Wednesday, 22 December 2021

Kubectl Sheetcheat

 Pods

List all pods in namespace <default>

or

or

kubectl get pods

kubectl get pod

View a pod in watch mode

View all pods in watch mode

List sroted pods

List pods using a different output

Examples:

JSON output

or

or

Wide output:

Custom columns:

or

or

kubectl get po

kubectl get pod <pod> --watch

kubectl get pods -A --watch

kubectl get pods --sort-by='.status.containerStatuses[0].restartCount'

kubectl get pods -o <json|yaml|wide|custom-columns=...|custom-columnsfile=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=...>

kubectl get pods -o json

kubectl get pods -ojson

kubectl get pods -o=json

kubectl get pods -o wide

kubectl get pods -o custom-columns='DATA:spec.containers[*].image'

kubectl get pods -o custom-columns='DATA:spec.containers[*].volumeMounts'

kubectl get pods -o custom-columns='DATA:metadata.*'

Output format Description

-o=custom-columns=

<spec>

Print a table using a comma separated list of custom columns

-o=custom-columns-file=

<filename>

Print a table using the custom columns template in the

<filename> file

-o=json Output a JSON formatted API object

-o=jsonpath=<template> Print the fields defined in a jsonpath expression

-o=jsonpath-file=

<filename>

Print the fields defined by the jsonpath expression in the

<filename> file

-o=name Print only the resource name and nothing else

-o=wide

Output in the plain-text format with any additional

information, and for pods, the node name is included

-o=yaml Output a YAML formatted API object

Formatting output

To output details to your terminal window in a specific format, add the -o (or --output ) flag to a

supported kubectl command (source: K8s docs)

List all pods in a namespace

or

or

List all pods in all namespaces

or

Create from an image

kubectl get pods -n <namespace>

kubectl -n <namespace> get pods

kubectl --namespace <namespace> get pods

kubectl get pods --all-namespaces

kubectl get pods -A

kubectl run <pod> --generator=run-pod/v1 --image=<image>

In the following cheatsheet, we will be using images such as nginx or busybox.

Example:

Run pod in an interactive shell mode

Run a command after creating a pod

Executing a command in a running pod

Or pass stdin to the container in TTY mode:

Example:

Create a pod: dry run mode (without really creating it)

Patch a pod

Example:

Another example:

Create from a YAML file

kubectl run nginx --generator=run-pod/v1 --image=nginx

kubectl run busybox --generator=run-pod/v1 --image=busybox

kubectl run -i --tty nginx --image=nginx -- sh

kubectl run busybox --image=busybox -- sleep 100000

kubectl exec <pod> -- <command>

kubectl exec -it <pod> -- <command>

kubectl exec -it nginx -- ls -lrth /app/

kubectl run <pod> --generator=run-pod/v1 --image=nginx --dry-run

kubectl patch pod <pod> -p '<patch>'

kubectl patch pod <pod> -p '{"spec":{"containers":[{"name":"kubernetes-servehostname","image":"new image"}]}}'

kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path":

"/spec/containers/0/image", "value":"new image"}]'

Export YAML from the dry run mode

Create from STDIN

Create multiple resources from STDIN

Create in a namespace

Create in a namespace from a file

kubectl create -f pod.yaml

kubectl run nginx --generator=run-pod/v1 --image=nginx --dry-run -o yaml

cat <<EOF | kubectl create -f -

apiVersion: v1

kind: Pod

metadata:

name: nginx-pod

spec:

containers:

- name: nginx

image: nginx:latest

EOF

cat <<EOF | kubectl create -f -

apiVersion: v1

kind: Pod

metadata:

name: nginx-pod

spec:

containers:

- name: nginx

image: nginx:latest

---

apiVersion: v1

kind: Pod

metadata:

name: busybox

spec:

containers:

- name: busybox

image: busybox

args:

- sleep

- "100"

kubectl run nginx --generator=run-pod/v1 --image=nginx -n <namespace>

kubectl create -f pod.yaml -n <namespace>

Delete pods

or

If you create the pod from a file, you can also use:

To force deletion:

Get pod logs

or

Sometimes a pod contains more than 1 container. You need to filter the output to get logs for a

specific container(s)

To follow the logs output (tail -f):

If you need to output the logs for all pods with a label

Example:

You can also view logs in a multi container case with labels:

Or view all cotainers logs with a given label:

List all container id of init container of all pods

kubectl delete pod/<pod>

kubectl delete pod <pod>

kubectl delete -f pod.yaml

kubectl delete pod <pod> --grace-period=0 --force

kubectl logs <pod>

kubectl logs <pod> -c <container>

kubectl logs -f <pod>

kubectl logs -l <label_name>=<label_value>

kubectl logs -l env=prod

kubectl logs -l <label_name>=<label_value> -c <container>

kubectl logs -f -l <label_name>=<label_value> --all-containers

Show metrics for a given pod

Show metrics for a given pod and all its containers

Deployments

Create a deployment

or

Create a deployment with a predefined replica number

Create a deployment with a predefined replica number and

opening a port

Example:

Note: The default generator for kubectl run is --generator=deployment/apps.v1 .

Note: --generator=deployment/apps.v1 is deprecated and will be removed in future versions.

Use kubectl run --generator=run-pod/v1 or kubectl create instead.

Create a deployment with a predefined replica number,

opening a port and exposing it

Get a deployment

kubectl get pods --all-namespaces -o jsonpath='{range

.items[*].status.initContainerStatuses[*]}{.containerID}{"\n"}{end}' | cut -d/ -

f3

kubectl top pod <pod>

kubectl top pod <pod> --containers

kubectl run <deployment> --image=<image>

kubectl create deployment <deployment> --image=<image>

kubectl run <deployment> --image=<image> --replicas=<number>

kubectl run <deployment> --image=<image> --replicas=<replicas> --port=<port>

kubectl run nginx --image=nginx --replicas=2 --port=80

kubectl run nginx --image=nginx --replicas=2 --port=80 --expose

Watch a deployment

or

Or using a shorter version:

Or even the longer one:

List all deployments

Same as listing pods, you have multiple options from namespace to output formatters:

Update the image

Rolling update "nginx" containers of "nginx" deployment, updating the image:

Rolling update "api" containers of "backend" deployment, updating the image:

Scale a deployment

Note: You can use a shorter version:

kubectl get deploy <deployment>

kubectl get deployment <deployment> --watch

kubectl get deployment <deployment> -w

kubectl get deploy <deployment> -w

kubectl get deployments.apps <deployment> --watch

kubectl get deploy -n <namespace>

kubectl get deploy --all-namespaces

kubectl get deploy -A

kubectl get deploy -oyaml

kubectl get deploy -owide

kubectl set image deployment/nginx nginx=nginx:1.9.1

kubectl set image deployment/backend api=image:v2

kubectl scale --replicas=5 deployment/<deployment>

kubectl scale --replicas=5 deploy/<deployment>

Dry run and YAML output

Create a deployment from a file

Edit a deployment

Rollback deployment

After editing your deployment, you had an error, a solution can be rolling back to the old

deployment status:

Get rollout history

You can check the rollout history:

Example:

gives you:

Roll back to a previous revision

Using the information from the rollout history, we can get back our deployment to a given

revision:

Example:

kubectl run nginx --image=nginx --replicas=2 --port=80 --dry-run -o yaml

kubectl apply -f deployment.yaml

kubectl edit deployment/<deployment>

kubectl rollout undo deployment <deployment>

kubectl rollout history deployment <deployment>

kubectl rollout history deployment <deployment>

kubectl rollout history deployment nginx

REVISION CHANGE-CAUSE

2 kubectl set image deployment/nginx nginx=nginx:1.9.1 --record=true

3 <none>

kubectl rollout undo deployment <deployment> --to-revision=<revision>

kubectl rollout undo deployment nginx --to-revision=2

Execute deployment rollout operations

Port Forwarding

Choosing localhost port

Example:

Forward to localhost 8090 from pod 6379:

Listening on the same port

Example: Listen on ports 8000 and 9000 on localhost, forwarded from the same ports in the pod

(8000 and 9000)

Listen on a random port locally

Example:

Listen on port on localhost + another IP

Example:

Listen on a forwarded port on all addresses

kubectl rollout status deployment <deployment>

kubectl rollout pause deployment <deployment>

kubectl rollout resume deployment <deployment>

kubectl port-forward deployment <deployment> <locahost-port>:<deployment-port>

kubectl port-forward pod <pod> <locahost-port>:<pod-port>

kubectl port-forward redis 8090:6379

kubectl port-forward pod <pod> <port>

kubectl port-forward pod nginx 8000 9000

kubectl port-forward pod <pod> :<pod-port>

kubectl port-forward pod nginx :80

kubectl port-forward --address localhost,<IP.IP.IP.IP> pod <pod> <locahostport>:<pod-port>

kubectl port-forward --address localhost,10.10.10.1 pod redis 8090:6379

kubectl port-forward --address 0.0.0.0 pod <pod> <hosts-port>:<pod-port>

Services

Create a service

Examples:

You can use svc instead of service .

Delete service(s)

or

Describe a service

Nodes

Get node

Get a specific node

Show node metrics

Get external IPs of cluster nodes

kubectl create service <clusterip|externalname|loadbalancer|nodeport> <service>

[flags] [options]>

kubectl create service clusterip myclusterip --tcp=5678:8080

kubectl create service loadbalancer myloadbalancer --tcp=80

kubectl delete service myclusterip

kubectl delete service myloadbalancer

kubectl delete svc myclusterip

kubectl delete svc myloadbalancer

kubectl delete service myclusterip myloadbalancer

kubectl describe service <service>

kubectl get nodes

kubectl get nodes <node>

kubectl top node <node>

kubectl get nodes -o jsonpath='{.items[*].status.addresses[?

(@.type=="ExternalIP")].address}'

Describe commands with verbose output

Check which nodes are ready

Mark a node as unschedulable

Drain a node for maintenance

Mark a node as schedulable

Namespaces

List namespaces

or

List or describe a namespace

Create namespace

or

or

kubectl describe nodes <node>

JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}

{@.type}={@.status};{end}{end}' && kubectl get nodes -o jsonpath="$JSONPATH" |

grep "Ready=True"

kubectl cordon <node>

kubectl drain <node>

kubectl uncordon <node>

kubectl get namespaces

kubectl get ns

kubectl get namespace <namespace>

kubectl describe namespace <namespace>

kubectl create namespace <namespace>

kubectl create -f namespace.yaml

Delete namespace

or

Service accounts

List service accounts

or

Get a service account

or

or

or

Create a service account

Delete a service account

cat <<EOF | kubectl create -f -

apiVersion: v1

kind: Namespace

metadata:

name: mynamespace

EOF

kubectl delete namespace <namespace>

kubectl delete -f namespace.yaml

kubectl get serviceaccounts

kubectl get sa

kubectl get serviceaccount <serviceaccount>

kubectl get serviceaccounts <serviceaccount>

kubectl get sa <serviceaccount>

kubectl get sa/<serviceaccount>

kubectl create serviceaccount <serviceaccount>

or

Describe a service account

Events

List events

List sorted events

Example: Sorted by timestamp

List formatted events

Example:

Documentation

Get the documentation for pod manifests

Get the documentation for service manifests

Describing resources

kubectl delete serviceaccount <serviceaccount>

kubectl delete -f myserviceaccount.yaml

kubectl describe serviceaccount <serviceaccount>

kubectl get events -A

kubectl get events --sort-by=<JSONPath>

kubectl get events --sort-by=.metadata.creationTimestamp

kubectl get events -o <json|yaml|wide|custom-columns=...|custom-columnsfile=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=...>

kubectl get events -owide

kubectl explain pod

kubectl explain service

kubectl describe <resource> <reosurce_name>

Example:

or

Other possible resources you can use with describe :

kubectl describe pod busybox

kubectl describe nodes minikube

apiservices.apiregistration.k8s.io

certificatesigningrequests.certificates.k8s.io

clusterrolebindings.rbac.authorization.k8s.io

clusterroles.rbac.authorization.k8s.io

componentstatuses

configmaps

controllerrevisions.apps

cronjobs.batch

csidrivers.storage.k8s.io

csinodes.storage.k8s.io

customresourcedefinitions.apiextensions.k8s.io

daemonsets.apps

daemonsets.extensions

deployments.apps

deployments.extensions

endpoints

events

events.events.k8s.io

horizontalpodautoscalers.autoscaling

ingresses.extensions

ingresses.networking.k8s.io

jobs.batch

leases.coordination.k8s.io

limitranges

mutatingwebhookconfigurations.admissionregistration.k8s.io

namespaces

networkpolicies.extensions

networkpolicies.networking.k8s.io

nodes

persistentvolumeclaims

persistentvolumes

poddisruptionbudgets.policy

pods

podsecuritypolicies.extensions

podsecuritypolicies.policy

podtemplates

priorityclasses.scheduling.k8s.io

replicasets.apps

replicasets.extensions

replicationcontrollers

resourcequotas

rolebindings.rbac.authorization.k8s.io

roles.rbac.authorization.k8s.io

runtimeclasses.node.k8s.io

secrets

serviceaccounts

Editing resources

Edit a service

Edit a service with your favorite text editor

Note: Change service by any editable resource type like pods.

Deleting Resources

Delete a resource using the type and name specified in

<file>

Delete pods and services with same names

Delete pods and services with a custom label

Delete all pods and services in a namespace

Delete all resources in a namespace

All get commands

services

statefulsets.apps

storageclasses.storage.k8s.io

validatingwebhookconfigurations.admissionregistration.k8s.io

volumeattachments.storage.k8s.io

kubectl edit service <service>

KUBE_EDITOR="vim" edit service <service>

kubectl delete -f <file>

kubectl delete pod,service <name1> <name2>

kubectl delete pods,services -l <label-name>=<label-value>

kubectl -n <namespace> delete pods,services --all

kubectl delte <namespace>

Resource type Abbreviations

componentstatuses cs

configmaps cm

daemonsets ds

deployments deploy

endpoints ep

event ev

horizontalpodautoscalers hpa

ingresses ing

limitranges limits

namespaces ns

nodes no

persistentvolumeclaims pvc

persistentvolumes pv

pods po

podsecuritypolicies psp

replicasets rs

replicationcontrollers rc

resourcequotas quota

serviceaccount sa

services svc

Abbreviations / Short forms of resource types

Verbose Kubectl

kubectl get all

kubectl get pods

kubectl get replicasets

kubectl get services

kubectl get nodes

kubectl get namespaces

kubectl get configmaps

kubectl get endpoints

kubectl run nginx --image=nginx --v=5

Verbosity Description

--v=0 Generally useful for this to always be visible to a cluster operator.

--v=1 A reasonable default log level if you don't want verbosity.

--v=2

Useful steady state information about the service and important log

messages that may correlate to significant changes in the system. This is the

recommended default log level for most systems.

--v=3 Extended information about changes.

--v=4 Debug level verbosity.

--v=6 Display requested resources.

--v=7 Display HTTP request headers.

--v=8 Display HTTP request contents.

--v=9 Display HTTP request contents without truncation of contents.

(Table source: K8s docs)

Cluster

Display addresses of the master and services

Dump cluster state to STDOUT

Dump cluster state to a file

Compares the current cluster state against the state that

the cluster would be in if the manifest was applied

List all images running in a cluster

Kubectl context

Show merged kubeconfig settings

kubectl cluster-info

kubectl cluster-info dump

kubectl cluster-info dump --output-directory=</file/path>

kubectl diff -f ./my-manifest.yaml

kubectl get pods -A -o=custom-columns='DATA:spec.containers[*].image'

Use multiple kubeconfig

Get a list of users

Display the first user

Get the password for the "admin" user

Display the current context

Display list of contexts

Set the default context to <cluster>

Sets a user entry in kubeconfig

Sets a user with a client key

Sets a user with basic auth

Sets a user with client certificate

kubectl config view

KUBECONFIG=~/.kube/config1:~/.kube/config2:~/.kube/config3

kubectl config view -o jsonpath='{.users[*].name}'

kubectl config view -o jsonpath='{.users[].name}'

kubectl config view -o jsonpath='{.users[?(@.name == "admin")].user.password}'

kubectl config current-context

kubectl config get-contexts

kubectl config use-context <cluster>

kubectl config set-credentials <username> [options]

kubectl config set-credentials <user> --client-key=~/.kube/admin.key

kubectl config set-credentials --username=<username> --password=<password>

kubectl config set-credentials <user> --client-certificate=<path/to/cert> --

embed-certs=true

Set a context utilizing a specific config file

Set a context utilizing a specific username and namespace.

Alias

Create an alias on *nix

Create an alias on Windows

Kubectl imperative (create) vs declarative (apply)

Create

You tell your cluster what you want to create, replace or delete, not how you want you it to look

like.

Apply

You tell your cluster how you want it to look like.

The creation, deletion and modification of objects is done via a single command. The declarative

approach is a statement of the desired end result.

If the deployment is deleted in <deployment-filename> , it will also be deleted from the cluster.