Kubernetes#

Administration#

Setup `~/.bashrc`#

Download: Kubernetes prompt for bash

curl -L https://raw.githubusercontent.com/jonmosco/kube-ps1/refs/heads/master/kube-ps1.sh -o ~/.bash_kube_ps1

source <(kubectl completion bash)
alias k=kubectl
complete -o default -F __start_kubectl k
source ~/.bash_kube_ps1
PS1='[\u@\h \W $(kube_ps1)]\$ '

Cluster and context#

Display addresses of the control plane and services#

k cluster-info

Print the client and server version information#

k version

Check cluster health#

k get componentstatuses

Get the configuration of the cluster#

k config view

Display the current context#

k config current-context

Display the list of contexts#

k config get-contexts

Set the default context#

k config use-context <context_name>

Merging kubeconfig files#

KUBECONFIG=file1:file2:file3 k config view --merge --flatten > config.merged

List the API resources#

k api-resources

List pods, services, daemonsets, deployments, etc...in all namespaces#

k get all -A

Nodes#

Listing nodes

k get nodes

Display resource usage (cpu/memory) for node

k top node <pod_name>

Pods running on a node

k get pods -o wide | grep <pod_name>

Get custom info about Nodes

k get nodes -o custom-columns="NAME:.metadata.name,INTERNAL_IP:.status.addresses[0].address,KERNEL:.status.nodeInfo.kernelVersion,MEMORY_PRESSURE:.status.conditions[0].status,DISK_PRESSURE:.status.conditions[1].status,PID_PRESSURE:.status.conditions[2].status,READY:.status.conditions[3].status"

Namespaces#

Listing namespaces#

k get namespaces

k get namespace <namespace>

Display details about namespace#

k describe namespace <namespace>

Deployments#

List deployments

k get deployment

Get details about a deployment

k describe deployment <deployment_name>

Scale up/down a deployment

k scale --replicas=[number] deployment/<deployment_name>

Get deployment history

k rollout history deployment <deployment_name>

k rollout history deployment <deployment_name>--revision=[revision_number]

Compare two revisions

diff <(k rollout history deployment <deployment_name>--revision=[revision_number]) <(k rollout history deployment <deployment_name>--revision=[revision_number])

Daemonsets#

List daemonsets

k get daemonset

Display detailed state of daemonset

k describe ds <daemonset_name>

StatefulSet#

List StatefulSet

k get statefulset

Scale Up/Down

k scale --replicas=[number] sts <sts_name>

Pods#

List pods#

k get pods

k get pods -o wide

k get pods --show-labels

Get information about a Pod#

k get pod <pod_name> -o wide

k describe pod <pod_name>

Sort pods list using specified field. The field can be either 'cpu' or 'memory'

 k top pod --sort-by=memory

 k top pod --sort-by=cpu

Get IP addr from Pod definition#

k get pod <pod_name> --output=jsonpath='{..podIP}'

k get pod <pod_name> --output=jsonpath='{..podIPs}'

Logs#

k logs <pod_name>

k logs --since=1h <pod_name>

k logs --tail=50 <pod_name>

k logs -f <pod_name>

k logs <pod_name> <pod_name>.log

k logs --previous <pod_name>

k logs -c <container_name> <pod_name>

Logs with label selector (10 lines if a selector is provided)

k logs -l app.kubernetes.io/instance=[my_label] -n <namespace>

Exec command#

k exec <pod_name> -- ls /

k exec <pod_name> -c <container_name> -- ls /

k exec --stdin --tty <pod_name> -- /bin/sh

Get an interactive shell

k exec -it <pod_name> -- sh

Attach to running process

k attach -it <pod_name>

Copy files#

k cp <pod_name>:</path/to/remote/file> </path/to/local/file>

Port Forward#

k port-forward --address <local_ip_addr> pod/<pod_name> <local_port>:<remote_port>

Example

k port-forward --address 0.0.0.0 pods/mongo-75f59d57f4-4nd6q 28015:27017

ReplicaSet#

k get rs

Filter: DESIRED != 0

k get rs | awk '{if ($2 != 0) print $0}'

k describe rs/<rs_name>

Delete Pod

k delete pod <pod_name>

Force Pod deletion

k delete pod --grace-period=0 --force <pod_name>

List all Container images

k get pods -o jsonpath="{.items[*].spec['initContainers', 'containers'][*].image}" | tr -s '[[:space:]]' '\n' | sort | uniq -c

k get pods -o jsonpath='{range .items[*]}{"\n"}{.metadata.name}{":\t"}{range .spec.containers[*]}{.image}{", "}{end}{end}' | sort

Get images IDs

 k get pods -o jsonpath="{.items[*].status.containerStatuses[*].imageID}" | tr -s '[[:space:]]' '\n' | sort | uniq -c

Get restartCount and state#

k get pods <pod_name> -o jsonpath='{.spec.containers[*].name} {.status.containerStatuses[*].restartCount} {.status.containerStatuses[*].state}'

Get Pods resources requests/limits#

k get pods -o custom-columns='NAME:.metadata.name,CPU_REQUEST:spec.containers[].resources.requests.cpu,CPU_LIMIT:spec.containers[].resources.limits.cpu,MEMORY_REQUEST:spec.containers[].resources.requests.memory,MEM_LIMIT:spec.containers[].resources.limits.memory'

Get pod states#

Get Pods start time and ready time

k get pods -o custom-columns='NAME:.metadata.name,START_TIME:status.startTime,READY_TIME:.status.conditions[?(@.type=="Ready")].lastTransitionTime'

k get pods -o custom-columns='NAME:.metadata.name,START_TIME:status.startTime,READY:.status.conditions[?(@.type=="Ready")].status,READY_TIME:.status.conditions[?(@.type=="Ready")].lastTransitionTime' | (sed -u 1q; sort -k 3)

Get NAME, STARTED_AT and READY_AT using custom-columns

k get pods -o custom-columns='NAME:.metadata.name,STARTED_AT:.status.containerStatuses[].state.running.startedAt,READY_AT:.status.conditions[?(@.type=="Ready")].lastTransitionTime'

Get Ready time(Headers ignored and sorted by date)

k get pods -o custom-columns='POD_NAME:.metadata.name,READY_AT:.status.conditions[?(@.type=="Ready")].lastTransitionTime' | (sed -u 1q; sort -k 2)

Running state(using jq)

k get pod <pod_name> -o json | jq '.status.containerStatuses[].state'

Ready state(using jq)

k get pod <pod_name> -o json | jq '.status.conditions[] | select(.type=="Ready")'

Events#

Get events with custom output

k get events --sort-by=.metadata.creationTimestamp -o custom-columns=LAST_SEEN:.lastTimestamp,TYPE:.type,REASON:.reason,OBJECT:.involvedObject.name,COMPONENT:.source.component,COUNT:.count,MESSAGE:.message

Get events using --field-selector

k get events --field-selector involvedObject.kind=Pod

List warnings events

k get events --sort-by=.metadata.creationTimestamp --field-selector type=Warning

Sorting: Inverse order

watch -d 'kubectl get events --sort-by=.metadata.creationTimestamp --no-headers -A | tac'

Get recently deleted pods

k get events --field-selector reason=Killing --sort-by='.metadata.creationTimestamp'

k get event -o custom-columns=NAME:.metadata.name | cut -d "." -f1

Persistent Volumes#

Get pods with PVC

k get pods -o=json -A | jq -c '.items[] | {name: .metadata.name, namespace: .metadata.namespace, claimName: .spec |  select( has ("volumes") ).volumes[] | select( has ("persistentVolumeClaim") ).persistentVolumeClaim.claimName }'

k describe pvc -A | grep -E "Name|StorageClass|Used"

Secrets#

Get secrets

k get secrets

Decode secrets

k get secret <secret_name> -o json | jq '.data | map_values(@base64d)' | sed 's/\\n/\n/g'

Decode Private Key

k get secret <secret_name> -o jsonpath="{.data['tls\.key']}" | base64 -d

k get secret <secret_name> -o json | jq '.data."tls.key"' | base64 -di

Maintenance#

Cordon the node(marked as unschedulable)#

k cordon <node_name>

Drain the workloads for the node#

k drain <node_name> --ignore-daemonsets

Uncordon the node(marked as schedulable)#

k uncordon <node_name>

Helm#

List helm charts

helm list

Update repo

helm repo update

List all charts

helm search repo

helm search repo <chart_name>

List all versions of all charts

helm search repo -l

helm search repo -l <chart_name>

List the dependencies for the given chart

helm dependency list

Uninstall chart

helm uninstall <release_name> -n <namespace>

Locally render templates

helm template . --output-dir <path>

Rancher, RKE2 and K3S#

crictl#

export CRI_CONFIG_FILE=/var/lib/rancher/rke2/agent/etc/crictl.yaml

/var/lib/rancher/rke2/bin/crictl ps

List images#

crictl images

With k3s

k3s crictl images

Remove all unused images#

crictl rmi --prune