KCNA Domain 1: Kubernetes Fundamentals (46%) - Complete Study Guide 2027

Domain 1 Overview: What You Need to Know

Domain 1: Kubernetes Fundamentals represents the largest portion of the KCNA exam at 46% of all questions, making it absolutely critical to your success. This domain tests your foundational understanding of Kubernetes concepts, architecture, and basic operations that every cloud native professional should master.

Given that you need to score 75% overall to pass the KCNA exam, performing well in this domain is essential. With approximately 27-28 questions dedicated to Kubernetes fundamentals, you'll need to answer at least 20-21 correctly in this section alone to maintain a strong foundation for success.

The content in this domain aligns perfectly with real-world Kubernetes usage scenarios. Unlike some certification exams that focus on theoretical knowledge, the KCNA emphasizes practical understanding of how Kubernetes components work together to orchestrate containerized applications. This approach makes the certification valuable for both exam success and career advancement.

Understanding how challenging the KCNA exam can be helps set proper expectations for your study timeline. Most candidates spend 2-4 weeks focused specifically on Domain 1 concepts before moving to other areas.

Kubernetes Architecture Fundamentals

The Kubernetes architecture forms the backbone of everything you'll encounter in the KCNA exam. Understanding how components interact is crucial for answering questions across all domains, but it's tested most directly in Domain 1.

Control Plane Components

The Kubernetes control plane manages the entire cluster and makes global decisions about scheduling, scaling, and cluster state. Each component serves a specific purpose:

• API Server (kube-apiserver): The central management entity that exposes the Kubernetes API and processes all requests
• etcd: Distributed key-value store that maintains cluster state and configuration data
• Scheduler (kube-scheduler): Selects appropriate nodes for newly created pods based on resource requirements and constraints
• Controller Manager (kube-controller-manager): Runs controller processes that regulate cluster state
• Cloud Controller Manager: Manages cloud-specific control logic when running on cloud platforms

Node Components

Every Kubernetes node runs several components that enable pod execution and cluster communication:

• kubelet: Primary node agent that communicates with the API server and manages pod lifecycle
• kube-proxy: Maintains network rules and enables service communication
• Container Runtime: Software responsible for running containers (Docker, containerd, CRI-O)

Component	Location	Primary Function	Exam Focus
API Server	Control Plane	API endpoint and request processing	High
etcd	Control Plane	Cluster state storage	Medium
Scheduler	Control Plane	Pod placement decisions	High
kubelet	Node	Pod lifecycle management	High
kube-proxy	Node	Network proxy and load balancing	Medium

Pods and Workload Management

Pods represent the smallest deployable units in Kubernetes and are fundamental to understanding how applications run in the cluster. KCNA questions frequently test pod concepts, lifecycle management, and troubleshooting scenarios.

Pod Fundamentals

A pod encapsulates one or more containers that share storage, network, and a specification for how to run the containers. Key characteristics include:

• Pods are ephemeral - they can be created, destroyed, and recreated
• Containers in a pod share the same IP address and storage volumes
• Pods are typically managed by higher-level controllers, not created directly
• Each pod gets a unique IP address within the cluster

Pod Lifecycle States

Understanding pod phases is crucial for troubleshooting questions on the exam:

• Pending: Pod accepted but containers not yet running
• Running: Pod bound to node with at least one container running
• Succeeded: All containers terminated successfully
• Failed: All containers terminated with at least one failure
• Unknown: Pod state cannot be determined

Multi-container pods, while less common, appear regularly on the KCNA exam. These scenarios test your understanding of how containers within a pod communicate and share resources.

Services and Networking Concepts

Kubernetes Services provide stable networking endpoints for accessing pods, which is essential since pods are ephemeral and their IP addresses change. Service concepts are heavily tested in Domain 1.

Service Types

The KCNA exam tests your understanding of when and how to use different service types:

• ClusterIP: Default type providing internal cluster access only
• NodePort: Exposes service on each node's IP at a static port
• LoadBalancer: Creates external load balancer (cloud provider dependent)
• ExternalName: Maps service to external DNS name

Service Discovery and DNS

Kubernetes provides built-in service discovery through DNS. Services automatically receive DNS entries that other pods can use for communication. The naming convention follows this pattern:

• Service DNS: service-name.namespace.svc.cluster.local
• Pod DNS: pod-ip.namespace.pod.cluster.local

Network policies, while more advanced, sometimes appear in KCNA questions related to security and traffic control between pods and services.

Essential kubectl Commands

The kubectl command-line tool is your primary interface for interacting with Kubernetes clusters. While the KCNA is a multiple-choice exam without hands-on components, understanding kubectl syntax and output helps answer many questions.

Core kubectl Operations

Master these essential kubectl commands and their common flags:

• kubectl get: List resources (pods, services, deployments)
• kubectl describe: Show detailed resource information
• kubectl create: Create resources from command line or files
• kubectl apply: Apply configuration changes to resources
• kubectl delete: Remove resources from the cluster
• kubectl logs: View container logs
• kubectl exec: Execute commands in containers

Output Formatting and Filtering

KCNA questions often show kubectl command output. Understanding common flags helps interpret results:

• -o wide: Show additional columns including node and IP information
• -o yaml: Output full resource definition in YAML format
• --selector: Filter resources by labels
• --all-namespaces: Show resources across all namespaces

Deployments and Scaling

Deployments provide declarative updates for pods and ReplicaSets, making them crucial for production applications. The KCNA tests deployment concepts, scaling strategies, and update mechanisms.

Deployment Fundamentals

Deployments manage the desired state of your applications through several key mechanisms:

• ReplicaSets: Ensure specified number of pod replicas are running
• Rolling Updates: Gradually replace old pods with new versions
• Rollback: Return to previous deployment version when issues occur
• Scaling: Adjust replica count based on demand

Scaling Strategies

Understanding different scaling approaches helps answer questions about application lifecycle management:

Scaling Type	Method	Use Case	Impact
Horizontal Pod Autoscaling	Automatic replica adjustment	Variable workloads	Changes pod count
Vertical Pod Autoscaling	Resource limit adjustment	Workload optimization	Changes resource allocation
Manual Scaling	kubectl scale command	Planned capacity changes	Immediate replica adjustment
Cluster Autoscaling	Node addition/removal	Cluster capacity management	Changes infrastructure

For those preparing for advanced certifications, understanding these deployment concepts provides excellent preparation for hands-on practice scenarios you'll encounter in CKA and CKAD exams.

Storage and Configuration Management

Kubernetes provides multiple ways to manage application configuration and persistent data. The KCNA tests your understanding of ConfigMaps, Secrets, and volume concepts.

Configuration Management

Separating configuration from application code is a cloud native best practice that Kubernetes facilitates through dedicated resources:

• ConfigMaps: Store non-confidential configuration data as key-value pairs
• Secrets: Store sensitive information like passwords and API keys
• Environment Variables: Pass configuration directly to container processes
• Volume Mounts: Provide configuration as files within containers

Persistent Storage Concepts

While detailed storage administration isn't heavily tested in the KCNA, understanding basic concepts is important:

• Volumes: Provide data persistence beyond pod lifecycle
• Persistent Volumes (PV): Cluster-level storage resources
• Persistent Volume Claims (PVC): User requests for storage resources
• Storage Classes: Define different types of available storage

Study Strategies for Domain 1

Success in Domain 1 requires a combination of conceptual understanding and practical familiarity. Here are proven strategies for mastering this content:

Hands-On Practice

Even though the KCNA is theoretical, hands-on experience significantly improves your understanding:

• Set up a local Kubernetes cluster using minikube or kind
• Practice basic kubectl commands daily
• Deploy sample applications and observe their behavior
• Experiment with different service types and networking scenarios

Documentation Review

The official Kubernetes documentation provides authoritative information that aligns with KCNA content:

• Review architectural concepts and component descriptions
• Study pod and deployment lifecycle documentation
• Understand service and networking concepts
• Familiarize yourself with kubectl command reference

When combined with comprehensive KCNA exam preparation strategies, focused Domain 1 study typically requires 15-20 hours of dedicated effort for most candidates.

Practice Question Strategy

Domain 1 questions often test scenario-based understanding rather than rote memorization. Focus on:

• Understanding why certain architectural decisions are made
• Troubleshooting common pod and service issues
• Selecting appropriate resource types for given requirements
• Interpreting kubectl command output and resource status

Regular practice testing helps identify knowledge gaps and builds confidence with question formats you'll encounter on exam day.

Practice Scenarios and Examples

KCNA Domain 1 questions often present real-world scenarios that test your ability to apply Kubernetes concepts. Here are example scenarios and the thinking process for approaching them:

Scenario 1: Application Connectivity Issues

"A web application deployed in Kubernetes cannot connect to its database. The database pod is running successfully. What should you check first?"

This type of question tests service and networking understanding. The systematic approach:

1. Verify service configuration and selectors
2. Check if the service endpoints are populated
3. Confirm pod labels match service selectors
4. Validate network policies and connectivity

Scenario 2: Pod Scheduling Problems

"A pod remains in Pending state despite available cluster resources. What could prevent scheduling?"

This scenario tests scheduler and pod placement knowledge:

• Resource requests exceeding node capacity
• Node selector or affinity constraints
• Taints and tolerations blocking placement
• Persistent volume availability issues

Scenario 3: Deployment Update Challenges

"After deploying a new application version, some users report errors while others see the updated application. What deployment strategy would prevent this?"

This tests deployment strategy and rolling update concepts:

• Understanding rolling update behavior
• Configuring readiness probes
• Setting appropriate update parameters
• Using blue-green or canary deployment strategies

These scenarios demonstrate how Domain 1 knowledge applies to real-world situations. Understanding the foundational concepts enables you to work through complex questions logically rather than relying on memorization.

As you progress through your KCNA preparation, consider how Domain 1 concepts connect to other areas covered in the complete KCNA domain guide. This holistic understanding improves performance across all exam sections.

Frequently Asked Questions