kubectl Cheatsheet

Name

Command

Run curl test temporarily

kubectl run --rm mytest --image=yauritux/busybox-curl -it

Run wget test temporarily

kubectl run --rm mytest --image=busybox -it

Run nginx deployment with 2 replicas

kubectl run my-nginx --image=nginx --replicas=2 --port=80

Run nginx pod and expose it

kubectl run my-nginx --restart=Never --image=nginx --port=80 --expose

Run nginx deployment and expose it

kubectl run my-nginx --image=nginx --port=80 --expose

Set namespace preference

kubectl config set-context --namespace=

List pods with nodes info

kubectl get pod -o wide

List everything

kubectl get all --all-namespaces

Get all services

kubectl get service --all-namespaces

Get all deployments

kubectl get deployments --all-namespaces

Show nodes with labels

kubectl get nodes --show-labels

Get resources with json output

kubectl get pods --all-namespaces -o json

Validate yaml file with dry run

kubectl create --dry-run --validate -f pod-dummy.yaml

Start a temporary pod for testing

kubectl run --rm -i -t --image=alpine test-$RANDOM -- sh

kubectl run shell command

kubectl exec -it mytest -- ls -l /etc/hosts

Get system conf via configmap

kubectl -n kube-system get cm kubeadm-config -o yaml

Get deployment yaml

kubectl -n denny-websites get deployment mysql -o yaml

Explain resource

kubectl explain pods, kubectl explain svc

Watch pods

kubectl get pods -n wordpress --watch

Query healthcheck endpoint

curl -L http://127.0.0.1:10250/healthz

Open a bash terminal in a pod

kubectl exec -it storage sh

Check pod environment variables

kubectl exec redis-master-ft9ex env

Enable kubectl shell autocompletion

echo "source <(kubectl completion bash)" >>~/.bashrc, and reload

Use minikube dockerd in your laptop

eval $(minikube docker-env), No need to push docker hub any more

Kubectl apply a folder of yaml files

kubectl apply -R -f .

Get services sorted by name

kubectl get services –sort-by=.metadata.name

Get pods sorted by restart count

kubectl get pods –sort-by=’.status.containerStatuses[0].restartCount’

List pods and images

kubectl get pods -o=’custom-columns=PODS:.metadata.name,Images:.spec.containers[*].image’

List all container images

kubeconfig skip tls verification

Reference

Reference

Name

Command

Get node resource usage

kubectl top node

Get pod resource usage

kubectl top pod

Get resource usage for a given pod

kubectl top --containers

List resource utilization for all containers

kubectl top pod --all-namespaces --containers=true

Name

Command

Delete pod

kubectl delete pod/ -n

Delete pod by force

kubectl delete pod/ --grace-period=0 --force

Delete pods by labels

kubectl delete pod -l env=test

Delete deployments by labels

kubectl delete deployment -l app=wordpress

Delete all resources filtered by labels

kubectl delete pods,services -l name=myLabel

Delete resources under a namespace

kubectl -n my-ns delete po,svc --all

Delete persist volumes by labels

kubectl delete pvc -l app=wordpress

Delete state fulset only (not pods)

kubectl delete sts/ --cascade=false

Name

Comment

Config folder

/etc/kubernetes/

Certificate files

/etc/kubernetes/pki/

Credentials to API server

/etc/kubernetes/kubelet.conf

Superuser credentials

/etc/kubernetes/admin.conf

kubectl config file

~/.kube/config

Kubernets working dir

/var/lib/kubelet/

Docker working dir

/var/lib/docker/, /var/log/containers/

Etcd working dir

/var/lib/etcd/

Network cni

/etc/cni/net.d/

Log files

/var/log/pods/

log in worker node

/var/log/kubelet.log, /var/log/kube-proxy.log

log in master node

kube-apiserver.log, kube-scheduler.log, kube-controller-manager.log

Env

/etc/systemd/system/kubelet.service.d/10-kubeadm.conf

Env

export KUBECONFIG=/etc/kubernetes/admin.conf

Name

Command

List all pods

kubectl get pods

List pods for all namespace

kubectl get pods -all-namespaces

List all critical pods

kubectl get -n kube-system pods -a

List pods with more info

kubectl get pod -o wide, kubectl get pod/ -o yaml

Get pod info

kubectl describe pod/srv-mysql-server

List all pods with labels

kubectl get pods --show-labels

kubectl get pods –field-selector=status.phase!=Running –all-namespaces

List running pods

kubectl get pods –field-selector=status.phase=Running

Get Pod initContainer status

kubectl get pod --template '{{.status.initContainerStatuses}}'

kubectl run command

kubectl exec -it -n “$ns” “$podname” – sh -c “echo $msg >>/dev/err.log”

Watch pods

kubectl get pods -n wordpress --watch

Get pod by selector

kubectl get pods –selector=”app=syslog” -o jsonpath=’{.items[*].metadata.name}’

List pods and images

kubectl get pods -o=’custom-columns=PODS:.metadata.name,Images:.spec.containers[*].image’

List pods and containers

-o=’custom-columns=PODS:.metadata.name,CONTAINERS:.spec.containers[*].name’

Reference

Name

Command

Filter pods by label

kubectl get pods -l owner=denny

Manually add label to a pod

kubectl label pods dummy-input owner=denny

Remove label

kubectl label pods dummy-input owner-

Manually add annonation to a pod

kubectl annotate pods dummy-input my-url=https://dennyzhang.com

Name

Command

Scale out

kubectl scale --replicas=3 deployment/nginx-app

online rolling upgrade

kubectl rollout app-v1 app-v2 --image=img:v2

Roll backup

kubectl rollout app-v1 app-v2 --rollback

List rollout

kubectl get rs

Check update status

kubectl rollout status deployment/nginx-app

Check update history

kubectl rollout history deployment/nginx-app

Pause/Resume

kubectl rollout pause deployment/nginx-deployment, resume

Rollback to previous version

kubectl rollout undo deployment/nginx-deployment

Reference

Name

Command

List Resource Quota

kubectl get resourcequota

List Limit Range

kubectl get limitrange

Customize resource definition

kubectl set resources deployment nginx -c=nginx --limits=cpu=200m

Customize resource definition

kubectl set resources deployment nginx -c=nginx --limits=memory=512Mi

Reference

Name

Command

List all services

kubectl get services

List service endpoints

kubectl get endpoints

Get service detail

kubectl get service nginx-service -o yaml

Get service cluster ip

kubectl get service nginx-service -o go-template=’’

Get service cluster port

kubectl get service nginx-service -o go-template=’’

Expose deployment as lb service

kubectl expose deployment/my-app --type=LoadBalancer --name=my-service

Expose service as lb service

kubectl expose service/wordpress-1-svc --type=LoadBalancer --name=ns1

Reference

Name

Command

List secrets

kubectl get secrets --all-namespaces

Generate secret

echo -n 'mypasswd'=, then redirect to =base64 --decode

Get secret

kubectl get secret denny-cluster-kubeconfig

Get a specific field of a secret

kubectl get secret denny-cluster-kubeconfig -o jsonpath=”{.data.value}”

Create secret from cfg file

kubectl create secret generic db-user-pass –from-file=./username.txt

Reference

Name

Command

List statefulset

kubectl get sts

Delete statefulset only (not pods)

kubectl delete sts/ --cascade=false

Scale statefulset

kubectl scale sts/ --replicas=5

Reference

Name

Command

List storage class

kubectl get storageclass

Check the mounted volumes

kubectl exec storage ls /data

Check persist volume

kubectl describe pv/pv0001

Copy local file to pod

kubectl cp /tmp/my /:/tmp/server

Copy pod file to local

kubectl cp /:/tmp/server /tmp/my

Reference

Name

Command

View all events

kubectl get events --all-namespaces

List Events sorted by timestamp

kubectl get events –sort-by=.metadata.creationTimestamp

Name

Command

Mark node as unschedulable

kubectl cordon $NDOE_NAME

Mark node as schedulable

kubectl uncordon $NDOE_NAME

Drain node in preparation for maintenance

kubectl drain $NODE_NAME

Name

Command

List authenticated contexts

kubectl config get-contexts, ~/.kube/config

Set namespace preference

kubectl config set-context --namespace=

Load context from config file

kubectl get cs --kubeconfig kube_config.yml

Switch context

kubectl config use-context

Delete the specified context

kubectl config delete-context

List all namespaces defined

kubectl get namespaces

List certificates

kubectl get csr

kubectl –as=system:serviceaccount:ns-denny:test-privileged-sa -n ns-denny auth can-i use pods/list

kubectl auth can-i use pods/list

Reference

Name

Command

Temporarily add a port-forwarding

kubectl port-forward redis-134 6379:6379

Add port-forwaring for deployment

kubectl port-forward deployment/redis-master 6379:6379

Add port-forwaring for replicaset

kubectl port-forward rs/redis-master 6379:6379

Add port-forwaring for service

kubectl port-forward svc/redis-master 6379:6379

Get network policy

kubectl get NetworkPolicy

Name

Summary

Patch service to loadbalancer

=kubectl patch svc $svc_name -p ‘{“spec”: {“type”: “LoadBalancer”}}’=

Name

Summary

Enumerates the resource types available

kubectl api-resources

List api group

kubectl api-versions

List all CRD

kubectl get crd

List storageclass

kubectl get storageclass

Name

Summary

exposes the Kubernetes API from master nodes

reliable data store for all k8s cluster data

schedule pods to run on selected nodes

node controller, replication controller, endpoints controller, and service account & token controllers

Name

Summary

makes sure that containers are running in a pod

perform connection forwarding

Name

Summary

DNS

serves DNS records for Kubernetes services

Web UI

a general purpose, web-based UI for Kubernetes clusters

Container Resource Monitoring

collect, store and serve container metrics

Cluster-level Logging

save container logs to a central log store with search/browsing interface

Name

Summary

the command line util to talk to k8s cluster

the command to bootstrap the cluster

the command line to control a Kubernetes Cluster Federation

Kubernetes Components