Hello, I'm Jeongwoo, a security platform engineer at LY Corporation.
I am responsible for developing and maintaining Athenz, an open-source project that serves as the core of access control within our company's private cloud environment. Co-developed by Yahoo Inc. in the United States and LY Corporation, Athenz is officially recognized as a Cloud Native Computing Foundation (CNCF) Sandbox project. In a complex Kubernetes ecosystem where countless microservices are running, Athenz solves the critical question: "Who can access which service, and with what permissions?" You can think of it as the dependable gatekeeper of our systems.
While Athenz is my main day-to-day focus, I want to switch gears a bit for today's post. I'm here to talk about my recent journey of becoming a Kubestronaut — a title awarded to those who have successfully completed five specific certifications that I will introduce to you in the next section.
Here is the story of why an engineer dedicated to Athenz decided to pursue the path of a Kubernetes expert and aim for the Kubestronaut title.
What exactly is a Kubestronaut?
Before diving in, let me briefly explain what a Kubestronaut actually is, as it might be the part you're most curious about.
Simply put, a Kubestronaut is a title akin to being a "seasoned navigator of Kubernetes". This title is awarded by the CNCF, a core organization under the Linux Foundation that hosts many of the open-source projects forming the backbone of today's cloud-native technology, including Kubernetes and Prometheus.
To earn this title, you must obtain a total of five certifications:
- Certified Kubernetes Administrator (CKA)
- Certified Kubernetes Application Developer (CKAD)
- Certified Kubernetes Security Specialist (CKS)
- Kubernetes and Cloud Native Security Associate (KCSA)
- Kubernetes and Cloud Native Associate (KCNA)
What makes this particularly important is that the CKA, CKAD, and CKS are not your typical multiple-choice exams. They are practical, hands-on, performance-based exams where you must solve problems in a live terminal environment. Clearing these tasks within a strict time limit under conditions mirroring real-world production serves as global proof that you possess a high level of expertise and practical skills in Kubernetes administration, development, and security.
The official CNCF website maintains a roster of certified individuals, and having your name listed alongside top engineers from around the world is a great honor.
So, why did an Athenz engineer decide to embark on this challenging but rewarding journey? This is where my story begins.
From necessity to expertise: my Kubestronaut journey
Where it all began: CKAD
If I'm being honest, I didn't start with the grand ambition of becoming a Kubestronaut. My journey kicked off out of necessity when I was tasked with the development and operation of deploying Athenz on our internal Kubernetes as a Service (KaaS) platform. I had always been interested in Kubernetes, but I also found its scale and complexity somewhat intimidating. However, once it became my responsibility, mere curiosity wasn't going to cut it. It became a required step to effectively do my job.
I have always enjoyed studying languages and made it a habit to acquire one new certification every year. Having achieved a TOEIC score of 965, HSK levels four and five in Chinese, and JLPT N2 and N1 in Japanese, I knew the satisfaction that comes from systematic learning. So, I made a decision: "If I need to learn this, let's learn it deeply and properly." With that mindset, I set the CKAD as my very first goal.
There was a clear reason why I chose CKAD first among the various Kubernetes certs. My role was to deliver the "application" known as Athenz stably and efficiently on Kubernetes. Therefore, I needed to thoroughly understand Kubernetes from an application developer's perspective.
The CKAD is a practical, hands-on exam that tests your ability to identify and resolve issues within a strict timeframe. This means speed is just as important as accuracy. Through my exam prep, my ability to quickly assess situations and respond to issues in my actual work noticeably improved. This fast-paced problem-solving aligned well with my natural working style, giving me a strong sense of satisfaction.
For about four months, I studied every single weekday morning before work — even if I only had five minutes to spare — and for at least an hour on weekends. On the weekend right before the exam, I spent over 12 hours straight at my desk. Practicing on killer.sh — which simulates the exam environment but with harder questions — was highly effective.
Broadening horizons: the next step, CKA
Through the CKAD, I built a solid foundation in Kubernetes from an application standpoint. However, my role demanded more. Given the infrastructure scale at LY Corporation, managing multiple clusters simultaneously is the norm, and there were times I had to dive into manifests managed by other teams. I needed a broader perspective and deeper knowledge. So, moving on to the CKA felt like a natural next step.
While CKAD focuses on application-level troubleshooting, CKA is about diagnosing and fixing issues within the Kubernetes cluster itself where those applications run. Studying for the CKA taught me that Kubernetes isn't running on magic; it’s a highly complex and well-architected system where numerous components interact organically. I was genuinely impressed by how it manages to orchestrate so many microservices. I learned a vital architectural lesson: when designing large systems, keeping responsibilities clear and simple allows the entire system to function smoothly. This insight has been very beneficial in my subsequent design work.
The final hurdle: CKS
Since my core expertise lies in security, the final piece of the puzzle naturally had to be the CKS. Securing the CKS allowed me to complete the full picture, covering development, operations, and security.
The CKS is also a practical exam focused on resolving assigned security challenges, and it is known as the most difficult step on the path to becoming a Kubestronaut. There is a saying: "A system's security is only as strong as its weakest link." Knowing that I had to be responsible not only for the stability of Athenz but also for the security of the underlying Kubernetes clusters it runs on, preparing for the CKS was a necessary step for me. Despite its high difficulty, the preparation process equipped me with practical cluster hardening techniques, including Kubernetes security best practices, vulnerability analysis, and network policy configuration.
As for the remaining KCSA and KCNA, having already proven my skills by passing the three high-difficulty exams, I found them relatively smooth to navigate. I spent about a month preparing for each before adding them to my list.
Proof of growth: what I gained as a Kubestronaut
I finally acquired all five certifications and was officially listed as a Kubestronaut on the CNCF website. To my knowledge, I am the first person in our company to achieve this. But what I gained through this process goes beyond just the title itself.
The most significant takeaway was a deeper understanding of open-source governance. I got a closer look at how a large project like Kubernetes grows alongside numerous contributors through special interest groups (SIGs) and structured PR rules. This gave me valuable insight into how tech communities function, providing inspiration for the strategies our team is crafting to graduate the Athenz project from the sandbox to the incubating stage.
This growth is already showing its value. I am currently involved in a project to deploy Athenz in a bare metal as a service environment, and the architectural understanding I cultivated during my certification studies helped me design a more stable and efficient structure and effectively communicate it to my team.
My study philosophy: "Slow and steady wins the race"
There's a proverb I like: "Slow and steady wins the race." Life is a marathon, not a sprint, and I believe the key is to keep moving forward consistently.
My personal routine involves waking up every morning at 4:30 a.m. (sometimes 3:00 a.m.), working out, making at least one commit on GitHub, and dedicating time to IT studies, even if it's just a single minute on my busiest days. This is no longer a conscious effort; it has become a daily habit. Getting a certification requires time and effort, but if you study consistently every day, you'll eventually find yourself ready for the exam. Why not start by dedicating just one minute a day to learning something new?
An environment that empowers growth
Of course, I didn't achieve all this just through my own effort. Without the support and culture of my company, the process would have been much harder. At LY Corporation, we have systems like Udemy Business, allowing us to take the latest tech courses, and a hybrid work environment that lets me convert commuting time into study time. Depending on your specific department within LY Corporation, there are programs that cover the costs of acquiring, certifying, and renewing these credentials. My department, for instance, heavily supports security-related certifications, with funding provided for specific exams.
While managing services used by many users across Japan carries significant responsibility, the process of solving problems alongside talented colleagues is enjoyable. Thanks to this supportive environment, I can manage my stress levels well while investing in myself — meaning I can use my weekends productively to focus on the learning I need.
Most importantly, our team doesn't just passively execute tasks. We value understanding the entire system architecture, sharing a common vision, and driving development forward together. When we encounter a problem, discussing and finding the answer with great teammates is a strong source of motivation for me.
To the people who built this culture, and to the colleagues who contribute to it every day, I am always grateful.
Conclusion
What began out of pure necessity has now made Kubernetes one of my favorite technologies. If you are reading this and considering the path of a Kubernetes expert, I encourage you to try it. The knowledge you gain along the way offers more value than just knowing a specific tool. The broader perspective it provides will help you grow as an engineer.
Using this experience, I plan to continue contributing to the design and improvement of more advanced architectures. If you are an engineer who enjoys pursuing technical depth and growing alongside your colleagues, you'll find a great home here at LY Corporation.
Thank you for reading to the end.
