Kubernetes Cheat Sheet

1.1 Common Commands

Run curl test temporarilykubectl run --generator=run-pod/v1 --rm mytest --image=yauritux/busybox-curl -it
Run wget test temporarilykubectl run --generator=run-pod/v1 --rm mytest --image=busybox -it wget
Run nginx deployment with 2 replicaskubectl run my-nginx --image=nginx --replicas=2 --port=80
Run nginx pod and expose itkubectl run my-nginx --restart=Never --image=nginx --port=80 --expose
Run nginx deployment and expose itkubectl run my-nginx --image=nginx --port=80 --expose
List authenticated contextskubectl config get-contexts~/.kube/config
Set namespace preferencekubectl config set-context <context_name> --namespace=<ns_name>
List pods with nodes infokubectl get pod -o wide
List everythingkubectl get all --all-namespaces
Get all serviceskubectl get service --all-namespaces
Get all deploymentskubectl get deployments --all-namespaces
Show nodes with labelskubectl get nodes --show-labels
Get resources with json outputkubectl get pods --all-namespaces -o json
Validate yaml file with dry runkubectl create --dry-run --validate -f pod-dummy.yaml
Start a temporary pod for testingkubectl run --rm -i -t --image=alpine test-$RANDOM -- sh
kubectl run shell commandkubectl exec -it mytest -- ls -l /etc/hosts
Get system conf via configmapkubectl -n kube-system get cm kubeadm-config -o yaml
Get deployment yamlkubectl -n denny-websites get deployment mysql -o yaml
Explain resourcekubectl explain podskubectl explain svc
Watch podskubectl get pods -n wordpress --watch
Query healthcheck endpointcurl -L
Open a bash terminal in a podkubectl exec -it storage sh
Check pod environment variableskubectl exec redis-master-ft9ex env
Enable kubectl shell autocompletionecho "source <(kubectl completion bash)" >>~/.bashrc, and reload
Use minikube dockerd in your laptopeval $(minikube docker-env), No need to push docker hub any more
Kubectl apply a folder of yaml fileskubectl apply -R -f .
Get services sorted by namekubectl get services –sort-by=.metadata.name
Get pods sorted by restart countkubectl get pods –sort-by=’.status.containerStatuses[0].restartCount’
List pods and imageskubectl get pods -o=’custom-columns=PODS:.metadata.name,Images:.spec.containers[*].image’
List all container imageslist-all-images.sh
kubeconfig skip tls verificationskip-tls-verify.md
Ubuntu install kubectl=”deb https://apt.kubernetes.io/ kubernetes-xenial main”=
ReferenceGitHub: kubernetes releases
Referenceminikube cheatsheetdocker cheatsheetOpenShift CheatSheet

1.2 Check Performance

Get node resource usagekubectl top node
Get pod resource usagekubectl top pod
Get resource usage for a given podkubectl top <podname> --containers
List resource utilization for all containerskubectl top pod --all-namespaces --containers=true

1.3 Resources Deletion

Delete podkubectl delete pod/<pod-name> -n <my-namespace>
Delete pod by forcekubectl delete pod/<pod-name> --grace-period=0 --force
Delete pods by labelskubectl delete pod -l env=test
Delete deployments by labelskubectl delete deployment -l app=wordpress
Delete all resources filtered by labelskubectl delete pods,services -l name=myLabel
Delete resources under a namespacekubectl -n my-ns delete po,svc --all
Delete persist volumes by labelskubectl delete pvc -l app=wordpress
Delete state fulset only (not pods)kubectl delete sts/<stateful_set_name> --cascade=false

1.4 Log & Conf Files

Config folder/etc/kubernetes/
Certificate files/etc/kubernetes/pki/
Credentials to API server/etc/kubernetes/kubelet.conf
Superuser credentials/etc/kubernetes/admin.conf
kubectl config file~/.kube/config
Kubernetes working dir/var/lib/kubelet/
Docker working dir/var/lib/docker//var/log/containers/
Etcd working dir/var/lib/etcd/
Network cni/etc/cni/net.d/
Log files/var/log/pods/
log in worker node/var/log/kubelet.log/var/log/kube-proxy.log
log in master nodekube-apiserver.logkube-scheduler.logkube-controller-manager.log
Envexport KUBECONFIG=/etc/kubernetes/admin.conf

1.5 Pod

List all podskubectl get pods
List pods for all namespacekubectl get pods -all-namespaces
List all critical podskubectl get -n kube-system pods -a
List pods with more infokubectl get pod -o widekubectl get pod/<pod-name> -o yaml
Get pod infokubectl describe pod/srv-mysql-server
List all pods with labelskubectl get pods --show-labels
List all unhealthy podskubectl get pods –field-selector=status.phase!=Running –all-namespaces
List running podskubectl get pods –field-selector=status.phase=Running
Get Pod initContainer statuskubectl get pod --template '{{.status.initContainerStatuses}}' <pod-name>
kubectl run commandkubectl exec -it -n “$ns” “$podname” – sh -c “echo $msg >>/dev/err.log”
Watch podskubectl get pods -n wordpress --watch
Get pod by selectorkubectl get pods –selector=”app=syslog” -o jsonpath=’{.items[*].metadata.name}’
List pods and imageskubectl get pods -o=’custom-columns=PODS:.metadata.name,Images:.spec.containers[*].image’
List pods and containers-o=’custom-columns=PODS:.metadata.name,CONTAINERS:.spec.containers[*].name’
ReferenceLink: kubernetes yaml templates

1.6 Label & Annotation

Filter pods by labelkubectl get pods -l owner=denny
Manually add label to a podkubectl label pods dummy-input owner=denny
Remove labelkubectl label pods dummy-input owner-
Manually add annotation to a podkubectl annotate pods dummy-input my-url=https://dennyzhang.com

1.7 Deployment & Scale

Scale outkubectl scale --replicas=3 deployment/nginx-app
online rolling upgradekubectl rollout app-v1 app-v2 --image=img:v2
Roll backupkubectl rollout app-v1 app-v2 --rollback
List rolloutkubectl get rs
Check update statuskubectl rollout status deployment/nginx-app
Check update historykubectl rollout history deployment/nginx-app
Pause/Resumekubectl rollout pause deployment/nginx-deploymentresume
Rollback to previous versionkubectl rollout undo deployment/nginx-deployment
ReferenceLink: kubernetes yaml templatesLink: Pausing and Resuming a Deployment

1.8 Quota & Limits & Resource

List Resource Quotakubectl get resourcequota
List Limit Rangekubectl get limitrange
Customize resource definitionkubectl set resources deployment nginx -c=nginx --limits=cpu=200m
Customize resource definitionkubectl set resources deployment nginx -c=nginx --limits=memory=512Mi
ReferenceLink: kubernetes yaml templates

1.9 Service

List all serviceskubectl get services
List service endpointskubectl get endpoints
Get service detailkubectl get service nginx-service -o yaml
Get service cluster ipkubectl get service nginx-service -o go-template=’{{.spec.clusterIP}}’
Get service cluster portkubectl get service nginx-service -o go-template=’{{(index .spec.ports 0).port}}’
Expose deployment as lb servicekubectl expose deployment/my-app --type=LoadBalancer --name=my-service
Expose service as lb servicekubectl expose service/wordpress-1-svc --type=LoadBalancer --name=ns1
ReferenceLink: kubernetes yaml templates

1.10 Secrets

List secretskubectl get secrets --all-namespaces
Generate secretecho -n 'mypasswd', then redirect to base64 --decode
Get secretkubectl get secret denny-cluster-kubeconfig
Get a specific field of a secretkubectl get secret denny-cluster-kubeconfig -o jsonpath=”{.data.value}”
Create secret from cfg filekubectl create secret generic db-user-pass –from-file=./username.txt
ReferenceLink: kubernetes yaml templatesLink: Secrets

1.11 StatefulSet

List statefulsetkubectl get sts
Delete statefulset only (not pods)kubectl delete sts/<stateful_set_name> --cascade=false
Scale statefulsetkubectl scale sts/<stateful_set_name> --replicas=5
ReferenceLink: kubernetes yaml templates

1.12 Volumes & Volume Claims

List storage classkubectl get storageclass
Check the mounted volumeskubectl exec storage ls /data
Check persist volumekubectl describe pv/pv0001
Copy local file to podkubectl cp /tmp/my <some-namespace>/<some-pod>:/tmp/server
Copy pod file to localkubectl cp <some-namespace>/<some-pod>:/tmp/server /tmp/my
ReferenceLink: kubernetes yaml templates

1.13 Events & Metrics

View all eventskubectl get events --all-namespaces
List Events sorted by timestampkubectl get events –sort-by=.metadata.creationTimestamp

1.14 Node Maintenance

Mark node as unschedulablekubectl cordon $NODE_NAME
Mark node as schedulablekubectl uncordon $NODE_NAME
Drain node in preparation for maintenancekubectl drain $NODE_NAME

1.15 Namespace & Security

List authenticated contextskubectl config get-contexts~/.kube/config
Set namespace preferencekubectl config set-context <context_name> --namespace=<ns_name>
Switch contextkubectl config use-context <context_name>
Load context from config filekubectl get cs --kubeconfig kube_config.yml
Delete the specified contextkubectl config delete-context <context_name>
List all namespaces definedkubectl get namespaces
List certificateskubectl get csr
Check user privilegekubectl –as=system:serviceaccount:ns-denny:test-privileged-sa -n ns-denny auth can-i use pods/list
Check user privilegekubectl auth can-i use pods/list
ReferenceLink: kubernetes yaml templates

1.16 Network

Temporarily add a port-forwardingkubectl port-forward redis-134 6379:6379
Add port-forwarding for deploymentkubectl port-forward deployment/redis-master 6379:6379
Add port-forwarding for replicasetkubectl port-forward rs/redis-master 6379:6379
Add port-forwarding for servicekubectl port-forward svc/redis-master 6379:6379
Get network policykubectl get NetworkPolicy

1.17 Patch

Patch service to loadbalancerkubectl patch svc $svc_name -p ‘{“spec”: {“type”: “LoadBalancer”}}’

1.18 Extenstions

Enumerates the resource types availablekubectl api-resources
List api groupkubectl api-versions
List all CRDkubectl get crd
List storageclasskubectl get storageclass

1.19 Components & Services

1.19.1 Services on Master Nodes

kube-apiserverAPI gateway. Exposes the Kubernetes API from master nodes
etcdreliable data store for all k8s cluster data
kube-schedulerschedule pods to run on selected nodes
kube-controller-managerReconcile the states. node/replication/endpoints/token controller and service account, etc

1.19.2 Services on Worker Nodes

kubeletA node agent makes sure that containers are running in a pod
kube-proxyManage network connectivity to the containers. e.g, iptable, ipvs
Container RuntimeKubernetes supported runtimes: dockerd, cri-o, runc and any OCI runtime-spec implementation.

1.19.3 Addons: pods and services that implement cluster features

DNSserves DNS records for Kubernetes services
Web UIa general purpose, web-based UI for Kubernetes clusters
Container Resource Monitoringcollect, store and serve container metrics
Cluster-level Loggingsave container logs to a central log store with search/browsing interface

1.19.4 Tools

kubectlthe command line util to talk to k8s cluster
kubeadmthe command to bootstrap the cluster
kubefedthe command line to control a Kubernetes Cluster Federation
Kubernetes ComponentsLink: Kubernetes Components

1.20 More Resources

License: Code is licensed under MIT License.


Credits : https://github.com/dennyzhang/cheatsheet-kubernetes-A4

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments