I think the answer is simple, Jim is not after money but to share his learnings. Everyone else is into money minting.... Amazing course indeed. Though I have cleared my CKS earlier and thanks to him. I will again go through his course before appearing again for the exam.
@@roshantulsani8189 Watching this video does not guarentee you to pass it. You have to practice with your own setup, which is also explained in the video's how to set up your own environment. When you register for the CKS you also receive the Killer Shell exam simulators. They are harder than the real exam. If you can do those assignments then you probably will be fine. You also have to do the real exam in 2 hours which can be a challenge with a lot of assignments. But in short, i did what i just explained and passed it.
Thank you Kim, it's a very good course covering many details and use scenarios.I like the recap for every sections also the talks you recommended at the end of each section. You are my favorite instructor for K8S topic. Nice work and thank you for your sharing.
This is quality content. I truly appreciate your efforts, very thorough video, I am not studying for this cert, but to learn about security in K8s and this is spot on.
Vielen Dank, dass Sie es kostenlos zur Verfügung gestellt haben. Es erfordert ein großes Herz, Dinge kostenlos zur Verfügung zu stellen, wenn man sich viel Mühe gegeben hat, etwas zu schaffen.
SummaryThis video script introduces the “Killer Shell CKS Preparation Course” for the Certified Kubernetes Security Specialist. The course covers theory and practical hands-on challenges, taught by Kim, a certified Kubernetes trainer and developer. The script highlights the importance of security principles, Kubernetes security categories, and best practices for host operating system security, Kubernetes cluster security, and application security. Highlights0:00-1:19 📝: Introduction to the Killer Shell CKS Preparation Course and the trainer, Kim1:20-1:42 📝: Overview of the CKS exam topics and teaching approach 1:43-3:41 📝: Setting up a Kubernetes cluster using Google Cloud or any other platform3:42-4:47 📝: General security principles, including defense in depth and least privilege 4:48-6:33 📝: Introduction to Kubernetes security categories: host operating system, Kubernetes cluster, and application security6:34-8:16 📝: Best practices for host operating system security, including reducing attack surface and using runtime security tools 8:17-9:58 📝: Best practices for Kubernetes cluster security, such as restricting access and enabling audit logging 9:59-12:05 📝: Best practices for application security, including the use of secrets and container hardeningKey Insights🧠 Kubernetes security requires following general security principles, such as defense in depth and least privilege, to create a layered defense system.🧠 Kubernetes security consists of three categories: host operating system security, Kubernetes cluster security, and application security.🧠 Host operating system security involves reducing the attack surface, keeping the system up to date, and using runtime security tools.🧠 Kubernetes cluster security requires securing components like the API server and etcd, implementing authentication and authorization, and enabling audit logging.🧠 Application security focuses on using secrets, role-based access control, container hardening, vulnerability scanning, and mtls for encrypted traffic.🧠 Google Cloud is used in the course for setting up the cluster, but the same setup can be done on any platform with two virtual machines.🧠 The course provides a comprehensive preparation for the CKS exam, covering all the necessary theory and practical hands-on challenges.
Do you think it would be possible to share pdf with slides just for the purpose of quick reference/repetition without scrolling through the video? Thank you a lot for a wonderful content. Great job.
@@ramitsharma3773 Hey yes I was and thankfully I passed. I replied back to your comment 3 times already, not too sure why they're not appearing. Or is it just me? Anyway I can send you the link on the docs as to where you can read more on it.
The flag is: -tls-cipher-suites You can edit it on the kube-apiserver manifest file. If you hit CTRL + F and type "--tls-cipher-suites", you can read more. The value it expects is a string and that string will be a choice of the many TLS CIPHER SUITES and the requirement within the paper. An interesting segment: Comma-separated list of cipher suites for the server. If omitted, the default Go cipher suites will be used. Preferred values: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
I hope this comment stays lol, more importantly I hope you pass. All the best, tough cookie to crack but once cracked, man does it feel great! I've collated a lot of content that'll be really handy for the paper. Feel free to use, re-use it and reshare. Peace brother :)
@@saedf0 Congratulations on passing the exam, and many thanks for answering the above question. Can you please share your content, I will surely benefit from it. May I ask one last question: If given a docker file with a large no. of exports, how do we know which ports to keep and which to remove. Hope you can relate to the question.
video time: 6:20:00. I tried to create pod app with two container bash and ubuntu. It looks like pod is running even if proxy container doesn't have NET_ADMIN capabilities ADDED. But logs shows that it fails to run the iptable command since it doesn't have permission/root. I am using k8s v1.31. Any insight about this- why k get pod app doesnot shows ERROR.
Hey I tried to install it on GCP 20.04 it works fine on both worker and master node however the join is not working so that i didn't do the lab part can you help me on this why
Just to share the issue while installing the gcloud cli on MAC: Issue 1: xxxx# gcloud Zsh: command not found: gcloud Resolution: Look up the directory of the google-cloud-sdk vi ~/.zshrc and append below line export PATH="$PATH:/Users/xxxx/Downloads/google-cloud-sdk" source ~/.zshrc Verification: gcloud
I don't understand why this wasn't recommended or top ranked! Amazing video! While its free it's actually better than lots of paid resource!
I think the answer is simple, Jim is not after money but to share his learnings. Everyone else is into money minting.... Amazing course indeed. Though I have cleared my CKS earlier and thanks to him. I will again go through his course before appearing again for the exam.
Killa stuff, I highly recommend this to everyone working in IT in 2024
thanks for making it free on youtube, i passed my exam yesterday :)
Did you pass CKS watching this video?
@@roshantulsani8189 i saw it on udemy
@@roshantulsani8189 Watching this video does not guarentee you to pass it. You have to practice with your own setup, which is also explained in the video's how to set up your own environment. When you register for the CKS you also receive the Killer Shell exam simulators. They are harder than the real exam. If you can do those assignments then you probably will be fine. You also have to do the real exam in 2 hours which can be a challenge with a lot of assignments. But in short, i did what i just explained and passed it.
i bought this course on Udemy and it's more than enough to pass the CKS exam. Excellent training and trainer.
What about CKA
@@shahzadansari9728 For CKA, CKA course by Mumshad Mannambeth on Udemy is more than enough
Hi May I know the Udemy course name?
@@arunelangovan2577 You can't register anymore for this course on Udemy.
@@arunelangovan2577 The course is not on Udemy anymore. At least you can't register for it anymore.
Passed my CKS exam yesterday thanks to this. Thanks for making this free.
This course is enough to clear CKS certification. Thank you so much and more power to creator.
Thank you Kim, it's a very good course covering many details and use scenarios.I like the recap for every sections also the talks you recommended at the end of each section. You are my favorite instructor for K8S topic. Nice work and thank you for your sharing.
This was my main resource for the exam which I passed without much problem. Cheers Kim!
Just passed CKS exam thanks to you. Thank you for sharing this video.
Hi, I am writing my CKS next week. Any tips. How do I connect to you?>?
@@candlestickking113 You might also check the cks course by mumshad mannambeth. That one also helped a lot.
Thanks for this great course. Also a big thanks for creating and maintaining killer coda.
Amazing resource! Thank you for your effort and making this free for everyone.
This is an amazing gift from you to us Kim! Thank you very much.
Thanks for the video and killercoda, I passed my CKS exam yesterday 🙂
was this content sufficent or you used another source to study ? congratz btw.
This is absolutely must training even if you don’t want to attempt the certification exam. Thank you, Kim.
this touch on so much detail! even the linked resource are so good
This is quality content. I truly appreciate your efforts, very thorough video, I am not studying for this cert, but to learn about security in K8s and this is spot on.
Wonderful and organized course with a great explanation of contents. Hats off, Million Thanks, Kim
Vielen Dank, dass Sie es kostenlos zur Verfügung gestellt haben. Es erfordert ein großes Herz, Dinge kostenlos zur Verfügung zu stellen, wenn man sich viel Mühe gegeben hat, etwas zu schaffen.
Sir Do you have courses for CKA & CKAD ? Your content for CKS is awesome and top notch quality.
Thanks a lot for this amazing course. Very helpful resource!
Awesome content!!
Big thanks for all the effort on teaching and simplifying K8s content in such a good way!
Excellent explanation by Kim. Can you also do a similar training for CKA and CKAD?
This is great Kim! Thank you so much
SummaryThis video script introduces the “Killer Shell CKS Preparation Course” for the Certified Kubernetes Security Specialist. The course covers theory and practical hands-on challenges, taught by Kim, a certified Kubernetes trainer and developer. The script highlights the importance of security principles, Kubernetes security categories, and best practices for host operating system security, Kubernetes cluster security, and application security.
Highlights0:00-1:19 📝: Introduction to the Killer Shell CKS Preparation Course and the trainer, Kim1:20-1:42 📝: Overview of the CKS exam topics and teaching approach
1:43-3:41 📝: Setting up a Kubernetes cluster using Google Cloud or any other platform3:42-4:47 📝: General security principles, including defense in depth and least privilege
4:48-6:33 📝: Introduction to Kubernetes security categories: host operating system, Kubernetes cluster, and application security6:34-8:16 📝: Best practices for host operating system security, including reducing attack surface and using runtime security tools
8:17-9:58 📝: Best practices for Kubernetes cluster security, such as restricting access and enabling audit logging
9:59-12:05 📝: Best practices for application security, including the use of secrets and container hardeningKey Insights🧠 Kubernetes security requires following general security principles, such as defense in depth and least privilege, to create a layered defense system.🧠 Kubernetes security consists of three categories: host operating system security, Kubernetes cluster security, and application security.🧠 Host operating system security involves reducing the attack surface, keeping the system up to date, and using runtime security tools.🧠 Kubernetes cluster security requires securing components like the API server and etcd, implementing authentication and authorization, and enabling audit logging.🧠 Application security focuses on using secrets, role-based access control, container hardening, vulnerability scanning, and mtls for encrypted traffic.🧠 Google Cloud is used in the course for setting up the cluster, but the same setup can be done on any platform with two virtual machines.🧠 The course provides a comprehensive preparation for the CKS exam, covering all the necessary theory and practical hands-on challenges.
Very good work, thank you !
I have not start yet, but making this course free is insane!
Thank you so much for this course, i've learned a lot from it
4:02:00
JSON Query command to export certificates/ key from config.
kubectl config view --raw -o jsonpath='{.clusters[0].cluster.certificate-authority-data}' | base64 -d > ca
kubectl config view --raw -o jsonpath='{.users[0].user.client-certificate-data}' | base64 -d > crt
kubectl config view --raw -o jsonpath='{.users[0].user.client-key-data}' | base64 -d > key
Thank you. I Used your course on udemy . For me, it is best course for preparing CKS
This is an amazing course. Thank you
Hey Kim thanks a lot for the nice course!!
4:33:13 Looking good so far - kubelet log full of errors xD - just a normal day for a k8s admin
Thanks for bring it here
Do you think it would be possible to share pdf with slides just for the purpose of quick reference/repetition without scrolling through the video? Thank you a lot for a wonderful content. Great job.
excellent contribution!
Thank you so much kim!!!
Thanks this course!
Great Content Kim - Thanks
Amazing material!
The best CKS course by far, but did you skip over "pod security policies" ?
They were a big topic a few sections before
Thank you so much, HATS OFF!
Hey, where do you mention about TLS Ciphers?
Either I went too fast or it’s not mentioned. I was in for a surprise during the exam!
Hey, were you able to figure out how to remove a specific cipher from API server?
@@ramitsharma3773 Hey yes I was and thankfully I passed. I replied back to your comment 3 times already, not too sure why they're not appearing. Or is it just me?
Anyway I can send you the link on the docs as to where you can read more on it.
The flag is: -tls-cipher-suites
You can edit it on the kube-apiserver manifest file.
If you hit CTRL + F and type "--tls-cipher-suites", you can read more.
The value it expects is a string and that string will be a choice of the many TLS CIPHER SUITES and the requirement within the paper.
An interesting segment: Comma-separated list of cipher suites for the server. If omitted, the default Go cipher suites will be used.
Preferred values: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
I hope this comment stays lol, more importantly I hope you pass. All the best, tough cookie to crack but once cracked, man does it feel great!
I've collated a lot of content that'll be really handy for the paper. Feel free to use, re-use it and reshare.
Peace brother :)
@@saedf0 Congratulations on passing the exam, and many thanks for answering the above question. Can you please share your content, I will surely benefit from it. May I ask one last question: If given a docker file with a large no. of exports, how do we know which ports to keep and which to remove. Hope you can relate to the question.
This is my favourite course from Udemy.
For the new CKS exam coming in September, what are the topics not covered in this video?
video time: 6:20:00. I tried to create pod app with two container bash and ubuntu. It looks like pod is running even if proxy container doesn't have NET_ADMIN capabilities ADDED. But logs shows that it fails to run the iptable command since it doesn't have permission/root. I am using k8s v1.31. Any insight about this- why k get pod app doesnot shows ERROR.
Great course.
The exam has been updated the 12th of september.
Is the course still covering all topics needed to pass the exam?
Thanks
YES
Please upload a video for CKAD as well..
Thank you for your gift
Great brother❤
Does this course reflect latest changes that was introduced last week?
Cool Sir..hats off to you !!
Thank you.
It's great stuff. Awesooooooome!
Hi
Its excellent but It should be updated as per latest course curriculum.
Thanks
you are great man
Kim , please make ur course available on udemy again
Awesome 😍🤩🤩
Where do you recommend to find good questions and practices to pass it successfully?
thanks Kim
Thanks Kim 🤝
nginx ingress controller can be NodePort or Loadbalancer type? I thought it always creates a loadbalancer in front of the ingress service.
Connelly Orchard
you are the best
Hey I tried to install it on GCP 20.04 it works fine on both worker and master node however the join is not working so that i didn't do the lab part can you help me on this why
i just bought this course few weeks ago ...
Best!
What is the link for Udemy course? Thanks!
3:23:20 what keyboard shortcut did you use to delete the block of text?
press dd when in default mode in vim
I'm not able to create a GCP account with an Indian Visa debit card(as Autodebit is disabled).
Is anyone else facing this problem?
Can we have a similar one for CKA? Most people start with that certification
he doesnt know cka, only cks
1151 Sam Vista
Bravo!! Thank you very much!!
Spinka Junction
Lewis Betty Taylor George Clark Daniel
Lit!
Marcelino Ranch
Monique Lake
Why did this course move out of the Udemy business and land on UA-cam? More profit via ads than through Udemy? Just asking out of curiosity.
Hernandez Susan Williams Mary Anderson Margaret
Funk Squares
Thomas Jennifer Harris Dorothy Brown Jason
Zemlak Mill
Dereck Creek
Smith Helen Lewis John Lee Anna
Karen Station
Thank you for making it public :)
Any chance for CKA/CKAD ones?
Just to share the issue while installing the gcloud cli on MAC:
Issue 1:
xxxx# gcloud
Zsh: command not found: gcloud
Resolution:
Look up the directory of the google-cloud-sdk
vi ~/.zshrc and append below line
export PATH="$PATH:/Users/xxxx/Downloads/google-cloud-sdk"
source ~/.zshrc
Verification:
gcloud
2537 Esther Street
who tf will watch 11 hours of tutorial? haha not me
I will , haha
Working through it will probably take 50+ hours. Which is a month if you have dun doing it and study 2 h a day.
I will lol, it's a good one this one
9823 Lind Street
logs for apiserver doesn't exist in /var/log/pods/ for k8s v1.29
where are they?
you can find them in /var/log/containers/
You are the best, thank you for the course
Can we have a similar one for CKA? Most people start with that certification
did you find one?