Kubernetes (kubectl) commands cheat sheet
This is intended to be a curated list of the most often used Kubernetes (kubectl) commands. I assume you already have some knowledge of the basic Kubernetes building blocks: Nodes, Pods, Deployments, ReplicaSets, etc. For some commands I will also include their output in part or in full.
Getting information about the Kubernetes API (Kubernetes objects that you can configure)
$ kubectl api-resources
NAME SHORTNAMES APIGROUP NAMESPACED KIND
...
configmaps cm true ConfigMap
endpoints ep true Endpoints
events ev true Event
limitranges limits true LimitRange
namespaces ns false Namespace
nodes no false Node
persistentvolumeclaims pvc true PersistentVolumeClaim
persistentvolumes pv false PersistentVolume
pods po true Pod
replicationcontrollers rc true ReplicationController
services svc true Service
daemonsets ds apps true DaemonSet
deployments deploy apps true Deployment
replicasets rs apps true ReplicaSet
statefulsets sts apps true StatefulSet
ingresses ing networking.k8s.io true Ingress
... (some list elements were omitted)
The first column NAMES
tells us the object name, that we can use further like: kubectl get nodes
or kubectl get services
.
The second column SHORTNAMES
tells us the shortname of the object, so we can substitute services
with svc
or configmaps
with cm
.
The forth column KIND
is the object name that we can use in the kind
attribute when applying YAML configuration declaratively.
When applying configuration with YAML files, we need to know the possible YAML fields that each object type supports. We can find out this information with the kubectl explain
command, like this:
$ kubectl explain pods
KIND: Pod
VERSION: v1
DESCRIPTION:
Pod is a collection of containers that can run on a host. This resource is
created by clients and scheduled onto hosts.
FIELDS:
apiVersion <string>
kind <string>
metadata <Object>
spec <Object>
status <Object>
# Then, we go even further...
$ kubectl explain pods.spec
# even further...
$ kubectl explain pods.spec.tolerations
$ kubectl explain pods.metadata
$ kubectl explain pods.metadata.uid
# You can go like this as deep as you want into the YAML tree
# Most commands have specific options, but all commands have some common options, that can be found here:
$ kubectl options
Getting information about your Kubernetes cluster
$ kubectl version
$ kubectl cluster-info
$ kubectl config view # prints the information from ~/.kube/config
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-worker-b437e0341e817eb334f2 Ready master 12d v1.18.10
$ kubectl get namespaces # or 'ns'
NAME STATUS AGE
default Active 13d
kube-node-lease Active 13d
kube-public Active 13d
kube-system Active 13d
mynamespace Active 12d
$ kubectl get deploy -n mynamespace # get deployments from mynamespace
$ kubectl get pods -o wide
$ kubectl get pod mypod -o yaml # outputs the YAML config used to create my-pod
$ kubectl get pods --show-labels # labels are important for Pods because they connect them to Services.
$ kubectl get pods -l 'environment in (prod),tier in (frontend)' # filter Pods by labels.
# Get pods running on a specific Node
$ kubectl get pods --field-selector=spec.nodeName=mynode
# Get list of Deployments and Services at the same time
$ kubectl get deploy,svc -n ptc-default
# get PersistentVolumes sorted by capacity
$ kubectl get pv --sort-by=.spec.capacity.storage
# object specific fields can be inspected with `kubectl explain pv.spec.capacity.storage`
# get all running pods in the namespace
$ kubectl get pods --field-selector=status.phase=Running -n mynamespace
# Getting all objects from all namespaces
$ kubectl get all --all-namespaces
Getting information about a specific object
$ kubectl describe pod <my-pod>
$ kubectl describe svc <my-service>
$ kubectl describe ingress <my-ingress> --all-namespaces
Editing a Kubernetes object
$ kubectl edit deploy mydeploy
# To specify the text editor, use the environment variable KUBE_EDITOR
$ KUBE_EDITOR="nano" kubectl edit svc myservice
$ kubectl scale deploy mydeploy --replicas=3 # scales mydeploy to 3 instances
Creating new objects or altering existing objects
$ kubectl create ns dev # creates namespace 'dev'
$ kubectl create -f obj.yaml # creates the object defined in obj.yaml
# Compares the current state of the cluster against the state that the cluster would be
# in if the obj.yaml was applied.
$ kubectl diff -f ./obj.yaml
# Create a deployment in imperatively.
$ kubectl create deploy kubernetes-bootcamp --image=gcr.io/google-samples/kubernetes-bootcamp:v1
# Generate the YAML that would be used to create this deploy declaratively.
$ kubectl create deploy --dry-run --image=nginx --output=yaml
Difference between create
and apply
:
kubectl apply
use the declarative approach (you specify your desired cluster state, and it will try to get it to that state), and won’t fail if the resource already exists.kubectl create
uses the imperative approach, and will fail if the resource already exists. To overcome this, you can do something like this:$ kubectl create svc --dry-run=true -o yaml | kubectl apply -f -
Restarting a deployment
$ kubectl scale deployment mydeploy --replicas=0
$ kubectl scale deployment mydeploy --replicas=1
# or
$ kubectl rollout restart deploy mydeploy
Getting the rollout history of your deployments
$ kubectl rollout history deploy -n myns # get rollout history of all deployments from namespace 'ns'
# This one is useful if you want to see if the Docker image was changed between rollouts.
$ kubectl rollout history deploy mydeploy
$ kubectl rollout history deploy mydeploy --revision=2
$ kubectl rollout undo deploy mydeploy --to-revision=1 # brings back an old revision.
Deleting resources
$ kubectl delete namespace myns
$ kubectl delete deploy mydeploy
# Deletes Pods and Services by label
$ kubectl delete pods,services -l lkey=lval
$ kubectl drain mynode # removes all pods scheduled on mynode
Checking if you have permissions to do something
# Check if I am allowed to create a new deployment in namespace 'your-namespace'
$ kubectl auth can-i create deploy -n your-namespace
$ kubectl auth can-i create pods --as liviu --namespace apps
$ kubectl auth can-i '*' '*' # check if I can do anything
Getting inside your pods
Sometimes we need to run a command from inside a Pod (e.g. bash). Imagine we have a Pod running Postgres and we need to access ‘psql’ so we can see the contents of a table.
$ kubectl exec --stdin --tty mypod -n myns -- /bin/sh
# See the contents of '/' inside Pod from Namespace myns
$ kubectl exec -it mypod -n myns -- ls /
Getting the logs of a given pod
$ kubectl logs mypod -n mynamespace # get logs of Pod mypod from ns mynamespace
$ kubectl logs mypod --all-containers=true # in case mypod has multiple containers
$ kubectl logs --since=1h mypod
Leave a comment