Master 100 Essential kubectl Commands for Rapid Kubernetes Troubleshooting

Today I share 100 common k8s commands; mastering them makes troubleshooting faster and showcases your skill.

Cluster Information

Show Kubernetes version: kubectl version Show cluster info: kubectl cluster-info List all nodes: kubectl get nodes Describe a specific node: kubectl describe node <node-name> List all namespaces: kubectl get namespaces List all pods in all namespaces:

kubectl get pods --all-namespaces

Pod Diagnosis

List pods in a namespace: kubectl get pods -n <namespace> Describe a pod: kubectl describe pod <pod-name> -n <namespace> View pod logs: kubectl logs <pod-name> -n <namespace> Tail pod logs: kubectl logs -f <pod-name> -n <namespace> Execute a command in a pod:

kubectl exec -it <pod-name> -n <namespace> -- <command>

Pod Health Checks

Check pod readiness:

kubectl get pods <pod-name> -n <namespace> -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}'

Check pod events:

kubectl get events -n <namespace> --field-selector involvedObject.name=<pod-name>

Service Diagnosis

List services in a namespace: kubectl get svc -n <namespace> Describe a service:

kubectl describe svc <service-name> -n <namespace>

Deployment Diagnosis

List deployments in a namespace: kubectl get deployments -n <namespace> Describe a deployment:

kubectl describe deployment <deployment-name> -n <namespace>

Check rollout status:

kubectl rollout status deployment/<deployment-name> -n <namespace>

View rollout history:

kubectl rollout history deployment/<deployment-name> -n <namespace>

StatefulSet Diagnosis

List StatefulSets: kubectl get statefulsets -n <namespace> Describe a StatefulSet:

kubectl describe statefulset <statefulset-name> -n <namespace>

ConfigMap and Secret Diagnosis

List ConfigMaps: kubectl get configmaps -n <namespace> Describe a ConfigMap:

kubectl describe configmap <configmap-name> -n <namespace>

List Secrets: kubectl get secrets -n <namespace> Describe a Secret:

kubectl describe secret <secret-name> -n <namespace>

Namespace Diagnosis

Describe a namespace:

kubectl describe namespace <namespace-name>

Resource Usage

Check pod resource usage: kubectl top pod <pod-name> -n <namespace> Check node resource usage:

kubectl top nodes

Network Diagnosis

Show pod IPs:

kubectl get pods -n <namespace> -o custom-columns=POD:metadata.name,IP:status.podIP --no-headers

List network policies: kubectl get networkpolicies -n <namespace> Describe a network policy:

kubectl describe networkpolicy <network-policy-name> -n <namespace>

Persistent Volume (PV) and Persistent Volume Claim (PVC) Diagnosis

List PVs: kubectl get pv Describe a PV: kubectl describe pv <pv-name> List PVCs: kubectl get pvc -n <namespace> Describe a PVC:

kubectl describe pvc <pvc-name> -n <namespace>

Node Diagnosis

List pods on a node:

kubectl get pods --field-selector spec.nodeName=<node-name> -n <namespace>

Resource Quotas and Limits

List resource quotas: kubectl get resourcequotas -n <namespace> Describe a resource quota:

kubectl describe resourcequota <resource-quota-name> -n <namespace>

Custom Resource Definition (CRD) Diagnosis

List custom resources:

kubectl get <custom-resource-name> -n <namespace>

Describe a custom resource:

kubectl describe <custom-resource-name> <custom-resource-instance-name> -n <namespace>

Scaling and Autoscaling

Scale a deployment:

kubectl scale deployment <deployment-name> --replicas=<replica-count> -n <namespace>

Set deployment autoscaling:

kubectl autoscale deployment <deployment-name> --min=<min-pods> --max=<max-pods> --cpu-percent=<cpu-percent> -n <namespace>

Check HPA status:

kubectl get hpa -n <namespace>

Job and CronJob Diagnosis

List jobs: kubectl get jobs -n <namespace> Describe a job: kubectl describe job <job-name> -n <namespace> List CronJobs: kubectl get cronjobs -n <namespace> Describe a CronJob:

kubectl describe cronjob <cronjob-name> -n <namespace>

Capacity Diagnosis

List PVs sorted by capacity: kubectl get pv --sort-by=.spec.capacity.storage Show PV reclaim policy:

kubectl get pv <pv-name> -o=jsonpath='{.spec.persistentVolumeReclaimPolicy}'

List storage classes:

kubectl get storageclasses

Ingress and Service Mesh Diagnosis

List Ingresses: kubectl get ingress -n <namespace> Describe an Ingress:

kubectl describe ingress <ingress-name> -n <namespace>

List Istio VirtualServices: kubectl get virtualservices -n <namespace> Describe a VirtualService:

kubectl describe virtualservice <virtualservice-name> -n <namespace>

Pod Network Troubleshooting

Run a debug pod:

kubectl run -it --rm --restart=Never --image=busybox net-debug-pod -- /bin/sh

Test connectivity from a pod:

kubectl exec -it <pod-name> -n <namespace> -- curl <endpoint-url>

Traceroute between pods:

kubectl exec -it <source-pod-name> -n <namespace> -- traceroute <destination-pod-ip>

Check DNS inside a pod:

kubectl exec -it <pod-name> -n <namespace> -- nslookup <domain-name>

Configuration Validation

Dry‑run a manifest: kubectl apply --dry-run=client -f <yaml-file> Check pod security context:

kubectl auth can-i list pods --as=system:serviceaccount:<namespace>:<serviceaccount-name>

RBAC and Security

List roles and bindings: kubectl get roles,rolebindings -n <namespace> Describe a role:

kubectl describe role <role-name> -n <namespace>

ServiceAccount Diagnosis

List service accounts: kubectl get serviceaccounts -n <namespace> Describe a service account:

kubectl describe serviceaccount <serviceaccount-name> -n <namespace>

Node Drain and Uncordon

Drain a node: kubectl drain <node-name> --ignore-daemonsets Uncordon a node:

kubectl uncordon <node-name>

Force Pod Deletion

Force delete a pod:

kubectl delete pod <pod-name> -n <namespace> --grace-period=0 --force

Pod Affinity/Anti‑Affinity

Show pod affinity rules:

kubectl get pod <pod-name> -n <namespace> -o=jsonpath='{.spec.affinity}'

Show pod anti‑affinity rules:

kubectl get pod <pod-name> -n <namespace> -o=jsonpath='{.spec.affinity.podAntiAffinity}'

Pod Security Policy (PSP)

List PSPs:

kubectl get psp

Pod Disruption Budget (PDB) Diagnosis

List PDBs: kubectl get pdb -n <namespace> Describe a PDB:

kubectl describe pdb <pdb-name> -n <namespace>

Resource Locks (if used)

List resource locks:

kubectl get resourcelocks -n <namespace>

Service Endpoints and DNS

Show service endpoints:

kubectl get endpoints <service-name> -n <namespace>

View pod resolv.conf:

kubectl exec -it <pod-name> -n <namespace> -- cat /etc/resolv.conf

Custom Metrics (Prometheus/Grafana)

Port‑forward to query Prometheus/Grafana:

kubectl port-forward <pod/service> <local-port>:<remote-port>

Pod Priority and Preemption

List priority classes:

kubectl get priorityclasses

Pod Overhead (Kubernetes 1.18+)

Show pod overhead:

kubectl get pod <pod-name> -n <namespace> -o=jsonpath='{.spec.overhead}'

VolumeSnapshot Diagnosis (if used)

List volume snapshots: kubectl get volumesnapshot -n <namespace> Describe a snapshot:

kubectl describe volumesnapshot <snapshot-name> -n <namespace>

Resource Deserialization

Get resource as JSON:

kubectl get <resource-type> <resource-name> -n <namespace> -o=json

Node Taints

Show node taints:

kubectl describe node <node-name> | grep Taints

Webhook Configurations

List mutating webhooks: kubectl get mutatingwebhookconfigurations List validating webhooks:

kubectl get validatingwebhookconfigurations

Pod Network Policies

List pod network policies:

kubectl get networkpolicies -n <namespace>

Node Conditions (Kubernetes 1.17+)

Custom node condition output:

kubectl get nodes -o custom-columns=NODE:.metadata.name,READY:.status.conditions[?(@.type=="Ready")].status -l 'node-role.kubernetes.io/worker='

Audit Logs

Retrieve audit logs (if enabled): check your cluster’s audit log configuration.

Node OS Details

Get node OS image:

kubectl get node <node-name> -o jsonpath='{.status.nodeInfo.osImage}'

Replace placeholders such as <namespace>, <pod-name>, <service-name>, <deployment-name>, <node-name>, etc., with actual values from your environment.