kubectl kubernetes cheatsheet
from : https://cheatsheet.dennyzhang.com/cheatsheet-kubernetes-a4
PDF Link: cheatsheet-kubernetes-A4.pdf, Category: Cloud
Blog URL: https://cheatsheet.dennyzhang.com/cheatsheet-kubernetes-A4
Related posts: Kubernetes Yaml, #denny-cheatsheets
My Favorite
kubectl get po -l app=cloud-wifi-optimization
kubectl -n cloud get pv,pvc,cm,ds,svc,deploy,po,ing
kubectl set image deployment/nginx nginx=xxx:8080/nginx:lastest
force delete pod: kubectl get pods | grep Terminating | awk '{print $1}' | xargs kubectl delete pod --force --grace-period=0
kubectl patch node prodca-kube-master -p '{"spec":{"unschedulable":true}}'
kubectl cordon node1
kubectl uncordon node1
1.1 Common Commands
| Name | Command |
|---|---|
| Run curl test temporarily | kubectl run --rm mytest --image=yauritux/busybox-curl -it |
| Run wget test temporarily | kubectl run --rm mytest --image=busybox -it |
| Run nginx deployment with 2 replicas | kubectl run my-nginx --image=nginx --replicas=2 --port=80 |
| Set namespace preference | kubectl config set-context $(kubectl config current-context) --namespace=<ns1> |
| List pods with nodes info | kubectl get pod -o wide |
| List everything | kubectl get all --all-namespaces |
| Get all services | kubectl get service --all-namespaces |
| Show nodes with labels | kubectl get nodes --show-labels |
| Validate yaml file with dry run | kubectl create --dry-run --validate -f pod-dummy.yaml |
| Start a temporary pod for testing | kubectl run --rm -i -t --image=alpine test-$RANDOM -- sh |
| kubectl run shell command | kubectl exec -it mytest -- ls -l /etc/hosts |
| Get system conf via configmap | kubectl -n kube-system get cm kubeadm-config -o yaml |
| Get deployment yaml | kubectl -n denny-websites get deployment mysql -o yaml |
| Explain resource | kubectl explain pods, kubectl explain svc |
| Watch pods | kubectl get pods -n wordpress --watch |
| Query healthcheck endpoint | curl -L http://127.0.0.1:10250/healthz |
| Open a bash terminal in a pod | kubectl exec -it storage sh |
| Check pod environment variables | kubectl exec redis-master-ft9ex env |
| Enable kubectl shell autocompletion | echo "source <(kubectl completion bash)" >>~/.bashrc, and reload |
| Use minikube dockerd in your laptop | eval $(minikube docker-env), No need to push docker hub any more |
| Kubectl apply a folder of yaml files | kubectl apply -R -f . |
| Get services sorted by name | kubectl get services –sort-by=.metadata.name |
| Get pods sorted by restart count | kubectl get pods –sort-by=’.status.containerStatuses[0].restartCount’ |
| List all container images | list-all-images.sh |
| kubeconfig skip tls verification | skip-tls-verify.md |
| Reference | GitHub: kubernetes releases |
| Reference | minikube cheatsheet, docker cheatsheet, OpenShift CheatSheet |
1.2 Check Performance
| Name | Command |
|---|---|
| Get node resource usage | kubectl top node |
| Get pod resource usage | kubectl top pod |
| Get resource usage for a given pod | kubectl top <podname> --containers |
| List resource utilization for all containers | kubectl top pod --all-namespaces --containers=true |
1.3 Resources Deletion
| Name | Command |
|---|---|
| Delete pod | kubectl delete pod/<pod-name> -n <my-namespace> |
| Delete pod by force | kubectl delete pod/<pod-name> --grace-period=0 --force |
| Delete pods by labels | kubectl delete pod -l env=test |
| Delete deployments by labels | kubectl delete deployment -l app=wordpress |
| Delete all resources filtered by labels | kubectl delete pods,services -l name=myLabel |
| Delete resources under a namespace | kubectl -n my-ns delete po,svc --all |
| Delete persist volumes by labels | kubectl delete pvc -l app=wordpress |
| Delete statefulset only (not pods) | kubectl delete sts/<stateful_set_name> --cascade=false |
1.4 Log & Conf Files
| Name | Comment |
|---|---|
| Config folder | /etc/kubernetes/ |
| Certificate files | /etc/kubernetes/pki/ |
| Credentials to API server | /etc/kubernetes/kubelet.conf |
| Superuser credentials | /etc/kubernetes/admin.conf |
| kubectl config file | ~/.kube/config |
| Kubernets working dir | /var/lib/kubelet/ |
| Docker working dir | /var/lib/docker/, /var/log/containers/ |
| Etcd working dir | /var/lib/etcd/ |
| Network cni | /etc/cni/net.d/ |
| Log files | /var/log/pods/ |
| log in master node | /var/log/kube-apiserver.log, kube-scheduler.log, kube-controller-manager.log |
| log in worker node | /var/log/kubelet.log, kubelet-proxy.log |
| Env | /etc/systemd/system/kubelet.service.d/10-kubeadm.conf |
| Env | export KUBECONFIG=/etc/kubernetes/admin.conf |
1.5 Pod
| Name | Command |
|---|---|
| List all pods | kubectl get pods |
| List pods for all namespace | kubectl get pods -all-namespaces |
| List all critical pods | kubectl get -n kube-system pods -a |
| List pods with more info | kubectl get pod -o wide, kubectl get pod/<pod-name> -o yaml |
| Get pod info | kubectl describe pod/srv-mysql-server |
| List all pods with labels | kubectl get pods --show-labels |
| List running pods | kubectl get pods –field-selector=status.phase=Running |
| Get Pod initContainer status | kubectl get pod --template '{{.status.initContainerStatuses}}' <pod-name> |
| kubectl run command | kubectl exec -it -n “$ns” “$podname” – sh -c “echo $msg >>/dev/err.log” |
| Watch pods | kubectl get pods -n wordpress --watch |
| Get pod by selector | podname=$(kubectl get pods -n $namespace –selector=”app=syslog” -o jsonpath='{.items[*].metadata.name}’) |
| List pods and containers | kubectl get pods -o=’custom-columns=PODS:.metadata.name,CONTAINERS:.spec.containers[*].name’ |
| List pods, containers and images | kubectl get pods -o=’custom-columns=PODS:.metadata.name,CONTAINERS:.spec.containers[*].name,Images:.spec.containers[*].image’ |
| Kubernetes Yaml Examples | Link: kubernetes yaml templates |
1.6 Label & Annontation
| Name | Command |
|---|---|
| Filter pods by label | kubectl get pods -l owner=denny |
| Manually add label to a pod | kubectl label pods dummy-input owner=denny |
| Remove label | kubectl label pods dummy-input owner- |
| Manually add annonation to a pod | kubectl annotate pods dummy-input my-url=https://dennyzhang.com |
1.7 Deployment & Scale
| Name | Command |
|---|---|
| Scale out | kubectl scale --replicas=3 deployment/nginx-app |
| online rolling upgrade | kubectl rollout app-v1 app-v2 --image=img:v2 |
| Roll backup | kubectl rollout app-v1 app-v2 --rollback |
| List rollout | kubectl get rs |
| Check update status | kubectl rollout status deployment/nginx-app |
| Check update history | kubectl rollout history deployment/nginx-app |
| Pause/Resume | kubectl rollout pause deployment/nginx-deployment, resume |
| Rollback to previous version | kubectl rollout undo deployment/nginx-deployment |
| Kubernetes Yaml Examples | Link: kubernetes yaml templates, Link: Pausing and Resuming a Deployment |
1.8 Quota & Limits & Resource
| Name | Command |
|---|---|
| Customize resource definition | kubectl set resources deployment nginx -c=nginx --limits=cpu=200m,memory=512Mi |
| List Resource Quota | kubectl get resourcequota |
| List Limit Range | kubectl get limitrange |
| Customize resource definition | kubectl set resources deployment nginx -c=nginx --limits=cpu=200m,memory=512Mi |
| Kubernetes Yaml Examples | Link: kubernetes yaml templates |
1.9 Service
| Name | Command |
|---|---|
| List all services | kubectl get services |
| List service endpoints | kubectl get endpoints |
| Get service detail | kubectl get service nginx-service -o yaml |
| Get service cluster ip | kubectl get service nginx-service -o go-template='{{.spec.clusterIP}}’ |
| Get service cluster port | kubectl get service nginx-service -o go-template='{{(index .spec.ports 0).port}}’ |
| Expose deployment as lb service | kubectl expose deployment/my-app --type=LoadBalancer --name=my-service |
| Expose service as lb service | kubectl expose service/wordpress-1-svc --type=LoadBalancer --name=wordpress-lb |
| Kubernetes Yaml Examples | Link: kubernetes yaml templates |
1.10 Secrets
| Name | Command |
|---|---|
| List secrets | kubectl get secrets --all-namespaces |
| Create secret from cfg file | kubectl create secret generic db-user-pass --from-file./username.txt= |
| Generate secret | echo -n 'mypasswd', then redirect to base64 -decode |
| Kubernetes Yaml Examples | Link: kubernetes yaml templates |
1.11 StatefulSet
| Name | Command |
|---|---|
| List statefulset | kubectl get sts |
| Delete statefulset only (not pods) | kubectl delete sts/<stateful_set_name> --cascade=false |
| Scale statefulset | kubectl scale sts/<stateful_set_name> --replicas=5 |
| Kubernetes Yaml Examples | Link: kubernetes yaml templates |
1.12 Volumes & Volume Claims
| Name | Command |
|---|---|
| List storage class | kubectl get storageclass |
| Check the mounted volumes | kubectl exec storage ls /data |
| Check persist volume | kubectl describe pv/pv0001 |
| Copy local file to pod | kubectl cp /tmp/my <some-namespace>/<some-pod>:/tmp/server |
| Copy pod file to local | kubectl cp <some-namespace>/<some-pod>:/tmp/server /tmp/my |
| Kubernetes Yaml Examples | Link: kubernetes yaml templates |
1.13 Events & Metrics
| Name | Command |
|---|---|
| View all events | kubectl get events --all-namespaces |
| List Events sorted by timestamp | kubectl get events –sort-by=.metadata.creationTimestamp |
1.14 Node Maintenance
| Name | Command |
|---|---|
| Mark node as unschedulable | kubectl cordon $NDOE_NAME |
| Mark node as schedulable | kubectl uncordon $NDOE_NAME |
| Drain node in preparation for maintenance | kubectl drain $NODE_NAME |
1.15 Namespace & Security
| Name | Command |
|---|---|
| List authenticated contexts | kubectl config get-contexts, ~/.kube/config |
| Load context from config file | kubectl get cs --kubeconfig kube_config.yml |
| Switch context | kubectl config use-context <cluster-name> |
| Delete the specified context | kubectl config delete-context <cluster-name> |
| List all namespaces defined | kubectl get namespaces |
| Set namespace preference | kubectl config set-context $(kubectl config current-context) --namespace=<ns1> |
| List certificates | kubectl get csr |
| Kubernetes Yaml Examples | Link: kubernetes yaml templates |
1.16 Network
| Name | Command |
|---|---|
| Temporarily add a port-forwarding | kubectl port-forward redis-izl09 6379 |
| Add port-forwaring for deployment | kubectl port-forward deployment/redis-master 6379:6379 |
| Add port-forwaring for replicaset | kubectl port-forward rs/redis-master 6379:6379 |
| Add port-forwaring for service | kubectl port-forward svc/redis-master 6379:6379 |
| Get network policy | kubectl get NetworkPolicy |
1.17 Patch
| Name | Summary |
|---|---|
| Patch service to loadbalancer | kubectl patch svc "$APP_INSTANCE_NAME-grafana" -p '{"spec": {"type": "LoadBalancer"}}' |
1.18 Extenstions
| Name | Summary |
|---|---|
| List api group | kubectl api-versions |
| List all CRD | kubectl get crd |
| List storageclass | kubectl get storageclass |
| List all supported resources | kubectl api-resources |
1.19 Components & Services
1.19.1 Services on Master Nodes
| Name | Summary |
|---|---|
| kube-apiserver | exposes the Kubernetes API from master nodes |
| etcd | reliable data store for all k8s cluster data |
| kube-scheduler | schedule pods to run on selected nodes |
| kube-controller-manager | node controller, replication controller, endpoints controller, and service account & token controllers |
1.19.2 Services on Worker Nodes
| Name | Summary |
|---|---|
| kubelet | makes sure that containers are running in a pod |
| kube-proxy | perform connection forwarding |
| Container Runtime | Kubernetes supported runtimes: Docker, rkt, runc and any OCI runtime-spec implementation. |
1.19.3 Addons: pods and services that implement cluster features
| Name | Summary |
|---|---|
| DNS | serves DNS records for Kubernetes services |
| Web UI | a general purpose, web-based UI for Kubernetes clusters |
| Container Resource Monitoring | collect, store and serve container metrics |
| Cluster-level Logging | save container logs to a central log store with search/browsing interface |
1.19.4 Tools
| Name | Summary |
|---|---|
| kubectl | the command line util to talk to k8s cluster |
| kubeadm | the command to bootstrap the cluster |
| kubefed | the command line to control a Kubernetes Cluster Federation |
| Kubernetes Components | Link: Kubernetes Components |
1.20 More Resources
kubectl kubernetes cheatsheet的更多相关文章
- Kubectl操作命令
Kubectl 自动补全 yum install -y bash-completion source /usr/share/bash-completion/bash_completion $ sour ...
- kubernetes系列09—Ingress控制器详解
本文收录在容器技术学习系列文章总目录 1.认识Ingress 1.1 什么是Ingress? 通常情况下,service和pod仅可在集群内部网络中通过IP地址访问.所有到达边界路由器的流量或被丢弃或 ...
- kubernetes系列08—service资源详解
本文收录在容器技术学习系列文章总目录 1.认识service 1.1 为什么要使用service Kubernetes Pod 是有生命周期的,它们可以被创建,也可以被销毁,然而一旦被销毁生命就永远结 ...
- Centos7 二进制安装 Kubernetes 1.13
目录 1.目录 1.1.什么是 Kubernetes? 1.2.Kubernetes 有哪些优势? 2.环境准备 2.1.网络配置 2.2.更改 HOSTNAME 2.3.配置ssh免密码登录登录 2 ...
- kubernetes之监控Operator部署Prometheus(三)
第一章和第二章中我们配置Prometheus的成本非常高,而且也非常麻烦.但是我们要考虑Prometheus.AlertManager 这些组件服务本身的高可用的话,成本就更高了,当然我们也完全可以用 ...
- kubernetes系列之ConfigMap使用方式
作用理解 核心用途就是容器和配置的分离解耦. 如启用一个mysql容器,mysql容器重要的文件有两部分,一部分为存储数据文件,一部分为配置文件my.cnf,存储数据可以用持久存储实现和容器的分离解耦 ...
- Kubernetes之RBAC
API Server的授权管理 API Server 内部通过用户认证后,然后进入授权流程.对合法用户进行授权并且随后在用户访问时进行鉴权,是权限管理的重要环节.API Server 目前支持一下几种 ...
- Kubernetes之存储
存储卷概述 容器磁盘上的文件的生命周期是短暂的,这就使得在容器中运行重要应用时会出现一些问题.首先,当容器崩溃时,kubelet 会重启它,但是容器中的文件将丢失——容器以干净的状态(镜像最初的状态) ...
- kubernetes之ingress及ingress controller
什么是ingress Ingress是授权入站连接到达集群服务的规则集合. 从外部流量调度到nodeprot上的service 从service调度到ingress-controller ingres ...
随机推荐
- 直击JavaScript之面向对象
有时候,我们使用电脑的时候,并不知道它的原理是什么,但是就是会使用他,这就是面向对象.同样的,在JavaScript中也可使用这种原理,接下来就随我一起探索一下关于JavaScript面向对象的内容吧 ...
- Ubuntu 定时关机
sudo shutdown +120 Shutdown scheduled for Sat 2019-09-21 23:48:44 CST, use 'shutdown -c' to cancel.
- Linux下将.Asp Core 部署到 Docker容器中
我们来部署一个简单的例子: 将一个简单的.Aps Core项目部署到Docker容器中并被外网访问 说明: 下面的步骤都是建立在宿主服务器系统已经安装配置过Docker容器,安装Docker相对比较简 ...
- Python知识点总结篇(五)
软件目录结构规范 目标: 提高可读性: 提高可维护性: 常见结构 Demo/ |-- bin/ #存放项目的一些可执行文件 | |-- demo #可执行程序,启动demo调main.py | |-- ...
- bootstrap-paginator + ajax 实现动态翻页功能
1.下载http://plugins.jquery.com/bootstrap-paginator/ 2.引用<script src="/static/bootstrap/js/boo ...
- 【1】TOPK最小的K个数(多种方法比较)
(头条) 最小的第K个数也是和这题topK一样的思路 1.全排序 时间复杂度O(nlogn) 2.Partiton思想 时间复杂度O(n) (因为不需要像快排一样对所有的分段都两两Partitio ...
- python中通过selenium简单操作及xpath元素定位&轴定位
浏览器的简单操作 # 导入webdriver模块 # 创建driver对象,指定Chrome浏览器 driver = webdriver.Chrome() # 窗口最大化 driver.maximiz ...
- 部署基于maven的springboot项目到linux服务器上
目录 本地运行调试 导入数据库: 导入项目: 将项目打包: linux准备: 运行项目: 脚本运行 本地运行调试 导入数据库: 导入数据库的时候使用的是sqlYog导入navcat的脚本:由于两个应用 ...
- 使用SAP open connector调用第三方系统的API
我们把hubspot这个SaaS CRM作为第三方系统,首先登录hubspot,创建一个新的API key: 把创建的key拷贝到剪切板里: 然后登录SAP Cloud for Customer上的o ...
- day 19 作业
今日作业 1.什么是对象?什么是类? 对象是特征与技能的结合体,类是一系列对象相同的特征与技能的结合体 2.绑定方法的有什么特点 由对象来调用称之为对象的绑定方法,不同的对象调用该绑定方法,则会将不同 ...