Kubectl Useful Commands

Maciej
4 min readMar 22, 2021

--

Kubernetes Shortcuts

  • po : Pods
  • rs : ReplicaSets
  • deploy : Deployments
  • svc : Services
  • ns : Namespaces
  • netpol : Network policies
  • pv : Persistent Volumes
  • pvc : PersistentVolumeClaims
  • in : Service Accounts

Backup

root@vagrant:/home/vagrant# kubectl get all -A -o yaml > backup.yaml

Explain

root@vagrant:/home/vagrant# kubectl explain sc --recursive | less

Pods

#List Pod
root@vagrant:/home/vagrant# kubectl get pods
root@vagrant:/home/vagrant# kubectl get pods -o wide
root@vagrant:/home/vagrant# kubectl get pods -n kube-system
root@vagrant:/home/vagrant# kubectl get pods --selector app=test-application,env=develop
root@vagrant:/home/vagrant# kubectl get pods -l app=test-application,env=develop
root@vagrant:/home/vagrant# kubectl get pods --all-namespaces
root@vagrant:/home/vagrant# kubectl get pods --show-labels
#Pod Status
root@vagrant:/home/vagrant# kubectl describe pod mypod
#Create Pod
root@vagrant:/home/vagrant# kubectl run mypod --image nginx
#Edit Pod
root@vagrant:/home/vagrant# kubectl edit pod mypod
root@vagrant:/home/vagrant# kubectl get pod mypod -o yaml > mypod.yaml
#Create Pod from YML file
root@vagrant:/home/vagrant# kubectl create -f mypod.yml
root@vagrant:/home/vagrant# kubectl apply -f mypod.yml
#Delete Pod
root@vagrant:/home/vagrant# kubectl delete pod mypod

ReplicaSet

#Create ReplicaSetroot@vagrant:/home/vagrant# wget https://kubernetes.io/examples/controllers/frontend.yaml
root@vagrant:/home/vagrant# cat frontend.yaml
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: frontend
labels:
app: guestbook
tier: frontend
spec:
# modify replicas according to your case
replicas: 3
selector:
matchLabels:
tier: frontend
template:
metadata:
labels:
tier: frontend
spec:
containers:
- name: php-redis
image: gcr.io/google_samples/gb-frontend:v3
root@vagrant:/home/vagrant# kubectl apply -f https://kubernetes.io/examples/controllers/frontend.yaml#Get ReplicaSet
root@vagrant:/home/vagrant# kubectl get rs
#Delete ReplicaSet
root@vagrant:/home/vagrant# kubectl delete rs frontend

Deployment

#Scale Deployment
root@vagrant:/home/vagrant# kubectl replace -f application.yml
root@vagrant:/home/vagrant# kubectl scale --replicas=10 -f application.yml
root@vagrant:/home/vagrant# kubectl scale --replicas=10 replicaset application
#Generate YML File From Deployment
root@vagrant:/home/vagrant# kubectl create deployment --image=nginx nginx --replicas=2 --dry-run=client -o yaml > nginx.yaml
root@vagrant:/home/vagrant# kubectl create deployment httpd-name --image=httpd
root@vagrant:/home/vagrant# kubectl scale deployment httpd-name --replicas=10
#Rollout
root@vagrant:/home/vagrant# rollout status deployment/httpd-name
root@vagrant:/home/vagrant# kubectl rollout history deployment/httpd-name --revision=1
root@vagrant:/home/vagrant# kubectl rollout undo deployment/httpd-name

Configuration Examples

  • Pod Environment variable
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
env:
- name: DB_NAME
value: MyDB
- name: DB_URL
valueFrom:
configMapKeyRef:
name: config-url
key: db_url
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: config-passwd
key: db_password
  • ConfigMap
#Create ConfigMaproot@vagrant:/home/vagrant# kubectl create configmap testconfigmap --from-literal=TestKey1=TestValue1 --from-literal=TestKey2=TestValue2
root@vagrant:/home/vagrant# kubectl create configmap testconfigmap --from-file=/opt/test_file
#Test
root@vagrant:/home/vagrant# kubectl get configmaps
root@vagrant:/home/vagrant# kubectl describe configmaps
root@vagrant:/home/vagrant# kubectl describe configmap testconfigmap
  • Use CofigMap in Pod
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
envFrom:
- configMapRef:
name: testconfigmap
  • Secrets
#Create Secrets
root@vagrant:/home/vagrant# kubectl create secret generic testsecret --from-literal=Key1=Value1 --from-literal=Key2=Value2
root@vagrant:/home/vagrant# create secret generic testsecret --from-file=/opt/secret
#Test
root@vagrant:/home/vagrant# kubectl get secrets
root@vagrant:/home/vagrant# kubectl describe secrets
root@vagrant:/home/vagrant# kubectl get secret testsecret
root@vagrant:/home/vagrant# kubectl describe secret testsecret
root@vagrant:/home/vagrant# kubectl get secret testsecret -o wide
  • Use Secret in Pod
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
envFrom:
- secretRef:
name: testsecret
  • Security Context
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
securityContext:
runAsUser: 1000
capabilities:
add: ["ADMINISTRATOR"]

containers:
- name: nginx
image: nginx
command: ["printenv"]
args: args: ["HOSTNAME"]
securityContext:
runAsUser: 2000
capabilities:
add: ["USER"]
  • Service Account
#Create Service Account
root@vagrant:/home/vagrant# kubectl create serviceaccount testsa
  • Use Service Account in Pod
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
serviceAccount: testsa
containers:
- name: nginx
image: nginx
envFrom:
- secretRef:
name: testsecret
  • Resource requirements
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
resources:
requests:
memory: "1Mi"
cpu: 0.2
limits:
memory: "1Gi"
cpu: 1

envFrom:
- secretRef:
name: testsecret
  • Taints Node

Possible variants that we can set are: NoSchedule , PreferNoSchedule , NoExecute

#Create Taints
root@vagrant:/home/vagrant# kubectl taint nodes vagrant example-key=blue:NoSchedule
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
envFrom:
- secretRef:
name: testsecret
tolerations:
- key: "example-key"
operator: "Equal"
value: "blue"
effect: "NoSchedule"
  • Remove Taints
#Remove 
root@vagrant:/home/vagrant# kubectl taint nodes vagrant example-key=blue:NoSchedule-
  • Node Selector
#Create Selector
root@vagrant:/home/vagrant# kubectl label nodes vagrant label-key=label-name
  • Use in pod.yml
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
envFrom:
- secretRef:
name: testsecret
nodeSelector:
label-key: label-name

Services

root@vagrant:/home/vagrant# kubectl expose deployment testdeployment --name=nginx-service --type=NodePort --target-port=8080 --port=80
root@vagrant:/home/vagrant# kubectl expose pod mypod --port=80 --name=nginx-service --type=NodePort
root@vagrant:/home/vagrant# kubectl create service nodeport mypod --tcp=80:80 --node-port=30080

Namespace

#Get Pods
root@vagrant:/home/vagrant# kubectl get pods --namespace=develop
root@vagrant:/home/vagrant# kubectl get pods -n develop
root@vagrant:/home/vagrant# get pods --all-namespaces
root@vagrant:/home/vagrant# kubectl get ns
#Change Default Namespace
root@vagrant:/home/vagrant# kubectl config set-context --current --namespace=develop

Readinesss Probe / Liveness Probe

#HTTP Test
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
readinessProbe/livenessProbe:
httpGet:
path: /health
port: 80
initialDelaySeconds: 10
periodSeconds: 5
failureThreshold: 8

envFrom:
- secretRef:
name: testsecret
#TCP Test
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
readinessProbe/livenessProbe:
tcpSocket:
port: 80

envFrom:
- secretRef:
name: testsecret
#Run Command
apiVersion: v1
kind: Pod
metadata:
name: static-web
labels:
role: myrole
spec:
containers:
- name: nginx
image: nginx
readinessProbe/livenessProbe:
exec:
command:
- cat
- probe.htm

envFrom:
- secretRef:
name: testsecret

Logs

root@vagrant:/home/vagrant# kubectl logs -f pod-name

Jobs

#Create Jobs
root@vagrant:/home/vagrant# kubectl create job test-job --image=nginx
#Get Jobs
root@vagrant:/home/vagrant# kubectl get jobs test-job
root@vagrant:/home/vagrant# kubectl get jobs

--

--

Maciej

DevOps Consultant. I’m strongly focused on automation, security, and reliability.