Kubernetes Cheatsheet

农永宁
2023-12-01

Kubernetes Cheatsheet

1.1 Common Commands

NameCommand
Run curl test temporarilykubectl run --generator=run-pod/v1 --rm mytest --image=yauritux/busybox-curl -it
Run wget test temporarilykubectl run --generator=run-pod/v1 --rm mytest --image=busybox -it wget
Run nginx deployment with 2 replicaskubectl run my-nginx --image=nginx --replicas=2 --port=80
Run nginx pod and expose itkubectl run my-nginx --restart=Never --image=nginx --port=80 --expose
Run nginx deployment and expose itkubectl run my-nginx --image=nginx --port=80 --expose
List authenticated contextskubectl config get-contexts~/.kube/config
Set namespace preferencekubectl config set-context <context_name> --namespace=<ns_name>
List pods with nodes infokubectl get pod -o wide
List everythingkubectl get all --all-namespaces
Get all serviceskubectl get service --all-namespaces
Get all deploymentskubectl get deployments --all-namespaces
Show nodes with labelskubectl get nodes --show-labels
Get resources with json outputkubectl get pods --all-namespaces -o json
Validate yaml file with dry runkubectl create --dry-run --validate -f pod-dummy.yaml
Start a temporary pod for testingkubectl run --rm -i -t --image=alpine test-$RANDOM -- sh
kubectl run shell commandkubectl exec -it mytest -- ls -l /etc/hosts
Get system conf via configmapkubectl -n kube-system get cm kubeadm-config -o yaml
Get deployment yamlkubectl -n denny-websites get deployment mysql -o yaml
Explain resourcekubectl explain podskubectl explain svc
Watch podskubectl get pods -n wordpress --watch
Query healthcheck endpointcurl -L http://127.0.0.1:10250/healthz
Open a bash terminal in a podkubectl exec -it storage sh
Check pod environment variableskubectl exec redis-master-ft9ex env
Enable kubectl shell autocompletionecho "source <(kubectl completion bash)" >>~/.bashrc, and reload
Use minikube dockerd in your laptopeval $(minikube docker-env), No need to push docker hub any more
Kubectl apply a folder of yaml fileskubectl apply -R -f .
Get services sorted by namekubectl get services –sort-by=.metadata.name
Get pods sorted by restart countkubectl get pods –sort-by=’.status.containerStatuses[0].restartCount’
List pods and imageskubectl get pods -o=’custom-columns=PODS:.metadata.name,Images:.spec.containers[*].image’
List all container imageslist-all-images.sh
kubeconfig skip tls verificationskip-tls-verify.md
Ubuntu install kubectl=”deb https://apt.kubernetes.io/ kubernetes-xenial main”=
ReferenceGitHub: kubernetes releases
Referenceminikube cheatsheetdocker cheatsheetOpenShift CheatSheet

1.2 Check Performance

NameCommand
Get node resource usagekubectl top node
Get pod resource usagekubectl top pod
Get resource usage for a given podkubectl top <podname> --containers
List resource utilization for all containerskubectl top pod --all-namespaces --containers=true

1.3 Resources Deletion

NameCommand
Delete podkubectl delete pod/<pod-name> -n <my-namespace>
Delete pod by forcekubectl delete pod/<pod-name> --grace-period=0 --force
Delete pods by labelskubectl delete pod -l env=test
Delete deployments by labelskubectl delete deployment -l app=wordpress
Delete all resources filtered by labelskubectl delete pods,services -l name=myLabel
Delete resources under a namespacekubectl -n my-ns delete po,svc --all
Delete persist volumes by labelskubectl delete pvc -l app=wordpress
Delete state fulset only (not pods)kubectl delete sts/<stateful_set_name> --cascade=false

1.4 Log & Conf Files

NameComment
Config folder/etc/kubernetes/
Certificate files/etc/kubernetes/pki/
Credentials to API server/etc/kubernetes/kubelet.conf
Superuser credentials/etc/kubernetes/admin.conf
kubectl config file~/.kube/config
Kubernets working dir/var/lib/kubelet/
Docker working dir/var/lib/docker//var/log/containers/
Etcd working dir/var/lib/etcd/
Network cni/etc/cni/net.d/
Log files/var/log/pods/
log in worker node/var/log/kubelet.log/var/log/kube-proxy.log
log in master nodekube-apiserver.logkube-scheduler.logkube-controller-manager.log
Env/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
Envexport KUBECONFIG=/etc/kubernetes/admin.conf

1.5 Pod

NameCommand
List all podskubectl get pods
List pods for all namespacekubectl get pods -all-namespaces
List all critical podskubectl get -n kube-system pods -a
List pods with more infokubectl get pod -o widekubectl get pod/<pod-name> -o yaml
Get pod infokubectl describe pod/srv-mysql-server
List all pods with labelskubectl get pods --show-labels
List all unhealthy podskubectl get pods –field-selector=status.phase!=Running –all-namespaces
List running podskubectl get pods –field-selector=status.phase=Running
Get Pod initContainer statuskubectl get pod --template '{{.status.initContainerStatuses}}' <pod-name>
kubectl run commandkubectl exec -it -n “$ns” “$podname” – sh -c “echo $msg >>/dev/err.log”
Watch podskubectl get pods -n wordpress --watch
Get pod by selectorkubectl get pods –selector=”app=syslog” -o jsonpath=’{.items[*].metadata.name}’
List pods and imageskubectl get pods -o=’custom-columns=PODS:.metadata.name,Images:.spec.containers[*].image’
List pods and containers-o=’custom-columns=PODS:.metadata.name,CONTAINERS:.spec.containers[*].name’
ReferenceLink: kubernetes yaml templates

1.6 Label & Annontation

NameCommand
Filter pods by labelkubectl get pods -l owner=denny
Manually add label to a podkubectl label pods dummy-input owner=denny
Remove labelkubectl label pods dummy-input owner-
Manually add annonation to a podkubectl annotate pods dummy-input my-url=https://dennyzhang.com

1.7 Deployment & Scale

NameCommand
Scale outkubectl scale --replicas=3 deployment/nginx-app
online rolling upgradekubectl rollout app-v1 app-v2 --image=img:v2
Roll backupkubectl rollout app-v1 app-v2 --rollback
List rolloutkubectl get rs
Check update statuskubectl rollout status deployment/nginx-app
Check update historykubectl rollout history deployment/nginx-app
Pause/Resumekubectl rollout pause deployment/nginx-deploymentresume
Rollback to previous versionkubectl rollout undo deployment/nginx-deployment
ReferenceLink: kubernetes yaml templatesLink: Pausing and Resuming a Deployment

1.8 Quota & Limits & Resource

NameCommand
List Resource Quotakubectl get resourcequota
List Limit Rangekubectl get limitrange
Customize resource definitionkubectl set resources deployment nginx -c=nginx --limits=cpu=200m
Customize resource definitionkubectl set resources deployment nginx -c=nginx --limits=memory=512Mi
ReferenceLink: kubernetes yaml templates

1.9 Service

NameCommand
List all serviceskubectl get services
List service endpointskubectl get endpoints
Get service detailkubectl get service nginx-service -o yaml
Get service cluster ipkubectl get service nginx-service -o go-template=’{{.spec.clusterIP}}’
Get service cluster portkubectl get service nginx-service -o go-template=’{{(index .spec.ports 0).port}}’
Expose deployment as lb servicekubectl expose deployment/my-app --type=LoadBalancer --name=my-service
Expose service as lb servicekubectl expose service/wordpress-1-svc --type=LoadBalancer --name=ns1
ReferenceLink: kubernetes yaml templates

1.10 Secrets

NameCommand
List secretskubectl get secrets --all-namespaces
Generate secretecho -n 'mypasswd', then redirect to base64 --decode
Get secretkubectl get secret denny-cluster-kubeconfig
Get a specific field of a secretkubectl get secret denny-cluster-kubeconfig -o jsonpath=”{.data.value}”
Create secret from cfg filekubectl create secret generic db-user-pass –from-file=./username.txt
ReferenceLink: kubernetes yaml templatesLink: Secrets

1.11 StatefulSet

NameCommand
List statefulsetkubectl get sts
Delete statefulset only (not pods)kubectl delete sts/<stateful_set_name> --cascade=false
Scale statefulsetkubectl scale sts/<stateful_set_name> --replicas=5
ReferenceLink: kubernetes yaml templates

1.12 Volumes & Volume Claims

NameCommand
List storage classkubectl get storageclass
Check the mounted volumeskubectl exec storage ls /data
Check persist volumekubectl describe pv/pv0001
Copy local file to podkubectl cp /tmp/my <some-namespace>/<some-pod>:/tmp/server
Copy pod file to localkubectl cp <some-namespace>/<some-pod>:/tmp/server /tmp/my
ReferenceLink: kubernetes yaml templates

1.13 Events & Metrics

NameCommand
View all eventskubectl get events --all-namespaces
List Events sorted by timestampkubectl get events –sort-by=.metadata.creationTimestamp

1.14 Node Maintenance

NameCommand
Mark node as unschedulablekubectl cordon $NODE_NAME
Mark node as schedulablekubectl uncordon $NODE_NAME
Drain node in preparation for maintenancekubectl drain $NODE_NAME

1.15 Namespace & Security

NameCommand
List authenticated contextskubectl config get-contexts~/.kube/config
Set namespace preferencekubectl config set-context <context_name> --namespace=<ns_name>
Switch contextkubectl config use-context <cluster-name>
Load context from config filekubectl get cs --kubeconfig kube_config.yml
Delete the specified contextkubectl config delete-context <cluster-name>
List all namespaces definedkubectl get namespaces
List certificateskubectl get csr
Check user privilegekubectl –as=system:serviceaccount:ns-denny:test-privileged-sa -n ns-denny auth can-i use pods/list
Check user privilegekubectl auth can-i use pods/list
ReferenceLink: kubernetes yaml templates

1.16 Network

NameCommand
Temporarily add a port-forwardingkubectl port-forward redis-134 6379:6379
Add port-forwaring for deploymentkubectl port-forward deployment/redis-master 6379:6379
Add port-forwaring for replicasetkubectl port-forward rs/redis-master 6379:6379
Add port-forwaring for servicekubectl port-forward svc/redis-master 6379:6379
Get network policykubectl get NetworkPolicy

1.17 Patch

NameSummary
Patch service to loadbalancerkubectl patch svc $svc_name -p ‘{“spec”: {“type”: “LoadBalancer”}}’

1.18 Extenstions

NameSummary
Enumerates the resource types availablekubectl api-resources
List api groupkubectl api-versions
List all CRDkubectl get crd
List storageclasskubectl get storageclass

1.19 Components & Services

1.19.1 Services on Master Nodes

NameSummary
kube-apiserverAPI gateway. Exposes the Kubernetes API from master nodes
etcdreliable data store for all k8s cluster data
kube-schedulerschedule pods to run on selected nodes
kube-controller-managerReconcile the states. node/replication/endpoints/token controller and service account, etc
cloud-controller-manager 

1.19.2 Services on Worker Nodes

NameSummary
kubeletA node agent makes sure that containers are running in a pod
kube-proxyManage network connectivity to the containers. e.g, iptable, ipvs
Container RuntimeKubernetes supported runtimes: dockerd, cri-o, runc and any OCI runtime-spec implementation.

1.19.3 Addons: pods and services that implement cluster features

NameSummary
DNSserves DNS records for Kubernetes services
Web UIa general purpose, web-based UI for Kubernetes clusters
Container Resource Monitoringcollect, store and serve container metrics
Cluster-level Loggingsave container logs to a central log store with search/browsing interface

1.19.4 Tools

NameSummary
kubectlthe command line util to talk to k8s cluster
kubeadmthe command to bootstrap the cluster
kubefedthe command line to control a Kubernetes Cluster Federation
Kubernetes ComponentsLink: Kubernetes Components

1.20 More Resources

https://kubernetes.io/docs/reference/kubectl/cheatsheet/

https://codefresh.io/kubernetes-guides/kubernetes-cheat-sheet/

 




1.21 list-all-images.sh

 

#!/usr/bin/env bash
kubectl get pods --all-namespaces -o jsonpath="{..image}" |\
tr -s '[[:space:]]' '\n' |\
sort |\
uniq -c

1.22 get-pod-error-log.sh

#!/usr/bin/env bash

namespace=${1:-""}
log_pattern="grep -iE 'exception|error' | grep -v 'Reconciler error' | tail -n10"

if [ -z "$namespace" ]; then
    options="--all-namespaces"
else
    options="-n $namespace"
fi
command="kubectl get pods -o='custom-columns=PODS:.metadata.name,PODS:.metadata.namespace' $options | grep -v PODS"
echo "$command"
pods=$(eval "$command")

IFS=$'\n'
for item in $pods; do
    pod=$(echo "$item" | awk '{print $1}')
    ns=$(echo "$item" | awk '{print $2}')
    command="kubectl logs pod/$pod -n $ns | $log_pattern"
    echo "$command" && eval "$command"
done

 

 

 

 

 

 类似资料:

相关阅读

相关文章

相关问答