs. Use Certsqill to test and sharpen — not as your first exposure to a topic you have never encountered.

Ready to start practicing?
640 CKAD questions. AI tutor. 5 mock exams. 7-day free trial.