KCNA Exam Prep
KCNA Exam Glossary - 40 Terms
Search the terminology pack for Kubernetes and Cloud Native Associate. Use these definitions with the study guide and practice questions.
A
- Application Delivery
- The cloud-native practice of deploying, managing, and operating applications reliably in production.
B
- Blue/Green Deployment
- A deployment strategy using two environments so traffic can be switched from the current version to a new version with minimal downtime.
C
- ClusterIP
- The default Kubernetes Service type that exposes a service internally within the cluster.
- ClusterRole
- A Kubernetes RBAC object that defines permissions at the cluster scope or across namespaces.
- ClusterRoleBinding
- A Kubernetes object that grants the permissions of a ClusterRole to subjects across the cluster.
- CNCF
- The Cloud Native Computing Foundation, the organization that hosts Kubernetes and supports the cloud native ecosystem.
- CNI
- Container Network Interface, a standard for configuring container networking in Kubernetes.
- CNI Plugin
- A networking plugin that implements the CNI standard to provide pod IP assignment and network connectivity.
- ConfigMap
- A Kubernetes object used to store non-sensitive configuration data as key-value pairs.
- CRI
- Container Runtime Interface, the standard API used by kubelet to communicate with container runtimes.
D
- DaemonSet
- A Kubernetes controller that ensures a pod runs on every node, or on a selected subset of nodes.
- Deployment
- A Kubernetes workload resource that manages ReplicaSets and maintains the desired number of pod replicas.
E
- Errors
- A measure of failed requests or operations in a system.
F
- Fluentd
- A CNCF logging project used to collect, process, and forward logs in cloud-native environments.
G
- GitOps
- An operational model where the desired state of applications and infrastructure is stored declaratively in Git and reconciled automatically.
- Golden Signals
- The four key service health metrics: latency, traffic, errors, and saturation.
- Graduated Project
- A CNCF project maturity level indicating strong stability, governance, adoption, and production readiness.
I
- Ingress
- A Kubernetes API object used to manage external access to services, typically HTTP and HTTPS routing.
- Ingress Controller
- A controller that watches Ingress resources and routes external HTTP/HTTPS traffic to the appropriate services inside a Kubernetes cluster.
J
- Jaeger
- A CNCF distributed tracing system used to trace requests across microservices and visualize request flows.
K
- Kubelet
- The Kubernetes node agent that runs on each node and ensures containers are running as defined by pod specifications.
L
- Latency
- A measure of how long it takes for a system to respond to a request.
- LoadBalancer
- A Kubernetes Service type that exposes a service externally through a cloud provider load balancer.
N
- Namespace
- A Kubernetes mechanism for logically isolating resources within a cluster.
- NodePort
- A Kubernetes Service type that exposes a service on a static port on each node.
O
- Observability
- The practice of understanding system behavior through telemetry such as metrics, logs, and traces.
- OCI Image Spec
- A specification that defines the standard format for container images.
- OCI Runtime Spec
- A specification that defines how to run a container filesystem bundle as a container.
- Open Container Initiative
- An open governance body that defines standards for container formats and runtimes.
- Open Standards
- Shared specifications that enable interoperability between tools, platforms, and vendors.
R
- RBAC
- Role-Based Access Control, a Kubernetes authorization model that controls permissions using roles and bindings.
- ReplicaSet
- A Kubernetes controller that ensures a specified number of identical pod replicas are running.
- Role
- A Kubernetes RBAC object that defines permissions within a specific namespace.
- RoleBinding
- A Kubernetes object that grants the permissions of a Role or ClusterRole to users, groups, or service accounts within a namespace.
S
- Saturation
- A measure of how full or constrained a system resource is, indicating capacity pressure.
- Secret
- A Kubernetes object for storing sensitive information such as passwords, tokens, and keys.
- Service
- A Kubernetes abstraction that exposes a set of pods as a network service.
- Service Mesh
- An infrastructure layer for managing service-to-service communication with features like security, traffic control, and observability.
- ServiceAccount
- A Kubernetes identity used by pods and workloads to interact with the API server.
T
- Traffic
- A measure of the demand placed on a system, such as requests per second.
About These Definitions
These definitions are loaded from the shared release pack. Use them with the study guide and practice questions to connect vocabulary to exam scenarios.