kubernetes commands - ashishranjandev/developer-wiki GitHub Wiki
alias k=kubectl
Kubectl context and configuration
Set which Kubernetes cluster kubectl communicates with and modifies configuration
k config view # Show Merged kubeconfig settings.
# use multiple kubeconfig files at the same time and view merged config
KUBECONFIG=~/.kube/config:~/.kube/kubconfig2
k config view
# get the password for the e2e user
k config view -o jsonpath='{.users[?(@.name == "e2e")].user.password}'
k config view -o jsonpath='{.users[].name}' # display the first user
k config view -o jsonpath='{.users[*].name}' # get a list of users
k config get-contexts # display list of contexts
k config current-context # display the current-context
k config use-context my-cluster-name # set the default context to my-cluster-name
# add a new user to your kubeconf that supports basic auth
k config set-credentials kubeuser/foo.kubernetes.com --username=kubeuser --password=kubepassword
# permanently save the namespace for all subsequent k commands in that context.
k config set-context --current --namespace=ggckad-s2
# set a context utilizing a specific username and namespace.
k config set-context gce --user=cluster-admin --namespace=foo \
&& k config use-context gce
k config unset users.foo # delete user fooKubernetes manifests can be defined in YAML or JSON. The file extension .yaml, .yml, and .json can be used.
k apply -f ./my-manifest.yaml # create resource(s)
k apply -f ./my1.yaml -f ./my2.yaml # create from multiple files
k apply -f ./dir # create resource(s) in all manifest files in dir
k apply -f https://git.io/vPieo # create resource(s) from url
k create deployment nginx --image=nginx # start a single instance of nginx
# create a Job which prints "Hello World"
k create job hello --image=busybox -- echo "Hello World"
# create a CronJob that prints "Hello World" every minute
k create cronjob hello --image=busybox --schedule="*/1 * * * *" -- echo "Hello World"
k explain pods # get the documentation for pod manifests
# Create multiple YAML objects from stdin
cat <<EOF | k apply -f -
apiVersion: v1
kind: Pod
metadata:
name: busybox-sleep
spec:
containers:
- name: busybox
image: busybox
args:
- sleep
- "1000000"
---
apiVersion: v1
kind: Pod
metadata:
name: busybox-sleep-less
spec:
containers:
- name: busybox
image: busybox
args:
- sleep
- "1000"
EOF
# Create a secret with several keys
cat <<EOF | k apply -f -
apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
password: $(echo -n "s33msi4" | base64 -w0)
username: $(echo -n "jane" | base64 -w0)
EOF
# Get commands with basic output
k get services # List all services in the namespace
k get pods --all-namespaces # List all pods in all namespaces
k get pods -o wide # List all pods in the current namespace, with more details
k get deployment my-dep # List a particular deployment
k get pods # List all pods in the namespace
k get pod my-pod -o yaml # Get a pod's YAML
# Describe commands with verbose output
k describe nodes my-node
k describe pods my-pod
# List Services Sorted by Name
k get services --sort-by=.metadata.name
# List pods Sorted by Restart Count
k get pods --sort-by='.status.containerStatuses[0].restartCount'
# List PersistentVolumes sorted by capacity
k get pv --sort-by=.spec.capacity.storage
# Get the version label of all pods with label app=cassandra
k get pods --selector=app=cassandra -o \
jsonpath='{.items[*].metadata.labels.version}'
# Retrieve the value of a key with dots, e.g. 'ca.crt'
k get configmap myconfig \
-o jsonpath='{.data.ca\.crt}'
# Get all worker nodes (use a selector to exclude results that have a label
# named 'node-role.kubernetes.io/master')
k get node --selector='!node-role.kubernetes.io/master'
# Get all running pods in the namespace
k get pods --field-selector=status.phase=Running
# Get ExternalIPs of all nodes
k get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}'
# List Names of Pods that belong to Particular RC
# "jq" command useful for transformations that are too complex for jsonpath, it can be found at https://stedolan.github.io/jq/
sel=${$(k get rc my-rc --output=json | jq -j '.spec.selector | to_entries | .[] | "\(.key)=\(.value),"')%?}
echo $(k get pods --selector=$sel --output=jsonpath={.items..metadata.name})
# Show labels for all pods (or any other Kubernetes object that supports labelling)
k get pods --show-labels
# Check which nodes are ready
JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}' \
&& k get nodes -o jsonpath="$JSONPATH" | grep "Ready=True"
# Output decoded secrets without external tools
k get secret my-secret -o go-template='{{range $k,$v := .data}}{{"### "}}{{$k}}{{"\n"}}{{$v|base64decode}}{{"\n\n"}}{{end}}'
# List all Secrets currently in use by a pod
k get pods -o json | jq '.items[].spec.containers[].env[]?.valueFrom.secretKeyRef.name' | grep -v null | sort | uniq
# List all containerIDs of initContainer of all pods
# Helpful when cleaning up stopped containers, while avoiding removal of initContainers.
k get pods --all-namespaces -o jsonpath='{range .items[*].status.initContainerStatuses[*]}{.containerID}{"\n"}{end}' | cut -d/ -f3
# List Events sorted by timestamp
k get events --sort-by=.metadata.creationTimestamp
# Compares the current state of the cluster against the state that the cluster would be in if the manifest was applied.
k diff -f ./my-manifest.yaml
# Produce a period-delimited tree of all keys returned for nodes
# Helpful when locating a key within a complex nested JSON structure
k get nodes -o json | jq -c 'path(..)|[.[]|tostring]|join(".")'
# Produce a period-delimited tree of all keys returned for pods, etc
k get pods -o json | jq -c 'path(..)|[.[]|tostring]|join(".")'
# Produce ENV for all pods, assuming you have a default container for the pods, default namespace and the `env` command is supported.
# Helpful when running any supported command across all pods, not just `env`
for pod in $(k get po --output=jsonpath={.items..metadata.name}); do echo $pod && k exec -it $pod env; done
k set image deployment/frontend www=image:v2 # Rolling update "www" containers of "frontend" deployment, updating the image
k rollout history deployment/frontend # Check the history of deployments including the revision
k rollout undo deployment/frontend # Rollback to the previous deployment
k rollout undo deployment/frontend --to-revision=2 # Rollback to a specific revision
k rollout status -w deployment/frontend # Watch rolling update status of "frontend" deployment until completion
k rollout restart deployment/frontend # Rolling restart of the "frontend" deployment
cat pod.json | k replace -f - # Replace a pod based on the JSON passed into std
# Force replace, delete and then re-create the resource. Will cause a service outage.
k replace --force -f ./pod.json
# Create a service for a replicated nginx, which serves on port 80 and connects to the containers on port 8000
k expose rc nginx --port=80 --target-port=8000
# Update a single-container pod's image version (tag) to v4
k get pod mypod -o yaml | sed 's/\(image: myimage\):.*$/\1:v4/' | k replace -f -
k label pods my-pod new-label=awesome # Add a Label
k annotate pods my-pod icon-url=http://goo.gl/XXBTWq # Add an annotation
k autoscale deployment foo --min=2 --max=10 # Auto scale a deployment "foo"
# Partially update a node
k patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
# Update a container's image; spec.containers[*].name is required because it's a merge key
k patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
# Update a container's image using a json patch with positional arrays
k patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
# Disable a deployment livenessProbe using a json patch with positional arrays
k patch deployment valid-deployment --type json -p='[{"op": "remove", "path": "/spec/template/spec/containers/0/livenessProbe"}]'
# Add a new element to a positional array
k patch sa default --type='json' -p='[{"op": "add", "path": "/secrets/1", "value": {"name": "whatever" } }]'kubectl edit svc/docker-registry # Edit the service named docker-registry
KUBE_EDITOR="nano" kubectl edit svc/docker-registry # Use an alternative editorkubectl scale --replicas=3 rs/foo # Scale a replicaset named 'foo' to 3
kubectl scale --replicas=3 -f foo.yaml # Scale a resource specified in "foo.yaml" to 3
kubectl scale --current-replicas=2 --replicas=3 deployment/mysql # If the deployment named mysql's current size is 2, scale mysql to 3
kubectl scale --replicas=5 rc/foo rc/bar rc/baz # Scale multiple replication controllerskubectl delete -f ./pod.json # Delete a pod using the type and name specified in pod.json
kubectl delete pod,service baz foo # Delete pods and services with same names "baz" and "foo"
kubectl delete pods,services -l name=myLabel # Delete pods and services with label name=myLabel
kubectl -n my-ns delete pod,svc --all # Delete all pods and services in namespace my-ns,
# Delete all pods matching the awk pattern1 or pattern2
kubectl get pods -n mynamespace --no-headers=true | awk '/pattern1|pattern2/{print $1}' | xargs kubectl delete -n mynamespace podkubectl logs my-pod # dump pod logs (stdout)
kubectl logs -l name=myLabel # dump pod logs, with label name=myLabel (stdout)
kubectl logs my-pod --previous # dump pod logs (stdout) for a previous instantiation of a container
kubectl logs my-pod -c my-container # dump pod container logs (stdout, multi-container case)
kubectl logs -l name=myLabel -c my-container # dump pod logs, with label name=myLabel (stdout)
kubectl logs my-pod -c my-container --previous # dump pod container logs (stdout, multi-container case) for a previous instantiation of a container
kubectl logs --follow papertrail-demo-76bf4969df-9gs5w #Follow Logs
kubectl logs -f my-pod # stream pod logs (stdout)
kubectl logs -f my-pod -c my-container # stream pod container logs (stdout, multi-container case)
kubectl logs -f -l name=myLabel --all-containers # stream all pods logs with label name=myLabel (stdout)
kubectl run -i --tty busybox --image=busybox -- sh # Run pod as interactive shell
kubectl run nginx --image=nginx -n
mynamespace # Run pod nginx in a specific namespace
kubectl run nginx --image=nginx # Run pod nginx and write its spec into a file called pod.yaml
--dry-run=client -o yaml > pod.yaml
kubectl attach my-pod -i # Attach to Running Container
kubectl port-forward my-pod 5000:6000 # Listen on port 5000 on the local machine and forward to port 6000 on my-pod
kubectl exec my-pod -- ls / # Run command in existing pod (1 container case)
kubectl exec --stdin --tty my-pod -- /bin/sh # Interactive shell access to a running pod (1 container case)
kubectl exec my-pod -c my-container -- ls / # Run command in existing pod (multi-container case)
kubectl top pod POD_NAME --containers # Show metrics for a given pod and its containers
kubectl top pod POD_NAME --sort-by=cpu # Show metrics for a given pod and sort it by 'cpu' or 'memory'kubectl logs deploy/my-deployment # dump Pod logs for a Deployment (single-container case)
kubectl logs deploy/my-deployment -c my-container # dump Pod logs for a Deployment (multi-container case)
kubectl port-forward svc/my-service 5000 # listen on local port 5000 and forward to port 5000 on Service backend
kubectl port-forward svc/my-service 5000:my-service-port # listen on local port 5000 and forward to Service target port with name <my-service-port>
kubectl port-forward deploy/my-deployment 5000:6000 # listen on local port 5000 and forward to port 6000 on a Pod created by <my-deployment>
kubectl exec deploy/my-deployment -- ls # run command in first Pod and first container in Deployment (single- or multi-container cases)kubectl cordon my-node # Mark my-node as unschedulable
kubectl drain my-node # Drain my-node in preparation for maintenance
kubectl uncordon my-node # Mark my-node as schedulable
kubectl top node my-node # Show metrics for a given node
kubectl cluster-info # Display addresses of the master and services
kubectl cluster-info dump # Dump current cluster state to stdout
kubectl cluster-info dump --output-directory=/path/to/cluster-state # Dump current cluster state to /path/to/cluster-state
# If a taint with that key and effect already exists, its value is replaced as specified.
kubectl taint nodes foo dedicated=special-user:NoScheduleList all supported resource types along with their shortnames, API group, whether they are namespaced, and Kind:
kubectl api-resourcesOther operations
kubectl api-resources --namespaced=true # All namespaced resources
kubectl api-resources --namespaced=false # All non-namespaced resources
kubectl api-resources -o name # All resources with simple output (only the resource name)
kubectl api-resources -o wide # All resources with expanded (aka "wide") output
kubectl api-resources --verbs=list,get # All resources that support the "list" and "get" request verbs
kubectl api-resources --api-group=extensions # All resources in the "extensions" API group| Output format | Description |
|---|---|
| -o=custom-columns= | Print a table using a comma separated list of custom columns |
| -o=custom-columns-file= | Print a table using the custom columns template in the file |
| -o=json | Output a JSON formatted API object |
| -o=jsonpath= | Print the fields defined in a jsonpath expression |
| -o=jsonpath-file= | Print the fields defined by the jsonpath expression in the file |
| -o=name | Print only the resource name and nothing else |
| -o=wide | Output in the plain-text format with any additional information, and for pods, the node name is included |
| -o=yaml | Output a YAML formatted API object |
## Scaling - Changing replica count
kubectl scale --replicas=1 deployment/mgmntservice
## Get Node Resource Utilisation
kubectl top node aks-default-35065435-vmss00007b
## Get Heap Dump
kubectl exec -it bookingservice-6b4bc957f4-6hvh7 bash
cd /tmp
jmap -dump:live,format=b,file=application_heap_dump.bin 1
kubectl cp bookingservice-6b4bc957f4-6hvh7:/tmp/application_heap_dump.bin /Users/ashishranjan/Documents/projects/tmpkubectl run -it --tty --rm debug --image=alpine --restart=Never -- sh -n <namespace>
apk add curl
apk update && apk add busybox-extras
apk update && apk add bind-tools
kubectl cp empvalidation-7c4c84866b-88c98:/tmp actt_v19.sh
kubectl cp actt_v19.sh empvalidation-7c4c84866b-88c98:/tmp/actt_v19.shkubectl exec empvalidation-7c4c84866b-88c98 -- /bin/sh -c "`cat actt_v19.sh`"kubectl debug node/aks-nodepool1-37663765-vmss000000 -it --image=mcr.microsoft.com/dotnet/runtime-deps:6.0