Skip to content

Instantly share code, notes, and snippets.

Last active July 11, 2024 07:42
Show Gist options
  • Save edsiper/fac9a816898e16fc0036f5508320e8b4 to your computer and use it in GitHub Desktop.
Save edsiper/fac9a816898e16fc0036f5508320e8b4 to your computer and use it in GitHub Desktop.
Kubernetes Useful Commands

Kubernetes Commands

Helper setup to edit .yaml files with Vim:

List of general purpose commands for Kubernetes management:

VIM Setup for Yaml files

Put the following lines in ~/.vimrc:

" Yaml file handling
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab
filetype plugin indent on
autocmd FileType yaml setl indentkeys-=<:>

" Copy paste with ctr+c, ctr+v, etc
:behave mswin
:set clipboard=unnamedplus
:smap <Del> <C-g>"_d
:smap <C-c> <C-g>y
:smap <C-x> <C-g>x
:imap <C-v> <Esc>pi
:smap <C-v> <C-g>p
:smap <Tab> <C-g>1> 
:smap <S-Tab> <C-g>1<

Keyboard hints:

  • ctrl + f: auto indent line (requires INSERT mode)


$ kubectl get pods
$ kubectl get pods --all-namespaces
$ kubectl get pod monkey -o wide
$ kubectl get pod monkey -o yaml
$ kubectl describe pod monkey

Create Deployments

Create single deployment

$ kubectl run monkey --image=monkey --record

Scaling PODs

$ kubectl scale deployment/POD_NAME --replicas=N

POD Upgrade and history

List history of deployments

$ kubectl rollout history deployment/DEPLOYMENT_NAME

Jump to specific revision

$ kubectl rollout undo deployment/DEPLOYMENT_NAME --to-revision=N


List services

$ kubectl get services

Expose PODs as services (creates endpoints)

$ kubectl expose deployment/monkey --port=2001 --type=NodePort


Lits Persistent Volumes and Persistent Volumes Claims:

$ kubectl get pv
$ kubectl get pvc


$ kubectl get secrets
$ kubectl create secret generic --help
$ kubectl create secret generic mysql --from-literal=password=root
$ kubectl get secrets mysql -o yaml


$ kubectl create configmap foobar --from-file=config.js
$ kubectl get configmap foobar -o yaml


List DNS-PODs:

$ kubectl get pods --all-namespaces |grep dns

Check DNS for pod nginx (assuming a busybox POD/container is running)

$ kubectl exec -ti busybox -- nslookup nginx

Note: kube-proxy running in the worker nodes manage services and set iptables rules to direct traffic.


Commands to manage Ingress for ClusterIP service type:

$ kubectl get ingress
$ kubectl expose deployment ghost --port=2368

Spec for ingress:

Horizontal Pod Autoscaler

When heapster runs:

$ kubectl get hpa
$ kubectl autoscale --help


$ kubectl get daemonsets
$ kubectl get ds


NodeSelector based policy:

$ kubectl label node minikube foo=bar

Node Binding through API Server:

$ kubectl proxy 
$ curl -H "Content-Type: application/json" -X POST --data @binding.json http://localhost:8001/api/v1/namespaces/default/pods/foobar-sched/binding

Tains and Tolerations

$ kubectl taint node master foo=bar:NoSchedule


$ kubectl describe
$ kubectl logs
$ kubectl exec
$ kubectl get nodes --show-labels
$ kubectl get events

Docs Cluster:

Role Based Access Control

  • Role
  • ClusterRule
  • Binding
  • ClusterRoleBinding
$ kubectl create role fluent-reader --verb=get --verb=list --verb=watch --resource=pods
$ kubectl create rolebinding foo --role=fluent-reader --user=minikube
$ kubectl get rolebinding foo -o yaml

Security Contexts


  • spec
  • securityCOntext
    • runAsNonRoot: true

Pod Security Policies


Network Policies

Network isolation at Pod level by using annotations

$ kubectl annotate ns <namespace> "{\"ingress\": {\"isolation\": \"DefaultDeny\"}}"

More about Network Policies as a resource:

Copy link

great reference info. thanks

Copy link

Thanks Eduardo, very useful list

Copy link

edco29 commented Apr 11, 2020

thanks !!!!!

Copy link

edsiper commented Apr 11, 2020

Oh, didn't knew this gist was useful for others :)

Copy link

Thanks Eduardo for providing this useful list.

Copy link

Thanks Eduardo, very useful list

Hi Relli

Copy link

Thanks Eduardo!!, very useful list

Copy link

edsiper commented Dec 11, 2020

thank you guys! again :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment