Skip to content

Instantly share code, notes, and snippets.

@vkroz

vkroz/Kubernetes cheatsheet.md

Last active January 30, 2023 02:59
Show Gist options
  • Save vkroz/222fa4ef370241c73d8556263e1efffe to your computer and use it in GitHub Desktop.
Save vkroz/222fa4ef370241c73d8556263e1efffe to your computer and use it in GitHub Desktop.
Download ZIP
Kubernetes cheatsheet
Raw
Kubernetes cheatsheet.md

Official cheatsheet: https://kubernetes.io/docs/reference/kubectl/cheatsheet/

Kubernetes (GKE)

kubectl with multiple clusters

Connect to new cluster

gcloud container clusters get-credentials my-cluster --zone us-central1-a --project corded-smithy-248316

# Check
kc config get-contexts
>  CURRENT   NAME               CLUSTER                AUTHINFO       NAMESPACE
>  *         my_context         gke_us-central1-test   gke_test
>            prod01_context     gke_us-west1_us-prod   gke_prod
>            sandbox_context    gke_central1_sandbox   gke_sandbox
>            minikube           minikube               minikube

List configured clusters

kubectl config view |grep -E "^[[:space:]]+ cluster"

What is current cluster (context)

kubectl config current-context

Set active context

kubectl config use-context mycluster1

See more: https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/

kubectl with multiple accounts

Authenticate as Kubernetes service account using token

MYACCOUNT={{ provide service account name here }}
TOKENNAME=`kubectl -n kube-system get serviceaccount/$MYACCOUNT -o jsonpath='{.secrets[0].name}'`
TOKEN=`kubectl -n kube-system get secret $TOKENNAME -o jsonpath='{.data.token}' | base64 --decode`

kubectl --token=$TOKEN {{ regular kubectl usage command}}

NOTE: When connecting to Kubernetes managed at GCP, sometimes it is required to call

gcloud container clusters get-credentials . . .

after using kubectl with token to restore certificate-based user authentication

Namespaces

List namespaces

kubectl get ns

Create new namespace

create namespace mynamespace

Secrets

Get service accounts, with options to get different level of details

kubectl get secrets 
kubectl get secrets -n kube-system
kubectl get secrets -n kube-system jenkins-token-p29v9
kubectl get secrets -n kube-system jenkins-token-p29v9 -o yaml

Helm

# Setup helm locally and on Kubernetes
helm init

# Create kubernetes service account
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment