Pods
List all pods in namespace <default>
or
or
kubectl get pods
kubectl get pod
View a pod in watch mode
View all pods in watch mode
List sroted pods
List pods using a different output
Examples:
JSON output
or
or
Wide output:
Custom columns:
or
or
kubectl get po
kubectl get pod <pod> --watch
kubectl get pods -A --watch
kubectl get pods --sort-by='.status.containerStatuses[0].restartCount'
kubectl get pods -o <json|yaml|wide|custom-columns=...|custom-columnsfile=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=...>
kubectl get pods -o json
kubectl get pods -ojson
kubectl get pods -o=json
kubectl get pods -o wide
kubectl get pods -o custom-columns='DATA:spec.containers[*].image'
kubectl get pods -o custom-columns='DATA:spec.containers[*].volumeMounts'
kubectl get pods -o custom-columns='DATA:metadata.*'
Output format Description
-o=custom-columns=
<spec>
Print a table using a comma separated list of custom columns
-o=custom-columns-file=
<filename>
Print a table using the custom columns template in the
<filename> file
-o=json Output a JSON formatted API object
-o=jsonpath=<template> Print the fields defined in a jsonpath expression
-o=jsonpath-file=
<filename>
Print the fields defined by the jsonpath expression in the
<filename> file
-o=name Print only the resource name and nothing else
-o=wide
Output in the plain-text format with any additional
information, and for pods, the node name is included
-o=yaml Output a YAML formatted API object
Formatting output
To output details to your terminal window in a specific format, add the -o (or --output ) flag to a
supported kubectl command (source: K8s docs)
List all pods in a namespace
or
or
List all pods in all namespaces
or
Create from an image
kubectl get pods -n <namespace>
kubectl -n <namespace> get pods
kubectl --namespace <namespace> get pods
kubectl get pods --all-namespaces
kubectl get pods -A
kubectl run <pod> --generator=run-pod/v1 --image=<image>
In the following cheatsheet, we will be using images such as nginx or busybox.
Example:
Run pod in an interactive shell mode
Run a command after creating a pod
Executing a command in a running pod
Or pass stdin to the container in TTY mode:
Example:
Create a pod: dry run mode (without really creating it)
Patch a pod
Example:
Another example:
Create from a YAML file
kubectl run nginx --generator=run-pod/v1 --image=nginx
kubectl run busybox --generator=run-pod/v1 --image=busybox
kubectl run -i --tty nginx --image=nginx -- sh
kubectl run busybox --image=busybox -- sleep 100000
kubectl exec <pod> -- <command>
kubectl exec -it <pod> -- <command>
kubectl exec -it nginx -- ls -lrth /app/
kubectl run <pod> --generator=run-pod/v1 --image=nginx --dry-run
kubectl patch pod <pod> -p '<patch>'
kubectl patch pod <pod> -p '{"spec":{"containers":[{"name":"kubernetes-servehostname","image":"new image"}]}}'
kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path":
"/spec/containers/0/image", "value":"new image"}]'
Export YAML from the dry run mode
Create from STDIN
Create multiple resources from STDIN
Create in a namespace
Create in a namespace from a file
kubectl create -f pod.yaml
kubectl run nginx --generator=run-pod/v1 --image=nginx --dry-run -o yaml
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
spec:
containers:
- name: nginx
image: nginx:latest
EOF
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
spec:
containers:
- name: nginx
image: nginx:latest
---
apiVersion: v1
kind: Pod
metadata:
name: busybox
spec:
containers:
- name: busybox
image: busybox
args:
- sleep
- "100"
kubectl run nginx --generator=run-pod/v1 --image=nginx -n <namespace>
kubectl create -f pod.yaml -n <namespace>
Delete pods
or
If you create the pod from a file, you can also use:
To force deletion:
Get pod logs
or
Sometimes a pod contains more than 1 container. You need to filter the output to get logs for a
specific container(s)
To follow the logs output (tail -f):
If you need to output the logs for all pods with a label
Example:
You can also view logs in a multi container case with labels:
Or view all cotainers logs with a given label:
List all container id of init container of all pods
kubectl delete pod/<pod>
kubectl delete pod <pod>
kubectl delete -f pod.yaml
kubectl delete pod <pod> --grace-period=0 --force
kubectl logs <pod>
kubectl logs <pod> -c <container>
kubectl logs -f <pod>
kubectl logs -l <label_name>=<label_value>
kubectl logs -l env=prod
kubectl logs -l <label_name>=<label_value> -c <container>
kubectl logs -f -l <label_name>=<label_value> --all-containers
Show metrics for a given pod
Show metrics for a given pod and all its containers
Deployments
Create a deployment
or
Create a deployment with a predefined replica number
Create a deployment with a predefined replica number and
opening a port
Example:
Note: The default generator for kubectl run is --generator=deployment/apps.v1 .
Note: --generator=deployment/apps.v1 is deprecated and will be removed in future versions.
Use kubectl run --generator=run-pod/v1 or kubectl create instead.
Create a deployment with a predefined replica number,
opening a port and exposing it
Get a deployment
kubectl get pods --all-namespaces -o jsonpath='{range
.items[*].status.initContainerStatuses[*]}{.containerID}{"\n"}{end}' | cut -d/ -
f3
kubectl top pod <pod>
kubectl top pod <pod> --containers
kubectl run <deployment> --image=<image>
kubectl create deployment <deployment> --image=<image>
kubectl run <deployment> --image=<image> --replicas=<number>
kubectl run <deployment> --image=<image> --replicas=<replicas> --port=<port>
kubectl run nginx --image=nginx --replicas=2 --port=80
kubectl run nginx --image=nginx --replicas=2 --port=80 --expose
Watch a deployment
or
Or using a shorter version:
Or even the longer one:
List all deployments
Same as listing pods, you have multiple options from namespace to output formatters:
Update the image
Rolling update "nginx" containers of "nginx" deployment, updating the image:
Rolling update "api" containers of "backend" deployment, updating the image:
Scale a deployment
Note: You can use a shorter version:
kubectl get deploy <deployment>
kubectl get deployment <deployment> --watch
kubectl get deployment <deployment> -w
kubectl get deploy <deployment> -w
kubectl get deployments.apps <deployment> --watch
kubectl get deploy -n <namespace>
kubectl get deploy --all-namespaces
kubectl get deploy -A
kubectl get deploy -oyaml
kubectl get deploy -owide
kubectl set image deployment/nginx nginx=nginx:1.9.1
kubectl set image deployment/backend api=image:v2
kubectl scale --replicas=5 deployment/<deployment>
kubectl scale --replicas=5 deploy/<deployment>
Dry run and YAML output
Create a deployment from a file
Edit a deployment
Rollback deployment
After editing your deployment, you had an error, a solution can be rolling back to the old
deployment status:
Get rollout history
You can check the rollout history:
Example:
gives you:
Roll back to a previous revision
Using the information from the rollout history, we can get back our deployment to a given
revision:
Example:
kubectl run nginx --image=nginx --replicas=2 --port=80 --dry-run -o yaml
kubectl apply -f deployment.yaml
kubectl edit deployment/<deployment>
kubectl rollout undo deployment <deployment>
kubectl rollout history deployment <deployment>
kubectl rollout history deployment <deployment>
kubectl rollout history deployment nginx
REVISION CHANGE-CAUSE
2 kubectl set image deployment/nginx nginx=nginx:1.9.1 --record=true
3 <none>
kubectl rollout undo deployment <deployment> --to-revision=<revision>
kubectl rollout undo deployment nginx --to-revision=2
Execute deployment rollout operations
Port Forwarding
Choosing localhost port
Example:
Forward to localhost 8090 from pod 6379:
Listening on the same port
Example: Listen on ports 8000 and 9000 on localhost, forwarded from the same ports in the pod
(8000 and 9000)
Listen on a random port locally
Example:
Listen on port on localhost + another IP
Example:
Listen on a forwarded port on all addresses
kubectl rollout status deployment <deployment>
kubectl rollout pause deployment <deployment>
kubectl rollout resume deployment <deployment>
kubectl port-forward deployment <deployment> <locahost-port>:<deployment-port>
kubectl port-forward pod <pod> <locahost-port>:<pod-port>
kubectl port-forward redis 8090:6379
kubectl port-forward pod <pod> <port>
kubectl port-forward pod nginx 8000 9000
kubectl port-forward pod <pod> :<pod-port>
kubectl port-forward pod nginx :80
kubectl port-forward --address localhost,<IP.IP.IP.IP> pod <pod> <locahostport>:<pod-port>
kubectl port-forward --address localhost,10.10.10.1 pod redis 8090:6379
kubectl port-forward --address 0.0.0.0 pod <pod> <hosts-port>:<pod-port>
Services
Create a service
Examples:
You can use svc instead of service .
Delete service(s)
or
Describe a service
Nodes
Get node
Get a specific node
Show node metrics
Get external IPs of cluster nodes
kubectl create service <clusterip|externalname|loadbalancer|nodeport> <service>
[flags] [options]>
kubectl create service clusterip myclusterip --tcp=5678:8080
kubectl create service loadbalancer myloadbalancer --tcp=80
kubectl delete service myclusterip
kubectl delete service myloadbalancer
kubectl delete svc myclusterip
kubectl delete svc myloadbalancer
kubectl delete service myclusterip myloadbalancer
kubectl describe service <service>
kubectl get nodes
kubectl get nodes <node>
kubectl top node <node>
kubectl get nodes -o jsonpath='{.items[*].status.addresses[?
(@.type=="ExternalIP")].address}'
Describe commands with verbose output
Check which nodes are ready
Mark a node as unschedulable
Drain a node for maintenance
Mark a node as schedulable
Namespaces
List namespaces
or
List or describe a namespace
Create namespace
or
or
kubectl describe nodes <node>
JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}
{@.type}={@.status};{end}{end}' && kubectl get nodes -o jsonpath="$JSONPATH" |
grep "Ready=True"
kubectl cordon <node>
kubectl drain <node>
kubectl uncordon <node>
kubectl get namespaces
kubectl get ns
kubectl get namespace <namespace>
kubectl describe namespace <namespace>
kubectl create namespace <namespace>
kubectl create -f namespace.yaml
Delete namespace
or
Service accounts
List service accounts
or
Get a service account
or
or
or
Create a service account
Delete a service account
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Namespace
metadata:
name: mynamespace
EOF
kubectl delete namespace <namespace>
kubectl delete -f namespace.yaml
kubectl get serviceaccounts
kubectl get sa
kubectl get serviceaccount <serviceaccount>
kubectl get serviceaccounts <serviceaccount>
kubectl get sa <serviceaccount>
kubectl get sa/<serviceaccount>
kubectl create serviceaccount <serviceaccount>
or
Describe a service account
Events
List events
List sorted events
Example: Sorted by timestamp
List formatted events
Example:
Documentation
Get the documentation for pod manifests
Get the documentation for service manifests
Describing resources
kubectl delete serviceaccount <serviceaccount>
kubectl delete -f myserviceaccount.yaml
kubectl describe serviceaccount <serviceaccount>
kubectl get events -A
kubectl get events --sort-by=<JSONPath>
kubectl get events --sort-by=.metadata.creationTimestamp
kubectl get events -o <json|yaml|wide|custom-columns=...|custom-columnsfile=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=...>
kubectl get events -owide
kubectl explain pod
kubectl explain service
kubectl describe <resource> <reosurce_name>
Example:
or
Other possible resources you can use with describe :
kubectl describe pod busybox
kubectl describe nodes minikube
apiservices.apiregistration.k8s.io
certificatesigningrequests.certificates.k8s.io
clusterrolebindings.rbac.authorization.k8s.io
clusterroles.rbac.authorization.k8s.io
componentstatuses
configmaps
controllerrevisions.apps
cronjobs.batch
csidrivers.storage.k8s.io
csinodes.storage.k8s.io
customresourcedefinitions.apiextensions.k8s.io
daemonsets.apps
daemonsets.extensions
deployments.apps
deployments.extensions
endpoints
events
events.events.k8s.io
horizontalpodautoscalers.autoscaling
ingresses.extensions
ingresses.networking.k8s.io
jobs.batch
leases.coordination.k8s.io
limitranges
mutatingwebhookconfigurations.admissionregistration.k8s.io
namespaces
networkpolicies.extensions
networkpolicies.networking.k8s.io
nodes
persistentvolumeclaims
persistentvolumes
poddisruptionbudgets.policy
pods
podsecuritypolicies.extensions
podsecuritypolicies.policy
podtemplates
priorityclasses.scheduling.k8s.io
replicasets.apps
replicasets.extensions
replicationcontrollers
resourcequotas
rolebindings.rbac.authorization.k8s.io
roles.rbac.authorization.k8s.io
runtimeclasses.node.k8s.io
secrets
serviceaccounts
Editing resources
Edit a service
Edit a service with your favorite text editor
Note: Change service by any editable resource type like pods.
Deleting Resources
Delete a resource using the type and name specified in
<file>
Delete pods and services with same names
Delete pods and services with a custom label
Delete all pods and services in a namespace
Delete all resources in a namespace
All get commands
services
statefulsets.apps
storageclasses.storage.k8s.io
validatingwebhookconfigurations.admissionregistration.k8s.io
volumeattachments.storage.k8s.io
kubectl edit service <service>
KUBE_EDITOR="vim" edit service <service>
kubectl delete -f <file>
kubectl delete pod,service <name1> <name2>
kubectl delete pods,services -l <label-name>=<label-value>
kubectl -n <namespace> delete pods,services --all
kubectl delte <namespace>
Resource type Abbreviations
componentstatuses cs
configmaps cm
daemonsets ds
deployments deploy
endpoints ep
event ev
horizontalpodautoscalers hpa
ingresses ing
limitranges limits
namespaces ns
nodes no
persistentvolumeclaims pvc
persistentvolumes pv
pods po
podsecuritypolicies psp
replicasets rs
replicationcontrollers rc
resourcequotas quota
serviceaccount sa
services svc
Abbreviations / Short forms of resource types
Verbose Kubectl
kubectl get all
kubectl get pods
kubectl get replicasets
kubectl get services
kubectl get nodes
kubectl get namespaces
kubectl get configmaps
kubectl get endpoints
kubectl run nginx --image=nginx --v=5
Verbosity Description
--v=0 Generally useful for this to always be visible to a cluster operator.
--v=1 A reasonable default log level if you don't want verbosity.
--v=2
Useful steady state information about the service and important log
messages that may correlate to significant changes in the system. This is the
recommended default log level for most systems.
--v=3 Extended information about changes.
--v=4 Debug level verbosity.
--v=6 Display requested resources.
--v=7 Display HTTP request headers.
--v=8 Display HTTP request contents.
--v=9 Display HTTP request contents without truncation of contents.
(Table source: K8s docs)
Cluster
Display addresses of the master and services
Dump cluster state to STDOUT
Dump cluster state to a file
Compares the current cluster state against the state that
the cluster would be in if the manifest was applied
List all images running in a cluster
Kubectl context
Show merged kubeconfig settings
kubectl cluster-info
kubectl cluster-info dump
kubectl cluster-info dump --output-directory=</file/path>
kubectl diff -f ./my-manifest.yaml
kubectl get pods -A -o=custom-columns='DATA:spec.containers[*].image'
Use multiple kubeconfig
Get a list of users
Display the first user
Get the password for the "admin" user
Display the current context
Display list of contexts
Set the default context to <cluster>
Sets a user entry in kubeconfig
Sets a user with a client key
Sets a user with basic auth
Sets a user with client certificate
kubectl config view
KUBECONFIG=~/.kube/config1:~/.kube/config2:~/.kube/config3
kubectl config view -o jsonpath='{.users[*].name}'
kubectl config view -o jsonpath='{.users[].name}'
kubectl config view -o jsonpath='{.users[?(@.name == "admin")].user.password}'
kubectl config current-context
kubectl config get-contexts
kubectl config use-context <cluster>
kubectl config set-credentials <username> [options]
kubectl config set-credentials <user> --client-key=~/.kube/admin.key
kubectl config set-credentials --username=<username> --password=<password>
kubectl config set-credentials <user> --client-certificate=<path/to/cert> --
embed-certs=true
Set a context utilizing a specific config file
Set a context utilizing a specific username and namespace.
Alias
Create an alias on *nix
Create an alias on Windows
Kubectl imperative (create) vs declarative (apply)
Create
You tell your cluster what you want to create, replace or delete, not how you want you it to look
like.
Apply
You tell your cluster how you want it to look like.
The creation, deletion and modification of objects is done via a single command. The declarative
approach is a statement of the desired end result.
If the deployment is deleted in <deployment-filename> , it will also be deleted from the cluster.