Here is a phased plan tailored for someone with Linux, networking, and security expertise to become CNCF ready:
Phase 1: Foundations (2–4 weeks)#
- Take the free Introduction to Kubernetes (LFS158) for Kubernetes fundamentals.
- Earn the KCNA (Kubernetes and Cloud Native Associate) certification to validate foundational knowledge.
Phase 2: Core Administration (4–8 weeks)#
- Complete Kubernetes Fundamentals (LFS258) for hands-on preparation.
- Earn the CKA (Certified Kubernetes Administrator) — the most important certification.
Phase 3: Security Focus (4–6 weeks)#
- Take Kubernetes Security Essentials (LFS260), covering RBAC, network policies, admission control, and secrets management.
- Earn the CKS (Certified Kubernetes Security Specialist) — requires passing CKA first.
Key security-focused CNCF projects to learn:
- Falco — runtime threat detection
- OPA / Kyverno — policy as code
- SPIFFE/SPIRE — workload identity and mTLS
- Cilium — eBPF-powered CNI (ideal for networking backgrounds)
Phase 4: Networking Deep Dive#
- Kubernetes for Network Engineers (LFS215) — CNI plugins and troubleshooting
- Introduction to Service Mesh with Linkerd (LFS143)
Recommended Certification Order#
KCNA → CKA → CKS → then specialize (e.g., PCA for Prometheus, CGOA for GitOps, etc.)
Earning all five core certifications qualifies you for the Kubestronaut recognition.
Community Engagement#
- Join CNCF Slack, especially the
#tag-securitychannel. - Visit contribute.cncf.io for contributor onboarding.
- Explore the CNCF Landscape to understand the broader ecosystem.
