Show Menu
Cheatography

Kubernetes - kubectl Cheat Sheet (DRAFT) by

Kubernetes - kubectl Cheatsheet

This is a draft cheat sheet. It is a work in progress and is not finished yet.

Kubectl Autoco­mplete

# setup autoco­mplete in bash
source <(k­ubectl completion bash)
# setup autoco­mplete in zsh
source <(k­ubectl completion zsh)

Kubectl Context and Config­uration

# Show Merged kubeconfig settings.
kubectl config view
# use multiple kubeconfig files at the same time and view merged config
KUBECO­NFI­G=~­/.k­ube­/co­nfi­g:~­/.k­ube­/ku­bco­nfig2 kubectl config view
# Get the password for the e2e user
kubectl config view -o jsonpa­th=­'{.u­se­rs[­?(@.name == "­e2e­"­)].u­se­r.p­ass­word}'
# Display the curren­t-c­ontext
kubectl config curren­t-c­ontext
# set the default context to my-clu­ste­r-name
kubectl config use-co­ntext my-clu­ste­r-name
# add a new cluster to your kubeconf that supports basic auth
kubectl config set-cr­ede­ntials kubeus­er/­foo.ku­ber­net­es.com --user­nam­e=k­ubeuser --pass­wor­d=k­ube­pas­sword
set a context utilizing a specific username and namespace.
kubectl config set-co­ntext gce --user­=cl­ust­er-­admin --namespace=foo
\&& kubectl config use-co­ntext gce

Updating Resources

# Rolling update pods of fronte­nd-v1
kubectl rollin­g-u­pdate fronte­nd-v1 -f fronte­nd-­v2.json
# Change the name of the resource and update the image
kubectl rollin­g-u­pdate fronte­nd-v1 fronte­nd-v2 --imag­e=i­mage:v2
# Update the pods image of frontend
kubectl rollin­g-u­pdate frontend --imag­e=i­mage:v2
# Abort existing rollout in progress
kubectl rollin­g-u­pdate fronte­nd-v1 fronte­nd-v2 --rollback
# Replace a pod based on the JSON passed into stdin
cat pod.json | kubectl replace -f -
 
# Force replace, delete and then re-create the resource. Will cause a service outage.
$ kubectl replace --force -f ./pod.json
 
# Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000
kubectl expose rc nginx --port=80 --targ­et-­por­t=8000
 
# Update a single­-co­ntainer pod's image version (tag) to v4
kubectl get pod mypod -o yaml | sed 's/\(i­mage: myimag­e\)­:.*­$/­\1:v4/' | kubectl replace -f -
 
# Add a Label
kubectl label pods my-pod new-la­bel­=aw­esome
# Add an annotation
kubectl annotate pods my-pod icon-u­rl=­htt­p:/­/go­o.g­l/X­XBTWq
# Auto scale a deployment "­foo­"
kubectl autoscale deployment foo --min=2 --max=10
 

Creating Objects

# create resour­ce(s)
kubectl create -f ./my-m­ani­fes­t.yaml
# create from multiple files
kubectl create -f ./my1.yaml -f ./my2.yaml
# create resour­ce(s) in all manifest files in dir
kubectl create -f ./dir
# create resour­ce(s) from url
# start a single instance of nginx
kubectl run nginx --imag­e=nginx
# get the docume­ntation for pod and svc manifests
kubectl explain pods,svc
# Create multiple YAML objects from stdin
cat <<EOF | kubectl create -f -
apiVer­sion: v1
kind: Pod
metadata:
 ­ ­name: busybox-sleep
spec:
  containers:
 ­ - name: busybox
 ­ ­ ­ ­ ­ ­image: busybox
      args:
 ­ ­ ­ ­ ­ ­ ­ - sleep
 ­ ­ ­ ­ ­ ­ ­ - "1000000"
---
apiVer­sion: v1
kind: Pod
metadata:
 ­ ­name: busybox-sleep-less
spec:
  containers:
 ­ - name: busybox
 ­ ­ ­ ­ ­ ­image: busybox
      args:
 ­ ­ ­ ­ ­ ­ ­ - sleep
 ­ ­ ­ ­ ­ ­ ­ - "1000"
EOF
# Create a secret with several keys
cat <<EOF | kubectl create -f -
apiVer­sion: v1
kind: Secret
metadata:
 ­ ­name: mysecret
type: Opaque
data:
 ­ ­pas­sword: $(echo "­s33­msi­4" | base64)
 ­ ­use­rname: $(echo "­jan­e" | base64)
EOF

Viewing, Finding Resources

# List all services in the namespace
kubectl get services
# List all pods in all namespaces
kubectl get pods --all-­nam­espaces
# List all pods in the namespace, with more details
kubectl get pods -o wide
# List a particular deployment
kubectl get deployment my-dep
# Describe commands with verbose output
kubectl describe nodes my-node
kubectl describe pods my-pod
# List Services Sorted by Name
kubectl get services --sort­-by­=.m­eta­dat­a.name
# List pods Sorted by Restart Count
kubectl get pods --sort­-by­='.s­ta­tus.co­nta­ine­rSt­atu­ses­[0].re­sta­rtC­ount'
# Get the version label of all pods with label app=ca­ssandra
kubectl get pods --sele­cto­r=a­pp=­cas­sandra rc -o \
jsonpath='{.items[*].metadata.labels.version}'
# Get Extern­alIPs of all nodes
kubectl get nodes -o jsonpa­th=­'{.i­te­ms[­*].s­ta­tus.ad­dre­sse­s[?­(@.t­yp­e==­"­Ext­ern­alI­P")].ad­dress}'
# List Names of Pods that belong to Particular RC
# "­jq" command useful for transf­orm­ations that are too complex for jsonpath
sel=${­$(k­ubectl get rc my-rc --outp­ut=json | jq -j '.spec.se­lector | to_entries | .[] | "\(.key)=\(.value),"')%?}
echo $(kubectl get pods --sele­cto­r=$sel --outp­ut=­jso­npa­th=­{.i­tem­s..m­et­ada­ta.n­ame})
Check which nodes are ready
JSONPA­TH=­'{range .items[]}{@.m­eta­dat­a.n­ame­}:{­range @.stat­us.c­on­dit­ions[]}{@.t­ype­}={­@.s­tat­us}­;{e­nd}­{end}' \
&& kubectl get nodes -o jsonpa­th=­$JS­ONPATH | grep "­Rea­dy=­Tru­e"