Janam Writes

Kubernetes in Your Pocket- The Ultimate Kubectl Cheatsheet

This post provides a handy reference cheatsheet of the most useful kubectl commands for managing Kubernetes clusters and deployments. It covers kubectl syntax to view cluster info, deploy pods and services, manage deployments, scale replicas, and access running containers and logs. Simplify Kubernetes with this essential kubectl command cheatsheet.

Kubernetes Cheatsheet: Useful kubectl Commands

Kubernetes has become the most popular container orchestration platform, managing containers at scale on clusters of hosts. The kubectl command line tool lets you control Kubernetes clusters and deploy and manage applications on them.

Here is a handy Kubernetes and kubectl cheatsheet reference of the most common and useful commands for managing Kubernetes clusters, pods, deployments, and more.

Table of Contents

1.1 Common Commands

NameCommand
Run curl test temporarilykubectl run --generator=run-pod/v1 --rm mytest --image=yauritux/busybox-curl -it
Run wget test temporarilykubectl run --generator=run-pod/v1 --rm mytest --image=busybox -it wget
Run nginx deployment with 2 replicaskubectl run my-nginx --image=nginx --replicas=2 --port=80
Run nginx pod and expose itkubectl run my-nginx --restart=Never --image=nginx --port=80 --expose
Run nginx deployment and expose itkubectl run my-nginx --image=nginx --port=80 --expose
List authenticated contextskubectl config get-contexts, ~/.kube/config
Set namespace preferencekubectl config set-context <context_name> --namespace=<ns_name>
List pods with nodes infokubectl get pod -o wide
List everythingkubectl get all --all-namespaces
Get all serviceskubectl get service --all-namespaces
Get all deploymentskubectl get deployments --all-namespaces
Show nodes with labelskubectl get nodes --show-labels
Get resources with json outputkubectl get pods --all-namespaces -o json
Validate yaml file with dry runkubectl create --dry-run --validate -f pod-dummy.yaml
Start a temporary pod for testingkubectl run --rm -i -t --image=alpine test-$RANDOM -- sh
kubectl run shell commandkubectl exec -it mytest -- ls -l /etc/hosts
Get system conf via configmapkubectl -n kube-system get cm kubeadm-config -o yaml
Get deployment yamlkubectl -n denny-websites get deployment mysql -o yaml
Explain resourcekubectl explain pods, kubectl explain svc
Watch podskubectl get pods -n wordpress --watch
Query healthcheck endpointcurl -L http://127.0.0.1:10250/healthz
Open a bash terminal in a podkubectl exec -it storage sh
Check pod environment variableskubectl exec redis-master-ft9ex env
Enable kubectl shell autocompletionecho "source <(kubectl completion bash)" >>~/.bashrc, and reload
Use minikube dockerd in your laptopeval $(minikube docker-env), No need to push docker hub anymore
Kubectl apply a folder of yaml fileskubectl apply -R -f .
Get services sorted by namekubectl get services --sort-by=.metadata.name
Get pods sorted by restart countkubectl get pods --sort-by='.status.containerStatuses[0].restartCount'
List pods and imageskubectl get pods -o='custom-columns=PODS:.metadata.name,Images:.spec.containers[*].image'
List all container imageslist-all-images.sh
kubeconfig skip tls verificationskip-tls-verify.md
Ubuntu install kubectl="deb https://apt.kubernetes.io/ kubernetes-xenial main"=
ReferenceGitHub: kubernetes releases

1.2 Check Performance

NameCommand
Get node resource usagekubectl top node
Get pod resource usagekubectl top pod
Get resource usage for a given podkubectl top <podname> --containers
List resource utilization for all containerskubectl top pod --all-namespaces --containers=true

1.3 Resources Deletion

NameCommand
Delete podkubectl delete pod/<pod-name> -n <my-namespace>
Delete pod by forcekubectl delete pod/<pod-name> --grace-period=0 --force
Delete pods by labelskubectl delete pod -l env=test
Delete deployments by labelskubectl delete deployment -l app=wordpress
Delete all resources filtered by labelskubectl delete pods,services -l name=myLabel
Delete resources under a namespacekubectl -n my-ns delete po,svc --all
Delete persist volumes by labelskubectl delete pvc -l app=wordpress
Delete statefulset only (not pods)kubectl delete sts/<stateful_set_name> --cascade=false

1.4 Log & Conf Files

NameComment
Config folder/etc/kubernetes/
Certificate files/etc/kubernetes/pki/
Credentials to API server/etc/kubernetes/kubelet.conf
Superuser credentials/etc/kubernetes/admin.conf
kubectl config file~/.kube/config
Kubernetes working dir/var/lib/kubelet/
Docker working dir/var/lib/docker/, /var/log/containers/
Etcd working dir/var/lib/etcd/
Network cni/etc/cni/net.d/
Log files/var/log/pods/
log in worker node/var/log/kubelet.log, /var/log/kube-proxy.log
log in master nodekube-apiserver.log, kube-scheduler.log, kube-controller-manager.log
Env/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
Envexport KUBECONFIG=/etc/kubernetes/admin.conf

1.5 Pod

NameCommand
List all podskubectl get pods
List pods for all namespacekubectl get pods --all-namespaces
List all critical podskubectl get -n kube-system pods -a
List pods with more infokubectl get pod -o wide, kubectl get pod/<pod-name> -o yaml
Get pod infokubectl describe pod/srv-mysql-server
List all pods with labelskubectl get pods --show-labels
List all unhealthy podskubectl get pods --field-selector=status.phase!=Running --all-namespaces
List running podskubectl get pods --field-selector=status.phase=Running
Get Pod initContainer statuskubectl get pod --template '{{.status.initContainerStatuses}}' <pod-name>
kubectl run commandkubectl exec -it -n “$ns” “$podname” – sh -c “echo $msg >>/dev/err.log”
Watch podskubectl get pods -n wordpress --watch
Get pod by selectorkubectl get pods --selector=”app=syslog” -o jsonpath='{.items[*].metadata.name}'
List pods and imageskubectl get pods -o='custom-columns=PODS:.metadata.name,Images:.spec.containers[*].image'
List pods and containers-o='custom-columns=PODS:.metadata.name,CONTAINERS:.spec.containers[*].name'
ReferenceLink: kubernetes yaml templates

1.6 Label & Annotation

NameCommand
Filter pods by labelkubectl get pods -l owner=denny
Manually add label to a podkubectl label pods dummy-input owner=denny
Remove labelkubectl label pods dummy-input owner-
Manually add annotation to a podkubectl annotate pods dummy-input my-url=https://janamk.com.np

1.7 Deployment & Scale

NameCommand
Scale outkubectl scale --replicas=3 deployment/nginx-app
Online rolling upgradekubectl rollout app-v1 app-v2 --image=img:v2
Roll backupkubectl rollout app-v1 app-v2 --rollback
List rolloutkubectl get rs
Check update statuskubectl rollout status deployment/nginx-app
Check update historykubectl rollout history deployment/nginx-app
Pause/Resumekubectl rollout pause deployment/nginx-deployment, resume
Rollback to previous versionkubectl rollout undo deployment/nginx-deployment
ReferenceLink: kubernetes yaml templates, Link: Pausing and Resuming a Deployment

1.8 Quota & Limits & Resource

NameCommand
List Resource Quotakubectl get resourcequota
List Limit Rangekubectl get limitrange
Customize resource definitionkubectl set resources deployment nginx -c=nginx --limits=cpu=200m
Customize resource definitionkubectl set resources deployment nginx -c=nginx --limits=memory=512Mi
ReferenceLink: kubernetes yaml templates

1.9 Service

NameCommand
List all serviceskubectl get services
List service endpointskubectl get endpoints
Get service detailkubectl get service nginx-service -o yaml
Get service cluster ipkubectl get service nginx-service -o go-template='{{.spec.clusterIP}}'
Get service cluster portkubectl get service nginx-service -o go-template='{{(index .spec.ports 0).port}}'
Expose deployment as lb servicekubectl expose deployment/my-app --type=LoadBalancer --name=my-service
Expose service as lb servicekubectl expose service/wordpress-1-svc --type=LoadBalancer --name=ns1
ReferenceLink: kubernetes yaml templates

1.10 Secrets

NameCommand
List secretskubectl get secrets --all-namespaces
Generate secretecho -n 'mypasswd', then redirect to base64 --decode
Get secretkubectl get secret denny-cluster-kubeconfig
Get a specific field of a secretkubectl get secret denny-cluster-kubeconfig -o jsonpath="{.data.value}"
Create secret from cfg filekubectl create secret generic db-user-pass --from-file=./username.txt
ReferenceLink: kubernetes yaml templates, Link: Secrets

1.11 StatefulSet

NameCommand
List statefulsetkubectl get sts
Delete statefulset only (not pods)kubectl delete sts/<stateful_set_name> --cascade=false
Scale statefulsetkubectl scale sts/<stateful_set_name> --replicas=5
ReferenceLink: kubernetes yaml templates

1.12 Volumes & Volume Claims

NameCommand
List storage classkubectl get storageclass
Check the mounted volumeskubectl exec storage ls /data
Check persist volumekubectl describe pv/pv0001
Copy local file to podkubectl cp /tmp/my <some-namespace>/<some-pod>:/tmp/server
Copy pod file to localkubectl cp <some-namespace>/<some-pod>:/tmp/server /tmp/my
ReferenceLink: kubernetes yaml templates

1.13 Events & Metrics

NameCommand
View all eventskubectl get events --all-namespaces
List Events sorted by timestampkubectl get events --sort-by=.metadata.creationTimestamp

1.14 Node Maintenance

NameCommand
Mark node as unschedulablekubectl cordon $NODE_NAME
Mark node as schedulablekubectl uncordon $NODE_NAME
Drain node in preparation for maintenancekubectl drain $NODE_NAME

1.15 Namespace & Security

NameCommand
List authenticated contextskubectl config get-contexts, ~/.kube/config
Set namespace preferencekubectl config set-context <context_name> --namespace=<ns_name>
Switch contextkubectl config use-context <context_name>
Load context from config filekubectl get cs --kubeconfig kube_config.yml
Delete the specified contextkubectl config delete-context <context_name>
List all namespaces definedkubectl get namespaces
List certificateskubectl get csr
Check user privilegekubectl --as=system:serviceaccount:ns-denny:test-privileged-sa -n ns-denny auth can-i use pods/list
Check user privilegekubectl auth can-i use pods/list
ReferenceLink: kubernetes yaml templates

1.16 Network

NameCommand
Temporarily add a port-forwardingkubectl port-forward redis-134 6379:6379
Add port-forwarding for deploymentkubectl port-forward deployment/redis-master 6379:6379
Add port-forwarding for replicasetkubectl port-forward rs/redis-master 6379:6379
Add port-forwarding for servicekubectl port-forward svc/redis-master 6379:6379
Get network policykubectl get NetworkPolicy
Get ingress controllerkubectl get ingress
Get ingress classeskubectl get ingressclasses

1.17 Patch

NameSummary
Patch service to loadbalancerkubectl patch svc $svc_name -p ‘{“spec”: {“type”: “LoadBalancer”}}’

1.18 Extensions

NameSummary
Enumerates the resource types availablekubectl api-resources
List api groupkubectl api-versions
List all CRDkubectl get crd
List storageclasskubectl get storageclass

1.19 Components & Services

1.19.1 Services on Master Nodes

NameSummary
kube-apiserverAPI gateway. Exposes the Kubernetes API from master nodes
etcdReliable data store for all k8s cluster data
kube-schedulerSchedule pods to run on selected nodes
kube-controller-managerReconcile the states. Node/replication/endpoints/token controller and service account, etc
cloud-controller-manager

1.19.2 Services on Worker Nodes

NameSummary
kubeletA node agent makes sure that containers are running in a pod
kube-proxyManage network connectivity to the containers. e.g, iptable, ipvs
Container RuntimeKubernetes supported runtimes: dockerd, cri-o, runc and any OCI runtime-spec implementation.

1.19.3 Addons

NameSummary
DNSServes DNS records for Kubernetes services
Web UIA general purpose, web-based UI for Kubernetes clusters
Container Resource MonitoringCollect, store, and serve container metrics
Cluster-level LoggingSave container logs to a central log store with search/browsing interface

1.19.4 Tools

NameSummary
kubectlThe command-line util to talk to k8s cluster
kubeadmThe command to bootstrap the cluster
kubefedThe command line to control a Kubernetes Cluster Federation

All rights reserved. Janam Khatiwada