Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time
August 10, 2019 23:19
April 14, 2021 11:47
May 26, 2019 20:30

1 Kubectl Kubernetes CheatSheet


PRs Welcome

File me Issues or star this repo.

1.1 Common Commands

Run curl test temporarilykubectl run --generator=run-pod/v1 --rm mytest --image=yauritux/busybox-curl -it
Run wget test temporarilykubectl run --generator=run-pod/v1 --rm mytest --image=busybox -it wget
Run nginx deployment with 2 replicaskubectl run my-nginx --image=nginx --replicas=2 --port=80
Run nginx pod and expose itkubectl run my-nginx --restart=Never --image=nginx --port=80 --expose
Run nginx deployment and expose itkubectl run my-nginx --image=nginx --port=80 --expose
List authenticated contextskubectl config get-contexts, ~/.kube/config
Set namespace preferencekubectl config set-context <context_name> --namespace=<ns_name>
List pods with nodes infokubectl get pod -o wide
List everythingkubectl get all --all-namespaces
Get all serviceskubectl get service --all-namespaces
Get all deploymentskubectl get deployments --all-namespaces
Show nodes with labelskubectl get nodes --show-labels
Get resources with json outputkubectl get pods --all-namespaces -o json
Validate yaml file with dry runkubectl create --dry-run --validate -f pod-dummy.yaml
Start a temporary pod for testingkubectl run --rm -i -t --image=alpine test-$RANDOM -- sh
kubectl run shell commandkubectl exec -it mytest -- ls -l /etc/hosts
Get system conf via configmapkubectl -n kube-system get cm kubeadm-config -o yaml
Get deployment yamlkubectl -n denny-websites get deployment mysql -o yaml
Explain resourcekubectl explain pods, kubectl explain svc
Watch podskubectl get pods -n wordpress --watch
Query healthcheck endpointcurl -L
Open a bash terminal in a podkubectl exec -it storage sh
Check pod environment variableskubectl exec redis-master-ft9ex env
Enable kubectl shell autocompletionecho "source <(kubectl completion bash)" >>~/.bashrc, and reload
Use minikube dockerd in your laptopeval $(minikube docker-env), No need to push docker hub any more
Kubectl apply a folder of yaml fileskubectl apply -R -f .
Get services sorted by namekubectl get services –
Get pods sorted by restart countkubectl get pods –sort-by=’.status.containerStatuses[0].restartCount’
List pods and imageskubectl get pods -o=’,Images:.spec.containers[*].image’
List all container
kubeconfig skip tls
Ubuntu install kubectl=”deb kubernetes-xenial main”=
ReferenceGitHub: kubernetes releases
Referenceminikube cheatsheet, docker cheatsheet, OpenShift CheatSheet

1.2 Check Performance

Get node resource usagekubectl top node
Get pod resource usagekubectl top pod
Get resource usage for a given podkubectl top <podname> --containers
List resource utilization for all containerskubectl top pod --all-namespaces --containers=true

1.3 Resources Deletion

Delete podkubectl delete pod/<pod-name> -n <my-namespace>
Delete pod by forcekubectl delete pod/<pod-name> --grace-period=0 --force
Delete pods by labelskubectl delete pod -l env=test
Delete deployments by labelskubectl delete deployment -l app=wordpress
Delete all resources filtered by labelskubectl delete pods,services -l name=myLabel
Delete resources under a namespacekubectl -n my-ns delete po,svc --all
Delete persist volumes by labelskubectl delete pvc -l app=wordpress
Delete state fulset only (not pods)kubectl delete sts/<stateful_set_name> --cascade=false

1.4 Log & Conf Files

Config folder/etc/kubernetes/
Certificate files/etc/kubernetes/pki/
Credentials to API server/etc/kubernetes/kubelet.conf
Superuser credentials/etc/kubernetes/admin.conf
kubectl config file~/.kube/config
Kubernetes working dir/var/lib/kubelet/
Docker working dir/var/lib/docker/, /var/log/containers/
Etcd working dir/var/lib/etcd/
Network cni/etc/cni/net.d/
Log files/var/log/pods/
log in worker node/var/log/kubelet.log, /var/log/kube-proxy.log
log in master nodekube-apiserver.log, kube-scheduler.log, kube-controller-manager.log
Envexport KUBECONFIG=/etc/kubernetes/admin.conf

1.5 Pod

List all podskubectl get pods
List pods for all namespacekubectl get pods --all-namespaces
List all critical podskubectl get -n kube-system pods -a
List pods with more infokubectl get pod -o wide, kubectl get pod/<pod-name> -o yaml
Get pod infokubectl describe pod/srv-mysql-server
List all pods with labelskubectl get pods --show-labels
List all unhealthy podskubectl get pods –field-selector=status.phase!=Running –all-namespaces
List running podskubectl get pods –field-selector=status.phase=Running
Get Pod initContainer statuskubectl get pod --template '{{.status.initContainerStatuses}}' <pod-name>
kubectl run commandkubectl exec -it -n “$ns” “$podname” – sh -c “echo $msg >>/dev/err.log”
Watch podskubectl get pods -n wordpress --watch
Get pod by selectorkubectl get pods –selector=”app=syslog” -o jsonpath=’{.items[*]}’
List pods and imageskubectl get pods -o=’,Images:.spec.containers[*].image’
List pods and containers-o=’,CONTAINERS:.spec.containers[*].name’
ReferenceLink: kubernetes yaml templates

1.6 Label & Annotation

Filter pods by labelkubectl get pods -l owner=denny
Manually add label to a podkubectl label pods dummy-input owner=denny
Remove labelkubectl label pods dummy-input owner-
Manually add annotation to a podkubectl annotate pods dummy-input my-url=

1.7 Deployment & Scale

Scale outkubectl scale --replicas=3 deployment/nginx-app
online rolling upgradekubectl rollout app-v1 app-v2 --image=img:v2
Roll backupkubectl rollout app-v1 app-v2 --rollback
List rolloutkubectl get rs
Check update statuskubectl rollout status deployment/nginx-app
Check update historykubectl rollout history deployment/nginx-app
Pause/Resumekubectl rollout pause deployment/nginx-deployment, resume
Rollback to previous versionkubectl rollout undo deployment/nginx-deployment
ReferenceLink: kubernetes yaml templates, Link: Pausing and Resuming a Deployment

1.8 Quota & Limits & Resource

List Resource Quotakubectl get resourcequota
List Limit Rangekubectl get limitrange
Customize resource definitionkubectl set resources deployment nginx -c=nginx --limits=cpu=200m
Customize resource definitionkubectl set resources deployment nginx -c=nginx --limits=memory=512Mi
ReferenceLink: kubernetes yaml templates

1.9 Service

List all serviceskubectl get services
List service endpointskubectl get endpoints
Get service detailkubectl get service nginx-service -o yaml
Get service cluster ipkubectl get service nginx-service -o go-template=’{{.spec.clusterIP}}’
Get service cluster portkubectl get service nginx-service -o go-template=’{{(index .spec.ports 0).port}}’
Expose deployment as lb servicekubectl expose deployment/my-app --type=LoadBalancer --name=my-service
Expose service as lb servicekubectl expose service/wordpress-1-svc --type=LoadBalancer --name=ns1
ReferenceLink: kubernetes yaml templates

1.10 Secrets

List secretskubectl get secrets --all-namespaces
Generate secretecho -n 'mypasswd', then redirect to base64 --decode
Get secretkubectl get secret denny-cluster-kubeconfig
Get a specific field of a secretkubectl get secret denny-cluster-kubeconfig -o jsonpath=”{.data.value}”
Create secret from cfg filekubectl create secret generic db-user-pass –from-file=./username.txt
ReferenceLink: kubernetes yaml templates, Link: Secrets

1.11 StatefulSet

List statefulsetkubectl get sts
Delete statefulset only (not pods)kubectl delete sts/<stateful_set_name> --cascade=false
Scale statefulsetkubectl scale sts/<stateful_set_name> --replicas=5
ReferenceLink: kubernetes yaml templates

1.12 Volumes & Volume Claims

List storage classkubectl get storageclass
Check the mounted volumeskubectl exec storage ls /data
Check persist volumekubectl describe pv/pv0001
Copy local file to podkubectl cp /tmp/my <some-namespace>/<some-pod>:/tmp/server
Copy pod file to localkubectl cp <some-namespace>/<some-pod>:/tmp/server /tmp/my
ReferenceLink: kubernetes yaml templates

1.13 Events & Metrics

View all eventskubectl get events --all-namespaces
List Events sorted by timestampkubectl get events –sort-by=.metadata.creationTimestamp

1.14 Node Maintenance

Mark node as unschedulablekubectl cordon $NODE_NAME
Mark node as schedulablekubectl uncordon $NODE_NAME
Drain node in preparation for maintenancekubectl drain $NODE_NAME

1.15 Namespace & Security

List authenticated contextskubectl config get-contexts, ~/.kube/config
Set namespace preferencekubectl config set-context <context_name> --namespace=<ns_name>
Switch contextkubectl config use-context <context_name>
Load context from config filekubectl get cs --kubeconfig kube_config.yml
Delete the specified contextkubectl config delete-context <context_name>
List all namespaces definedkubectl get namespaces
List certificateskubectl get csr
Check user privilegekubectl –as=system:serviceaccount:ns-denny:test-privileged-sa -n ns-denny auth can-i use pods/list
Check user privilegekubectl auth can-i use pods/list
ReferenceLink: kubernetes yaml templates

1.16 Network

Temporarily add a port-forwardingkubectl port-forward redis-134 6379:6379
Add port-forwarding for deploymentkubectl port-forward deployment/redis-master 6379:6379
Add port-forwarding for replicasetkubectl port-forward rs/redis-master 6379:6379
Add port-forwarding for servicekubectl port-forward svc/redis-master 6379:6379
Get network policykubectl get NetworkPolicy
Get ingress controllerkubectl get ingress
Get ingress classeskubectl get ingressclasses

1.17 Patch

Patch service to loadbalancerkubectl patch svc $svc_name -p ‘{“spec”: {“type”: “LoadBalancer”}}’

1.18 Extenstions

Enumerates the resource types availablekubectl api-resources
List api groupkubectl api-versions
List all CRDkubectl get crd
List storageclasskubectl get storageclass

1.19 Components & Services

1.19.1 Services on Master Nodes

kube-apiserverAPI gateway. Exposes the Kubernetes API from master nodes
etcdreliable data store for all k8s cluster data
kube-schedulerschedule pods to run on selected nodes
kube-controller-managerReconcile the states. node/replication/endpoints/token controller and service account, etc

1.19.2 Services on Worker Nodes

kubeletA node agent makes sure that containers are running in a pod
kube-proxyManage network connectivity to the containers. e.g, iptable, ipvs
Container RuntimeKubernetes supported runtimes: dockerd, cri-o, runc and any OCI runtime-spec implementation.

1.19.3 Addons: pods and services that implement cluster features

DNSserves DNS records for Kubernetes services
Web UIa general purpose, web-based UI for Kubernetes clusters
Container Resource Monitoringcollect, store and serve container metrics
Cluster-level Loggingsave container logs to a central log store with search/browsing interface

1.19.4 Tools

kubectlthe command line util to talk to k8s cluster
kubeadmthe command to bootstrap the cluster
kubefedthe command line to control a Kubernetes Cluster Federation
Kubernetes ComponentsLink: Kubernetes Components

1.20 More Resources

License: Code is licensed under MIT License.

linkedin github slack